CVE Reference Map for Source FULLDISC

Source FULLDISC
Description Full-Disclosure mailing list
URL http://lists.grok.org.uk/pipermail/full-disclosure/
Notes

This reference map lists the various references for FULLDISC and provides the associated CVE entries or candidates. It uses data from CVE version 20061101 and candidates that were active as of 2024-06-25.

Note that the list of references may not be complete.

FULLDISC:04052021 Re: Three vulnerabilities found in MikroTik's RouterOS CVE-2020-20265
FULLDISC:20020717 TheServer cleartext password sillyness. CVE-2002-2389
FULLDISC:20020719 Vulnerability found: Adobe Acrobat eBook Reader and Content Server CVE-2002-1016
FULLDISC:20020720 Netscape Communicator META Refresh Denial of Service CVE-2002-2308
FULLDISC:20020720 PHP Resource Exhaustion Denial of Service CVE-2002-2309
FULLDISC:20020724 REFRESH: EUDORA MAIL 5.1.1 CVE-2002-2313
FULLDISC:20020808 Cross-Site Scripting Issues in Falcon Web Server CVE-2002-2318
FULLDISC:20020829 RPM verification CVE-2002-2204
FULLDISC:20020903 Check Point statement on use of IKE Aggressive Mode CVE-2002-1623
FULLDISC:20020917 Trillian .74 and below, ident flaw. CVE-2002-2390
FULLDISC:20020919 iDEFENSE OSF1/Tru64 3.x vuln clarification CVE-2000-1031 CVE-2002-1604 CVE-2002-1605 CVE-2002-1614 CVE-2002-1616 CVE-2002-1617
FULLDISC:20020920 Alsasound local b0f (not an issue if not setuid root) CVE-2002-1896
FULLDISC:20020927 Buffer Overrun in SmartHTML Interpreter Could Allow Code Executio n (Q324096) CVE-2002-0692
FULLDISC:20021021 kmMail XSS CVE-2002-1958
FULLDISC:20021120 Opera 6.03/Linux crashes on HTTPS over Squid Proxy on a site CVE-2002-2414
FULLDISC:20021124 BadBlue XSS/Information Disclosure Vulnerabilities CVE-2002-2289
FULLDISC:20021130 Multiple pServ Remote Buffer Overflow Vulnerabilities CVE-2002-2295
FULLDISC:20021213 Some vim problems, yet still vim much better than windows CVE-2002-1377
FULLDISC:20030107 CuteFTP 5.0 XP, Buffer Overflow CVE-2003-1260
FULLDISC:20030120 Advisory 01/2003: CVS remote vulnerability CVE-2003-0015
FULLDISC:20030217 [argv] BitchX-353 Vulnerability CVE-2003-1450
FULLDISC:20030218 Re: CSSA-2003-007.0 Advisory withdrawn. CVE-2002-0842
FULLDISC:20030223 GOnicus System Administrator php injection CVE-2003-1412
FULLDISC:20030223 moxftp arbitrary code execution poc/advisory CVE-2003-0203
FULLDISC:20030302 [SCSA-008] Cross Site Scripting & Script Injection Vulnerability in PY-Livredor CVE-2003-1384
FULLDISC:20030304 SAP R/3, account locking and RFC SDK CVE-2003-1035
FULLDISC:20030308 Ethereal format string bug, yet still ethereal much better than windows CVE-2003-0081
FULLDISC:20030324 Vulnerability (critical): Digital signature for Adobe Acrobat/Reader plug-in can be forged CVE-2002-0030
FULLDISC:20030329 Sendmail: -1 gone wild CVE-2003-0161
FULLDISC:20030406 Seti@home information leakage and remote compromise CVE-2003-1118
FULLDISC:20030413 Misuse of Macromedia Flash Ads clickTAG Option May Lead to Privacy Breach CVE-2003-0208
FULLDISC:20030416 [VulnWatch] Apache mod_access_referer denial of service issue CVE-2003-1054
FULLDISC:20030422 UDP bypassing in Kerio Firewall 2.1.4 CVE-2003-1491
FULLDISC:20030430 OpenSSH/PAM timing attack allows remote users identification CVE-2003-0190
FULLDISC:20030506 youbin local root exploit + advisory CVE-2003-0269
FULLDISC:20030509 ltris-and-slashem-tty possible trouble CVE-2003-1473 CVE-2003-1474
FULLDISC:20030510 [forward]Apple Safari and Konqueror Embedded Common Name Verification Vulnerability CVE-2003-0370
FULLDISC:20030519 emacs 21.3 fixes security bugs CVE-2003-1232
FULLDISC:20030610 mnogosearch 3.1.20 and 3.2.10 buffer overflow CVE-2003-0436 CVE-2003-0437
FULLDISC:20030612 libmysqlclient 4.x and below mysql_real_connect() buffer overflow. CVE-2003-1331
FULLDISC:20030613 -10Day CERT Advisory on PDF Files CVE-2003-0434
FULLDISC:20030617 Cross-Site Scripting in Unparsable XML Files (GM#013-IE) CVE-2003-0446
FULLDISC:20030617 Script Injection to Custom HTTP Errors in Local Zone (GM#014-IE) CVE-2003-0447
FULLDISC:20030618 SQL Inject in ProFTPD login against Postgresql using mod_sql CVE-2003-0500
FULLDISC:20030622 Symantec ActiveX control buffer overflow CVE-2003-0470
FULLDISC:20030625 Re: Internet Explorer >=5.0 : Buffer overflow CVE-2003-0469
FULLDISC:20030701 PoC for Internet Explorer >=5.0 buffer overflow (trivial exploit for hard case). CVE-2003-0469
FULLDISC:20030704 Essentia Web Server 2.12 (Linux) CVE-2002-0313
FULLDISC:20030705 [Vulnerability] : ProductCart database file can be downloaded remotely CVE-2003-1304
FULLDISC:20030707 Internet Explorer 6 DoS Bug CVE-2003-0519
FULLDISC:20030708 Fwd: xbl vulnerabilty CVE-2003-0535
FULLDISC:20030709 IE Object Type Overflow Exploit CVE-2003-0344
FULLDISC:20030711 Trend Micro ActiveX Multiple Overflows CVE-2003-0646
FULLDISC:20030712 DoS - Polycom MGC 25 Control Port CVE-2003-0556
FULLDISC:20030714 [sec-labs] Remote Denial of Service vulnerability in NeoModus Direct Connect 1.0 build 9 CVE-2003-0554
FULLDISC:20030718 (no subject) CVE-2003-0567
FULLDISC:20030720 CGI.pm vulnerable to Cross-site Scripting. CVE-2003-0615
FULLDISC:20030721 Microsoft Windows 2000 RPC DCOM Interface DOS AND Privilege Escalation Vulnerability CVE-2003-0605
FULLDISC:20030726 Re: The French BUGTRAQ (New Win RPC Exploit) CVE-2003-0352
FULLDISC:20030729 KDE Security Advisory: Konqueror Referrer Authentication Leak CVE-2003-0459
FULLDISC:20030730 rpcdcom Universal offsets CVE-2003-0352
FULLDISC:20030804 Postfix 1.1.12 remote DoS / Postfix 1.1.11 bounce scanning CVE-2003-0540
FULLDISC:20030902 New Microsoft Internet Explorer mshtml.dll Denial of Service? CVE-2003-1048
FULLDISC:20030907 BAD NEWS: Microsoft Security Bulletin MS03-032 CVE-2003-0838
FULLDISC:20030910 Buffer overflow in MySQL CVE-2003-0780
FULLDISC:20030911 Pine: .procmailrc rule against integer overflow CVE-2003-0721
FULLDISC:20030915 new ssh exploit? CVE-2003-0693
FULLDISC:20030915 openssh remote exploit CVE-2003-0693
FULLDISC:20030916 The lowdown on SSH vulnerability CVE-2003-0693
FULLDISC:20030917 Sendmail 8.12.9 prescan bug (a new one) [CAN-2003-0694] CVE-2003-0694
FULLDISC:20030919 lsh patch (was Re: [Full-Disclosure] new ssh exploit?) CVE-2003-0826
FULLDISC:20030924 [OpenPKG-SA-2003.042] OpenPKG Security Advisory (openssh) CVE-2003-0786 CVE-2003-0787
FULLDISC:20030929 [OpenSSL Advisory] Vulnerabilities in ASN.1 parsing CVE-2003-0543 CVE-2003-0544 CVE-2003-0545
FULLDISC:20031008 ltrace bug CVE-2004-0172
FULLDISC:20031010 Re : [VERY] BAD news on RPC DCOM Exploit CVE-2003-0813
FULLDISC:20031010 Re: Bad news on RPC DCOM vulnerability CVE-2003-0813
FULLDISC:20031011 Bad news on RPC DCOM2 vulnerability CVE-2003-0813
FULLDISC:20031014 Another ProFTPd root EXPLOIT ? CVE-2003-0831
FULLDISC:20031015 Mod-Throttle [was: client attacks server - XSS] CVE-2003-1502
FULLDISC:20031016 Microsoft Local Troubleshooter ActiveX control buffer overflow CVE-2003-0662
FULLDISC:20031019 ByteHoard Directory Traversal Vulnerability CVE-2003-1499
FULLDISC:20031019 Caucho Resin 2.x - Cross Site Scripting CVE-2003-1513
FULLDISC:20031022 Fun with /bin/ls, yet still ls better than windows CVE-2003-0853 CVE-2003-0854
FULLDISC:20031022 Sylpheed-claws format string bug, yet still sylpheed much better than windows CVE-2003-0852
FULLDISC:20031024 Vulnerability in MERCUR Mail Server v4.2 SP3 and below CVE-2003-1177
FULLDISC:20031026 Java 1.4.2_02 InsecurityManager JVM crash CVE-2003-1134
FULLDISC:20031027 Bytehoard File Disclosure VUlnerability Sequel CVE-2003-1153
FULLDISC:20031028 STG Security Advisory: [SSA-20031025-05] InfronTech WebTide 7.04 Directory and File Disclosure Vulnerability CVE-2003-1152
FULLDISC:20031031 XSS In mldonkey - But.... CVE-2003-1164
FULLDISC:20031101 DATEV Nutzungskontrolle Bypassing (REG) CVE-2003-1169
FULLDISC:20031102 [bWM#017] Cross-Site-Scripting @ PHPKIT CVE-2003-1187
FULLDISC:20031103 Corsaire Security Advisory: PeopleSoft PeopleBooks Search CGI multiple argument issues CVE-2003-0626 CVE-2003-0627
FULLDISC:20031103 Liteserve Buffer Overflow in Handling Server's Log CVE-2003-1144
FULLDISC:20031104 OpenBSD kernel overflow, yet still *BSD much better than windows CVE-2003-0955
FULLDISC:20031123 Thomnson TCM315 Denial of service CVE-2003-1085
FULLDISC:20031123 VieNuke VieBoard SQL Injection Vulnerability... again CVE-2003-1195
FULLDISC:20031124 Thomnson TCM315 Denial of service CVE-2003-1085
FULLDISC:20040105 firewall security bug? CVE-2004-1799
FULLDISC:20040108 Yahoo Instant Messenger Long Filename Downloading Buffer Overflow CVE-2004-0043
FULLDISC:20040109 Directory Traversal in Accipiter Direct Server 6.0 CVE-2004-0072
FULLDISC:20040112 SRT2004-01-9-1022 - Symantec LiveUpdate allows local users to become SYSTEM CVE-2003-0994
FULLDISC:20040118 Proof-Of-Concept Denial-Of-Service Pointbase 4.6 Java SQL-DB CVE-2003-1573
FULLDISC:20040123 Finjan SurfinGate Vulnerability CVE-2004-2107
FULLDISC:20040126 Advisory 01/2004: 12 x Gaim remote overflows CVE-2004-0005 CVE-2004-0006 CVE-2004-0007 CVE-2004-0008
FULLDISC:20040128 Dotnetnuke Multiple Vulnerabilities CVE-2004-2323 CVE-2004-2324 CVE-2004-2325
FULLDISC:20040201 Proofpoint Protection Server remote MySQL root user vulnerability CVE-2004-2357
FULLDISC:20040202 0verkill - little simple vulnerability. CVE-2004-0238
FULLDISC:20040204 Remote openbsd crash with ip6, yet still openbsd much better than windows CVE-2004-0257
FULLDISC:20040206 CactuSoft CactuShop 5.0 Lite shopping cart software backdoor CVE-2004-0260
FULLDISC:20040206 Open Journal Blog Authenticaion Bypassing Vulnerability CVE-2004-0261
FULLDISC:20040206 [apache-ssl] Apache-SSL security advisory - apache_1.3.28+ssl_1.52 and prior CVE-2004-0009
FULLDISC:20040207 (no subject) CVE-2004-2090
FULLDISC:20040207 DreamFTP Server 1.02 Buffer Overflow CVE-2004-0277
FULLDISC:20040208 TrackMania Demo Denial of Service CVE-2004-2077
FULLDISC:20040209 Red-M Red-Alert Multiple Vulnerabilities CVE-2004-2078 CVE-2004-2079 CVE-2004-2080
FULLDISC:20040210 Re: HelpCtr - allow open any page or run CVE-2004-0474
FULLDISC:20040210 XBOX EvolutionX ftp 'cd' command and telnet 'dir' buffer overflow CVE-2004-0268
FULLDISC:20040213 Re: HelpCtr - allow open any page or run CVE-2004-0474
FULLDISC:20040215 GAYER THAN AIDS ADVISORY #01: IE 5 remote code execution CVE-2004-0566
FULLDISC:20040216 EarlyImpact ProductCart shopping cart software multiple security vulnerabilities CVE-2004-2172 CVE-2004-2173 CVE-2004-2174
FULLDISC:20040216 Symantec FireWall/VPN Appliance model 200 leak of security CVE-2004-0190
FULLDISC:20040218 Second critical mremap() bug found in all Linux kernels CVE-2004-0077
FULLDISC:20040222 GateKeeper Pro 4.7 buffer overflow CVE-2004-0326
FULLDISC:20040223 Re: [Full-Disclosure] Proofpoint Protection Server remote MySQL root user vulnerability CVE-2004-2357
FULLDISC:20040223 Re: [SECURITY] [DSA 447-1] New hsftp packages fix format string vulnerability CVE-2004-0159
FULLDISC:20040224 Advisory 02/2004: Trillian remote overflows CVE-2004-2304 CVE-2004-2370
FULLDISC:20040224 STG Security Advisory: [SSA-20040217-06] Apache for cygwin directory traversal vulnerability CVE-2004-0173
FULLDISC:20040226 PerfectNav Crashes IE CVE-2004-2382
FULLDISC:20040301 Nortel Networks Wireless LAN Access Point 2200 DoS + PoC CVE-2004-2549
FULLDISC:20040301 Smashing "XBoard 4.2.7(All versions)" For Fun & Profit.*Unpublished Local Stack Overflow Vulnerablity! CVE-2004-2552
FULLDISC:20040302 03-02-04 XSS Bug in NetScreen-SA 5000 Series of SSL VPN appliance CVE-2004-0347
FULLDISC:20040303 Adobe Acrobat Reader XML Forms Data Format Buffer Overflow CVE-2004-0194
FULLDISC:20040303 Spider Sales shopping cart software multiple security vulnerabilities CVE-2004-0350 CVE-2004-0351
FULLDISC:2004031 CactuSoft CactuShop v5.x shopping cart software multiple security vulnerabilities CVE-2004-1882
FULLDISC:20040310 Corsaire Security Advisory: Multiple vendor HTTP user agent cookie path traversal issue CVE-2003-0513 CVE-2003-0514 CVE-2003-0592 CVE-2003-0593 CVE-2003-0594
FULLDISC:20040322 AIX 4.3.3 has make sgid 0? CVE-2004-2312
FULLDISC:20040323 Dark Age of Camelot login client vulnerability to man in the middle attack CVE-2004-1855
FULLDISC:20040323 Re: AIX 4.3.3 has make sgid 0? CVE-2004-2312
FULLDISC:20040326 Nessus stores credentials in plain text CVE-2004-2722
FULLDISC:20040327 NessusWX stores credentials in plain text CVE-2004-2723
FULLDISC:20040402 Buffer Overflow in HAHTsite Scenario Server 5.1 CVE-2004-1763
FULLDISC:20040404 Texutil symlink vulnerability. CVE-2004-1894
FULLDISC:20040405 iDEFENSE Security Advisory 04.05.04: Perl win32_stat Function CVE-2004-0377
FULLDISC:20040407 Mcafee FreeScan - Remote Buffer Overflow and Private Information Disclosure CVE-2004-1906 CVE-2004-1908
FULLDISC:20040407 Race conditions in security dialogs CVE-2004-0762 CVE-2004-2659 CVE-2006-2094
FULLDISC:20040407 Solaris vfs_getvfssw() local kernel exploit CVE-2004-2686
FULLDISC:20040407 Symantec, McAfee and Panda ActiveX controls CVE-2004-1906 CVE-2004-1908 CVE-2004-1910
FULLDISC:20040413 EEYE: Windows Expand-Down Data Segment Local Privilege Escalation CVE-2003-0910
FULLDISC:20040413 EEYE: Windows Local Security Authority Service Remote Buffer Overflow CVE-2003-0533
FULLDISC:20040413 EEYE: Windows VDM TIB Local Privilege Escalation CVE-2004-0118
FULLDISC:20040413 Microsoft Help and Support Center argument injection vulnerability CVE-2003-0907
FULLDISC:20040414 Eudora 6.0.3 nested MIME DoS CVE-2004-1944
FULLDISC:20040414 [SCAN Associates Sdn Bhd Security Advisory] Postnuke v 0.726 and below SQL injection CVE-2004-1949
FULLDISC:20040425 Microsoft's Explorer and Internet Explorer long share name buffer overflow. CVE-2004-0214
FULLDISC:20040427 Phenoelit Advisory <wir-haben-auch-mal-was-gefunden #0815 ++++> CVE-2004-2626
FULLDISC:20040427 SMC Routers have remote administration enabled by default CVE-2004-1976
FULLDISC:20040429 Re: Phenoelit Advisory CVE-2004-2626
FULLDISC:20040429 Zonet ZSR1104WE Router problem CVE-2004-2637
FULLDISC:20040430 Critical bug in Web Wiz Forum CVE-2004-2733
FULLDISC:20040501 LHa buffer overflows and directory traversal problems CVE-2004-0234 CVE-2004-0235
FULLDISC:20040502 Lha local stack overflow Proof Of Concept Code CVE-2004-0234
FULLDISC:20040505 Corsaire Security Advisory - Verity Ultraseek path disclosure issue CVE-2004-0050
FULLDISC:20040506 Advisory: Heimdal kadmind version4 remote heap overflow CVE-2004-0434
FULLDISC:20040506 Buffer overflows in exim, yet still exim much better than windows CVE-2004-0399 CVE-2004-0400
FULLDISC:20040507 Eudora file URL buffer overflow CVE-2004-2005
FULLDISC:20040507 Pound <=1.5 Remote Exploit (Format string bug) CVE-2004-2026
FULLDISC:20040509 Icecast 2.0.0 preauth overflow CVE-2004-2027
FULLDISC:20040510 OpenServer 5.0.5 OpenServer 5.0.6 OpenServer 5.0.7 : X sessions which are not started by scologin cannot use the X authorization protocol CVE-2004-0390
FULLDISC:20040511 Linux Kernel sctp_setsockopt() Integer Overflow CVE-2004-2013
FULLDISC:20040512 EEYE: Symantec Multiple Firewall DNS Response Denial-of-Service CVE-2004-0445
FULLDISC:20040512 EEYE: Symantec Multiple Firewall NBNS Response Processing Stack Overflow CVE-2004-0444
FULLDISC:20040512 EEYE: Symantec Multiple Firewall NBNS Response Remote Heap Corruption CVE-2004-0444
FULLDISC:20040512 EEYE: Symantec Multiple Firewall Remote DNS KERNEL Overflow CVE-2004-0444
FULLDISC:20040512 MS04-015 - Windows Help Center - Dvdupgrade CVE-2004-0199
FULLDISC:20040512 Mdaemon 7.0.1 IMAP overflow. CVE-2004-2292
FULLDISC:20040512 Sweex 802.11g router/accesspoint config disclosure / remote config CVE-2004-2455
FULLDISC:20040513 802.11b (others) single packet DoS CVE-2004-0459
FULLDISC:20040514 IE Crash - Anyone Seen This Before? CVE-2004-0479
FULLDISC:20040516 Vuln. MacOSX/Safari: Remote help-call, execute scripts CVE-2004-0486
FULLDISC:20040516 WebCT: Cross Site Scripting Vulnerability CVE-2004-2015
FULLDISC:20040517 Buffer Overflow in ActivePerl ? CVE-2004-2022
FULLDISC:20040517 OpenBSD procfs CVE-2004-0482
FULLDISC:20040517 RE: Buffer Overflow in ActivePerl ? CVE-2004-2022
FULLDISC:20040517 RE: [Full-Disclosure] Buffer Overflow in ActivePerl ? CVE-2004-2286
FULLDISC:20040517 ROCKET SCIENCE: Outllook 2003 CVE-2004-0503
FULLDISC:20040517 [waraxe-2004-SA#029 - Possible remote file inclusion in PhpNuke 6.x - 7.3] CVE-2004-2018
FULLDISC:20040517 mod_ssl ssl_util_uuencode_binary potential problem CVE-2004-0488
FULLDISC:20040518 Advisory 05/2004: phpMyFAQ local file inclusion vulnerability CVE-2004-2255 CVE-2004-2256
FULLDISC:20040518 Re: Buffer Overflow in ActivePerl ? CVE-2004-2022
FULLDISC:20040518 Re[2]: [Full-Disclosure] Buffer Overflow in ActivePerl ? CVE-2004-2022
FULLDISC:20040519 Advisory 06/2004: libneon date parsing vulnerability CVE-2004-0398
FULLDISC:20040519 Advisory 07/2004: CVS remote vulnerability CVE-2004-0396
FULLDISC:20040519 Advisory 08/2004: Subversion remote vulnerability CVE-2004-0397
FULLDISC:20040519 Ph0rum phorum_uriauth replay attack CVE-2004-2243
FULLDISC:20040524 SSH URI handler remote arbitrary code execution CVE-2004-0489
FULLDISC:20040527 DoS in MiniShare 1.3.2 CVE-2004-2035
FULLDISC:20040529 [waraxe-2004-SA#031 - Multiple vulnerabilities in e107 version 0.615] CVE-2004-2039 CVE-2004-2040 CVE-2004-2041 CVE-2004-2042
FULLDISC:20040602 180 Solutions Exploits and Toolbars Hacking Patched Users(I.E Exploits) CVE-2004-0549
FULLDISC:20040602 Firebird [ AND Interbase 7 ] Database Remote Database Name Overflow CVE-2004-2043
FULLDISC:20040603 Phishing for Opera (GM#007-OP) CVE-2004-0537
FULLDISC:20040603 Surgemail - Multiple Vulnerabilities CVE-2004-2547 CVE-2004-2548
FULLDISC:20040604 [CYSA-0329] Password recovery vulnerability in FoolProof Security 3.9.x for Windows 95/9 CVE-2004-2555
FULLDISC:20040606 Internet explorer 6 execution of arbitrary code (An analysis of the 180 Solutions Trojan) CVE-2004-0549
FULLDISC:20040609 ASPDOTNETSTOREFRONT ASPDOTNETSTOREFRONT Improper Upload Validation CVE-2004-2700
FULLDISC:20040609 Advisory 09/2004: More CVS remote vulnerabilities CVE-2004-0414 CVE-2004-0416 CVE-2004-0417 CVE-2004-0418 CVE-2004-1471
FULLDISC:20040609 Advisory: ASPDOTNETSTOREFRONT Improper Session Validation CVE-2004-2699
FULLDISC:20040609 [FULL DISCLOSURE] ASPDOTNETSTOREFRONT Cross-Site Scripting Vulnerability CVE-2004-2701
FULLDISC:20040610 Buffer overflow in apache mod_proxy,yet still apache much better than windows CVE-2004-0492
FULLDISC:20040610 [0xbadc0ded #04] smtp.proxy <= 1.1.3 CVE-2004-2417
FULLDISC:20040611 [waraxe-2004-SA#032 - Multiple security flaws in PhpNuke 6.x - 7.3] CVE-2004-2295 CVE-2004-2297
FULLDISC:20040613 VP-ASP Shopping Cart Multiple Vulnerabilities CVE-2004-2411 CVE-2004-2413
FULLDISC:20040614 Internet Explorer Remote Null Pointer Crash(mshtml.dll) CVE-2004-2434
FULLDISC:20040614 Serendipity Blog vuln CVE-2006-1910
FULLDISC:20040615 RE: Internet Explorer Remote Null Pointer Crash(mshtml.dll) CVE-2004-2434
FULLDISC:20040616 "IBM Access Support" (eGatherer) Activex Dangerous Methods Vulnerability CVE-2004-2663
FULLDISC:20040616 Checkpoint Firewall-1 IKE Vendor ID information leakage CVE-2004-2679
FULLDISC:20040621 [Full-Disclosure] iDEFENSE Security Advisory 06.21.04 - GNU Radius SNMP Invalid OID Denial of Service Vulnerability CVE-2004-0576
FULLDISC:20040622 Wireless Modem (BT Voyager 2000 Wireless ADSL Router cleartext password) CVE-2004-0616
FULLDISC:20040627 ZH2004-14SA (security advisory):Sql Injection in Infinity WEB CVE-2004-0625
FULLDISC:20040628 DoS in apache httpd 2.0.49, yet still apache much better than windows CVE-2004-0493
FULLDISC:20040629 DoS in popclient 3.0b6 CVE-2004-0666
FULLDISC:20040630 DSL router Prestige 650HW-31 CVE-2004-0670
FULLDISC:20040701 iDEFENSE Security Advisory 07.01.04: WinGate Information Disclosure CVE-2004-0577 CVE-2004-0578
FULLDISC:20040702 Multiple Vulnerabilities in Easy Chat Server 1.2 CVE-2004-2466 CVE-2004-2467
FULLDISC:20040702 pavuk buffer overflow CVE-2004-0456
FULLDISC:20040703 Re: SUSE Security Announcement: kernel (SUSE-SA:2004:020) CVE-2004-0592
FULLDISC:20040705 Multiples vulnerabilities in JAWS CVE-2004-2444 CVE-2004-2445
FULLDISC:20040706 Multiples vulnerabilities in JAWS CVE-2004-2443
FULLDISC:20040707 Re: shell:windows command question CVE-2004-0572
FULLDISC:20040707 shell:windows command question CVE-2004-0648
FULLDISC:20040708 RE: php-exec-dir vulnerable after latest upgrade CVE-2004-2692
FULLDISC:20040708 Re: php-exec-dir vulnerable after latest upgrade CVE-2004-2692
FULLDISC:20040708 php-exec-dir vulnerable after latest upgrade CVE-2004-2692
FULLDISC:20040712 Brand New Hole: Internet Explorer: HijackClick 3 CVE-2004-0841
FULLDISC:20040714 Advisory 11/2004: PHP memory_limit remote vulnerability CVE-2004-0594
FULLDISC:20040714 Advisory 12/2004: PHP strip_tags() bypass vulnerability CVE-2004-0595
FULLDISC:20040714 HtmlHelp - .CHM File Heap Overflow CVE-2004-0201
FULLDISC:20040715 XSS in Board Power forum CVE-2004-1441
FULLDISC:20040717 [FMADV] Format String Bug in OllyDbg 1.10 CVE-2004-0733
FULLDISC:20040718 Cross-Site Scripting email Outblaze CVE-2004-2625
FULLDISC:20040719 Buffer overflow in Whisper FTP Surfer 1.0.7 CVE-2004-0739
FULLDISC:20040723 Crash IE with 11 bytes ;) CVE-2004-0842
FULLDISC:20040725 Mozilla Firefox Certificate Spoofing CVE-2004-0763
FULLDISC:20040726 Opera 7.53 (Build 3850) Address Bar Spoofing Issue CVE-2004-2491
FULLDISC:20040728 Re: Crash IE with 11 bytes ;) CVE-2004-0842
FULLDISC:20040728 Re: Internet Explorer Remote Null Pointer Crash(mshtml.dll) CVE-2004-2434
FULLDISC:20040728 SoX buffer overflows when handling .WAV files CVE-2004-0557
FULLDISC:20040801 Remotely Exploitable DoS Flaw in XP and 2003 CVE-2004-2527
FULLDISC:20040802 Benchmark Designs' WHM Autopilot backdoor vulnerability to plain-text password. CVE-2004-2524
FULLDISC:20040802 IBM Directory Server - ldacgi.exe CVE-2004-2526
FULLDISC:20040804 Bug@thttpd CVE-2004-2628
FULLDISC:20040804 Multiple Vulnerabilities in Free Web Chat CVE-2004-2646 CVE-2004-2647
FULLDISC:20040805 Opera: Location, Location, Location CVE-2004-2570
FULLDISC:20040808 Serv-U 3.x, 4.x, 5.x local privilege escalation vulnerability CVE-2004-2532
FULLDISC:20040811 ISS BlackIce Server Protect Unprivileged User Attack CVE-2004-1714
FULLDISC:20040816 SQL Injection in CACTI CVE-2004-1736 CVE-2004-1737
FULLDISC:20040817 Gallery 1.4.4 save_photos.php PHP Insertion Proof of Concept CVE-2004-1466
FULLDISC:20040817 Multiple remote vulnerabilities in lukemftpd aka. tnftpd CVE-2004-0794
FULLDISC:20040818 Re: gnu-less Format String Vulnerability CVE-2004-2264
FULLDISC:20040818 What A Drag II XP SP2 CVE-2004-0839
FULLDISC:20040818 gnu-less Format String Vulnerability CVE-2004-2264
FULLDISC:20040819 PADS Simple Stack Overflow CVE-2004-2269
FULLDISC:20040819 Unsecure file permission of ZoneAlarm pro. CVE-2004-2713
FULLDISC:20040820 CAU-2004-0002 - imwheel Predictable PidFile Name Race Condition CVE-2004-2698
FULLDISC:20040820 Re: Unsecure file permission of ZoneAlarm pro. CVE-2004-2713
FULLDISC:20040821 Re: Unsecure file permission of ZoneAlarm pro. CVE-2004-2713
FULLDISC:20040822 [PoC] Nasty bug(s) found in Axis Network Camera/Video Servers CVE-2004-2425 CVE-2004-2426 CVE-2004-2427
FULLDISC:20040824 Re: [Full-Disclosure] XSS in Plesk 7.1 Reloaded CVE-2004-2702
FULLDISC:20040824 XSS in Plesk 7.1 Reloaded CVE-2004-2702
FULLDISC:20040824 a2ps executing shell commands from file name CVE-2004-1170
FULLDISC:20040827 DoS in Chat Anywhere 2.72a CVE-2004-2724
FULLDISC:20040827 Power Quest Deploy Center 5.5 boot disks CVE-2004-2609
FULLDISC:20040830 MSInfo Buffer Overflow CVE-2004-1649
FULLDISC:20040831 Axis Network Camera and Video Server Security Advisory CVE-2004-2425 CVE-2004-2426
FULLDISC:20040902 AW: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll CVE-2003-1048
FULLDISC:20040902 [SHATTER Team Security Alert] Multiple vulnerabilities in Oracle Database Server CVE-2004-1774
FULLDISC:20040903 Re: [Full-Disclosure] New Microsoft Internet Explorer mshtml.dll Denial of Service? CVE-2003-1048
FULLDISC:20040903 [RLSA_01-2004] QNX PPPoEd local root vulnerabilities CVE-2004-1390 CVE-2004-1391
FULLDISC:20040905 Buffer Overflow in DBMS_SYSTEM.KSDWRT() in Oracle8i - 9i CVE-2004-0638
FULLDISC:20040907 Corsaire Security Advisory - Business Objects WebIntelligence XSS issue CVE-2004-0534
FULLDISC:20040907 Corsaire Security Advisory - Business Objects WebIntelligence arbitrary document deletion issue CVE-2004-0533
FULLDISC:20040907 mpg123 buffer overflow vulnerability CVE-2004-0805
FULLDISC:20040914 Crash in Lords of the Realm III 1.01 CVE-2004-2165
FULLDISC:20040916 FlowSecurity.org: Local Stack Overflow on htpasswd apache 1.3.31 advsory. CVE-2006-1078
FULLDISC:20040916 Freeze in Pigeon Server 3.02.0143 CVE-2004-1688
FULLDISC:20040918 Re: GoogleToolbar:About -- Allows Script Injection CVE-2004-2475
FULLDISC:20040921 Pinnacle ShowCenter Skin Denial of Service CVE-2004-1699
FULLDISC:20040922 Remote buffer overflow in MDaemon IMAP and SMTP server CVE-2004-1546
FULLDISC:20040923 Motorola Wireless Router WR850G Authentication Circumvention CVE-2004-1550
FULLDISC:20040923 Multiple vulnerabilities in ActivePost Standard 3.1 CVE-2004-2616
FULLDISC:20040926 HTTP Response Splitting and SQL injection in megabbs forum CVE-2004-2145 CVE-2004-2146
FULLDISC:20040928 Serendipity 0.7-beta1 SQL Injection PoC CVE-2004-2157 CVE-2004-2158
FULLDISC:20040928 directory traversal in ParaChat Server 5.5 CVE-2004-1568
FULLDISC:20040929 Re: directory traversal in ParaChat Server 5.5 CVE-2004-1568
FULLDISC:20040930 Multiple vulnerabilities in w-agora forum CVE-2004-1562 CVE-2004-1563 CVE-2004-1564 CVE-2004-1565
FULLDISC:20041006 Directory traversal in Tridcomm 1.3 CVE-2004-1583
FULLDISC:20041008 Limited \secure\ buffer-overflow in some old Monolith games CVE-2004-1587
FULLDISC:20041010 unarj dir-transversal bug (../../../..) CVE-2004-1027
FULLDISC:20041011 CJOverkill 4.0.3 XSS Proof of Concept CVE-2004-2193
FULLDISC:20041011 Turbo Traffic Trader Nitro v1.0 SQL Injection & XSS Proofs of Concept CVE-2004-2191 CVE-2004-2192
FULLDISC:20041012 Microsoft cabarc directory traversal CVE-2004-2643
FULLDISC:20041012 [HV-HIGH] RIM Blackberry buffer overflow, DoS, data loss CVE-2004-1597
FULLDISC:20041013 unzoo 4.4 directory travels CVE-2004-2190
FULLDISC:20041015 Directory traversal in Yak! 2.1.2 CVE-2004-2184
FULLDISC:20041018 Multiple vulnerabilities in Sage Saleslogix CVE-2004-1605 CVE-2004-1606 CVE-2004-1607 CVE-2004-1608 CVE-2004-1609 CVE-2004-1611 CVE-2004-1612
FULLDISC:20041018 Web browsers - a mini-farce CVE-2004-1613 CVE-2004-1614 CVE-2004-1615 CVE-2004-1616 CVE-2004-1617
FULLDISC:20041018: phpMyAdmin: Vulnerability in MIME-based transformation CVE-2004-2630
FULLDISC:20041022 J2ME security vulnerabilities CVE-2004-2627
FULLDISC:20041023 python does mangleme (with IE bugs!) CVE-2004-1050
FULLDISC:20041025 Kaffeine Media Player Conteny Type overflow CVE-2004-1034
FULLDISC:20041025 python does mangleme (with IE bugs!) CVE-2004-1050
FULLDISC:20041029 Apache 1.3.33 local buffer overflow in apache 1.3.31 not fixed in .33? CVE-2006-1078
FULLDISC:20041101 DoS in Apache 2.0.52 ? CVE-2004-0942
FULLDISC:20041101 XDICT Buffer OverRun Vulnerability,funny :-) CVE-2004-1494
FULLDISC:20041102 CSS in E-Mails possible E-Mail-Validity Check for Spammers? CVE-2004-2226
FULLDISC:20041103 [HV-MED] Zip/Linux long path buffer overflow CVE-2004-1010
FULLDISC:20041107 [New VULNERABILTY + Exploit] MiniShare, Minimal HTTP Server for Windows, Remote Buffer Overflow Exploit CVE-2004-2271
FULLDISC:20041110 Nortel Networks Contivity VPN Client information leakage vulnerability CVE-2004-1105
FULLDISC:20041110 [Advisory + Exploit] SlimFTPd <= 3.15 CVE-2004-2418
FULLDISC:20041111 [waraxe-2004-SA#037 - Sql injection bug in Phorum 5.0.12 and older versions] CVE-2004-1518
FULLDISC:20041111 ez-ipupdate format string bug CVE-2004-0980
FULLDISC:20041114 Format string bug in Army Men RTS CVE-2004-1522
FULLDISC:20041116 Re: [Full-Disclosure] TWiki search function allows arbitrary shell command execution CVE-2004-1037
FULLDISC:20041116 Skype callto:// BoF technical details CVE-2004-1114
FULLDISC:20041119 Java Vulnerabilities in Opera 7.54 CVE-2004-1489
FULLDISC:20041122 CoffeeCup FTP Clients Buffer Overflow Vulnerability CVE-2004-1118
FULLDISC:20041122 WeOnlyDo! COM Ftp DELUXE ActiveX Control Buffer Overflow Vulnerability CVE-2004-1118
FULLDISC:20041124 Buffer Overflow in Open Dc Hub 0.7.14 CVE-2004-1127
FULLDISC:20041124 Jabberd2.x remote BuffJabberd2.x remote Buffer Overflowser Overflows CVE-2004-0953
FULLDISC:20041124 STG Security Advisory: [SSA-20041122-10] KorWeblog directory traversal vulnerability CVE-2004-1543
FULLDISC:20041125 FIREFOX flaws: nested array sort() loop Stack overflow exception CVE-2004-1200
FULLDISC:20041125 MSIE & FIREFOX flaws: "detailed" advisory and comments that you probably don't want to read anyway CVE-2004-1198 CVE-2004-1200
FULLDISC:20041125 More Browser flaws on MACOSX: nested array sort() loop Stack overflow exception CVE-2004-1199
FULLDISC:20041125 Re: MSIE flaws: nested array sort() loop Stack overflow exception CVE-2004-1201
FULLDISC:20041125 Re: Opera flaws: nested array sort() loop Stack overflow exception CVE-2004-1201
FULLDISC:20041126 phpCMS <= 1.2.1 Xss Vulnerability, Information disclosure CVE-2004-1202 CVE-2004-1203
FULLDISC:20041129 Format string flaw in VMWare Workstation 4.5.2 build-8848. CVE-2004-2515
FULLDISC:20041129 Multiple buffer overlows in WS_FTP Server Version 5.03, 2004.10.14. CVE-2004-1135
FULLDISC:20041129 Password Disclosure for SMB Shares in KDE's Konqueror CVE-2004-1171
FULLDISC:20041129 Privilege escalation flaw in MDaemon 7.2. CVE-2004-2504
FULLDISC:20041129 ncpfs buffer overflow CVE-2004-1079
FULLDISC:20041130 Re: Privilege escalation flaw in MDaemon 7.2. CVE-2004-2504
FULLDISC:20041201 Multiple buffer overflows exist in Mercury/32, v4.01a, Dec 8 2003. CVE-2004-1211
FULLDISC:20041206 Multiple vulnerabilities in w3who ISAPI DLL CVE-2004-1133 CVE-2004-1134
FULLDISC:20041213 Multiple XSS Vulnerabilities in several UBB.Thread Versions CVE-2004-2509 CVE-2004-2510
FULLDISC:20041213 Socket unreacheable in the Lithtech engine (new protocol) CVE-2004-1395
FULLDISC:20041213 Winamp 5.07 (latest version) Remote Crash + other CVE-2004-1396
FULLDISC:20041214 OpenText FirstClass 8.0 HTTP Daemon /Search Remote DoS Vulnerability CVE-2004-2496
FULLDISC:20041215 STG Security Advisory: [SSA-20041215-15] Vulnerability of uploading files with multiple extensions in MoniWiki CVE-2004-1545
FULLDISC:20041215 fun with linux kernel CVE-2004-1333 CVE-2004-1334 CVE-2004-1335
FULLDISC:20041220 FreezeX file access vulnerability CVE-2004-2648
FULLDISC:20041223 Cross-Site Scripting - an industry-wide problem CVE-2004-1059 CVE-2004-1061 CVE-2004-1062 CVE-2004-1146 CVE-2005-0514
FULLDISC:20041223 Plesk 7 Cross-Site Scripting CVE-2004-2702
FULLDISC:20041223 STG Security Advisory: [SSA-20041220-16] PHP source injection and cross-site scripting vulnerabilities in ZeroBoard CVE-2004-1419 CVE-2004-2738
FULLDISC:20041223 [USN-48-1] xpdf, tetex-bin vulnerabilities CVE-2004-1125
FULLDISC:20041223 [USN-49-1] debmake vulnerability CVE-2004-1179
FULLDISC:20050101 Two Vulnerabilities in ViewCVS CVE-2005-4830 CVE-2005-4831
FULLDISC:20050107 Simple PHP Blog directory traversal vulnerability CVE-2005-0214
FULLDISC:20050107 grsecurity 2.1.0 release / 5 Linux kernel advisories CVE-2005-0179 CVE-2005-0180 CVE-2005-0504
FULLDISC:20050110 Multi-vendor AV gateway image inspection bypass vulnerability CVE-2005-0218
FULLDISC:20050111 Apple Airport WDS DoS CVE-2005-0289
FULLDISC:20050112 Linux kernel i386 SMP page fault handler privilege escalation CVE-2005-0001
FULLDISC:20050112 TFTPD32 Long FileName Remote Denial of Service CVE-2005-4882
FULLDISC:20050112 [waraxe-2005-SA#039] - Critical Sql Injection in Sgallery module for PhpNuke CVE-2005-0375 CVE-2005-0376 CVE-2005-0377
FULLDISC:20050114 Internet Explorer (SP2) - Remote File Download CVE-2005-0110
FULLDISC:20050114 Re: Multi-vendor AV gateway image inspection bypass vulnerability CVE-2005-0218
FULLDISC:20050116 Minis directory traversal vulnerability CVE-2005-0293 CVE-2005-0294
FULLDISC:20050116 phpGiftReq SQL Injection CVE-2005-0292
FULLDISC:20050117 Multiple Vulnerabilities in Netgear FVS318 Router CVE-2005-0290 CVE-2005-0291
FULLDISC:20050119 Multiple vulnerabilities in Konversation CVE-2005-0129 CVE-2005-0130 CVE-2005-0131
FULLDISC:20050121 NOVL-2005-10096251 GroupWise WebAccess error handling modules (report) CVE-2005-0296
FULLDISC:20050122 several BO's in goldenftpd CVE-2005-0566
FULLDISC:20050127 DMA[2005-0127a] - 'Apple OSX batch family poor use of setuid' CVE-2005-0125
FULLDISC:20050130 Broadcast crash in Xpand Rally 1.0.0.0 CVE-2005-0325
FULLDISC:20050201 Remotely exploitable buffer overflow vulnerability in Savant Web Server 3.1 CVE-2005-0338
FULLDISC:20050206 Microsoft Outlook Web Access URL Injection Vulnerability CVE-2005-0420
FULLDISC:20050206 state of homograph attacks CVE-2005-0234 CVE-2005-0235 CVE-2005-0236 CVE-2005-0238
FULLDISC:20050207 DMA[2005-0131a] - 'Setuid Perl PERLIO_DEBUG root owned file creation' CVE-2005-0155
FULLDISC:20050207 DMA[2005-0131b] - 'Setuid Perl PERLIO_DEBUG CVE-2005-0156
FULLDISC:20050208 XSS VULNERABILITY AT MODULE PostWrap CVE-2005-0412
FULLDISC:20050209 Administrivia: List Compromised due to Mailman Vulnerability CVE-2005-0202
FULLDISC:20050209 Internet Explorer zone spoofing with encoded URLs CVE-2005-0054
FULLDISC:20050212 Credit Card data disclosure in CitrusDB CVE-2005-0229
FULLDISC:20050214 Advisory: Authentication bypass in CitrusDB CVE-2005-0408
FULLDISC:20050214 Advisory: Cross Site Scripting Vulnerability in Openconf Conference Management Software CVE-2005-0407
FULLDISC:20050214 Advisory: Directory traversal in CitrusDB CVE-2005-0411
FULLDISC:20050214 Advisory: JPEG EXIF information disclosure CVE-2005-0406
FULLDISC:20050214 Advisory: SQL-Injection in CitrusDB CVE-2005-0410
FULLDISC:20050214 Advisory: Upload Authorization bypass in CitrusDB CVE-2005-0409
FULLDISC:20050215 Kayako eSupport v2.3.1 Support Tracker XSS CVE-2005-0487
FULLDISC:20050215 linux kernel 2.6 fun. windoze is a joke CVE-2005-0532
FULLDISC:20050217 Advisory: Multiple Vulnerabilities in BibORB CVE-2005-0251 CVE-2005-0252 CVE-2005-0253 CVE-2005-0254
FULLDISC:20050219 Thomson TCW690 Denial Of Service Vulnerability CVE-2003-1085
FULLDISC:20050219 pMachine Pro / pMachine Free Remote Code Execution CVE-2005-0513
FULLDISC:20050221 SD Server 4.0.70 Directory Traversal Bug CVE-2005-0507
FULLDISC:20050221 WindowsXPSP2 script-initiated popup window CVE-2005-0500
FULLDISC:20050222 unace-1.2b multiple buffer overflows and directory traversal bugs CVE-2005-0160 CVE-2005-0161
FULLDISC:20050224 Cyclades AlterPath Manager Vulnerabilities CVE-2005-0540 CVE-2005-0541 CVE-2005-0542
FULLDISC:20050224 GAIM exploit CVE-2005-0573
FULLDISC:20050226 Badblue HTTP Server, ext.dll buffer overflow CVE-2005-0595
FULLDISC:20050228 Server termination in Scrapland 1.0 CVE-2005-0621
FULLDISC:20050228 [USN-86-1] cURL vulnerability CVE-2005-0490
FULLDISC:20050307 - Argeniss - Oracle Database Server Directory transversal CVE-2005-0701
FULLDISC:20050308 Yahoo! Messenger Offline Mode Status Remote Buffer Overflow Vulnerability CVE-2005-0737
FULLDISC:20050309 overwriting low kernel memory CVE-2005-0736
FULLDISC:20050310 Multiple Vulnerabilities of PY Software Active Webcam WebServer CVE-2005-0730 CVE-2005-0731 CVE-2005-0732 CVE-2005-0733 CVE-2005-0734
FULLDISC:20050313 Firefox 1.01 : spoofing status bar without using JavaScript CVE-2005-4809
FULLDISC:20050313 [HAT-SQUAD] SafeNet Sentinel LM, UDP License Manager Exploit CVE-2005-0353
FULLDISC:20050318 Java Web Start argument injection vulnerability CVE-2005-0836
FULLDISC:20050325 Maxthon browser search bar information disclosure CVE-2005-0905
FULLDISC:20050327 THai's Shoutbox XSS (Spoofing URL) BUG CVE-2005-0909
FULLDISC:20050328 THai's Shoutbox correction name CVE-2005-0909
FULLDISC:20050329 Adventia Chat CVE-2005-0919
FULLDISC:20050329 E-Data CVE-2005-0924
FULLDISC:20050405 MailEnable Imapd remote BoF + Exploit [x0n3-h4ck] CVE-2005-1014
FULLDISC:20050406 Re: MailEnable Imapd remote BoF + Exploit [x0n3-h4ck] CVE-2005-1015
FULLDISC:20050407 Cisco Linksys WET11 Password Resetting Vulnerability CVE-2005-1059
FULLDISC:20050410 rsnapshot Security Advisory 001 CVE-2005-1064
FULLDISC:20050412 XAMPP CVE-2005-1077 CVE-2005-1078
FULLDISC:20050415 Use of function "log" in Perl module Net::Server CVE-2005-1127
FULLDISC:20050416 TCP/IP Stack Vulnerability CVE-2005-1184
FULLDISC:20050418 Re: TCP/IP Stack Vulnerability CVE-2005-1184
FULLDISC:20050418 XSS bug in JAWS gadget Glossary (0.4-latestbeta (beta 2)) CVE-2005-1231
FULLDISC:20050427 Privilege escalation and password protection bypass in Altiris Client Service for Windows (Version 6.0.88) CVE-2005-1590
FULLDISC:20050430 DMA[2005-0425a] - 'ESRI ArcGIS 9.x multiple local vulnerabilities CVE-2005-1393 CVE-2005-1394
FULLDISC:20050501 DMA[2005-0501a] - 'ARPUS/Ce setuid buffer overflow and file overwrite' CVE-2005-1395 CVE-2005-1396
FULLDISC:20050501 Remote buffer overflow in GlobalScape Secure FTP server 3.0.2 CVE-2005-1415
FULLDISC:20050504 Gamespy cd-key validation system: "Cd-key in use" DoS versus many games CVE-2005-1556
FULLDISC:20050506 64 bit qmail fun CVE-2005-1513 CVE-2005-1514 CVE-2005-1515
FULLDISC:20050506 [SEC-1 LTD] RSA SecurID Web Agent Heap Overflow CVE-2005-1471
FULLDISC:20050508 Browser Based File Manager Administration Vulnerability CVE-2005-1602
FULLDISC:20050508 Firefox Remote Compromise Leaked CVE-2005-1476 CVE-2005-1477
FULLDISC:20050508 Firefox Remote Compromise Technical Details CVE-2005-1476 CVE-2005-1477
FULLDISC:20050508 Server Remote File Manager DOS Exploit CVE-2005-1603
FULLDISC:20050508 phpbb 2.0.15 released - patches high critical vuln CVE-2005-1193
FULLDISC:20050509 SiteStudio CVE-2005-1605
FULLDISC:20050510 Useless tidbit CVE-2005-2935
FULLDISC:20050510 Useless tidbit (MS AntiSpyware) CVE-2005-2935
FULLDISC:20050510 [Full-disclosure] [Scan Associates Advisory] Neteyes Nexusway multiple vulnerability CVE-2005-1560
FULLDISC:20050510 [Scan Associates Advisory] Neteyes Nexusway multiple vulnerability CVE-2005-1558 CVE-2005-1559
FULLDISC:20050511 [DR018] Quartz Composer / QuickTime 7 information leakage CVE-2005-1579
FULLDISC:20050513 PhotoPost Arbitrary Data Exploit CVE-2005-1629
FULLDISC:20050515 Gurgens Guest Book Password Database Vulnerability CVE-2005-1647
FULLDISC:20050515 Ultimate Forum Password Database Vulnerability CVE-2005-1648
FULLDISC:20050516 Advisory: Pico Server (pServ) Remote Command Injection CVE-2005-1365
FULLDISC:20050516 Pico Server (pServ) Information Disclosure Of CGI Sources CVE-2005-1366
FULLDISC:20050516 Pico Server (pServ) Local Information Disclosure CVE-2005-1367
FULLDISC:20050517 MySQL < 4.0.12 && MySQL <= 5.0.4 : Insecure tmp CVE-2005-1636
FULLDISC:20050528 Invision Power Board 1.x and 2.x Privilege Escalation Vulnerability CVE-2005-1816
FULLDISC:20050529 XSS Bug in Jaws Glossary Action: ViewTerm ( v 0.4 - 0.5.1 (latest version)) CVE-2005-1800
FULLDISC:20050601 HP Radia Notify Daemon: Multiple Buffer Overflow Vulnerabilities CVE-2005-1825 CVE-2005-1826
FULLDISC:20050603 [DRUPAL-SA-2005-001] New Drupal release fixes critical security issue CVE-2005-1871
FULLDISC:20050604 LSS.hr false positives. CVE-2005-1870
FULLDISC:20050605 Re: LSS.hr false positives. (correction) CVE-2005-1870
FULLDISC:20050606 Crob FTP Server remote buffer overflows CVE-2005-1873
FULLDISC:20050606 GIPTables Firewall <= v1.1 insecure temporary file creation CVE-2005-1878
FULLDISC:20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to close any support ticket within the system. CVE-2005-1932
FULLDISC:20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to open any support ticket within the system. CVE-2005-1932
FULLDISC:20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to reset the DNS information of any domain name managed by the system. CVE-2005-1932
FULLDISC:20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable in that it allows an attacker to respond to any support ticket on the system. CVE-2005-1932
FULLDISC:20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable to plain-text session credential leakage via script injection. CVE-2005-1877
FULLDISC:20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable to the unauthorized viewing of client invoice information. CVE-2005-1932
FULLDISC:20050606 Lpanel.NET's Lpanel (all versions up to and including 1.59) is vulnerable to unauthorized domain management access. CVE-2005-1932
FULLDISC:20050606 LutelWall <= 0.97 insecure temporary file creation CVE-2005-1879
FULLDISC:20050606 Popper webmail remote code execution vulnerability - advisory fix CVE-2005-1870
FULLDISC:20050606 everybuddy <= 0.4.3 insecure temporary file creation CVE-2005-1880
FULLDISC:20050612 [CIRT.DK - Advisory] Novell eDirectory 8.7.3 DOS Device name Denial of Service CVE-2005-1729
FULLDISC:20050615 DMA[2005-0614a] - 'Global Hauri ViRobot Server cookie overflow' CVE-2005-2041
FULLDISC:20050616 CoolCafe Chat SQL injection CVE-2005-2035 CVE-2005-2036
FULLDISC:20050619 Advisory 01/2005: Fileupload/download vulnerability in Trac CVE-2005-2007
FULLDISC:20050628 Solaris 9/10 ld.so fun CVE-2005-2072
FULLDISC:20050704 log4sh insecure temporary file creation CVE-2005-1915
FULLDISC:20050705 Quickblogger CVE-2005-4785
FULLDISC:20050710 ID Board 1.1.3 SQL Injection Vulnerability CVE-2005-2197
FULLDISC:20050711 [CAID 35330, 35331]: CA Anti-Virus, CA Threat Manager, and CA Anti-Spyware Console Login and File Mapping Vulnerabilities CVE-2007-2522 CVE-2007-2523
FULLDISC:20050718 Shorewall MACLIST Problem CVE-2005-2317
FULLDISC:20050725 Help poor children in Uganda CVE-2005-2368
FULLDISC:20050726 SPIDynamics WebInspect Cross-Application Scripting (XAS) CVE-2005-2442
FULLDISC:20050729 Cisco IOS Shellcode Presentation CVE-2005-2451
FULLDISC:20050801 Buffer overflow in BusinessMail email server system 4.60.00 CVE-2005-2472
FULLDISC:20050808 [AppSecInc Advisory MYSQL05-V0001] Improper Filtering of Directory Traversal Characters in MySQL User Defined Functions CVE-2005-2573
FULLDISC:20050808 [AppSecInc Advisory MYSQL05-V0002] Buffer Overflow in MySQL User Defined Functions CVE-2005-2558
FULLDISC:20050809 (no subject) CVE-2005-2612
FULLDISC:20050811 Fudforum: incompletely check of user rights in tree view gaining access to all messages CVE-2005-2600
FULLDISC:20050811 Privilege escalation in Network Associates ePolicy Orchestrator Agent 3.5.0 (patch 3) CVE-2005-2554
FULLDISC:20050811 Windows 2000 universal exploit for MS05-039 CVE-2005-1983
FULLDISC:20050812 Multiple directory traversal vulnerabilities in Claroline CVE-2005-2598
FULLDISC:20050814 STG Security Advisory: [SSA-20050812-27] Discuz! arbitrary script upload vulnerability CVE-2005-2614
FULLDISC:20050817 Unicode Buffer Overflow in WinFtp Server 1.6.8 CVE-2005-2634
FULLDISC:20050818 Re: mutt buffer overflow CVE-2005-2642
FULLDISC:20050818 mutt buffer overflow CVE-2005-2642
FULLDISC:20050818 w-agora 4.2.0 and prior Remote Directory Travel Vulnerability CVE-2005-2648
FULLDISC:20050819 Re: Erroneous Informations - Multiple directory traversal vulnerabilities in Claroline CVE-2005-2598
FULLDISC:20050823 Server crash in Ventrilo 2.3.0 CVE-2005-2719
FULLDISC:20050824 mplayer overflow CVE-2005-2718
FULLDISC:20050825 NOVL-2005010098073 GroupWise Password Caching CVE-2005-2620
FULLDISC:20050829 Secunia Research: SqWebMail HTML Emails Script Insertion Vulnerability CVE-2005-2769
FULLDISC:20050831 Dameware critical hole CVE-2005-2842
FULLDISC:20050901 Multiple Phorum XSS and Session Hijacking vulnerabilities CVE-2005-2836
FULLDISC:20050902 Re: Multiple Phorum XSS and Session Hijacking vulnerabilities CVE-2005-2836
FULLDISC:20050905 thesitewizard.com chfeedback.pl CRLF Injection CVE-2005-2854
FULLDISC:20050913 LDU Version 801 vulnerable CVE-2005-4821
FULLDISC:20050914 Oracle Reports: Generic SQL Injection Vulnerability via Lexical References CVE-2005-2983
FULLDISC:20050915 SimpleCDR-X - Insecure tempfile handling CVE-2005-3012
FULLDISC:20050916 [CIRT.DK - Advisory 37] TAC Vista Webstation 3.0 Directory Traversal bug in webinterface CVE-2005-3040
FULLDISC:20050916 ncompress insecure temporary file creation CVE-2005-2991
FULLDISC:20050918 Alstrasoft Epay Pro 2.0 and prior Directory Traversal Vulnerability CVE-2005-3026
FULLDISC:20050920 Re: arc insecure temporary file creation CVE-2005-2992
FULLDISC:20050920 bacula insecure temporary file creation CVE-2005-2995
FULLDISC:20050920 perldiver CVE-2005-3066 CVE-2005-3067
FULLDISC:20050923 SecureW2 TLS security problem CVE-2005-3087
FULLDISC:20050924 It's time for some warez - Qpopper poppassd local r00t exploit CVE-2005-3098
FULLDISC:20050924 It's time for some warez - wzdftpd remote exploit CVE-2005-3081
FULLDISC:20050925 ContentServ features remote file disclosure CVE-2005-3086
FULLDISC:20050925 Server crash and motd deletion in MultiTheftAuto 0.5 patch 1 CVE-2005-3064 CVE-2005-3065
FULLDISC:20050926 RealPlayer && HelixPlayer Remote Format String CVE-2005-2710
FULLDISC:20050927 Re: [ISR] - Novell GroupWise Client Integer Overflow CVE-2005-2804
FULLDISC:20050927 [ISR] - Novell GroupWise Client Integer Overflow CVE-2005-2804
FULLDISC:20050929 Serendipity: Account Hijacking / CSRF Vulnerability CVE-2005-3129
FULLDISC:20050929 [NRVA05-08] - Arbitrary file download by NateOn Messagener's ActiveX and DoS CVE-2005-3113 CVE-2005-3114
FULLDISC:20051003 Kaspersky Antivirus Library Remote Heap Overflow CVE-2005-3142
FULLDISC:20051004 iDEFENSE Security Advisory 10.04.05: UW-IMAP Netmailbox Name Parsing Buffer Overflow Vulnerability CVE-2005-2933
FULLDISC:20051005 Tellme 1.2 CVE-2005-4698 CVE-2005-4699 CVE-2005-4700
FULLDISC:20051006 OScommerce: "Additional Images" Module SQL Injection CVE-2005-4677
FULLDISC:20051006 Secunia Research: Webroot Desktop Firewall Two Vulnerabilities CVE-2005-3197 CVE-2005-3198
FULLDISC:20051007 Cross-Site-Scripting Vulnerabilities in Oracle HTMLDB CVE-2005-3202
FULLDISC:20051007 Cross-Site-Scripting Vulnerability in Oracle XMLDB CVE-2005-3204
FULLDISC:20051007 Cross-Site-Scripting Vulnerability in Oracle iSQL*Plus CVE-2005-3205
FULLDISC:20051007 Plaintext Password Vulnerabilitiy during Installation of Oracle HTMLDB CVE-2005-3203
FULLDISC:20051007 Shutdown TNS Listener via Oracle Forms Servlet CVE-2005-3207
FULLDISC:20051007 Shutdown TNS Listener via Oracle iSQL*Plus CVE-2005-3206
FULLDISC:20051008 xine/gxine CD Player Remote Format String Bug CVE-2005-2967
FULLDISC:20051011 Secunia Research: WinRAR Format String and Buffer Overflow Vulnerabilities CVE-2005-3263
FULLDISC:20051012 Secunia Research: Novell NetMail NMAP Agent "USER" Buffer Overflow Vulnerability CVE-2005-2469
FULLDISC:20051012 ZDI-05-001: VERITAS NetBackup Remote CodeExecution CVE-2005-2715
FULLDISC:20051012 [SEC-1 Advisory] Collaboration Data Objects Buffer Overflow Vulnerability CVE-2005-1987
FULLDISC:20051012 [SEC-1 Advisory] GFI MailSecurity 8.1 Web Module Buffer Overflow CVE-2005-3182
FULLDISC:20051013 Kerio Personal Firewall and Kerio Server Firewall FWDRV driver Local Denial of Service CVE-2005-3286
FULLDISC:20051014 CAID 33485 - Computer Associates iGateway debug mode HTTP GET request buffer overflow vulnerability CVE-2005-3190
FULLDISC:20051017 Lynx Remote Buffer Overflow CVE-2005-3120
FULLDISC:20051019 RE: CAID 33485 - Computer Associates iGateway debug mode HTTP GET request buffer overflow vulnerability CVE-2005-3190
FULLDISC:20051020 Exploit Oracle DB27 - CPU Octobre CVE-2005-3438
FULLDISC:20051021 F.E.A.R. 1.01 likes lithsock CVE-2004-1395
FULLDISC:20051022 Advisory 16/2005: phpMyAdmin Local File Inclusion Vulnerability CVE-2005-3300
FULLDISC:20051022 Vulnerability in AL-Caricatier, V.2.5 And Prior Versions CVE-2005-4653
FULLDISC:20051022 phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. CVE-2005-3310
FULLDISC:20051024 Fwd: Vulnerability in Ar-blog ver 5.2 and prior versions CVE-2005-3494 CVE-2005-3495
FULLDISC:20051024 php < 4.4.1 htaccess apache dos CVE-2005-3319
FULLDISC:20051025 PHP iCalendar CSS CVE-2005-3366
FULLDISC:20051025 Re: [Full-disclosure] SEC-Consult SA 20051025-1 :: RSA ACE Web Agent CVE-2005-3329
FULLDISC:20051025 Re: [Full-disclosure] phpBB 2.0.17 (and other BB systems as well) Cookie disclosure exploit. CVE-2005-3477
FULLDISC:20051025 SEC-Consult SA 20051025-1 :: RSA ACE Web Agent XSS CVE-2005-3329
FULLDISC:20051025 Snort's BO pre-processor exploit CVE-2005-3252
FULLDISC:20051026 chmlib exploitable buffer overflow CVE-2005-3318
FULLDISC:20051027 Hasbani-WindWeb/2.0 Remote DoS [ with exploit ] CVE-2005-3475
FULLDISC:20051028 Multiple vulnerabilities within RockLiffe MailSite Express WebMail CVE-2005-3428 CVE-2005-3429 CVE-2005-3430 CVE-2005-3431
FULLDISC:20051101 HYSA-2005-009 Elite Forum 1.0.0.0 XSS CVE-2005-3412
FULLDISC:20051101 Snort Back Orifice Preprocessor Exploit (Win32 targets) CVE-2005-3252
FULLDISC:20051101 new IE bug (confirmed on ALL windows) CVE-2005-4717
FULLDISC:20051102 Buffer-overflow and crash in FlatFrag 0.3 CVE-2005-3491 CVE-2005-3492
FULLDISC:20051102 Buffer-overflow and directory traversal in Asus CVE-2005-3489 CVE-2005-3490
FULLDISC:20051102 Buffer-overflow in GO-Global for Windows CVE-2005-3483
FULLDISC:20051102 Buffer-overflow in Glider collect'n kill 1.0.0.0 CVE-2005-3485
FULLDISC:20051102 H4CREW-000002 Sambars 6.3 BETA 2 Proxy.asp XSS CVE-2005-3506
FULLDISC:20051102 Limited directory traversal in NeroNET 1.2.0.2 CVE-2005-3484
FULLDISC:20051102 Multiple vulnerabilities in Scorched 3D 39.1 CVE-2005-3486 CVE-2005-3487 CVE-2005-3488
FULLDISC:20051102 Socket termination in Battle Carry .005 CVE-2005-3493
FULLDISC:20051102 [ TZO-012005 ] F-Prot/Frisk Anti Virus bypass - ZIP Version Header CVE-2005-3499
FULLDISC:20051103 Advisory: Apple QuickTime Player Remote Denial Of Service CVE-2005-2755
FULLDISC:20051103 Buggy blogging CVE-2005-3101 CVE-2005-3102 CVE-2005-3103 CVE-2005-3104 CVE-2005-4689 CVE-2005-4690
FULLDISC:20051104 Browser cookie handling: possible cross-domain cookie sharing CVE-2005-4684 CVE-2005-4685
FULLDISC:20051104 Cerberus helpdesk CVE-2005-3502
FULLDISC:20051104 DMA[2005-1104a] - 'GpsDrive friendsd2 format string vulnerability' CVE-2005-3523
FULLDISC:20051104 RE: new IE bug (confirmed on ALL windows) CVE-2005-4717
FULLDISC:20051104 Secunia Research: cPanel Entropy Chat Script Insertion Vulnerability CVE-2005-3505
FULLDISC:20051105 linux-ftpd-ssl 0.17 warez CVE-2005-3524
FULLDISC:20051106 http://prdelka.blackart.org.uk/exploitz/prdelka-vs-BSD-ptrace.tar.gz CVE-2005-4741
FULLDISC:20051115 Authentication vulnerability in Belkin wireless devices CVE-2005-3802
FULLDISC:20051115 Critical SQL Injection PHPNuke <= 7.8 CVE-2005-3792
FULLDISC:20051116 Hitachi IP5000 VoIP Wifi phone multiple CVE-2005-3719 CVE-2005-3720 CVE-2005-3721 CVE-2005-3722 CVE-2005-3723
FULLDISC:20051116 Senao SI-680H VoIP Wifi phone undocumented open port CVE-2005-3715
FULLDISC:20051116 Zyxel P2000W (Version1) VoIP Wifi phone multiple CVE-2005-3724 CVE-2005-3725
FULLDISC:20051116 freeftpd USER bufferoverflow CVE-2005-3683
FULLDISC:20051116 mambo remote code sexecution CVE-2005-3738
FULLDISC:20051116 re: freeftpd USER bufferoverflow CVE-2005-3683
FULLDISC:20051117 UTstarcom F1000 VoIP Wifi phone multiple vulnerabilities CVE-2005-3716 CVE-2005-3717 CVE-2005-3718
FULLDISC:20051117 freeftpd MKD buffer overflow etc... CVE-2005-3684
FULLDISC:20051118 Secunia Research: MailEnable Buffer Overflow and Directory Traversal Vulnerabilities CVE-2005-3690
FULLDISC:20051118 Secunia Research: Winmail Server Multiple Vulnerabilities CVE-2005-3692 CVE-2005-3811
FULLDISC:20051121 Gadu-Gadu several vulnerabilities (version <= 7.20) CVE-2005-3887 CVE-2005-3888 CVE-2005-3889 CVE-2005-3890 CVE-2005-3891 CVE-2005-3892
FULLDISC:20051122 Cisco PIX TCP Connection Prevention CVE-2005-3774
FULLDISC:20051122 Google Talk Denial of Service - BenjiBug CVE-2005-3899
FULLDISC:20051122 OTRS 1.x/2.x Multiple Security Issues CVE-2005-3893 CVE-2005-3894 CVE-2005-3895
FULLDISC:20051122 Re: Torrential 1.2 getdox.php Directory Traversal CVE-2005-4253
FULLDISC:20051122 Secunia Research: Opera Command Line URL Shell Command Injection CVE-2005-3750
FULLDISC:20051122 VHCS 2.x HTTP Error Cross Site Scripting CVE-2005-3902
FULLDISC:20051124 MailEnable IMAP DOS CVE-2005-3813
FULLDISC:20051125 SEC Consult SA-20051125-0 :: More Vulnerabilities in vTiger CRM CVE-2005-3820 CVE-2005-3821 CVE-2005-3822 CVE-2005-3823 CVE-2005-3824
FULLDISC:20051130 ZRCSA-200504 - dotclear SQL Injection CVE-2005-3963
FULLDISC:20051201 WinEggDropShell Multiple Remote Stack Overflow CVE-2005-3992
FULLDISC:20051207 Appfluent Batabase IDS Local Root CVE-2005-4076
FULLDISC:20051207 Checkpoint SecureClient NGX Security Policy can easily be disabled CVE-2005-4093
FULLDISC:20051208 PGP Wipe Free Space, Lyris ListManager Flaws, Windows Timestamps, Sam Juicer CVE-2005-4142 CVE-2005-4143 CVE-2005-4144 CVE-2005-4145 CVE-2005-4146 CVE-2005-4147 CVE-2005-4148 CVE-2005-4149 CVE-2005-4151
FULLDISC:20051208 Perl cal XSS Vulnerability CVE-2005-4162
FULLDISC:20051208 Re: re: Firefox 1.5 buffer overflow (poc) CVE-2005-4134
FULLDISC:20051208 re: Firefox 1.5 buffer overflow (poc) CVE-2005-4134
FULLDISC:20051209 [TKPN2005-12-001] Multiple critical vulnerabilities in MyBB CVE-2005-4199
FULLDISC:20051211 SEC Consult SA-20051211-0 :: Several XSS issues in Horde Framework, Kronolith Calendar, Mnemo Notes, Nag Tasks and Turba Addressbook CVE-2005-4189
FULLDISC:20051213 Secunia Research: Microsoft Internet Explorer Keyboard Shortcut Processing Vulnerability CVE-2005-2829
FULLDISC:20051214 Re: iDefense Security Advisory 12.14.05: Trend Micro ServerProtect relay.dll Chunked Overflow Vulnerability CVE-2005-1929
FULLDISC:20051215 [scip_Advisory 1910] Alkacon OpenCms 6.0.2 login Cross Site Scripting CVE-2005-4294
FULLDISC:20051217 XSS Vuln in PlaySmS CVE-2005-4432
FULLDISC:20051217 phpBB 2.0.18 XSS and Full Path Disclosure CVE-2005-4357 CVE-2005-4358
FULLDISC:20051219 Authenticated EIGRP DoS / Information leak CVE-2005-4437
FULLDISC:20051219 Cerberus Helpdesk vulnerabilities CVE-2005-4427 CVE-2005-4428
FULLDISC:20051219 LiveJournal CSS/JS injection vulnerability CVE-2005-4454
FULLDISC:20051219 Making unidirectional VLAN and PVLAN jumping bidirectional CVE-2005-4440 CVE-2005-4441
FULLDISC:20051219 Remote Buffer Overflow in Mailenable Enterprise CVE-2005-4402
FULLDISC:20051219 Unauthenticated EIGRP DoS CVE-2002-2208 CVE-2005-4436
FULLDISC:20051219 Unzip *ALL* verisons ;)) CVE-2005-4667
FULLDISC:20051219 elogd 2.6.0 overflow CVE-2005-4439
FULLDISC:20051220 Enterprise Connector v.1.02 Multiple SQL CVE-2005-4563
FULLDISC:20051220 LiveJournal CSS/JS injection vulnerability CVE-2005-4454
FULLDISC:20051220 RE: Authenticated EIGRP DoS / Information leak CVE-2002-2208 CVE-2005-4436 CVE-2005-4437
FULLDISC:20051220 Vulnerability in Metadot portal server allows users to gain administrative privileges CVE-2005-4458
FULLDISC:20051220 [ACSSEC-2005-11-25-0x3] FTGate 4.4 [Build 4.4.000 Oct 26 2005] Cr oss Site Scripting Vulnerability CVE-2005-4567
FULLDISC:20051220 [ACSSEC-2005-11-25-0x4] FTGate 4.4 [Build 4.4.000 Oct 26 2005] St ack Buffer Overflow CVE-2005-4569
FULLDISC:20051220 [ACSSEC-2005-11-25-0x5] FTGate 4.4 [Build 4.4.000 Oct 26 2005] Fo rmat String Overflow CVE-2005-4568
FULLDISC:20051220 [ACSSEC-2005-11-25-0x6] FTGate 4.4 [Build 4.4.000 Oct 26 2005] Fo rmat String Overflow CVE-2005-4568
FULLDISC:20051220 [ACSSEC-2005-11-27-0x1] Eudora Qualcomm WorldMail 3.0 IMAP4 Servi ce 6.1.19.0 CVE-2005-4267
FULLDISC:20051220 [ACSSEC-2005-11-27-0x2] Remote Overflows in Mailenable Enterprise 1.1 / Professional 1.7 CVE-2005-4456 CVE-2005-4457
FULLDISC:20051221 [ACSSEC-2005-11-25-0x1] VMWare Workstation 5.5.0 <= build-18007 G SX Server Variants And Others CVE-2005-4459
FULLDISC:20051222 CYBSEC - Security Advisory: httprint Multiple Vulnerabilities CVE-2005-4502 CVE-2005-4503
FULLDISC:20051223 SEC Consult SA-20051223-0 :: Multiple Cross Site Scripting Vulnerabilities in OracleAS Discussion Forum Portlet CVE-2005-4549
FULLDISC:20051223 SEC Consult SA-20051223-1 :: File Disclosure using df_next_page parameter in OracleAS Discussion Forum Portlet CVE-2005-4550
FULLDISC:20051223 html in simpbook CVE-2005-4551
FULLDISC:20051225 Advanced Guestbook remote XSS exploit CVE-2005-4649
FULLDISC:20051227 Juniper NSM remote Denial Of Service CVE-2005-4587
FULLDISC:20051227 Secunia Research: IceWarp Web Mail Multiple File CVE-2005-4556 CVE-2005-4557 CVE-2005-4558 CVE-2005-4559
FULLDISC:20051230 PTnet IRCD heap exhaustion and integer overflow CVE-2005-4624
FULLDISC:20060102 Buffer Overflow vulnerability in Windows Display Manager [Suspected] CVE-2006-0081
FULLDISC:20060103 Open Xchange XSS CVE-2006-0091
FULLDISC:20060103 Re: Buffer Overflow vulnerability in Windows Display Manager [Suspected] CVE-2006-0081
FULLDISC:20060104 Rockliffe Directory Transversal Vulnerability CVE-2006-0127 CVE-2006-0128
FULLDISC:20060104 Rockliffe Mailsite User Enumeration Flaw CVE-2006-0129 CVE-2006-0130
FULLDISC:20060105 Re: Rockliffe Directory Transversal Vulnerability CVE-2006-0127
FULLDISC:20060105 Windows PHP 4.x "0-day" buffer overflow CVE-2006-0097
FULLDISC:20060106 SimpBook "message" Remote Cross-Site Scripting Vulnerability CVE-2006-0149
FULLDISC:20060108 RE: Windows PHP 4.x "0-day" buffer overflow CVE-2006-0097
FULLDISC:20060109 Advisory:XSS vulnerability on WebWiz Forums <= 6.34 (search_form.asp) CVE-2006-0175
FULLDISC:20060109 BSD Securelevels: Circumventing protection of files flagged immutable CVE-2005-4351
FULLDISC:20060109 Time modification flaw in BSD securelevels on NetBSD and Linux CVE-2005-4352
FULLDISC:20060110 AspTopSites SQL injection CVE-2006-0184
FULLDISC:20060110 SUID root overflows in UNICOS and partial shellcode CVE-2006-0177 CVE-2006-0178
FULLDISC:20060110 [EEYEB-2000801] - Windows Embedded Open Type (EOT) Font Heap Overflow Vulnerability CVE-2006-0010
FULLDISC:20060110 mysec.org Security Advisory : Xmame buffer overflow, with a possibility of privilege escalation. CVE-2006-0176
FULLDISC:20060111 Updated Advisories - Incorrect CVE Information CVE-2005-2340 CVE-2005-3713
FULLDISC:20060111 [CIRT.DK] Apple QuickTime 7.0.3 and earlier - JPG/PICT Buffer Overflow CVE-2005-2340
FULLDISC:20060111 [EEYEB-20051031] Apple QuickTime Malformed GIF Heap Overflow CVE-2005-3713
FULLDISC:20060111 [EEYEB-20051220] Apple QuickTime QTIF Stack Overflow CVE-2005-2340
FULLDISC:20060112 Advisory: MiniNuke CMS System <= 1.8.2 (membership.asp) remote user password change exploit CVE-2006-0203
FULLDISC:20060112 Advisory: MiniNuke CMS System <= 1.8.2 (news.asp) SQL Injection vulnerability CVE-2006-0199 CVE-2006-0203
FULLDISC:20060112 Fortinet Advisory - Apple QuickTime Player ImageWidth Denial of Service Vulnerability CVE-2005-3710
FULLDISC:20060112 Fortinet Advisory - Apple QuickTime Player StripByteCounts Buffer Overflow Vulnerability CVE-2005-3711
FULLDISC:20060112 Fortinet Advisory: Apple QuickTime Player Color Map Entry Size Buffer Overflow CVE-2005-3709
FULLDISC:20060112 Fortinet Security Advisory: "Apple QuickTime Player Improper Memory Access Vulnerability" CVE-2005-3707
FULLDISC:20060112 ZDI-06-001: Clam AntiVirus UPX Unpacking Code Execution Vulnerability CVE-2006-0162
FULLDISC:20060113 DMA[2006-0112a] - 'Toshiba Bluetooth Stack Directory Transversal' CVE-2006-0212
FULLDISC:20060113 Farmers wife 4.4 sp1 remote SYSTEM access CVE-2006-0319
FULLDISC:20060115 EZDatabase Directory Transversal, XSS and Path Disclosure Vulnerability CVE-2006-0315
FULLDISC:20060115 Ultimate Auction <=3.67 CVE-2006-0217
FULLDISC:20060116 ACT P202S VoIP wireless phone multiple undocumented ports/services CVE-1999-0635 CVE-2006-0374 CVE-2006-0375
FULLDISC:20060116 Clipcomm CP-100E VoIP wireless desktop phone open debug service TCP/60023 CVE-2006-0305
FULLDISC:20060116 Clipcomm CPW-100E VoIP wireless handset phone open debug service TCP/60023 CVE-2006-0305
FULLDISC:20060116 MPM HP-180W VoIP wireless desktop phone undocumented port UDP/9090 CVE-2006-0360
FULLDISC:20060116 ZyXel P2000W (Version 2) VoIP wireless phone undocumented port UDP/9090 CVE-2006-0302
FULLDISC:20060117 Oracle DBMS - Access Control Bypass in Login CVE-2006-0547
FULLDISC:20060118 Fortinet Advisory: BitComet URI Buffer Overflow Vulnerability CVE-2006-0339
FULLDISC:20060118 Oracle Database 10g Rel. 1 - SQL Injection in SYS.KUPV$FT CVE-2006-0586
FULLDISC:20060118 Oracle Database 10g Rel. 1 - SQL Injection in SYS.KUPV$FT_INT CVE-2006-0586
FULLDISC:20060120 RockLiffe MailSite wconsole.dll Denial of Service/Script Injection Vulnerability CVE-2006-0341 CVE-2006-0342
FULLDISC:20060123 CAID 33778 - CA iGateway Content-Length Buffer Overflow Vulnerability CVE-2005-3653
FULLDISC:20060125 Workaround for unpatched Oracle PLSQL Gateway flaw CVE-2006-0435
FULLDISC:20060126 Shareaza Remote Vulnerability CVE-2006-0474
FULLDISC:20060126 [Argeniss] Oracle Database Buffer overflows vulnerabilities in public procedures of XDB.DBMS_XMLSCHEMA{_INT} CVE-2006-0272
FULLDISC:20060128 -moz-binding CSS property: more XSS fun CVE-2006-0496
FULLDISC:20060128 PmWiki Multiple Vulnerabilities CVE-2006-0479
FULLDISC:20060128 gnome evolution mail client inline text file DoS issue CVE-2006-0528
FULLDISC:20060129 AOL Instant Messenger 5.9.3861 Local Buffer Overrun Vulnerability CVE-2006-0629
FULLDISC:20060130 Re: ashnews Cross-Site Scripting Vulnerability CVE-2003-1292 CVE-2006-0524
FULLDISC:20060130 ashnews Cross-Site Scripting Vulnerability CVE-2006-0524
FULLDISC:20060131 Re: ashnews Cross-Site Scripting Vulnerability CVE-2003-1292 CVE-2006-0524
FULLDISC:20060131 ZRCSA-200601: SPIP - Multiple Vulnerabilities CVE-2006-0517
FULLDISC:20060201 Fcrontab - memory corruption on heap. CVE-2006-0539
FULLDISC:20060202 More on the workaround for the unpatched Oracle PLSQL Gateway flaw CVE-2006-0435
FULLDISC:20060202 Outblaze Cross Site Scripting Vulnerability CVE-2006-0568
FULLDISC:20060202 Re: Fcrontab - memory corruption on heap. CVE-2006-0575
FULLDISC:20060202 The History of the Oracle PLSQL Gateway Flaw CVE-2006-0435
FULLDISC:20060202 cPanel Multiple Cross Site Scripting Vulnerability CVE-2006-0573
FULLDISC:20060203 Re: cPanel Multiple Cross Site Scripting CVE-2006-0533
FULLDISC:20060203 VSR Advisory: IBM Tivoli Access Manager - Web Server Plug-in File Retrieval Vulnerability CVE-2006-0513
FULLDISC:20060203 phpBB 2.0.19 Cross Site Request Forgeries and XSS Admin CVE-2006-0437 CVE-2006-0438
FULLDISC:20060204 cPanel 10 mime/handle.html XSS Vulnerability CVE-2006-0574
FULLDISC:20060206 SECURITY.NNOV: The Bat! 2.x message headers spoofing CVE-2006-0630
FULLDISC:20060206 [ Secuobs - Advisory ] Bluetooth : DoS on hcidump CVE-2006-0670
FULLDISC:20060206 [Full-disclosure] [ Secuobs - Advisory ] Bluetooth : DoS on CVE-2006-0671
FULLDISC:20060207 Re: cPanel Multiple Cross Site Scripting Vulnerability CVE-2006-0763
FULLDISC:20060210 [thunkers.net] D-Link Fragmented UDP DoS Vulnerability CVE-2005-4723
FULLDISC:20060211 XSS in PlaySMS CVE-2005-4432
FULLDISC:20060213 Bypass Fortinet anti-virus using FTP CVE-2005-3057
FULLDISC:20060213 URL filter bypass in Fortinet CVE-2005-3058
FULLDISC:20060214 XSS and SQL injection in sNews CVE-2006-0715 CVE-2006-0716
FULLDISC:20060215 HostAdmin - Remote Command Execution Vulnerability CVE-2006-0791
FULLDISC:20060215 Kadu Remote Denial Of Service Fun CVE-2006-0768
FULLDISC:20060215 Kyocera Network Printers CVE-2006-0788 CVE-2006-0789
FULLDISC:20060215 Web Calendar Pro - Denial of Service SQL Injection Vulnerability CVE-2006-0835
FULLDISC:20060215 [ Secuobs - Advisory ] Another kind of DoS on Nokia cell phones CVE-2006-0797
FULLDISC:20060215 iUser Ecommerce - Remote Command Execution Vulnerability CVE-2006-0854
FULLDISC:20060216 Critical SQL Injection PHPNuke <= 7.8 - Your_Account module CVE-2006-0679
FULLDISC:20060216 Password disclosure and remote access in Netcool/NeuSecure Security information management platform CVE-2006-0837 CVE-2006-0838
FULLDISC:20060216 Soldier of Fortune II format string through PunkBuster 1.180 CVE-2006-0771
FULLDISC:20060217 Mozila Thunderbird 1.5 Address Book DoS CVE-2006-0836
FULLDISC:20060219 Multiple vulnerabilities in PostNuke <= 0.761 CVE-2006-0800 CVE-2006-0801 CVE-2006-0802
FULLDISC:20060224 Advisory: CilemNews System <= 1.1 Remote SQL CVE-2006-0961
FULLDISC:20060224 Advisory: Woltlab Burning Board 2.x (JGS-Gallery MOD <= 4.0) multiple XSS vulnerabilities CVE-2006-0927
FULLDISC:20060225 Advisory: Pentacle In-Out Board <= 6.03 (login.asp) Authencation ByPass Vulnerability CVE-2006-1000
FULLDISC:20060225 Advisory: Pentacle In-Out Board <= 6.03 (newsdetailsview.asp newsid) Remote SQL Injection Vulnerability CVE-2006-1000
FULLDISC:20060225 ArGoSoft FTP server remote heap overflow CVE-2005-0696
FULLDISC:20060227 directory traversal in DirectContact 0.3b CVE-2006-0971
FULLDISC:20060228 Limbo CMS code execution CVE-2006-1662
FULLDISC:20060301 NCP VPN/PKI Client - various Bugs CVE-2006-0964 CVE-2006-0965 CVE-2006-0966 CVE-2006-0967 CVE-2006-0968
FULLDISC:20060301 Woltlab Burning Board 2.x (Datenbank MOD fileid) MultipleVulnerabilities CVE-2006-1097
FULLDISC:20060307 Multiple vulnerabilities in Alien Arena 2006 GE 5.00 CVE-2006-1145 CVE-2006-1146 CVE-2006-1147
FULLDISC:20060307 RevilloC mail server USER command heap overflow CVE-2006-1124
FULLDISC:20060307 capi4hylafax insecure manipulation with tmp files CVE-2006-1231
FULLDISC:20060307 phpBannerExchange 2.0 Directory Traversal Vulnerability CVE-2006-1201
FULLDISC:20060308 Noah's Classifieds Multiple Cross-Site Scripting Vulnerabilities CVE-2006-1331
FULLDISC:20060309 Advisory: Jiros Banner Experience Pro Remote Privilege Escalation. CVE-2006-1213
FULLDISC:20060310 WinSCP - URI Handler Command Switch Parsing CVE-2006-3015
FULLDISC:20060311 AntiVir PersonalEdition Classic: Local Privilige Escalation CVE-2006-1274
FULLDISC:20060312 Buffer Overflow and Installation Script Error in Firebird 1.5.3 CVE-2006-1240 CVE-2006-1241
FULLDISC:20060312 Multiple vulnerabilities in ENet library (Jul 2005) CVE-2006-1194 CVE-2006-1195
FULLDISC:20060312 [INetCop Security Advisory] zeroboard IP session bypass XSS vulnerability CVE-2006-1222
FULLDISC:20060313 Secunia Research: unalz Filename Handling CVE-2006-0950
FULLDISC:20060314 CodeScan Advisory: Multiple Vulnerabilities In ASPPortal.net CVE-2006-1261 CVE-2006-1262
FULLDISC:20060314 [xfocus-SD-060314]Microsoft Office Excel Buffer Overflow Vulnerability CVE-2006-0031
FULLDISC:20060315 CodeScan Advisory: Unauthenticated Arbitrary File Read in Horde v3.09 and prior CVE-2006-1260
FULLDISC:20060316 Mercur IMAPD 5.0 SP3 DoS Exploit or more? CVE-2006-1255
FULLDISC:20060316 Re: Mercur IMAPD 5.0 SP3 DoS Exploit or more? CVE-2006-1255
FULLDISC:20060320 [MU-200603-01] MailEnable POP3 Pre-Authentication Buffer Overflow CVE-2006-1337 CVE-2006-6997
FULLDISC:20060320 [SSAG#001] :: cURL tftp:// URL Buffer Overflow CVE-2006-1061
FULLDISC:20060321 ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities CVE-2006-1353
FULLDISC:20060321 DMA[2006-0321a] - 'Motorola P2K Platform setpath() overflow and Blueline attack' CVE-2006-1366 CVE-2006-1367
FULLDISC:20060321 IE .hta vulnerability reported CVE-2006-1388
FULLDISC:20060322 FW: [Full-disclosure] IE crash CVE-2006-1359
FULLDISC:20060322 IE crash CVE-2006-1359
FULLDISC:20060322 Microsoft Internet Explorer (mshtml.dll) - Remote Code Execution CVE-2006-1359
FULLDISC:20060322 Re: [SPAM:] - ASPPortal <= 3.1.1 Multiple Remote SQL Injection Vulnerabilities - Email has different SMTP TO: and MIME TO: fields in the email addresses CVE-2006-1353
FULLDISC:20060322 w3wp remote DoS CVE-2006-1364
FULLDISC:20060322 w3wp remote DoS due to improper reference of STA COM components in ASP.NET CVE-2006-1364
FULLDISC:20060323 Advisory 03/2006: KisMAC Cisco Vendor Tag Encapsulated SSID Overflow CVE-2006-1385
FULLDISC:20060323 Secunia Research: Orion Application Server JSP Source Disclosure Vulnerability CVE-2006-0816
FULLDISC:20060323 XOR Crew :: vBulletin ImpEx <= 1.74 - Remote Command Execution Vulnerability CVE-2006-1382
FULLDISC:20060327 Buffer OverFlow in ILASM and ILDASM CVE-2006-1510 CVE-2006-1511
FULLDISC:20060327 Determina Fix for the IE createTextRange() bug CVE-2006-1359
FULLDISC:20060327 HYSA-2006-007 phpmyfamily 1.4.1 CRLF injection & XSS CVE-2006-1425
FULLDISC:20060329 ExplorerXP : Directory Traversal and Cross Site Scripting CVE-2006-1492 CVE-2006-1493
FULLDISC:20060329 EzASPSite <= 2.0 RC3 Remote SQL Injection Exploit Vulnerability. CVE-2006-1541
FULLDISC:20060329 [xfocus-SD-060329]MPlayer: Multiple integer overflows CVE-2006-1502
FULLDISC:20060331 Buffer-overflow and in-game crash in Zdaemon 1.08.01 CVE-2006-1592 CVE-2006-1593
FULLDISC:20060331 Claroline <= 1.7.4 (scormExport.inc.php) Remote Code Execution Exploit by rgod CVE-2006-1596
FULLDISC:20060331 Re: [Full-disclosure] Claroline <= 1.7.4 (scormExport.inc.php) Remote Code Execution Exploit by rgod CVE-2006-1595
FULLDISC:20060331 Windows Help Heap Overflow CVE-2006-1591
FULLDISC:20060403 Format string in Doomsday 1.8.6 CVE-2006-1618
FULLDISC:20060404 Buffer-overflow in Ultr@VNC 1.0.1 viewer and server CVE-2006-1652
FULLDISC:20060404 [SEC-1 LTD] HP Colour LaserJet 2500 and 4600 Toolbox Directory Traversal Vulnerability CVE-2006-1654
FULLDISC:20060410 Oracle read-only user can insert/update/delete data via specially crafted views CVE-2006-1705
FULLDISC:20060410 [MU-200604-01] Cyrus SASL DIGEST-MD5 Pre-Authentication Denial of Service CVE-2006-1721
FULLDISC:20060411 Autogallery Multiple Cross-Site Scripting Vulnerabilitie CVE-2006-1750
FULLDISC:20060411 JetPhoto Multiple Cross-Site Scripting Vulnerabilitie CVE-2006-1760
FULLDISC:20060411 ZDI-06-007: Microsoft Windows Address Book (WAB) File Format Parsing Vulnerability CVE-2006-0014
FULLDISC:20060413 PAJAX Remote Code Injection and File Inclusion Vulnerability CVE-2006-1789
FULLDISC:20060413 PAJAX Remote file inclusion and File Inclusion Vulnerability CVE-2006-1551
FULLDISC:20060413 SEC Consult SA-20060314 :: Opera Browser CSS Attribute Integer Wrap / Buffer Overflow CVE-2006-1834
FULLDISC:20060416 BetaBoard Cross Site Scripting vulnerability CVE-2006-1891
FULLDISC:20060418 Re: Fortinet28 box does not resist has small synflood! CVE-2006-1966
FULLDISC:20060418 SQL Injection in package SYS.DBMS_LOGMNR_SESSION CVE-2006-1871
FULLDISC:20060420 Dr.Web 4.33 antivirus LHA long directory name heap overflow CVE-2006-4438
FULLDISC:20060420 Sql Injection in BookMark4u CVE-2006-7025
FULLDISC:20060421 Advisory: CoreNews <= 2.0.1 Multiple Remote Vulnerabilities. CVE-2006-2032 CVE-2006-2033
FULLDISC:20060421 dForum <= 1.5 Multiple Remote File Inclusion Vulnerabilities. CVE-2006-1994
FULLDISC:20060422 Re: MSIE (mshtml.dll) OBJECT tag vulnerability CVE-2006-1992
FULLDISC:20060423 MSIE (mshtml.dll) OBJECT tag vulnerability CVE-2006-1992
FULLDISC:20060423 RE: Advisory: Simplog <= 0.93 Multiple Remote Vulnerabilities. CVE-2006-2028 CVE-2006-2029
FULLDISC:20060424 Apple Mac OS X Safari 2.0.3 Vulnerability CVE-2006-2019
FULLDISC:20060426 Internet Explorer User Interface Races, Redeux CVE-2006-2094
FULLDISC:20060427 PoC for Internet Explorer Modal Dialog Issue CVE-2006-2094
FULLDISC:20060503 BankTown's ActiveX Buffer Overflow Vulnerability CVE-2006-2233
FULLDISC:20060504 bigwebmaster guestbook multiply XSS CVE-2006-2231
FULLDISC:20060505 phpBB 2.0.20 Full Path Disclosure and SQL Errors CVE-2006-2219 CVE-2006-2220
FULLDISC:20060507 Multiple Vulnerabilities In IdealBB ASP Bulletin Board CVE-2006-2317
FULLDISC:20060507 [XPA] - ISPConfig <= 2.2.2 - Remote Command Execution Vulnerability CVE-2006-2315
FULLDISC:20060508 Claroline file inclusion vulnerabilities CVE-2006-7048
FULLDISC:20060508 Multiple Vulnerabilities In IdealBB ASP Bulletin Board CVE-2006-2318 CVE-2006-2319
FULLDISC:20060508 Two independent vulnerabilities (client and server side) in Quake3 engine and many derived games CVE-2006-2082
FULLDISC:20060508 VSR Advisory: WebSense content filter bypass when deployed in conjunction with Cisco filtering devices CVE-2006-0515
FULLDISC:20060508 ZDI-06-012: Sophos Anti-Virus CAB Unpacking Code Execution Vulnerability CVE-2006-0994
FULLDISC:20060508 [MU-200605-01] Multiple vulnerabilities in Linux SCTP 2.6.16 CVE-2006-2271 CVE-2006-2272
FULLDISC:20060509 ICQ Client Cross-Application Scripting (XAS) CVE-2006-2303
FULLDISC:20060509 [EEYEB20051011A] - Microsoft Distributed Transaction Coordinator Heap Overflow CVE-2006-0034
FULLDISC:20060510 Microsoft MSDTC NdrAllocate Validation Vulnerability CVE-2006-0034
FULLDISC:20060511 Several flaws in e-business designer (eBD) CVE-2006-2347 CVE-2006-2348 CVE-2006-2349
FULLDISC:20060512 Apple QuickTime udta ATOM Heap Overflow CVE-2006-1460
FULLDISC:20060512 Buffer-overflow and NULL pointer crash in Genecys 0.2 CVE-2006-2554 CVE-2006-2555
FULLDISC:20060514 POC exploit for freeSSHd version 1.0.9 CVE-2006-2407
FULLDISC:20060515 Novell NDPS Remote Vulnerability (Server & Client) CVE-2006-2304 CVE-2006-2327
FULLDISC:20060515 Secunia Research: Abakt ZIP File Handling Buffer CVE-2006-2161
FULLDISC:20060516 Advisory: Quezza BB <= 1.0 File Inclusion Vulnerability. CVE-2006-2485
FULLDISC:20060516 ScanAlert Security Advisory CVE-2006-2437 CVE-2006-2438
FULLDISC:20060517 HYSA-2006-008 myBloggie 2.1.3 CRLF & SQL Injection CVE-2006-3903 CVE-2006-3905
FULLDISC:20060518 CYBSEC - Security Pre-Advisory: Local Privilege Escalation in SAP sapdba Command CVE-2006-2547
FULLDISC:20060518 Multiple Vulns in Bitrix CMS CVE-2006-2476 CVE-2006-2478
FULLDISC:20060519 Apple Safari 2.0.3 (417.9.3) JavaScript - Denial of Service CVE-2006-3224
FULLDISC:20060521 Skype - URI Handler Command Switch Parsing CVE-2006-2312
FULLDISC:20060521 [TZO-072006]-Xampp - Multiple Priviledge Escalation (SYSTEM) and Rogue Autostarthttp CVE-2006-4994
FULLDISC:20060522 Perlpodder Remote Arbitrary Command Execution CVE-2006-2550
FULLDISC:20060522 Prodder Remote Arbitrary Command Execution CVE-2006-2548
FULLDISC:20060523 Buffer-overflow in the WebTool service of PunkBuster for servers (minor than v1.229) CVE-2006-2587
FULLDISC:20060523 VSR Advisory: PDF Tools AG - PDF Form Filling and Flattening Tool Overflow CVE-2006-2549
FULLDISC:20060526 ZH2006-20 SA: CosmicShoppingCart Multiple Vulnerabilities CVE-2006-2649 CVE-2006-2650
FULLDISC:20060526 new symantec vuln CVE-2006-2630
FULLDISC:20060528 *zeroday warez* MDAEMON LATEST VERSION PREAUTH CVE-2006-2646
FULLDISC:20060528 Advisory: phpBB 2.x (Activity MOD Plus) File Inclusion Vulnerability. CVE-2006-2735
FULLDISC:20060529 Jiwa Financials - Reporting allows execution of arbitrary reports as SQL user with full permissions. CVE-2006-2718 CVE-2006-2719
FULLDISC:20060531 GnuPG fun CVE-2006-3082
FULLDISC:20060531 RE: GnuPG fun CVE-2006-3082
FULLDISC:20060601 Joomla/Mambo CMS Component SimpleBoard 1.1 XSS-Vulnerabilities CVE-2006-2815
FULLDISC:20060601 Re: GnuPG fun CVE-2006-3082
FULLDISC:20060605 Advisory 04/2006: DokuWiki PHP code execution vulnerability in spellchecker CVE-2006-2878
FULLDISC:20060605 file upload widgets in IE and Firefox have issues CVE-2006-2894 CVE-2006-2900
FULLDISC:20060607 MDaemon NOT vulnerable .. sorry for the advisory.. QBik Wingate is vulnerable CVE-2006-2926
FULLDISC:20060607 [HV-LOW] Microsoft NetMeeting memory corruption (Brief) CVE-2006-2919
FULLDISC:20060608 SSL VPNs and security CVE-2009-2631
FULLDISC:20060609 Re: SSL VPNs and security CVE-2009-2631
FULLDISC:20060611 WinSCP - URI Handler Command Switch Parsing CVE-2006-3015
FULLDISC:20060611 tempnam() Bypass unique file name PHP 5.1.4 CVE-2006-2660
FULLDISC:20060614 SEC Consult SA-20060613-0 :: Outlook Web Access Cross Site Scripting Vulnerability CVE-2006-1193
FULLDISC:20060614 Sun iPlanet Messaging Server 5.2 root password compromise CVE-2006-3159
FULLDISC:20060615 Advisory: Authentication bypass in phpBannerExchange CVE-2006-3012
FULLDISC:20060615 Advisory: Unauthorized password recovery in phpBannerExchange CVE-2006-3013
FULLDISC:20060615 MySQL DoS CVE-2006-3081
FULLDISC:20060616 Zeroboard File Upload & extension bypass Vulnerability CVE-2006-3070
FULLDISC:20060618 ***ULTRALAME*** Microsoft Excel Unicode Overflow CVE-2006-3086
FULLDISC:20060619 Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks CVE-2006-3109
FULLDISC:20060620 Microsoft Excel File Embedded Shockwave Flash Object Exploit CVE-2006-3014
FULLDISC:20060620 Re: Input Validation/Output Encoding Vulnerabilities in Cisco CallManager Allow Script Injection Attacks CVE-2006-3109
FULLDISC:20060622 [MU-200606-01] Real Helix RTSP Server Heap Corruption Vulnerabilities CVE-2006-3276
FULLDISC:20060623 NDSD-06-001 CVE-2006-3275
FULLDISC:20060625 Is Windows TCP/IP source routing PoC code available? CVE-2006-2379
FULLDISC:20060627 CAID 34325 - CA ITM, eAV, ePP scan job description field format string vulnerability CVE-2006-3223
FULLDISC:20060627 IE_ONE_MINOR_ONE_MAJOR CVE-2006-3280 CVE-2006-3281
FULLDISC:20060627 ZDI-06-019: GraceNote CDDBControl ActiveX Buffer Overflow Vulnerability CVE-2006-3134
FULLDISC:20060629 Multiple Vulnerabilities in PatchLink Update Server 6 CVE-2006-3425 CVE-2006-3426 CVE-2006-3430
FULLDISC:20060629 Secunia Research: phpRaid SQL Injection and File Inclusion Vulnerabilities CVE-2006-3116 CVE-2006-3317
FULLDISC:20060630 NCP VPN/PKI Client: UDP Bypassing CVE-2006-3551
FULLDISC:20060704 [scip_Advisory 2351] Kyberna AG ky2help various form fields SQL Injection CVE-2006-3541
FULLDISC:20060704 [scip_Advisory 2352] F5 FirePass 4100 prior 6.x multiple Cross Site Scripting CVE-2006-3550
FULLDISC:20060705 Public Advisory: Horde 3.1.1, 3.0.10 Multiple Security Issues CVE-2006-3548
FULLDISC:20060705 Re: phpSysInfo arbitrary file identification CVE-2006-3360
FULLDISC:20060705 phpSysInfo arbitrary file identification CVE-2006-3360
FULLDISC:20060706 Mico crashes when contected with wrong IOR / DoS CVE-2006-3492
FULLDISC:20060706 Possible code execution in Kaillera 0.86 CVE-2006-3491
FULLDISC:20060707 MS Word Unchecked Boundary Condition CVE-2006-3493
FULLDISC:20060707 MS Word Unchecked Boundary Condition Vulnerability - POC CVE-2006-3493
FULLDISC:20060708 Unauthenticated access to BT Voyager config file CVE-2006-3561
FULLDISC:20060710 ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton) CVE-2006-3524
FULLDISC:20060710 MIMESweeper For Web 5.X Cross Site Scripting CVE-2006-3522
FULLDISC:20060710 RE: MIMESweeper For Web 5.X Cross Site Scripting CVE-2006-3522
FULLDISC:20060710 Re: MIMESweeper For Web 5.X Cross Site Scripting CVE-2006-3522
FULLDISC:20060711 CYBSEC - Security Pre-Advisory: Microsoft Windows DHCP Client Service Remote Buffer Overflow CVE-2006-2372
FULLDISC:20060711 ERNW Security Advisory 02/2006 - Buffer Overflow in sipXtapi (used in AOL Triton) CVE-2006-3524
FULLDISC:20060711 Fuzzing Microsoft Office CVE-2006-3493
FULLDISC:20060711 [SECURITY] Plain text password in Finjan Appliance 5100/8100 NG backup file CVE-2006-3663
FULLDISC:20060712 Microsoft Excel Could Allow Remote Code Execution by Malformed FNGROUPCOUNT value Vulnerability CVE-2006-1308
FULLDISC:20060712 S21Sec-032-en: Vulnerability in Fatwire Content Server CVE-2006-3679
FULLDISC:20060714 Linux kernel 0day - dynamite inside, don't burn your fingers CVE-2006-3626
FULLDISC:20060717 [EEYEB-20060227] D-Link Router UPNP Stack Overflow CVE-2006-3687
FULLDISC:20060718 Advisory : DeluxeBB mutiple vulnerabilities CVE-2006-3795 CVE-2006-3796 CVE-2006-3797 CVE-2006-3798 CVE-2006-3799
FULLDISC:20060718 Oracle Database - SQL Injection in SYS.DBMS_STATS [DB21] CVE-2006-3705
FULLDISC:20060718 Oracle Database - SQL Injection in SYS.DBMS_UPGRADE [DB22] CVE-2006-3705
FULLDISC:20060718 Oracle Database - SQL Injection in SYS.KUPW$WORKER [DB03] CVE-2006-3698
FULLDISC:20060718 WebScarab <= 20060621-0003 cross site scripting CVE-2006-3841
FULLDISC:20060719 Multiple Vulnerabilities RPS CVE-2006-7082 CVE-2006-7083 CVE-2006-7085
FULLDISC:20060720 Advisory: Remote command execution in planetGallery CVE-2006-3676
FULLDISC:20060720 Cisco MARS < 4.2.1 remote compromise CVE-2005-2006 CVE-2006-3733
FULLDISC:20060721 Directory Listing in Apache Tomcat 5.x.x CVE-2006-3835
FULLDISC:20060722 Low security hole affecting IPCalc's CGI wrapper CVE-2006-3848
FULLDISC:20060724 Hustle -- Tumbleweed Email Firewall Remote CVE-2006-3901
FULLDISC:20060725 Professional Home Page Tools Login Script Cross Site Scripting Vulnerabilities CVE-2006-7078
FULLDISC:20060725 TP-Book <= 1.00 Cross Site Scripting CVE-2006-3900
FULLDISC:20060725 [vuln.sg] AGEphone "sipd.dll" SIP Packet Handling Buffer Overflow CVE-2006-4029
FULLDISC:20060727 Oracle 10g R2 and, probably, all previous versions CVE-2006-7067
FULLDISC:20060728 Oracle 10g R2 and, probably, all previous versions CVE-2006-7067
FULLDISC:20060729 Ajax Chat Multiple Vulnerabilities CVE-2006-3971 CVE-2006-3972
FULLDISC:20060729 X-Poll SQL Injection Vulnerability CVE-2006-3960
FULLDISC:20060729 X-Statics 1.20 SQL Injection Vulnerability CVE-2006-3950
FULLDISC:20060730 Banex Multiple Vulnerabilities CVE-2006-3963 CVE-2006-3964 CVE-2006-3965
FULLDISC:20060802 Content Management Framework "G3" - XSS Vulnerability in Search Function CVE-2006-4017
FULLDISC:20060803 GaesteChaos <= 0.2 Multiple Vulnerabilities CVE-2006-4038 CVE-2006-4039
FULLDISC:20060803 GeheimChaos <= 0.5 Multiple SQL Injection CVE-2006-4118
FULLDISC:20060804 Barracuda Spam Firewall: Administrator Level Remote Command Execution [ID-20060804-01] CVE-2006-4081 CVE-2006-4082
FULLDISC:20060804 PHPCodeCabinet Vulnerability CVE-2006-4044
FULLDISC:20060804 linksys WRT54g authentication bypass CVE-2006-5202
FULLDISC:20060806 0-day XP SP2 wmf exploit CVE-2006-4071
FULLDISC:20060806 PHP: Zend_Hash_Del_Key_Or_Index Vulnerability CVE-2006-3017
FULLDISC:20060806 bugs CVE-2006-7065
FULLDISC:20060807 0-day XP SP2 wmf exploit (some details) CVE-2006-4071
FULLDISC:20060808 [ISR] - Novell Groupwise Webaccess (Cross-Site Scripting) CVE-2006-3817
FULLDISC:20060809 Multiple buffer-overflows in AlsaPlayer 0.99.76 CVE-2006-4089
FULLDISC:20060809 PocketPC MMS - Remote Code Injection/Execution Vulnerability and Denial-of-Service CVE-2006-4131 CVE-2006-4132
FULLDISC:20060809 SmartSiteCMS v1.0 authentication bypass CVE-2006-7074
FULLDISC:20060810 CYBSEC - Security Pre-Advisory: SAP Internet Graphics Service (IGS) CVE-2006-4134
FULLDISC:20060811 rPSA-2006-0152-1 squirrelmail CVE-2006-4019
FULLDISC:20060816 ASSP “get?file” Traversal Vulnerability CVE-2006-4258
FULLDISC:20060821 TTG0601 - Alt-N WebAdmin Multiple Vulnerabilities CVE-2006-4370 CVE-2006-4371
FULLDISC:20060822 Major updates in PowerPoint FAQ document - not a 0-day issue CVE-2006-0009 CVE-2006-4274
FULLDISC:20060822 [vuln.sg] Cool Messenger Server SQL Injection Vulnerability CVE-2006-4347
FULLDISC:20060824 Advisory 05/2006: Zend Platform Multiple Remote CVE-2006-4431
FULLDISC:20060824 Integramod Portal <= 2.x File Inclusion CVE-2006-4368 CVE-2006-4369
FULLDISC:20060824 VistaBB <= 2.x Multiple File Inclusion CVE-2006-4365
FULLDISC:20060825 ftpd chdir() while root CVE-2006-5778
FULLDISC:20060829 XSS in HLStats 1.34 CVE-2006-4454
FULLDISC:20060831 Lyris ListManager 8.95: Add arbitrary administrator to arbitrary list CVE-2006-4546 CVE-2006-4547
FULLDISC:20060905 Buffer overflow vulnerability in dsocks CVE-2006-4611
FULLDISC:20060911 KorviBlog - XSS permanent CVE-2006-4718
FULLDISC:20060911 PHProg : Local File Inclusion + XSS + Full path CVE-2006-4753 CVE-2006-4754
FULLDISC:20060911 vCAP calendar server Multiple vulnerabilities CVE-2006-5033 CVE-2006-5034
FULLDISC:20060912 Session Token Remains Valid After Logout in IBM Lotus Domino Web Access CVE-2006-4763
FULLDISC:20060913 NetPerformer FRAD ACT Multiple Vulnerabilities CVE-2006-4832 CVE-2006-4833
FULLDISC:20060913 [NETRAGARD-20060822 SECURITY ADVISORY] [ APPLE COMPUTER CORPORATION KEXTLOAD VULNERABILITY + ROXIO TOAST TITANUM 7 HELPER APP - LOCAL ROOT COMROMISE] CVE-2004-1398 CVE-2006-4866
FULLDISC:20060919 New PowerPoint 0-day Trojan in the wild CVE-2006-0009 CVE-2006-4854
FULLDISC:20060920 A.I-Pifou (Cookie) Local File Inclusion CVE-2006-4914
FULLDISC:20060921 FiWin SS28S WiFi VoIP SIP/Skype Phone Hardcoded Telnet user/pass and debug access CVE-2006-5038
FULLDISC:20060921 RSA Keyon Log verification bypass vulnerability CVE-2006-4991
FULLDISC:20060924 Remote File Include in syntaxCMS CVE-2006-5055
FULLDISC:20060925 Typo3 v4.x: XSS in extension "Indexed Search" CVE-2006-5069
FULLDISC:20061001 IBM Informix Dynamic Server V10.0 File Clobbering during Install CVE-2006-5163
FULLDISC:20061002 IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]) CVE-2006-5152
FULLDISC:20061002 McAfee EPO Buffer Overflow CVE-2006-5156
FULLDISC:20061002 Re: [Full-disclosure] IE UXSS (Universal XSS in IE, was Re: Microsoft Internet Information Services UTF-7 XSS Vulnerability [MS06-053]) CVE-2006-5152
FULLDISC:20061003 Advisory 08/2006: PHP open_basedir Race Condition Vulnerability CVE-2006-5178
FULLDISC:20061003 [CAID 34661]: CA Unicenter WSDM File System Read Access Vulnerability CVE-2004-2478
FULLDISC:20061004 (0-Day) PolyCom IP-301 VoIP Desktop Phone HTTP server DoS and undocumented TCP port 42 CVE-2006-5233
FULLDISC:20061004 (0-day) Linksys SPA-921 VoIP Desktop Phone HTTP Server DoS CVE-2006-7121
FULLDISC:20061005 (0-Day) GrandStream GXP-2000 VoIP Desktop Phone multiple undocumented UDP ports and DoS CVE-2006-5231
FULLDISC:20061006 Secunia Research: HAURI Anti-Virus ALZ Archive Handling Buffer Overflow CVE-2005-4786
FULLDISC:20061008 SQL injection - moodle CVE-2006-5219
FULLDISC:20061009 eXpBlog <= 0.3.5 Cross Site Scripting CVE-2006-5239
FULLDISC:20061011 MHL-2006-002 Public Advisory: "Call-Center-Software" Multiple Security Issues CVE-2006-7143 CVE-2006-7144 CVE-2006-7145
FULLDISC:20061011 MS06-060 Microsoft Word Memmove Code Execution CVE-2006-3647
FULLDISC:20061012 Google Earth (kml & kmz files) buffer overflow CVE-2006-7157
FULLDISC:20061012 XeoPort <= 0.81 SQL Injection Vulnerability CVE-2006-5285
FULLDISC:20061012 Xeobook <= 0.93 Multiple SQL Injection CVE-2006-5287
FULLDISC:20061014 Kmail <= 1.9.1 (table/frameset) DOS CVE-2006-7139
FULLDISC:20061014 Re: Vuln CVE-2006-7105
FULLDISC:20061014 Vuln CVE-2006-7105
FULLDISC:20061015 ISS BlackICE PC Protection Filelock protection bypass Vulnerability CVE-2006-7129
FULLDISC:20061016 Asbru HardCore Web Content Editor - Command Injection CVE-2006-5258
FULLDISC:20061018 Asterisk remote heap overflow CVE-2006-5444
FULLDISC:20061018 [MU-200610-01] Denial of Service in XORP OSPFv2 CVE-2006-5425
FULLDISC:20061018 shttpd long get request vuln ( retro ) CVE-2006-5216
FULLDISC:20061019 Advisory 11/2006: Serendipity Weblog XSS Vulnerabilities CVE-2006-5499
FULLDISC:20061022 AROUNDMe 0.6.9 remonte file inclusion CVE-2006-5533
FULLDISC:20061023 SQL Injection Vulnerability in Oracle WWV_FLOW_UTILITIES CVE-2006-7138
FULLDISC:20061024 Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability CVE-2006-5563
FULLDISC:20061024 [vuln.sg] CruiseWorks Directory Traversal and Buffer Overflow Vulnerabilities CVE-2006-5570 CVE-2006-5571
FULLDISC:20061025 FTPXQ Denial of service exploit. CVE-2006-5568
FULLDISC:20061026 Re: Yahoo! Messenger Service 18 Remote Buffer Overflow Vulnerability CVE-2006-5563
FULLDISC:20061027 MHL-2006-003 Public Advisory: "ezOnlineGallery" Multiple Security Issues CVE-2006-7103
FULLDISC:20061027 parallels Desktop file permission notice CVE-2006-5817
FULLDISC:20061028 ZDI-06-035: Novell eDirectory NDS Server Host Header Buffer Overflow Vulnerability CVE-2006-5478
FULLDISC:20061030 Firefox <= 2.0 crash CVE-2006-5633
FULLDISC:20061031 Cross Site Scripting (XSS) Vulnerability in Netquery by "VIRtech" CVE-2006-5661
FULLDISC:20061031 Cross Site Scripting (XSS) Vulnerability in Web Mail platform by "Mirapoint" CVE-2006-5712
FULLDISC:20061031 Cross Site Scripting (XSS) Vulnerability in iPlanet Messaging Server Messenger Express by "Sun" CVE-2006-5652
FULLDISC:20061031 Directory listing on B-FOCuS Wireless 802.11b/g ADSL2+ Router by "ECI Telecom LTD" CVE-2006-5711
FULLDISC:20061031 Local Heap OverFlow Vulnerability in "Answering Service" of Icq CVE-2006-5724
FULLDISC:20061104 [x0n3-h4ck.org] Essentia Web Server 2.15 Buffer Overflow CVE-2006-5850
FULLDISC:20061107 DigiOz Guestbook version 1.7 Path Disclosure CVE-2006-5651
FULLDISC:20061107 WFTPD Pro Server 3.23 Buffer Overflow CVE-2006-5826
FULLDISC:20061108 DMA[2006-1031a] - 'Intego VirusBarrier X4 definition bypass exploit' CVE-2006-5916
FULLDISC:20061108 WFTPD Pro Server 3.23 Buffer Overflow CVE-2006-5826
FULLDISC:20061112 ELOG Web Logbook Remote Denial of Service Vulnerability CVE-2006-6318
FULLDISC:20061113 AVG Anti-Virus - Arbitrary Code Execution (remote) CVE-2006-5937 CVE-2006-5938 CVE-2006-5939 CVE-2006-5940
FULLDISC:20061114 Advisory 14/2006: Dotdeb PHP Email Header Injection Vulnerability CVE-2006-7087
FULLDISC:20061115 NetBSD all versions FireWire IOCTL kernel integer overflow information disclousure CVE-2006-6013
FULLDISC:20061121 GNU tar directory traversal CVE-2006-6097
FULLDISC:20061121 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability CVE-2006-6076
FULLDISC:20061122 LS-20061113 - CA BrightStor ARCserve Backup Remote Buffer Overflow Vulnerability CVE-2006-6076
FULLDISC:20061127 REMLAB Web Mech Designer 2.0.5 Path Disclosure Vulnerability CVE-2006-5896
FULLDISC:20061128 Monkey Boards version 0.3.5 Multiple Path Disclosure Vulnerabilities CVE-2006-6113
FULLDISC:20061128 ProFTPD mod_tls pre-authentication buffer overflow CVE-2006-6170
FULLDISC:20061201 Layered Defense Advisory: Novell Client 4.91 Format String Vulnerability CVE-2006-6306
FULLDISC:20061201 NetBSD FTPD and ports ***REMOTE ROOOOOT HOLE*** CVE-2006-6652
FULLDISC:20061201 deV!L`z Clanportal - Arbitrary File Upload [061124b] CVE-2006-6338
FULLDISC:20061204 F-Prot Antivirus for Unix: heap overflow and Denial of Service CVE-2006-6293 CVE-2006-6352
FULLDISC:20061206 EEYE: Adobe Download Manager AOM Stack Buffer Overflow Vulnerability CVE-2006-5856
FULLDISC:20061206 Linksys WIP 330 VoIP wireless phone crash from Nmap scan CVE-2006-6411
FULLDISC:20061209 (no subject) CVE-2006-6587
FULLDISC:20061210 Another, different MS Word 0-day vulnerability reported CVE-2006-6456
FULLDISC:20061210 Multiple vulnerabilities in Winamp Web Interface 7.5.13 CVE-2006-6512 CVE-2006-6513 CVE-2006-6514 CVE-2006-6539
FULLDISC:20061211 Secunia Research: AOL CDDBControl ActiveX Control "SetClientInfo()" Buffer Overflow CVE-2006-6442
FULLDISC:20061211 The newest Word flaw is due to malformed data structure handling CVE-2006-6456
FULLDISC:20061213 Coolplayer buffer overflow vulnerabilities CVE-2006-6288
FULLDISC:20061214 Project Server 2003 - Credential Disclosure CVE-2006-6617
FULLDISC:20061215 BitDefender AV Packed PE File Parsing Engine Heap Overflow CVE-2006-6627
FULLDISC:20061219 HP Printers FTP Server Denial Of Service CVE-2006-6742
FULLDISC:20061220 Oracle Portal 10g HTTP Response Splitting CVE-2006-6697
FULLDISC:20061220 Re: [Full-disclosure] Oracle Portal 10g HTTP Response Splitting CVE-2006-6697
FULLDISC:20061221 Microsoft Windows XP/2003/Vista memory corruption 0day CVE-2006-6696
FULLDISC:20061225 w3m format string bug CVE-2006-6772
FULLDISC:20061227 WordPress Persistent XSS CVE-2006-6808
FULLDISC:20061231 edbrowse buffer overflow CVE-2006-6909
FULLDISC:20070102 Apache 1.3.37 htpasswd buffer overflow vulnerability CVE-2006-1078
FULLDISC:20070102 Inforamtion Discloser Vulnerabilities in phpMyAdmin CVE-2007-0095
FULLDISC:20070102 Inforamtion Discloser Vulnerabilities in "phpMyAdmin" CVE-2007-0095
FULLDISC:20070104 Concurrency strikes MSIE (potentially exploitable msxml3 flaws) CVE-2007-0099
FULLDISC:20070104 DMA[2007-0104a] - 'iLife iPhoto Photocasing Format String Vulnerability' CVE-2007-0051
FULLDISC:20070104 Re: Concurrency strikes MSIE (potentially exploitablemsxml3 flaws) CVE-2007-0099
FULLDISC:20070104 [vuln.sg] PowerArchiver PAISO.DLL Buffer Overflow CVE-2007-0097
FULLDISC:20070105 NNL-Labs & MNIN - F5 FirePass Security Advisory CVE-2007-0187
FULLDISC:20070105 [DRUPAL-SA-2007-001] Drupal 4.6.11 / 4.7.5 fixes CVE-2007-0136
FULLDISC:20070106 NNL-Labs & MNIN - F5 FirePass Security Advisory CVE-2007-0186 CVE-2007-0187 CVE-2007-0188 CVE-2007-0195
FULLDISC:20070109 Adobe Reader Remote Heap Memory Corruption - Subroutine Pointer Overwrite CVE-2006-5857
FULLDISC:20070109 Sina UC ActiveX Multiple Remote Stack Overflow CVE-2007-0174
FULLDISC:20070110 EIQ Networks Network Security Analyzer DoS Vulnerability CVE-2007-0228
FULLDISC:20070115 Rixstep aren't as leet as they thought they were CVE-2007-0336
FULLDISC:20070117 Flaw in AVM UPNP service for windows CVE-2007-0357
FULLDISC:20070117 [x0n3-h4ck] myBloggie 2.1.5 XSS exploit CVE-2007-0353
FULLDISC:20070118 The Quidway Router local DOS CVE-2007-0488
FULLDISC:20070118 The vulnerabilities festival ! CVE-2006-6945 CVE-2007-0372 CVE-2007-0373 CVE-2007-0374 CVE-2007-0375 CVE-2007-0376 CVE-2007-0377 CVE-2007-0378 CVE-2007-0379 CVE-2007-0380 CVE-2007-0381 CVE-2007-0382 CVE-2007-0383 CVE-2007-0384 CVE-2007-0385 CVE-2007-0386 CVE-2007-0387
FULLDISC:20070118 [x0n3-h4ck] sabros.us 1.7 XSS Exploit CVE-2007-0390
FULLDISC:20070118 mbsebbs 0.70.0 & below local root exploit CVE-2007-0368
FULLDISC:20070119 DoS against AVM Fritz!Box 7050 (and others) CVE-2007-0431
FULLDISC:20070119 Layered Defense Research Advisory: BitDefender Client 8.02 Format String Vulnerability CVE-2007-0391
FULLDISC:20070119 WzdFTPD < 8.1 Denial of service CVE-2007-0428
FULLDISC:20070121 RubyGems 0.9.0 and earlier installation exploit CVE-2007-0469
FULLDISC:20070122 Check Point Connectra End Point security bypass CVE-2007-0471
FULLDISC:20070125 Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability CVE-2007-0617
FULLDISC:20070125 [NETRAGARD-20061218 SECURITY ADVISORY] [@Mail WebMail Cross Site Request Forgery] CVE-2006-6701
FULLDISC:20070128 Internet Explorer 7 ActiveX bgColor property NULL pointer dereference (DoS) CVE-2007-0612
FULLDISC:20070129 CVSTrac 2.0.0 Denial of Service (DoS) vulnerability CVE-2007-0347
FULLDISC:20070129 Internet Explorer 7 ActiveX bgColor property NULL pointer dereference (DoS) CVE-2007-0612
FULLDISC:20070201 Omegaboard v1.0b4 (phpbb_root_path) Remote File Include Exploit CVE-2007-0683
FULLDISC:20070201 Remote Sql Injection in EasyMoblog 0.5.1 CVE-2007-0759
FULLDISC:20070201 Remote Sql Injection in EasyMoblog 0.5.1 # 2 CVE-2007-0759
FULLDISC:20070201 umount crash and xterm (kind of) information leak! CVE-2007-0822 CVE-2007-0823
FULLDISC:20070203 Web 2.0 backdoors made easy with MSIE & XMLHttpRequest CVE-2005-4827
FULLDISC:20070205 Firefox + popup blocker + XMLHttpRequest + srand() = oops CVE-2007-0800
FULLDISC:20070205 Re: Firefox + popup blocker + XMLHttpRequest + srand() = oops CVE-2007-0800
FULLDISC:20070206 Medium level security hole in FreeProxy CVE-2007-0838
FULLDISC:20070206 PS Information Leak on HP True64 Alpha OSF1 v5.1 1885 CVE-2007-0805
FULLDISC:20070207 Alibaba Alipay Remote Code Execute Vulnerability-0DAY CVE-2007-0827
FULLDISC:20070208 Axigen <2.0.0b1 DoS CVE-2007-0886 CVE-2007-0887
FULLDISC:20070208 SecurityVulns.com: HP Network Node Manager remote console weak files permissions CVE-2007-0819
FULLDISC:20070209 Denial Of Service in Internet Explorer for MS Windows Mobile 5.0 CVE-2007-0878
FULLDISC:20070209 Re: [WEB SECURITY] Plain Old Webserver - The coolest firefox extension CVE-2007-0872
FULLDISC:20070211 "0day was the case that they gave me" CVE-2007-0882
FULLDISC:20070211 Arbitrary file disclosure vulnerability in IP3 NetAccess < 4.1.9.6 CVE-2007-0883
FULLDISC:20070211 Firefox focus stealing vulnerability (possibly other browsers) CVE-2006-2894
FULLDISC:20070211 Multiple vulnerabilities in phpMyVisites CVE-2007-0891 CVE-2007-0892 CVE-2007-0893
FULLDISC:20070213 Aruba Mobility Controller Management Buffer Overflow CVE-2007-0931
FULLDISC:20070213 Aruba Networks - Unauthorized Administrative and WLAN Access through Guest Account CVE-2007-0932
FULLDISC:20070214 MailEnable DoS POC CVE-2007-0955
FULLDISC:20070214 MailEnable DoS POC-2 CVE-2007-0955
FULLDISC:20070215 Comodo DLL injection via weak hash function exploitation Vulnerability CVE-2007-1051
FULLDISC:20070215 Word flaw CVE-2007-0870 confirmed as code execution type issue CVE-2007-0870
FULLDISC:20070220 Blind sql injection attack in INSERT syntax on PHP-nuke <=8.0 Final CVE-2007-1061
FULLDISC:20070221 Firefox bookmark cross-domain surfing vulnerability CVE-2007-1084
FULLDISC:20070222 Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) CVE-2007-1092
FULLDISC:20070222 Microsoft Windows 2000/XP/2003/Vista ReadDirectoryChangesW informaton leak CVE-2007-0843
FULLDISC:20070223 MSIE7 browser entrapment vulnerability (probably Firefox, too) CVE-2007-1091 CVE-2007-1095
FULLDISC:20070226 Local user to root escalation in apache 1.3.34 (Debian only) CVE-2006-7098
FULLDISC:20070226 SEC Consult SA-20070226-0 :: File Disclosure in CVE-2007-1158
FULLDISC:20070226 WordPress AdminPanel CSRF/XSS - 0day CVE-2007-1244
FULLDISC:20070227 Nullsoft ShoutcastServer Persistant XSS - 0day CVE-2007-1229
FULLDISC:20070227 RE: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) CVE-2007-1256
FULLDISC:20070227 Re: [Full-disclosure] Firefox onUnload + document.write() memory corruption vulnerability (MSIE7 null ptr) CVE-2007-1256
FULLDISC:20070227 Re:SEC Consult SA-20070226-0 :: File Disclosure CVE-2007-1158
FULLDISC:20070228 Quicksilver Social Bookmark plugin v.8F: password in clear text CVE-2007-1191
FULLDISC:20070301 MPlayer DMO buffer overflow CVE-2007-1246
FULLDISC:20070301 tcpdump: off-by-one heap overflow in 802.11 printer CVE-2007-1218
FULLDISC:20070304 Konqueror DoS Via JavaScript Read Of FTP Iframe CVE-2007-1308
FULLDISC:20070306 Apple QuickTime udta ATOM Integer Overflow CVE-2007-0714
FULLDISC:20070306 Mercury/32 4.01b CVE-2007-1373
FULLDISC:20070306 silc-server 1.0.2 denial-of-service vulnerability CVE-2007-1327
FULLDISC:20070313 Unrarlib 0.4.0 (urarlib_get) Local buffer overflow CVE-2007-1457
FULLDISC:20070314 [Advisory]McAfee ePolicy Orchestrator Multiple Remote Buffer Overflow Vulnerabilities CVE-2007-1498
FULLDISC:20070315 Horde IMP Webmail Client version H3 (4.1.4) fixes multiple XSS issues CVE-2007-1515
FULLDISC:20070315 Norton Insufficient validation of 'SymTDI' driver CVE-2007-1476
FULLDISC:20070319 Asterisk SDP DOS vulnerability CVE-2007-1561
FULLDISC:20070319 w-agora version 4.2.1 Information Disclosure Vulnerability CVE-2007-0607
FULLDISC:20070320 Mercur SP4 IMAPD CVE-2007-1578
FULLDISC:20070321 Grandstream Budge Tone-200 denial of service vulnerability CVE-2007-1590
FULLDISC:20070323 Microsoft Windows Vista - Windows Mail Client Side Code Execution Vulnerability CVE-2007-1658
FULLDISC:20070323 Re: Microsoft Windows Vista - Windows Mail Client Side Code Execution Vulnerability CVE-2007-1658
FULLDISC:20070323 dproxy - arbitrary code execution through stack buffer overflow vulnerability CVE-2007-1465
FULLDISC:20070327 Remote DOS HP JetDirect Print Servers CVE-2007-1772
FULLDISC:20070327 SignKorea's ActiveX Buffer Overflow Vulnerability CVE-2007-1722
FULLDISC:20070329 CA Brightstor Backup Mediasvr.exe Remote Code Vulnerability CVE-2007-1785
FULLDISC:20070330 0-day ANI vulnerability in Microsoft Windows (CVE-2007-0038) CVE-2007-0038
FULLDISC:20070331 Re: dproxy-nexgen remote CVE-2007-1866
FULLDISC:20070331 dproxy-nexgen remote CVE-2007-1866
FULLDISC:20070403 HP Mercury Quality Center Any SQL execution CVE-2007-1882
FULLDISC:20070412 Dotclear 1.* Cross Site Scripting Vulnerability CVE-2007-1989
FULLDISC:20070418 Firefox 2.0.0.3 Phishing Protection Bypass Vulnerability CVE-2007-0802
FULLDISC:20070419 XSS in freePBX 2.2.x portal's Asterisk Log tool CVE-2007-2191
FULLDISC:20070420 eXtremail-v9 CVE-2007-2187 CVE-2007-2188
FULLDISC:20070421 OpenSSH - System Account Enumeration if S/Key is used CVE-2007-2243
FULLDISC:20070421 freePBX 2.2.x's Music-on-hold Remote Code Execution Injection CVE-2007-2350
FULLDISC:20070424 Linksys SPA941 remote DOS with \377 character CVE-2007-2270
FULLDISC:20070424 OpenSSH - System Account Enumeration if S/Key is used CVE-2007-2243
FULLDISC:20070424 Re: OpenSSH - System Account Enumeration if S/Key is used CVE-2007-2768
FULLDISC:20070424 Security Advisory: CA CleverPath SQL Injection CVE-2007-2230
FULLDISC:20070427 mydns-1.1.0 remote heap overflow CVE-2007-2362
FULLDISC:20070430 Aventail Connect SSL VPN Client Buffer Overflow CVE-2007-2434
FULLDISC:20070501 Firefox 2.0.0.3 Out-of-bounds memory access via specialy crafted html file CVE-2007-2671
FULLDISC:20070509 Exchange Calendar MODPROPS Denial of Service (CVE-2007-0039) CVE-2007-0039
FULLDISC:20070511 Teamspeak Server 2.0.20.1 Vulnerabilities CVE-2007-4529 CVE-2007-4530
FULLDISC:20070512 CommuniGate Pro web mail persistent cross-site scripting vulnerability CVE-2007-2718
FULLDISC:20070512 Cross-site Scripting in EQDKP 1.3.2c and prior CVE-2007-2716
FULLDISC:20070512 Re: Cross-site Scripting in EQDKP 1.3.2c and prior CVE-2007-2716
FULLDISC:20070513 MyBB version 1.2.4 Multiple Path Disclosure Vulnerabilities CVE-2007-0689
FULLDISC:20070514 SonicBB version 1.0 Multiple Path Disclosure Vulnerabilities CVE-2007-1901
FULLDISC:20070514 SonicBB version 1.0 Multiple SQL Injection Vulnerabilities CVE-2007-1902
FULLDISC:20070514 SonicBB version 1.0 XSS Attack Vulnerabilities CVE-2007-1903
FULLDISC:20070514 WordPress 2.1.3 Akismet Vulnerability CVE-2007-2714
FULLDISC:20070518 PsychoStats 3.0.6b and prior CVE-2007-2780
FULLDISC:20070518 Re: PsychoStats 3.0.6b and prior CVE-2007-2780
FULLDISC:20070521 Jetbox CMS version 2.1 Multiple Path Disclosure Vulnerabilities CVE-2007-2684
FULLDISC:20070521 Jetbox CMS version 2.1 Multiple SQL Injection Vulnerabilities CVE-2007-2685
FULLDISC:20070522 GMTT Music Distro 1.2 Vulnerable to XSS CVE-2007-2916
FULLDISC:20070522 Jetbox CMS version 2.1 XSS Attack Vulnerability CVE-2007-2686
FULLDISC:20070522 KSign KSignSWAT ActiveX Control Multiple Buffer Overflows Vulnerability CVE-2007-2820
FULLDISC:20070522 Question Regarding IIS 6.0 / Is this a DoS??? CVE-2007-2897
FULLDISC:20070522 phpPgAdmin XSS Vulnerability CVE-2007-2865
FULLDISC:20070523 Cisco CallManager 4.1 Input Validation Vulnerability CVE-2007-2832
FULLDISC:20070523 Re: Question Regarding IIS 6.0 / Is this a DoS??? CVE-2007-2897
FULLDISC:20070524 n.runs-SA-2007.008 - Avast! Antivirus CAB parsing CVE-2007-2845
FULLDISC:20070525 n.runs-SA-2007.009 - Avast! Antivirus SIS parsing Arbitrary Code Execution Advisory CVE-2007-2846
FULLDISC:20070527 phpPgAdmin Multiple XSS Vulnerabilities CVE-2007-5728
FULLDISC:20070528 Uebimiau Webmail Multiple Vulnerabilities CVE-2007-3170 CVE-2007-3171 CVE-2007-3172
FULLDISC:20070528 n.runs-SA-2007.010 - Avira Antivir Antivirus LZH parsing Arbitrary Code Execution Advisory CVE-2007-2974
FULLDISC:20070529 n.runs-SA-2007.011 - Avira Antivir Antivirus UPX CVE-2007-2972
FULLDISC:20070601 PHPLive ALL VERSION: RFI + XSS CVE-2007-3060
FULLDISC:20070601 static XSS / SQL-Injection in Omegasoft Insel CVE-2007-2992 CVE-2007-2993
FULLDISC:20070604 Assorted browser vulnerabilities CVE-2007-3089 CVE-2007-3091 CVE-2007-3092 CVE-2008-0591
FULLDISC:20070604 Full Path Disclosure eqDKP 1.3.2c and prior CVE-2007-3079
FULLDISC:20070604 Kevin Johnson BASE <= 1.3.6 authentication bypass CVE-2007-5578
FULLDISC:20070604 n.runs-SA-2007.014 - F-Secure Antivirus ARJ parsing Infinite Loop Advisory CVE-2007-2967
FULLDISC:20070604 n.runs-SA-2007.015 - F-Secure Antivirus FSG packed files parsing Infinite Loop Advisory CVE-2007-2967
FULLDISC:20070604 screen 4.0.3 local Authentication Bypass CVE-2007-3048
FULLDISC:20070605 Cacti Denial of Service CVE-2007-3112
FULLDISC:20070606 Kevin Johnson BASE <= 1.3.6 authentication bypass CVE-2007-5578
FULLDISC:20070606 Yahoo 0day ActiveX Webcam Exploit CVE-2007-3147
FULLDISC:20070607 2nd Yahoo 0day ActiveX Exploit CVE-2007-3148
FULLDISC:20070608 CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow CVE-2007-1685
FULLDISC:20070608 Re: CSIS Advisory: BlueCoat K9 Web Protection 3.2.36 Overflow CVE-2007-1685 CVE-2007-1783
FULLDISC:20070608 SafeNET High Assurance Remote/SoftRemote (IPSecDrv.sys) remote DoS CVE-2007-3157
FULLDISC:20070610 Serious holes affecting JFFNMS CVE-2007-3189 CVE-2007-3190 CVE-2007-3191 CVE-2007-3192
FULLDISC:20070611 TippingPoint detection bypass CVE-2007-3711
FULLDISC:20070612 Safari for Windows, 0day URL protocol handler command injection CVE-2007-3186
FULLDISC:20070612 using matasano's blackbag/deezee to find 0day and stuff CVE-2007-3232
FULLDISC:20070614 Letterman subscriber module XSS vulnerability CVE-2007-3249
FULLDISC:20070614 Re: Apple Safari: urlbar/window title spoofing CVE-2007-2398
FULLDISC:20070617 H4CREW-000005 EasyNews Pro 4.0 XSS & CSRF CVE-2007-3330 CVE-2007-3331
FULLDISC:20070617 Utopia News Pro version 1.4.0 XSS Attack Vulnerability CVE-2007-3129
FULLDISC:20070617 WSPortal version 1.0 Path Disclosure Vulnerability CVE-2007-3127
FULLDISC:20070617 WSPortal version 1.0 SQL Injection Vulnerability CVE-2007-3128
FULLDISC:20070624 Papoo CMS 3.6 - Access Restriction Bypass CVE-2007-3494
FULLDISC:20070625 Calendarix version 0.7. 20070307 Multiple Path Disclosure CVE-2007-3258
FULLDISC:20070625 Safari Bookmarks Buffer Overflow Vulnerability CVE-2007-3376
FULLDISC:20070627 eTicket version 1.5.5 Path Disclosure CVE-2007-2800
FULLDISC:20070627 eTicket version 1.5.5 XSS Attack Vulnerability CVE-2007-2801
FULLDISC:20070628 Re: Intel Core 2 CPUs are buggy. Patch your cpus :D CVE-2006-7215
FULLDISC:20070630 New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities CVE-2007-3511
FULLDISC:20070630 Re: New flaw found in Firefox 2.0.0.4: Firefox file input focus vulnerabilities CVE-2007-3511
FULLDISC:20070701 Advisory : Internet Explorer Zone Domain Specification Dos and Page suppressing. CVE-2007-3550
FULLDISC:20070702 Yoggie Pico Pro Remote Code Execution CVE-2007-3572
FULLDISC:20070703 Cross Site Scripting in Oliver Library Management System CVE-2007-3569
FULLDISC:20070705 Internet Communication Manager Denial Of Service Attack CVE-2007-3615
FULLDISC:20070705 Re: Yoggie Pico Pro Remote Code Execution CVE-2007-3572
FULLDISC:20070709 Anti-DNS Pinning and Java Applets CVE-2007-5273
FULLDISC:20070709 CodeIgniter 1.5.3 vulnerabilities CVE-2007-3706 CVE-2007-3707 CVE-2007-3708 CVE-2007-3709
FULLDISC:20070710 Internet Explorer 0day exploit CVE-2007-3670
FULLDISC:20070710 Portcullis Computer Security Ltd - Advisories CVE-2007-3768 CVE-2007-3769 CVE-2007-3784
FULLDISC:20070710 TippingPoint IPS Signature Evasion CVE-2007-3701
FULLDISC:20070710 [GOODFELLAS - VULN] sasatl.dll 1.5.0.531 Program Checker - Javascript Heap Spraying Exploit CVE-2007-3703
FULLDISC:20070711 Advisory - Clam AntiVirus RAR File Handling Denial Of Service Vulnerability. CVE-2007-3725
FULLDISC:20070711 SUN Java JNLP Overflow CVE-2007-3655
FULLDISC:20070711 durito: enVivo!CMS SQL injection CVE-2005-1413 CVE-2007-3783
FULLDISC:20070713 Element CMS script insertion vulnerability CVE-2007-3886
FULLDISC:20070713 PIRS2007 local buffer overflow vulnerability CVE-2007-3815
FULLDISC:20070714 paFileDB 3.6 (search.php) Remote SQL Injection CVE-2007-3808
FULLDISC:20070716 ExLibris Aleph and Metalib Cross Site Scripting Attack CVE-2007-3835
FULLDISC:20070716 Yahoo Messenger 8.1 Buffer Overflow CVE-2007-3928
FULLDISC:20070717 [Sec-1 Ltd] Advisory: MailMarshal Spam Quarantine Password Retrieval Vulnerability CVE-2007-3796
FULLDISC:20070718 Can CERT VU#786920 be right? CVE-2007-3832
FULLDISC:20070721 CVE-2007-3383: XSS in Tomcat send mail example CVE-2007-3383
FULLDISC:20070721 [CVE-2007-3816][Advisory] JWIG Context-Dependent Template Calling Dos CVE-2007-3816
FULLDISC:20070722 Re: [CVE 2007-3816] [Advisory] Vulnerability Facts Related JWIG Advisory CVE-2007-3816
FULLDISC:20070723 [CVE 2007-3816] [Advisory] Vulnerability Facts Related JWIG Advisory CVE-2007-3816
FULLDISC:20070725 Mozilla protocol abuse CVE-2007-4038 CVE-2007-4039 CVE-2007-4040
FULLDISC:20070726 WordPress wp-feedstats persistent XSS CVE-2007-4104
FULLDISC:20070726 [CVE 2007-3816] [Advisory] Vulnerability Facts Related JWIG Advisory CVE-2007-3816
FULLDISC:20070730 Security Testing Enterprise Messaging Systems CVE-2007-4158 CVE-2007-4159 CVE-2007-4160 CVE-2007-4161 CVE-2007-4162
FULLDISC:20070731 CAL-20070730-1 BlueSkyCat ActiveX Remote Heap Overflow vulnerability CVE-2007-4145
FULLDISC:20070802 DVD Rental System multiple XSS and CSRF vulnerabilities CVE-2007-4192 CVE-2007-4193
FULLDISC:20070806 Konqueror: URL address bar spoofing vulnerabilities CVE-2007-4224 CVE-2007-4225
FULLDISC:20070808 XSS vulnerability in Cisco MeetingPlace CVE-2007-4284
FULLDISC:20070812 Vulnerability in multiple "now playing" scripts for various IRC clients CVE-2007-4396 CVE-2007-4397 CVE-2007-4398 CVE-2007-4399 CVE-2007-4400 CVE-2007-4401 CVE-2007-4402 CVE-2007-4403
FULLDISC:20070814 Multiple vulnerabilities in Live for Speed 0.5X10 CVE-2007-4425 CVE-2007-4426
FULLDISC:20070814 Remote Memory Read in Diskeeper 9 - 2007 CVE-2007-4375
FULLDISC:20070814 Stop WabiSabiLabi Hacker Oppression NOW CVE-2007-4377
FULLDISC:20070818 Mercury SMTPD Remote Preauth Stack Based Overrun CVE-2007-4440
FULLDISC:20070820 10 messages SIP Remote DOS on Cisco 7940 SIP Phone CVE-2007-4459
FULLDISC:20070820 3 messsages attack remote DOS on Cisco 7940 CVE-2007-4459
FULLDISC:20070821 AST-2007-020: Resource Exhaustion Vulnerability in Asterisk SIP channel driver CVE-2007-4455
FULLDISC:20070822 Remote eavesdropping with SIP Phone GXV-3000 CVE-2007-4498
FULLDISC:20070823 DOS vulnerability on Thomson SIP phone ST 2030 using the VIA Header CVE-2007-4553
FULLDISC:20070823 Ipswitch FTP XSS leads to FTP server compromise CVE-2007-4555
FULLDISC:20070824 [MU-200708-01] Helix DNA Server Heap Corruption CVE-2007-4561
FULLDISC:20070826 SIDVault LDAP Server Remote Buffer Overflow CVE-2007-4566
FULLDISC:20070827 DOS vulnerability on Thomson SIP phone ST 2030 using the TO Header CVE-2007-4753
FULLDISC:20070827 Stampit Web - DoS (CVE-2007-3871) CVE-2007-3871
FULLDISC:20070828 DOS vulnerability on Thomson SIP phone ST 2030 using an empty packet CVE-2007-4753
FULLDISC:20070829 Multiple eScan products insecure file permissions CVE-2007-4649
FULLDISC:20070904 212cafeBoard Sql injection CVE-2007-4719
FULLDISC:20070905 Format string and clients disconnection in Alien Arena 2007 6.10 CVE-2007-4754 CVE-2007-4755
FULLDISC:20070911 RealPlayer/HelixPlayer .au Divide-By-Zero Denial of Service Vulnerability CVE-2007-4884 CVE-2007-4885 CVE-2007-4904
FULLDISC:20070912 S21SEC-036-EN Ekiga <= 2.0.5 Denial of service CVE-2007-4897
FULLDISC:20070915 Drupal Link to Us Module Contains XSS Vulnerability CVE-2008-4149
FULLDISC:20070916 python <= 2.5.1 standart librairy multiples int overflow, heap overflow in imageop module CVE-2007-4965
FULLDISC:20070917 Alcatel-Lucent OmniPCX Remote Command Execution CVE-2007-3010
FULLDISC:20070918 [MU-200709-02] Dibbler Remote Denial of Service Vulnerability CVE-2007-5029 CVE-2007-5030 CVE-2007-5031
FULLDISC:20070920 VMSA-2007-0006 Critical security updates for all supported versions of VMware ESX Server, VMware Server, VMware Workstation, VMware ACE, and VMware Player CVE-2004-0813 CVE-2006-1174 CVE-2006-3619 CVE-2006-4146 CVE-2006-4600 CVE-2007-0061 CVE-2007-0062 CVE-2007-0063 CVE-2007-0494 CVE-2007-1716 CVE-2007-1856 CVE-2007-2442 CVE-2007-2443 CVE-2007-2446 CVE-2007-2447 CVE-2007-2798 CVE-2007-4059 CVE-2007-4155 CVE-2007-4496 CVE-2007-4497 CVE-2007-5617 CVE-2007-5618
FULLDISC:20070924 JSPWiki Multiple Input Validation Vulnerabilities CVE-2007-5119 CVE-2007-5120 CVE-2007-5121
FULLDISC:20070925 SimpNews version 2.41.03 File Content Disclosure Vulnerability CVE-2007-4873
FULLDISC:20070925 SimpNews version 2.41.03 Multiple Path Disclosure Vulnerabilities CVE-2007-4872
FULLDISC:20070927 Re: CAT6500 accessible via 127.0.0.x loopback addresses CVE-2007-5134
FULLDISC:20070930 Re: [Full-disclosure] feedreader3 has XSS vulnerability CVE-2007-5161
FULLDISC:20071003 Hijacking Feeds with Feedburner CVE-2007-5229
FULLDISC:20071004 Vba32 AntiVirus v3.12.2 insecure file permissions CVE-2007-5254
FULLDISC:20071005 URI handling woes in Acrobat Reader, Netscape, Miranda, Skype CVE-2007-3896
FULLDISC:20071006 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype CVE-2007-3896
FULLDISC:20071007 Re: URI handling woes in Acrobat Reader, Netscape, Miranda, Skype CVE-2007-3896
FULLDISC:20071009 Owning the internal network with SIP (part 1) and a Linksys Phone CVE-2007-5411
FULLDISC:20071012 CallManager and OpeSer toll fraud and authentication forward attack CVE-2007-5468 CVE-2007-5469
FULLDISC:20071013 Netgear SSL312 XSS vulnerability CVE-2007-5562
FULLDISC:20071013 PHP File Sharing System 1.5.1 CVE-2007-5454
FULLDISC:20071014 Apache Tomcat Rem0Te FiLe DiscloSure ZeroDay CVE-2007-5461
FULLDISC:20071015 CallManager and OpeSer toll fraud and authentication forward attack CVE-2007-5468 CVE-2007-5469
FULLDISC:20071017 AST-2007-023: SQL Injection POC and details CVE-2007-5488
FULLDISC:20071022 Re: [Full-disclosure] ifnet.it WEBIF XSS Vulnerability CVE-2007-5673
FULLDISC:20071022 ifnet.it WEBIF XSS Vulnerability CVE-2007-5673
FULLDISC:20071023 3proxy double free vulnerability CVE-2007-5622
FULLDISC:20071023 Miranda IM Multiple Buffer Overflow Vulnerabilities CVE-2007-5542 CVE-2007-5543
FULLDISC:20071031 SEC Consult SA-20071031-0 :: Perdition IMAP Proxy Format String Vulnerability CVE-2007-5740
FULLDISC:20071102 Firefox 2.0.0.9 remote DoS vulnerability CVE-2007-5896
FULLDISC:20071106 MySQL 5.x DoS (unknown) CVE-2007-5925
FULLDISC:20071113 WebEx GPCContainer Memory Access Violation CVE-2007-6005
FULLDISC:20071115 ComponentOne FlexGrid 7.1 Light Multiple Stack Overflows CVE-2007-6028
FULLDISC:20071116 Microsoft Jet Engine MDB File Parsing Stack Overflow Vulnerability CVE-2007-6026
FULLDISC:20071116 [RISE-2007004] Apple Mac OS X 10.4.x Kernel i386_set_ldt() Integer Overflow Vulnerability CVE-2007-4684
FULLDISC:20071119 Wordpress Cookie Authentication Vulnerability CVE-2007-6013
FULLDISC:20071127 CORE-2007-0821: Lotus Notes buffer overflow in the Lotus WorkSheet file processor CVE-2007-6593
FULLDISC:20071130 Yahoo Toolbar Helper c() Method Stack Overflow DoS CVE-2007-6228
FULLDISC:20071205 Cisco Phone 7940 remote DOS CVE-2007-5583
FULLDISC:20071205 Nokia N95 cellphone remote DoS using the SIP Stack CVE-2007-6371
FULLDISC:20071206 HackerSafe Labs - Security Advisory - Xigla Absolute Banner Manager v4.0 CVE-2007-6291
FULLDISC:20071207 Heimdal ftpd uninitialized vulnerability CVE-2007-5939
FULLDISC:20071207 netkit-ftpd/ftp uninitialized vulnerability CVE-2007-5769 CVE-2007-6263
FULLDISC:20071208 Cisco Phone 7940 remote DOS CVE-2007-5583
FULLDISC:20071208 MIT Kerberos 5: Multiple vulnerabilities CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972
FULLDISC:20071208 Re: Cisco Phone 7940 remote DOS CVE-2007-5583
FULLDISC:20071208 Venustech reports of MIT krb5 vulns [CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972] CVE-2007-5894 CVE-2007-5901 CVE-2007-5902 CVE-2007-5971 CVE-2007-5972
FULLDISC:20071210 WordPress Charset SQL injection vulnerability (re-resend) CVE-2007-6318
FULLDISC:20071212 Fwd: Websense 6.3.1 Filtering Bypass CVE-2007-6511
FULLDISC:20071214 MailEnable DoS POC CVE-2007-0955
FULLDISC:20071217 ZDI-07-078: St. Bernard Open File Manager Heap CVE-2007-6281
FULLDISC:20071218 Appian Enterprise Business Suite 5.6 SP1 is CVE-2007-6509
FULLDISC:20071219 HP eSupportDiagnostics hpediags.dll Information Disclosure CVE-2007-6513
FULLDISC:20071219 Yahoo Toolbar YShortcut.dll IsTaggedBM() Buffer Overflow CVE-2007-6535
FULLDISC:20071220 IBM Domino Web Access Upload Control dwa7w.dll Memory Corruption CVE-2007-4474
FULLDISC:20071224 Installshield Update Service isusweb.dll Buffer Overflow CVE-2007-6654
FULLDISC:20071225 AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows CVE-2007-6699
FULLDISC:20071225 Ho Ho H0-Day - ZyXEL P-330W multiple XSS and XSRF vulnerabilities CVE-2007-6729 CVE-2007-6730
FULLDISC:20071225 Persits Software XUpload.ocx Buffer Overflow CVE-2007-6530
FULLDISC:20071227 Re: AOL YGP Picture Editor YGPPicEdit.dll Multiple Buffer Overflows CVE-2007-6699
FULLDISC:20071228 FAQMasterFlexPlus multiple vulnerabilities CVE-2007-6633 CVE-2007-6634 CVE-2007-6635
FULLDISC:20080103 securityvulns.com russian vulnerabilities digest CVE-2008-0190 CVE-2008-0191 CVE-2008-0192 CVE-2008-0193 CVE-2008-0194 CVE-2008-0195 CVE-2008-0196 CVE-2008-0197 CVE-2008-0198 CVE-2008-0199 CVE-2008-0200 CVE-2008-0201 CVE-2008-0202 CVE-2008-0203 CVE-2008-0204 CVE-2008-0205 CVE-2008-0206 CVE-2008-0207
FULLDISC:20080109 Gateway WebLaunch ActiveX Control Insecure Method CVE-2008-0220 CVE-2008-0221
FULLDISC:20080110 (( PoC)) ID-Commerce Security Advisory - SLR-2007-001 (( PoC)) CVE-2008-0281
FULLDISC:20080110 ID-Commerce Security Advisory - SLR-2007-001 CVE-2008-0281
FULLDISC:20080111 Cross site scripting (XSS) in Moodle 1.8.3 CVE-2008-0123
FULLDISC:20080111 StreamAudio ChainCast ProxyManager ccpm_0237.dll Buffer Overflow CVE-2008-0248
FULLDISC:20080113 Hacking The Interwebs CVE-2008-1654
FULLDISC:20080115 Re: scada/plc gear CVE-2008-7199
FULLDISC:20080117 Re: Skype videomood XSS CVE-2008-0454
FULLDISC:20080117 Skype videomood XSS CVE-2008-0454
FULLDISC:20080120 AXIGEN 5.0.x AXIMilter Format String Exploit CVE-2008-0434
FULLDISC:20080122 HP Virtual Rooms WebHPVCInstall Control Multiple Buffer Overflows CVE-2008-0437
FULLDISC:20080122 PHP 5.2.5 cURL safe_mode bypass CVE-2007-4850
FULLDISC:20080124 Directory Traversal Vulnerability in Aconon Mail CVE-2008-0464
FULLDISC:20080124 Re: scada/plc gear CVE-2008-7201
FULLDISC:20080127 phpIP 4.3.2 - Numerous SQL Injection Vulnerablities CVE-2008-0538
FULLDISC:20080131 Livelink UTF-7 XSS Vulnerability CVE-2008-0769
FULLDISC:20080131 MySpace Uploader ActiveX Control Buffer Overflow CVE-2008-0659
FULLDISC:20080203 FaceBook/Aurigma Image/PhotoUploader Buffer Overflow CVE-2008-0660
FULLDISC:20080204 CORE-2007-1218: MPlayer 1.0rc2 buffer overflow vulnerability CVE-2008-0486
FULLDISC:20080204 CORE-2008-0122: MPlayer arbitrary pointer dereference CVE-2008-0485
FULLDISC:20080206 MyNews 1.6.X HTML/JS Injection Vulnerability CVE-2008-0723
FULLDISC:20080207 Re: MyNews 1.6.X HTML/JS Injection Vulnerability CVE-2008-0723
FULLDISC:20080208 Serendipity Freetag-plugin XSS vulnerability CVE-2008-0751
FULLDISC:20080211 ZDI-08-005: Novell Client NWSPOOL.DLL EnumPrinters Stack Overflow Vulnerability CVE-2008-0639
FULLDISC:20080213 OpenCA XSRF (CVE-2008-0556) CVE-2008-0556
FULLDISC:20080214 DOINGSOFT-2008-02-11 - IPDiva VPN SSL Brute force attack CVE-2008-0915
FULLDISC:20080214 DOINGSOFT-2008-02-11-002 IP Diva VPN SSL many XSS attacks CVE-2008-0914
FULLDISC:20080221 Cisco and Vocera wireless LAN VoIP devices don't check certificates CVE-2008-1113 CVE-2008-1114
FULLDISC:20080223 Cisco confirms vulnerability in 7921 Wi-Fi IP phone CVE-2008-1113
FULLDISC:20080225 CORE-2007-0930 Path Traversal vulnerability in VMware's shared folders implementation CVE-2008-0923
FULLDISC:20080226 Move Networks Quantum Streaming Player UploadLogs() Buffer Overflow CVE-2008-1044
FULLDISC:20080226 XSS Vulnerability in AuthentiX CVE-2008-1174
FULLDISC:20080227 CORE-2008-0130: VLC media player chunk context validation error CVE-2008-0984
FULLDISC:20080303 Heap overflow in Borland VisiBroker Smart Agent 08.00.00.C1.03 CVE-2008-7126 CVE-2008-7127
FULLDISC:20080305 Vulnerability in Linux Kiss Server v1.2 CVE-2008-1206
FULLDISC:20080305 WebCT 4.x Javascript Session Stealer Exploits CVE-2008-1225
FULLDISC:20080310 Real Networks RealPlayer ActiveX Control Heap Corruption CVE-2008-1309
FULLDISC:20080311 Advisory: SQL-Injections in Mapbender CVE-2008-0301
FULLDISC:20080324 ircu/snircd remote crash vulnerability CVE-2008-1501
FULLDISC:20080328 Re: Smf 1.1.4 Remote File Inclusion Vulnerabilities CVE-2008-6544
FULLDISC:20080328 Smf 1.1.4 Remote File Inclusion Vulnerabilities CVE-2008-6544
FULLDISC:20080407 WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability CVE-2008-1716 CVE-2008-1717
FULLDISC:20080408 WoltLab(R) Community Framework XSS and Full Path Disclosure Vulnerability CVE-2008-1716 CVE-2008-1717
FULLDISC:20080408 ZDI-08-020: Microsoft GDI WMF Parsing Heap Overflow Vulnerability CVE-2008-1083
FULLDISC:20080413 DOINGSOFT-2008-03-10-001 - XSS issue in BOXiR2 CVE-2008-1894
FULLDISC:20080415 gallarific backdoored , vulnerable to xss CVE-2008-6567
FULLDISC:20080421 Adobe Unchecked Overflow CVE-2008-1765
FULLDISC:20080422 Correcting CVEs (was Re: [Full-disclosure] Cross site scripting issues in s9y (CVE-2008-1386, CVE-2008-1387)) CVE-2008-1385 CVE-2008-1386
FULLDISC:20080424 Lotus expeditor rcplauncher uri handler vulnerability CVE-2008-1965
FULLDISC:20080430 Akamai Technologies Security Advisory 2008-0001 (Download Manager) CVE-2007-6339
FULLDISC:20080502 Microsoft Work ActiveX Insecure Method Exploit CVE-2008-1898
FULLDISC:20080506 Advisory SE-2008-02: PHP GENERATE_SEED() Weak Random Number Seed Vulnerability CVE-2008-2107 CVE-2008-2108
FULLDISC:20080508 SonicWall e-mail security Host Header XSS Vulnerability CVE-2008-2162
FULLDISC:20080508 ZYWALL Referer Header XSS Vulnerability CVE-2008-2167
FULLDISC:20080509 XSS and CSRF vulnerability on cPanel 11 CVE-2008-2070 CVE-2008-2071
FULLDISC:20080512 [SkyOut/Wired Security] SQL Injection in IDB Micro CMS 3.5 (Login Bypass) CVE-2008-6614
FULLDISC:20080519 Mtr - remote and local stack overflow - uncomment situation in libresolv. CVE-2008-2357
FULLDISC:20080604 Akamai Technologies Security Advisory 2008-0001 (Download Manager) CVE-2008-1770
FULLDISC:20080618 Coming soon : Firefox 3 Release overflow CVE-2008-2786
FULLDISC:20080618 NULL pointer in the HTTP/XML-RPC service of Crysis 1.21 CVE-2008-6712
FULLDISC:20080626 Commtouch Anti-Spam Enterprise Gateway Cross Site Scripting (allowing domain credential theft) CVE-2008-3082
FULLDISC:20080703 DDIVRT-2008-12-ServerView SnmpGetMibValues.exe Buffer Overflow CVE-2008-3126
FULLDISC:20080704 Panda ActiveScan 2.0 remote code execution CVE-2008-3155 CVE-2008-3156
FULLDISC:20080705 Panda ActiveScan 2.0 remote code execution CVE-2008-3155 CVE-2008-3156
FULLDISC:20080709 Trixbox 2.6.1 and below, remote root shell through local file inclusion CVE-2008-6825
FULLDISC:20080717 Vim: Insecure Temporary File Creation During Build: Arbitrary Code Execution CVE-2008-3294
FULLDISC:20080723 Vulnerability Report: EMC Centera Universal Access CVE-2008-3370
FULLDISC:20080728 Tool release: [evilgrade] - Using DNS cache poisoning to exploit poor update implementations CVE-2008-3433 CVE-2008-3434 CVE-2008-3435 CVE-2008-3436 CVE-2008-3437 CVE-2008-3438 CVE-2008-3439 CVE-2008-3440 CVE-2008-3441 CVE-2008-3442
FULLDISC:20080731 Assurent VR - CA ARCserve Backup for Laptops and Desktops LGServer Handshake Buffer Overflow CVE-2008-3175
FULLDISC:20080731 F-PROT antivirus 6.2.1.4252 infinite loop denial of service via malformed archive CVE-2008-3447
FULLDISC:20080806 Webex atucfobj Module ActiveX Control Buffer Overflow Vulnerability CVE-2008-3558
FULLDISC:20080814 SECOBJADV-2008-03: PartyGaming PartyPoker Malicious Update Vulnerability CVE-2008-3324
FULLDISC:20080816 Nokia 6131 NFC URI/URL Spoofing and DoS Advisory CVE-2008-5825 CVE-2008-5826
FULLDISC:20080821 DXShopCart V4.30mc search.php XSS CVE-2008-5119
FULLDISC:20080821 Fujitsu Web-Based Admin View Directory Traversal Vulnerability CVE-2008-3776
FULLDISC:20080822 ACG-PTP 1.0.6 index.php persistent XSS CVE-2008-3782
FULLDISC:20080822 Photo Cart 3.9 index.php "search" XSS CVE-2008-3786
FULLDISC:20080829 [scip_Advisory 3807] Dreambox DM500 webserver long URL request denial of service CVE-2008-3936
FULLDISC:20080830 VMSA-2008-0014 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX address information disclosure, privilege escalation and other security issues. CVE-2007-5269 CVE-2007-5438 CVE-2008-1447 CVE-2008-1806 CVE-2008-1807 CVE-2008-1808 CVE-2008-2101 CVE-2008-3691 CVE-2008-3692 CVE-2008-3693 CVE-2008-3694 CVE-2008-3695 CVE-2008-3696 CVE-2008-3697 CVE-2008-3698 CVE-2008-3892
FULLDISC:20080902 DDIVRT-2008-13 AVTECH PageR Enterprise Directory Traversal CVE-2008-3939
FULLDISC:20080902 DDIVRT-2008-14 3Com Wireless 8760 Dual Radio 11a/b/g PoE Access Point Malformed HTTP POST DoS CVE-2008-6395
FULLDISC:20080905 [PLSA 2008-36] Ffmpeg: Multiple vulnerabilities CVE-2008-4866 CVE-2008-4867 CVE-2008-4868 CVE-2008-4869
FULLDISC:20080908 [scip_Advisory 3808] D-Link DIR-100 long url filter evasion CVE-2008-4133
FULLDISC:20080911 Clients format strings in the Unreal engine CVE-2008-6441
FULLDISC:20080911 Server termination in the Unreal engine 3 CVE-2008-7015
FULLDISC:20080912 Drupal Answers Module Contains XSS Vulnerability CVE-2008-6413
FULLDISC:20080916 Failed assertion in the Unreal engine CVE-2008-7011
FULLDISC:20080918 [IVIZ-08-010] McAfee SafeBoot Device Encryption Plain Text Password Disclosure (v4, Build 4750 and below) CVE-2008-7020
FULLDISC:20080918 menalto gallery: Session hijacking vulnerability, CVE-2008-3662 CVE-2008-3662
FULLDISC:20080924 Drupal Brilliant Gallery module SQL injection vulnerability CVE-2008-4338
FULLDISC:20080929 WordPress MU < 2.6 wpmu-blogs.php Crose Site Scrpting vulnerability CVE-2008-4671
FULLDISC:20081001 XSS in Celoxis project management software CVE-2008-6094
FULLDISC:20081003 IRM Security Advisory: VeriSign Kontiki Delivery Management System (DMS) Cross-Site Scripting Vulnerability CVE-2008-4393
FULLDISC:20081004 Blue Coat K9 Web Protection V4.0.230 Beta Vulnerability CVE-2008-4515
FULLDISC:20081004 VMware Emulation Flaw x64 Guest Privilege Escalation (1/2) CVE-2008-4279
FULLDISC:20081027 MyBB 1.4.2: Multiple Vulnerabilties CVE-2008-4928 CVE-2008-4929 CVE-2008-4930
FULLDISC:20081103 Bitsec Security Advisory: UW/Panda IMAP [dt]mail buffer overflow CVE-2008-5005
FULLDISC:20081106 DDIVRT-2008-17 Orb Directory Traversal CVE-2008-5645
FULLDISC:20081108 Metrica Service Assurance Multiple Cross Site Scripting CVE-2008-5043
FULLDISC:20081108 OpenBase SQL multiple vulnerabilities Part Deux CVE-2006-5851
FULLDISC:20081108 [Full-disclosure] OpenBase SQL multiple vulnerabilities Part Deux CVE-2006-5852
FULLDISC:20081109 ClamAV get_unicode_name() off-by-one buffer overflow CVE-2008-5050
FULLDISC:20081113 Netgear WGR614v9 DoS to Admin Interface (internal and external) CVE-2008-6122
FULLDISC:20081120 NatterChat 1.12 txtUsername and txtRoomName XSS CVE-2008-7048
FULLDISC:20081121 DDIVRT-DDIVRT-2008-15 iPhone Configuration Web Utility 1.0 for Windows Directory Traversal CVE-2008-5315
FULLDISC:20081122 [SVRT-04-08] Vulnerability in WireShark 1.0.4 for DoS Attack CVE-2008-5285
FULLDISC:20081201 [BMSA 2008-09] Two buffer overflow vulnerabilities in Rumpus v6.0 CVE-2008-7078
FULLDISC:20081203 [SVRT-06-08] MULTI SECURITY VULNERABILITIES IN MVNFORUM CVE-2008-5400
FULLDISC:20081207 Multiple vulnerabilities in 3CX 6.0.806.0 CVE-2008-6894 CVE-2008-6895 CVE-2008-6896
FULLDISC:20081208 Breaking Google Gears' Cross-Origin Communication Model CVE-2008-6512
FULLDISC:20081210 Microsoft SQL Server 2005 sp_replwritetovarbin memory overwrite (update to SEC Consult SA-20081209) CVE-2008-5416
FULLDISC:20081211 Checkpoint Sources plus SPLAT Remote Root Exploit CVE-2008-5850
FULLDISC:20081221 CVE-2008-5557 - PHP mbstring buffer overflow CVE-2008-5557
FULLDISC:20090107 Firefox 3.0.5 remote vulnerability via queryCommandState CVE-2009-0071
FULLDISC:20090107 Re: Firefox 3.0.5 remote vulnerability via queryCommandState CVE-2009-0071
FULLDISC:20090115 [TZO-2009-2] Avira Antivir - Priviledge escalation CVE-2009-2761
FULLDISC:20090126 Solaris Devs Are Smoking Pot CVE-2009-0304
FULLDISC:20090205 Drupal Link Module XSS Vulnerability CVE-2009-0603
FULLDISC:20090208 Netgear SSL312 Router - remote DoS CVE-2009-0680
FULLDISC:20090210 Craft Silicon Banking at Home SQL Injection CVE-2009-0741
FULLDISC:20090214 FreeBSD zeroday CVE-2009-0641
FULLDISC:20090222 Libero Cross-Site Scripting Vulnerability - Security Advisory - SOS-09-001 CVE-2009-0540
FULLDISC:20090223 Magento Multiple Cross-Site Scripting Vulnerabilities - Security Advisory - SOS-09-002 CVE-2009-0541
FULLDISC:20090227 HTC Touch vCard over IP Denial of Service PoC Code CVE-2008-6775
FULLDISC:20090310 Assurent VR - IBM Tivoli Storage Manager Express Backup Server Heap Corruption CVE-2008-4563
FULLDISC:20090312 Apple iTunes DAAP Messages Handling Denial of Service Vulnerability CVE-2009-0016
FULLDISC:20090319 Pixie CMS Multiple Vulnerabilities CVE-2009-1066 CVE-2009-1067
FULLDISC:20090319 Secure Computing (McAfee) Smart Filter possible issue CVE-2009-2312 CVE-2009-2429
FULLDISC:20090330 Check Point Firewall-1 PKI Web Service HTTP Header Remote Overflow CVE-2009-1227
FULLDISC:20090331 Cisco ASA5520 Web VPN Host Header XSS CVE-2009-1220
FULLDISC:20090402 Layered Defense Research Advisory: Format String Vulnerability: FortiClient Version 3 CVE-2009-1262
FULLDISC:20090403 VMSA-2009-0005 VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues CVE-2008-3761 CVE-2008-4916 CVE-2009-0177 CVE-2009-0518 CVE-2009-0908 CVE-2009-0909 CVE-2009-0910 CVE-2009-1146 CVE-2009-1147
FULLDISC:20090411 [BMSA 2009-04] Remote DoS in Internet Explorer CVE-2009-1335
FULLDISC:20090416 [follow-up] razorCMS - Multiple Vulnerabilities CVE-2009-1458 CVE-2009-1459 CVE-2009-1460 CVE-2009-1461 CVE-2009-1462 CVE-2009-1463
FULLDISC:20090416 razorCMS - Multiple Vulnerabilities CVE-2009-1458 CVE-2009-1459 CVE-2009-1460 CVE-2009-1462 CVE-2009-1463
FULLDISC:20090417 ERNW Security Advisory 01-2009: XSS in Blackberries Mobile Data Service Connection Service CVE-2009-0307
FULLDISC:20090422 DirectAdmin < 1.33.4 Local file overwrite & Local root escalation CVE-2009-1525 CVE-2009-1526
FULLDISC:20090424 SumatraPDF <= 0.9.3 Heap Overflow PoC CVE-2009-1605
FULLDISC:20090428 Positron Security Advisory #2009-001: Memcached and MemcacheDB ASLR Bypass Weakness CVE-2009-1255
FULLDISC:20090514 eggdrop/windrop remote crash vulnerability CVE-2009-1789
FULLDISC:20090515 IIS6 + webdav and unicode rides again in 2009 CVE-2009-1535
FULLDISC:20090515 Re: IIS6 + webdav and unicode rides again in 2009 CVE-2009-1535
FULLDISC:20090520 CORE-2009-0109 - Multiple XSS in Sun Communications Express CVE-2009-1729
FULLDISC:20090525 Soulseek * P2P Remote Distributed Search Code Execution CVE-2009-1830
FULLDISC:20090527 [TZO-27-2009] Firefox Denial of Service (Keygen) CVE-2009-1828
FULLDISC:20090528 Re: [TZO-27-2009] Firefox Denial of Service (Keygen) CVE-2009-1828
FULLDISC:20090618 Edraw PDF Viewer Component ActiveX Remote code execution vulnerability CVE-2009-2169
FULLDISC:20090628 Baofeng Media Player playlist stack overflow CVE-2009-2617
FULLDISC:20090629 Re: Baofeng Media Player playlist stack overflow CVE-2009-2617
FULLDISC:20090708 MySQL <= 5.0.45 post auth format string vulnerability CVE-2009-2446
FULLDISC:20090710 'Secure' Wyse thin clients vulnerable to remote exploit bugs CVE-2009-0693 CVE-2009-0695
FULLDISC:20090721 Update: [GSEC-TZO-44-2009] One bug to rule them all - Firefox, IE, Safari, Opera, Chrome, Seamonkey, iPhone, iPod, Wii, PS3.... CVE-2009-2575
FULLDISC:20090722 Akamai Technologies Security Advisory 2009-0001 (Download Manager) CVE-2009-2582
FULLDISC:20090727 [DZC-2009-001] The Movie Player and VLC Media Player Real Data Transport parsing integer underflow. CVE-2010-2062
FULLDISC:20090810 WordPress <= 2.8.3 Remote admin reset password CVE-2009-2762
FULLDISC:20090811 Sql injection in OCS Inventory NG Server 1.2.1 CVE-2009-3042
FULLDISC:20090813 Linux NULL pointer dereference due to incorrect proto_ops initializations CVE-2009-2692
FULLDISC:20090818 Kaspersky AV/IS 2010 (avp.exe) Denial-of-Service CVE-2009-2966
FULLDISC:20090903 Microsoft Internet Information Services 5.0/6.0 FTP SERVER DENIAL OF SERVICE ("Stack Exhaustion") CVE-2009-2521
FULLDISC:20090907 Windows Vista/7 : SMB2.0 NEGOTIATE PROTOCOL REQUEST Remote B.S.O.D. CVE-2009-3103
FULLDISC:20090923 nginx - low risk webdav destination bug CVE-2009-3898
FULLDISC:20090924 Cisco ACE XML Gateway <= 6.0 Internal IP disclosure CVE-2009-3457
FULLDISC:20090925 Drupal Bibliography 6.x-1.6 XSS Vuln CVE-2009-3488
FULLDISC:20091022 Everfocus EDR1600 remote authentication bypass CVE-2009-3828
FULLDISC:20091111 Windows 7 , Server 2008R2 Remote Kernel Crash CVE-2009-3676
FULLDISC:20091111 WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution CVE-2009-3890
FULLDISC:20091112 Re: WordPress <= 2.8.5 Unrestricted File Upload Arbitrary PHP Code Execution CVE-2009-3890
FULLDISC:20091117 CORE-2009-0814: HP Openview NNM 7.53 Invalid DB Error Code vulnerability CVE-2009-3840 CVE-2009-3977
FULLDISC:20091123 Quick.Cart and Quick.CMS CSRF Vulnerabilities CVE-2009-4120 CVE-2009-4121
FULLDISC:20091125 Cacti 0.8.7e: Multiple security issues CVE-2009-4112
FULLDISC:20091128 MuPDF pdf_shade4.c multiple stack-based buffer overflows CVE-2009-4117
FULLDISC:20091209 CORE-2009-1013: Multiple XSS and Injection Vulnerabilities in TestLink Test Management and Execution System CVE-2009-4237 CVE-2009-4238
FULLDISC:20091216 VideoCache 1.9.2 vccleaner root vulnerability CVE-2009-4454
FULLDISC:20091217 [ISecAuditors Security Advisories] Horde 3.3.5 "PHP_SELF" Cross-Site Scripting vulnerability CVE-2009-3701
FULLDISC:20091218 [ISecAuditors Security Advisories] Simple PHP Blog <= 0.5.1 Local File Include vulnerability CVE-2009-4421
FULLDISC:20091223 XSS in WebMathematica CVE-2009-4812 CVE-2009-4814
FULLDISC:20100119 Microsoft Windows NT #GP Trap Handler Allows Users to Switch Kernel Stack CVE-2010-0232
FULLDISC:20100120 Insufficient User Input Validation in VP-ASP 6.50 Demo Code CVE-2010-1588 CVE-2010-1589 CVE-2010-1590
FULLDISC:20100122 Silverstripe <= v2.3.4: two XSS vulnerabilities CVE-2010-1593
FULLDISC:20100125 DDIVRT-2009-27 F2L-3000 files2links SQL Injection Vulnerability CVE-2010-0469
FULLDISC:20100127 Apple Iphone/Ipod - Serversman 3.1.5 HTTP Remote DoS exploit CVE-2010-0496
FULLDISC:20100127 Mod_proxy from apache 1.3 - Integer overflow which causes heap overflow. CVE-2010-0010
FULLDISC:20100128 PR09-19: Cross-Site Scripting (XSS) on CommonSpot server CVE-2010-0468
FULLDISC:20100204 Re: Samba Remote Zero-Day Exploit CVE-2010-0926
FULLDISC:20100204 Samba Remote Zero-Day Exploit CVE-2010-0926
FULLDISC:20100204 Sterlite SAM300AX ADSL router - Cross Site CVE-2010-0607
FULLDISC:20100205 Re: Samba Remote Zero-Day Exploit CVE-2010-0926
FULLDISC:20100211 [Onapsis Security Advisory 2010-003] SAP WebDynpro Runtime XSS/CSS Injection CVE-2010-1609
FULLDISC:20100223 CA20100223-01: Security Notice for CA eHealth Performance Manager CVE-2010-0640
FULLDISC:20100303 fcrontab Information Disclosure Vulnerability CVE-2010-0792
FULLDISC:20100304 Apple Airport Wireless Products: Promiscuous FTP PORT Allowed in FTP Proxy Provides Security Bypass CVE-2010-0962
FULLDISC:20100305 ncpfs, Multiple Vulnerabilities CVE-2010-0788 CVE-2010-0790 CVE-2010-0791
FULLDISC:20100307 Spamassassin Milter Plugin Remote Root CVE-2010-1132
FULLDISC:20100401 Zabbix <= 1.8.1 SQL Injection CVE-2010-1277
FULLDISC:20100406 [SECURITY] - Jzip (.zip) Unicode bof Vulnerability CVE-2010-5300
FULLDISC:20100409 Java Deployment Toolkit Performs Insufficient Validation of Parameters CVE-2010-1423
FULLDISC:20100409 VMSA-2010-0007 VMware hosted products, vCenter Server and ESX patches resolve multiple security issues CVE-2009-1564 CVE-2009-1565 CVE-2009-2042 CVE-2009-3707 CVE-2009-3732 CVE-2009-4811 CVE-2010-1138 CVE-2010-1139 CVE-2010-1140 CVE-2010-1141 CVE-2010-1142
FULLDISC:20100419 [CORELAN-10-026] TweakFS Zip Stack BOF CVE-2010-1458
FULLDISC:20100422 Apache ActiveMQ is prone to source code disclosure vulnerability. CVE-2010-1587
FULLDISC:20100427 Fun with FORTIFY_SOURCE CVE-2010-3192
FULLDISC:20100504 [CORE-2010-0427] Windows SMTP Service DNS query Id vulnerabilities CVE-2010-1689 CVE-2010-1690
FULLDISC:20100505 KHOBE - 8.0 earthquake for Windows desktop security software CVE-2010-5150 CVE-2010-5151 CVE-2010-5152 CVE-2010-5153 CVE-2010-5154 CVE-2010-5155 CVE-2010-5156 CVE-2010-5157 CVE-2010-5158 CVE-2010-5159 CVE-2010-5160 CVE-2010-5161 CVE-2010-5162 CVE-2010-5163 CVE-2010-5164 CVE-2010-5165 CVE-2010-5166 CVE-2010-5167 CVE-2010-5168 CVE-2010-5169 CVE-2010-5170 CVE-2010-5171 CVE-2010-5172 CVE-2010-5173 CVE-2010-5174 CVE-2010-5175 CVE-2010-5176 CVE-2010-5177 CVE-2010-5178 CVE-2010-5179 CVE-2010-5180 CVE-2010-5181 CVE-2010-5182 CVE-2010-5183 CVE-2010-5184
FULLDISC:20100511 [CAL-20100204-1]Adobe Shockwave Player Director File Parsing ATOM size infinite loop vulnerability CVE-2010-1282
FULLDISC:20100511 [CAL-20100204-2]Adobe Shockwave Player Director File Parsing integer overflow vulnerability CVE-2010-0129
FULLDISC:20100511 [CAL-20100204-3]Adobe Shockwave Player Director File Parsing RCSL Pointer Overwrite CVE-2010-1280
FULLDISC:20100512 Drupal storm 1.32 CVE-2010-2123
FULLDISC:20100514 Mathematica on Linux /tmp/MathLink vulnerability CVE-2010-2027
FULLDISC:20100520 Drupal Chaos Tools Suite (Ctools) Module Multiple Vulns CVE-2010-1546 CVE-2010-1547 CVE-2010-1548
FULLDISC:20100524 Scientific Atlanta DPC2100 WebSTAR Cable Modem vulnerabilities CVE-2010-2025 CVE-2010-2026 CVE-2010-2082
FULLDISC:20100529 Websense Enterprise 6.3.3 Policy Bypass CVE-2010-5144
FULLDISC:20100602 Wing FTP Server - Cross Site Scripting Vulnerability CVE-2010-2428
FULLDISC:20100603 Multiple vulnerabilities in Exim CVE-2010-2023 CVE-2010-2024
FULLDISC:20100603 RSA Key Manager SQL injection Vulnerability ( CVE-2010-1904 ) CVE-2010-1904
FULLDISC:20100607 Re: Wing FTP Server - Cross Site Scripting Vulnerability CVE-2010-2428
FULLDISC:20100609 Microsoft Windows Help Centre Handles Malformed Escape Sequences Incorrectly CVE-2010-1885 CVE-2010-2265
FULLDISC:20100612 Fw: [irc-security] UnrealIRCd 3.2.8.1 backdoored on official ftp and site CVE-2010-2075
FULLDISC:20100612 Re: Fw: [irc-security] UnrealIRCd 3.2.8.1 backdoored on official ftp and site CVE-2010-2075
FULLDISC:20100613 Litespeed Technologies Web Server Remote Poison null byte Zero-Day CVE-2010-2333
FULLDISC:20100616 [Onapsis Security Advisory 2010-005] SAP J2EE Telnet Administration Security Check Bypass CVE-2010-2347
FULLDISC:20100629 Miyabi CGI Tools index.pl command execution CVE-2010-2626
FULLDISC:20100629 Re: Miyabi CGI Tools index.pl command execution CVE-2010-2626
FULLDISC:20100630 MSRC-001: Windows Vista/Server 2008 NtUserCheckAccessForIntegrityLevel Use-after-free Vulnerability CVE-2010-2549
FULLDISC:20100701 DDIVRT-2010-29 ALPHA Ethernet Adapter II Web-Manager 3.40.2 Authentication Bypass CVE-2010-2668
FULLDISC:20100713 CVE-2010-1870: Struts2 remote commands execution CVE-2010-1870
FULLDISC:20100718 --== ~ AIX5l w/ FTP-SERVER REMOTE ROOT HASH DISCLOSURE EXPLOIT ~ =-- CVE-2010-3187
FULLDISC:20100722 Re: --== ~ AIX5l w/ FTP-SERVER REMOTE ROOT HASH DISCLOSURE EXPLOIT ~ =-- CVE-2010-3187
FULLDISC:20100723 Advanced AIX 5l FTPd Exploit CVE-2010-3187
FULLDISC:20100723 Advanced AIX 5l FTPd Exploit V2.0 CVE-2010-3187
FULLDISC:20100802 TWSL2010-003: Unauthorized access to root NFS export on EMC Celerra NAS appliance CVE-2010-2860
FULLDISC:20100804 Heap Offset Overflow in Citrix ICA Clients CVE-2010-2990
FULLDISC:20100814 IE8 toStaticHtml Bypass CVE-2010-3324
FULLDISC:20100822 VWar 1.6.1 R2 Multiple Remote Vulnerabilities CVE-2010-5063 CVE-2010-5064 CVE-2010-5065 CVE-2010-5066 CVE-2010-5067 CVE-2010-5279
FULLDISC:20100826 CAD 2D-3D Pipe designing software Microstation, Nero, Quicktime Pictureviwer vulnerable to DLL hijack attack CVE-2010-5230
FULLDISC:20100828 QtWeb Browser version 3.3 build 043 Insecure DLL Hijacking Vulnerability (wintab32.dll) CVE-2010-5247
FULLDISC:20100912 UltraEdit Text Editor version 16.10.0.1036 <= Insecure DLL Hijacking Vulnerability (dwmapi.dll) CVE-2010-3402
FULLDISC:20100922 OpenText LiveLink 9.7.1 multiple vulnerabilities (CSRF, XSS) CVE-2010-5282 CVE-2010-5283
FULLDISC:20101031 'WSN Links' SQL Injection Vulnerability (CVE-2010-4006) CVE-2010-4006
FULLDISC:20101031 Joomla 1.5.21 | Potential SQL Injection Flaws CVE-2010-4166
FULLDISC:20101102 CVE-2010-3863: Apache Shiro information disclosure vulnerability CVE-2010-3863
FULLDISC:20101103 [0dayz] Acrobat Reader Memory Corruption Remote Arbitrary Code Execution CVE-2010-4091
FULLDISC:20101105 nSense-2010-003: Cisco Unified Communications Manager CVE-2010-3039
FULLDISC:20101106 pfsense xss issues. CVE-2010-4246 CVE-2010-4412
FULLDISC:20101107 ASPilot Pilot Cart 7.3 multiple vulnerabilities CVE-2010-4631 CVE-2010-4632
FULLDISC:20101107 ZDI-10-230: Novell ZENworks Handheld Management ZfHIPCND.exe Remote Code Execution Vulnerability CVE-2010-4299
FULLDISC:20101117 Cisco Unified Videoconferencing multiple vulnerabilities - CVE-2010-3037 CVE-2010-3038 CVE-2010-3037 CVE-2010-3038 CVE-2010-4302 CVE-2010-4303 CVE-2010-4304 CVE-2010-4305
FULLDISC:20101130 Pandora FMS Authentication Bypass and Multiple Input Validation Vulnerabilities CVE-2010-4278 CVE-2010-4279 CVE-2010-4280 CVE-2010-4281 CVE-2010-4282 CVE-2010-4283
FULLDISC:20101208 IE CSS parser dos bug CVE-2010-3971
FULLDISC:20101210 PHP 5.3.3 GD extension imagepstext stack buffer overflow CVE-2010-4698
FULLDISC:20101213 hidden admin user on every HP MSA2000 G3 CVE-2010-4115
FULLDISC:20101214 xss in PmWiki CVE-2010-4748
FULLDISC:20101227 LiveZilla Cross Site Scripting Vulnerability (XSS) - CVE-2010-4276 CVE-2010-4276
FULLDISC:20110101 Announcing cross_fuzz, a potential 0-day in circulation, and more CVE-2011-0346 CVE-2011-0347
FULLDISC:20110106 RoomWizard Default Password and Sync Connector Credential Leak [CVE-2010-0214] CVE-2010-0214 CVE-2011-0423
FULLDISC:20110107 GNU libc/regcomp(3) Multiple Vulnerabilities CVE-2010-4051 CVE-2010-4052
FULLDISC:20110108 NetSupport Manager Agent Remote Buffer Overflow (Linux, Solaris, Mac, ...) CVE-2011-0404
FULLDISC:20110128 Vulnerabilities in Adobe ColdFusion CVE-2011-0733 CVE-2011-0734 CVE-2011-0735 CVE-2011-0736 CVE-2011-0737
FULLDISC:20110211 [SECURITY] CVE-2010-3449: Apache Continuum CSRF vulnerability CVE-2010-3449
FULLDISC:20110211 [SECURITY] CVE-2011-0533: Apache Continuum cross-site scripting vulnerability CVE-2011-0533
FULLDISC:20110214 MS Windows Server 2003 AD Pre-Auth BROWSER ELECTION Remote Heap Overflow CVE-2011-0654
FULLDISC:20110227 weechat does not properly use gnutls and allow an attacker to bypass certificate verification CVE-2011-1428
FULLDISC:20110228 BackWPup Wordpress plugin <= 1.4.0 File content disclosure CVE-2011-5208
FULLDISC:20110228 FreeBSD crontab information leakage CVE-2011-1073 CVE-2011-1074
FULLDISC:20110301 DDIVRT-2010-30 Alcatel-Lucent OmniVista 4760 NMS 'lang' Directory Traversal Vulnerability [ CVE-2011-0345 ] CVE-2011-0345
FULLDISC:20110308 Mutt: failure to check server certificate in SMTP TLS connection CVE-2011-1429
FULLDISC:20110317 Recaptcha Word Press Plugin Cross Site Scripting Vulnerability - CVE-2011-0759 CVE-2011-0759
FULLDISC:20110317 Related Posts Word Press Plugin Cross Site Scripting Vulnerability - CVE-2011-0760 CVE-2011-0760
FULLDISC:20110328 Android SDK: Segmentation fault with dexdump / dexDecodeDebugInfo CVE-2011-1001
FULLDISC:20110328 Wordpress plugin BackWPup Remote and Local Code Execution Vulnerability - SOS-11-003 CVE-2011-4342
FULLDISC:20110401 BSD derived RFC3173 IPComp encapsulation will expand arbitrarily nested payload CVE-2011-1547
FULLDISC:20110405 ICMPv6 Router Announcement flooding denial of service affecting multiple systems CVE-2011-2393
FULLDISC:20110415 Another Microsoft (and other) IPv6 security issue: sniffer detection CVE-2010-4562 CVE-2010-4563
FULLDISC:20110502 Re: ZDI-11-143: Cisco Unified CallManager xmldirectorylist.jsp SQL Injection Vulnerability CVE-2011-1604 CVE-2011-1605 CVE-2011-1606 CVE-2011-1607 CVE-2011-1609 CVE-2011-1610
FULLDISC:20110518 Cisco Unified Operations Manager Multiple Vulnerabilities - SOS-11-006 CVE-2011-0959 CVE-2011-0960 CVE-2011-0961 CVE-2011-0962 CVE-2011-0966
FULLDISC:20110523 Bypassing Cisco's ICMPv6 Router Advertisement Guard feature CVE-2011-2395
FULLDISC:20110531 [CVE-2011-1026] Apache Archiva Multiple CSRF vulnerabilities CVE-2011-1026
FULLDISC:20110531 [CVE-2011-1077] Apache Archiva Multiple XSS vulnerabilities CVE-2011-1077
FULLDISC:20110728 Two security issues fixed in ioQuake3 engine CVE-2011-1412 CVE-2011-2764 CVE-2011-3012
FULLDISC:20110801 Useless OpenSSH resources exhausion bug via GSSAPI CVE-2011-5000
FULLDISC:20110802 Android Browser Cross-Application Scripting (CVE-2011-2357) CVE-2011-2357
FULLDISC:20110811 CVE-2011-0527: VMware vFabric tc Server password obfuscation bypass CVE-2011-0527
FULLDISC:20110820 Apache Killer CVE-2011-3192
FULLDISC:20110824 Re: Apache Killer CVE-2011-3192
FULLDISC:20110916 PunBB PHP Forum - Multiple XSS CVE-2011-3371
FULLDISC:20110918 Re: PunBB PHP Forum - Multiple XSS CVE-2011-3371
FULLDISC:20110922 Re: PunBB PHP Forum - Multiple XSS CVE-2011-3371
FULLDISC:20110926 [CVE-2011-3645] Multiple vulnerability in "Omnidocs" CVE-2011-3645
FULLDISC:20111004 vTiger CRM 5.2.x <= Multiple Cross Site Scripting Vulnerabilities CVE-2011-4670
FULLDISC:20111005 Apache HTTP Server: mod_proxy reverse proxy exposure (CVE-2011-3368) CVE-2011-3368
FULLDISC:20111005 Context IS Advisory - Apache Reverse Proxy Bypass Vulnerability CVE-2011-3368
FULLDISC:20111005 vTiger CRM 5.2.x <= Blind SQL Injection Vulnerability CVE-2011-4559
FULLDISC:20111005 vTiger CRM 5.2.x <= Remote Code Execution Vulnerability CVE-2007-3215
FULLDISC:20111102 Integer Overflow in Apache ap_pregsub via mod-setenvif CVE-2011-3607
FULLDISC:20111109 osCSS2 "_ID" parameter Local file inclusion CVE-2011-4713
FULLDISC:20111110 XSS vulnerability in Joomla 1.6.3 CVE-2011-4332
FULLDISC:20111110 [FOREGROUND SECURITY 2011-004] Infoblox NetMRI 6.2.1 Multiple Cross-Site Scripting (XSS) vulnerabilities CVE-2011-5178
FULLDISC:20111118 Blogs manager <= 1.101 SQL Injection Vulnerability CVE-2011-5110
FULLDISC:20111118 Freelancer calendar <= 1.01 SQL Injection Vulnerability CVE-2011-5109
FULLDISC:20111119 Valid tiny-erp <= 1.6 SQL Injection Vulnerability CVE-2011-4672
FULLDISC:20111130 Serv-U Remote CVE-2011-4800
FULLDISC:20111206 Backdoor in EPractize Labs Online Subscription Manager from epractizelabs.com CVE-2011-5136
FULLDISC:20111218 Novell Sentinel Log Manager <=1.2.0.1 Path Traversal CVE-2011-5028
FULLDISC:20111229 Akiva Webboard 8.x SQL Injection + Plaintext Passwords. CVE-2011-5203 CVE-2011-5204
FULLDISC:20120103 SQL Injection Vulnerability in OpenEMR 4.1.0 CVE-2012-2115
FULLDISC:20120107 OP5 Monitor - Multiple Vulnerabilities CVE-2012-0261 CVE-2012-0262 CVE-2012-0263 CVE-2012-0264
FULLDISC:20120109 DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal (CVE-2011-4785) CVE-2011-4785
FULLDISC:20120116 Zimbra Desktop v7.1.2 - Persistent Software Vulnerability CVE-2012-0903
FULLDISC:20120119 Advisory 01/2012: Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow CVE-2012-0807
FULLDISC:20120120 Snitz Communications 2010/11 - SQL Injection Vulnerability CVE-2012-5313
FULLDISC:20120125 NX Web Companion Spoofing Arbitrary Code Execution Vulnerability CVE-2012-5003
FULLDISC:20120205 NexorONE Online Banking - Multiple Cross Site Vulnerabilities CVE-2012-1020
FULLDISC:20120210 CVE-2012-1037: GLPI <= 0.80.61 LFI/RFI CVE-2012-1037
FULLDISC:20120210 Zen-Cart Admin CSRF/XSRF - Delete / Disable Products | UPS-2011-0018 | CVE-2011-4403 CVE-2011-4403
FULLDISC:20120224 TWSL2012-003: Cross-Site Scripting Vulnerability in Movable Type Publishing Platform CVE-2012-1262
FULLDISC:20120301 lashFXP v4.1.8.1701 - Buffer Overflow Vulnerability CVE-2012-4992
FULLDISC:20120320 FreePBX remote command execution, xss CVE-2012-4869 CVE-2012-4870
FULLDISC:20120321 atheme.org Security Advisory ASA-2012-03-01: Improper cleanup of CertFP entries may result in undefined behaviour CVE-2012-1576
FULLDISC:20120322 'phpMoneyBooks' Local File Inclusion (CVE-2012-1669) CVE-2012-1669
FULLDISC:20120322 [ANNOUNCE] Apache Traffic Server releases for security incident CVE-2012-0256 CVE-2012-0256
FULLDISC:20120328 SEC Consult SA-20120328-0 :: F5 FirePass SSL VPN unauthenticated remote root through SQL injection - CVE-2012-1777 CVE-2012-1777
FULLDISC:20120401 FW: iis bug CVE-2011-5279
FULLDISC:20120402 Re: iis bug CVE-2011-5279
FULLDISC:20120405 [CVE-2012-1574] Apache Hadoop user impersonation vulnerability CVE-2012-1574
FULLDISC:20120415 [CVE-2012-1621] Apache OFBiz information disclosure vulnerability CVE-2012-1621
FULLDISC:20120418 The history of a -probably- 13 years old Oracle bug: TNS Poison CVE-2012-1675
FULLDISC:20120419 incorrect integer conversions in OpenSSL can result in memory corruption. CVE-2012-2110
FULLDISC:20120423 RuggedCom - Backdoor Accounts in my SCADA network? You don't say... CVE-2012-1803 CVE-2012-2441
FULLDISC:20120428 Oracle TNS Poison vulnerability is actually a 0day with no patch available CVE-2012-1675
FULLDISC:20120503 Advisory: Android SQLite Journal Information Disclosure (CVE-2011-3901) CVE-2011-3901
FULLDISC:20120516 JW player xss security flaw CVE-2012-2904
FULLDISC:20120522 session stealing in mod_auth_openid - CVE-2012-2760 CVE-2012-2760
FULLDISC:20120610 [CVE-2012-3238] Astaro Security Gateway <= v8.304 Persistent Cross-Site Scripting Vulnerability CVE-2012-3238
FULLDISC:20120612 Strange gpg key shadowing CVE-2012-0954 CVE-2012-3587
FULLDISC:20120614 Using second gpg keyring may be misleading? CVE-2012-0954
FULLDISC:20120615 ubuntu apt-key (part 3) CVE-2012-0954
FULLDISC:20120624 CVE-2012-2380: Apache Roller Cross-Site-Resource-Forgery (XSRF) vulnerability CVE-2012-2380
FULLDISC:20120624 CVE-2012-2381: Apache Roller Cross-Site-Scripting (XSS) vulnerability CVE-2012-2381
FULLDISC:20120726 Transmission BitTorrent XSS Vulnerability CVE-2012-4037
FULLDISC:20120729 Re: AxMan ActiveX fuzzing <== Memory Corruption PoC CVE-2012-4177
FULLDISC:20120801 nvidia linux binary driver priv escalation exploit CVE-2012-4225
FULLDISC:20120804 nvidia linux binary driver priv escalation exploit CVE-2012-4225
FULLDISC:20120811 OS X Local Root: Silly SUID Helper in Tunnel Blick CVE-2012-3483 CVE-2012-3484 CVE-2012-3485 CVE-2012-3486 CVE-2012-3487 CVE-2012-4676
FULLDISC:20120823 foxit reader 5.3.1(dwmapi.dll) DLL Hijacking Exploit CVE-2012-4759
FULLDISC:20120906 Authentication flaw in APS-Soft DTE Axiom (CVE-2012-2455) CVE-2012-2455
FULLDISC:20120921 DDIVRT-2012-42 Novell GroupWise Agents Arbitrary File Retrieval (CVE-2012-0419) CVE-2012-0419
FULLDISC:20121001 BF, XSS, CSRF and Redirector vulnerabilities in IBM Lotus Notes Traveler CVE-2012-4824 CVE-2012-4825 CVE-2012-5307 CVE-2012-5308 CVE-2012-5309
FULLDISC:20121003 Novell Sentinel Log Manager <= 1.2.0.2 retention policy vulnerability CVE-2012-6534
FULLDISC:20121003 XnView JLS File Decompression Heap Overflow CVE-2012-4988
FULLDISC:20121022 [ANNOUNCE] Apache OFBiz 10.04.03 released CVE-2012-3506
FULLDISC:20121026 Realplayer Watchfolders Long Filepath Overflow CVE-2012-4987
FULLDISC:20121201 FreeFTPD Remote Authentication Bypass Zeroday Exploit (Stuxnet technique) CVE-2012-6067
FULLDISC:20121201 FreeSSHD Remote Authentication Bypass Zeroday Exploit CVE-2012-6066
FULLDISC:20121201 MySQL (Linux) Database Privilege Elevation Zeroday Exploit CVE-2012-5613
FULLDISC:20121201 MySQL (Linux) Heap Based Overrun PoC Zeroday CVE-2012-5612
FULLDISC:20121201 MySQL (Linux) Stack based buffer overrun PoC Zeroday CVE-2012-5611
FULLDISC:20121201 MySQL Denial of Service Zeroday PoC CVE-2012-5614
FULLDISC:20121201 SSH.com Communications SSH Tectia Authentication Bypass Remote Zeroday Exploit CVE-2012-5975
FULLDISC:20121203 Re: SSH.com Communications SSH Tectia Authentication Bypass Remote Zeroday Exploit (king cope) CVE-2012-5975
FULLDISC:20121207 TP-LINK TL-WR841N XSS (Cross Site Scripting) CVE-2012-6316
FULLDISC:20130110 CVE-2012-5616: Apache CloudStack information disclosure vulnerability CVE-2012-5616
FULLDISC:20130114 CVE-2012-5641 Apache CouchDB Information disclosure via unescaped backslashes in URLs on Windows CVE-2012-5641
FULLDISC:20130114 Updated - CA20121018-01: Security Notice for CA ARCserve Backup CVE-2012-2971 CVE-2012-2972
FULLDISC:20130116 [Security-news] SA-CORE-2013-001 - Drupal core - Multiple vulnerabilities CVE-2013-0244 CVE-2013-0245 CVE-2013-0246
FULLDISC:20130118 [CVE-2013-0177] Cross-Site Scripting (XSS) Vulnerability in Apache OFBiz CVE-2013-0177
FULLDISC:20130118 [SE-2012-01] Java 7 Update 11 confirmed to be vulnerable CVE-2013-0431 CVE-2013-1490
FULLDISC:20130122 Re: [SE-2012-01] Java 7 Update 11 confirmed to be vulnerable CVE-2013-0431 CVE-2013-1490
FULLDISC:20130123 CVE-2013-0805 CVE-2013-0805
FULLDISC:20130123 CVE-2013-1393 CVE-2013-1393
FULLDISC:20130123 [Security-news] SA-CONTRIB-2013-008 - CurvyCorners - Cross Site Scripting (XSS) - module unsupported CVE-2013-1393
FULLDISC:20130127 [SE-2012-01] An issue with new Java SE 7 security features CVE-2013-1489
FULLDISC:20130129 XSS in Elgg 1.8.12, 1.7.16 (core module "Twitter widget") CVE-2013-0234
FULLDISC:20130205 Re: [SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU CVE-2013-1537
FULLDISC:20130218 XSS vulnerabilities in ZeroClipboard CVE-2012-6550
FULLDISC:20130228 [waraxe-2013-SA#097] - Multiple Vulnerabilities in PHP-Fusion 7.02.05 CVE-2013-1803 CVE-2013-1804 CVE-2013-1806 CVE-2013-1807 CVE-2013-7375
FULLDISC:20130301 CVE-2013-1413 CVE-2013-1413
FULLDISC:20130301 Oracle Auto Service Request /tmp file clobbering vulnerability CVE-2013-1495
FULLDISC:20130305 Apache Subversion mod_dav_svn DoS via MKACTIVITY/PROPFIND CVE-2013-1849
FULLDISC:20130306 OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability CVE-2013-2561
FULLDISC:20130310 CS and XSS vulnerabilities in SWFUpload CVE-2012-2399
FULLDISC:20130311 XSS Vulnerability in TinyMCE CVE-2012-4230
FULLDISC:20130312 Curl Ruby Gem Remote command execution CVE-2013-2617
FULLDISC:20130312 MiniMagic ruby gem remote code execution CVE-2013-2616
FULLDISC:20130312 Ruby gem fastreader-1.0.8 remote code exec CVE-2013-2615
FULLDISC:20130313 [Security-news] SA-CONTRIB-2013-034 - Node Parameter Control - Access Bypass CVE-2013-1859
FULLDISC:20130318 Remote command execution in Ruby Gem Command Wrap CVE-2013-1875
FULLDISC:20130320 [Security-news] SA-CONTRIB-2013-035 - Views - Cross Site Scripting (XSS) CVE-2013-1887
FULLDISC:20130323 Backupbuddy wordpress plugin - sensitive data exposure in importbuddy.php CVE-2013-2741 CVE-2013-2742 CVE-2013-2743 CVE-2013-2744
FULLDISC:20130326 Ruby gem Thumbshooter 0.1.5 remote command execution CVE-2013-1898
FULLDISC:20130327 [Security-news] SA-CONTRIB-2013-036 - Zero Point - Cross Site Scripting (XSS) CVE-2013-1905
FULLDISC:20130327 [Security-news] SA-CONTRIB-2013-038 - Commons Groups - Access bypass & Privilege escalation CVE-2013-1907
FULLDISC:20130327 [Security-news] SA-CONTRIB-2013-039 - Commons Wikis - Access bypass & Privilege escalation CVE-2013-1908
FULLDISC:20130331 WP FuneralPress - Stored XSS in Guestbook CVE-2013-3529
FULLDISC:20130401 Aspen 0.8 - Directory Traversal CVE-2013-2619
FULLDISC:20130401 Network Weathermap 0.97a - Persistent XSS CVE-2013-2618
FULLDISC:20130403 [Security-news] SA-CONTRIB-2013-041 - Chaos tool suite (ctools) - Access bypass CVE-2013-1925
FULLDISC:20130407 Vanilla Forums 2.0.18 / SQL-Injection / Insert arbitrary user & dump usertable CVE-2013-3527
FULLDISC:20130409 [waraxe-2013-SA#102] - Reflected XSS in phpMyAdmin 3.5.7 CVE-2013-1937
FULLDISC:20130417 [Security-news] SA-CONTRIB-2013-044 - elFinder file manager - Cross Site Request Forgery (CSRF) CVE-2013-1972
FULLDISC:20130418 Fwd: CVE-2013-2504 : Matrix42 Service Desk XSS CVE-2013-2504
FULLDISC:20130424 hornbill supportworks SQL injection CVE-2013-2594
FULLDISC:20130427 WPS Office Wpsio.dll Stack Buffer Overflow Vulnerability CVE-2012-4886
FULLDISC:20130501 Forticlient VPN client credential interception vulnerability CVE-2013-4669
FULLDISC:20130501 n.runs-SA-2013.005 - IBM Lotus Notes - arbitrary code execution CVE-2013-0127
FULLDISC:20130517 Re: exploitation ideas under memory pressure CVE-2013-3660 CVE-2013-3661
FULLDISC:20130517 exploitation ideas under memory pressure CVE-2013-3660
FULLDISC:20130525 CVE-2013-3666 - LG Optimus G command injection (as system user) vulnerability CVE-2013-3666
FULLDISC:20130528 CORE-2013-0322 - MayGion IP Cameras multiple vulnerabilities CVE-2013-1604 CVE-2013-1605
FULLDISC:20130529 [Security-news] SA-CONTRIB-2013-048 - Edit Limit - Access Bypass CVE-2013-2122
FULLDISC:20130603 Re: exploitation ideas under memory pressure CVE-2013-3660 CVE-2013-3661
FULLDISC:20130605 Plesk Apache Zeroday Remote Exploit CVE-2013-4878
FULLDISC:20130605 [Security-news] SA-CONTRIB-2013-051 - Services - Cross site request forgery (CSRF) CVE-2013-2158
FULLDISC:20130611 [CVE-2013-3961] iSQL in php-agenda <= 2.2.8 CVE-2013-3961
FULLDISC:20130612 Security Analysis of IP video surveillance cameras CVE-2013-3539 CVE-2013-3540 CVE-2013-3541 CVE-2013-3543 CVE-2013-3686 CVE-2013-3687 CVE-2013-3688 CVE-2013-3689 CVE-2013-3690 CVE-2013-3962 CVE-2013-3963 CVE-2013-3964
FULLDISC:20130612 [CVE-2013-1768] Apache OpenJPA security vulnerability CVE-2013-1768
FULLDISC:20130612 [Security-news] SA-CONTRIB-2013-052 - Display Suite - Cross Site Scripting (XSS) CVE-2013-2177
FULLDISC:20130617 CVE-2013-2153: Apache Santuario C++ signature bypass vulnerability CVE-2013-2153
FULLDISC:20130617 CVE-2013-2154: Apache Santuario C++ stack overflow vulnerability CVE-2013-2154
FULLDISC:20130617 CVE-2013-2155: Apache Santuario C++ denial of service vulnerability CVE-2013-2155
FULLDISC:20130617 Re: CVE-2013-2156: Apache Santuario C++ heap overflow vulnerability CVE-2013-2156
FULLDISC:20130618 Canon Wireless Printer Disclosure & DoS CVE-2013-4613 CVE-2013-4614 CVE-2013-4615
FULLDISC:20130626 [Security-news] SA-CONTRIB-2012-136 - Apache Solr Search Autocomplete - Cross Site Scripting (XSS) CVE-2012-6573
FULLDISC:20130701 [CVE-2013-4694] WinAmp v5.63 gen_jumpex.dll and ml_local.dll Multiple Buffer Overflows CVE-2013-4694
FULLDISC:20130710 Re: VLC media player MKV Parsing POC CVE-2013-3245
FULLDISC:20130710 VLC media player MKV Parsing POC CVE-2013-3245
FULLDISC:20130710 [Security-news] SA-CONTRIB-2013-057 - TinyBox - Cross Site Scripting (XSS) CVE-2013-4140
FULLDISC:20130711 XSS Vulnerabilities in MintBoard CVE-2013-4951
FULLDISC:20130711 XSS and SQL Injection Vulnerabilities in MiniBB CVE-2008-2066 CVE-2008-2067 CVE-2013-5020
FULLDISC:20130716 Multiple vulnerabilities in Googlemaps plugin for Joomla CVE-2013-7428 CVE-2013-7429
FULLDISC:20130724 [Security-news] SA-CONTRIB-2013-060 - Scald - Cross Site Scripting (XSS) CVE-2013-4174 CVE-2013-5315
FULLDISC:20130801 TWSL2013-020: Hard-Coded Bluetooth PIN Vulnerability in LIXIL Satis Toilet CVE-2013-4866
FULLDISC:20130806 TWSL2013-024: Cross Site Scripting (XSS) vulnerability in McAfee Superscan 4.0 CVE-2013-4884
FULLDISC:20130808 [RCA-201308-01] HMS Testimonials 2.0.10 WP plugin - Multiple vulnerabilities CVE-2013-4240
FULLDISC:20130809 Update [RCA-201309-01] HMS Testimonials 2.0.10 WP plugin - Multiple vulnerabilities CVE-2013-4240
FULLDISC:20130823 CVE-2013-2192: Apache Hadoop Man in the Middle Vulnerability CVE-2013-2192
FULLDISC:20130823 CVE-2013-2193: Apache HBase Man in the Middle Vulnerability CVE-2013-2193
FULLDISC:20130828 CORE-2013-0726 - AVTECH DVR multiple vulnerabilities CVE-2013-4980 CVE-2013-4981
FULLDISC:20130828 [Security-news] SA-CONTRIB-2013-071 - Flag - Cross Site Scripting CVE-2013-5964
FULLDISC:20130901 IndiaNIC Testimonial WP plugin - Multiple vulnerabilities CVE-2013-5672 CVE-2013-5673
FULLDISC:20130902 DotNetNuke (DNNArticle Module) SQL Injection Vulnerability CVE-2013-5117
FULLDISC:20130902 list of vulnerabilities discovered by realpentesting CVE-2013-5660
FULLDISC:20130903 Remote Command Injection in fog-dragonfly-0.8.2 Ruby Gem CVE-2013-5671
FULLDISC:20130908 [CVE-2013-5701] Watchguard Server Center v11.7.4 wgpr.dll Insecure Library Loading Local Privilege Escalation Vulnerability CVE-2013-5701
FULLDISC:20130911 [Security-news] SA-CONTRIB-2013-075 - Click2Sell - Multiple Vulnerabilities (XSS and CSRF) CVE-2013-5937 CVE-2013-5938
FULLDISC:20130925 CVE-2013-5572 CVE-2013-5572
FULLDISC:20131016 [Security-news] SA-CONTRIB-2013-080 - Simplenews - Cross Site Scripting (XSS) CVE-2013-4447
FULLDISC:20131023 [CVE-2013-5939]PHPCMS guestbook module Stored XSS Vulnerability CVE-2013-5939
FULLDISC:20131024 CA20131024-01: Security Notice for CA SiteMinder CVE-2013-5968
FULLDISC:20131028 [Wooyun]Apache Struts2 showcase multiple XSS CVE-2013-6348
FULLDISC:20131101 [CVE-2013-5726] - Tweetbot for iOS and Mac user disclosure/privacy issue CVE-2013-5726
FULLDISC:20131102 XXE Injection in Spring Framework CVE-2013-4152 CVE-2013-7315
FULLDISC:20131105 [ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA" CVE-2013-6163
FULLDISC:20131105 [ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system CVE-2013-6164
FULLDISC:20131107 FOSCAM Wireless IP Camera - SSID Cross Site Scripting CVE-2013-5215
FULLDISC:20131110 D-Link Router 2760N (DSL-2760U-BN) Multiple XSS CVE-2013-5223
FULLDISC:20131112 bugs in IJG jpeg6b & libjpeg-turbo CVE-2013-6629 CVE-2013-6630
FULLDISC:20131115 CVE-2013-5966 - XSS in ZK Framework CVE-2013-5966
FULLDISC:20131115 XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug CVE-2013-6832
FULLDISC:20131115 XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs CVE-2013-6833 CVE-2013-6834
FULLDISC:20131119 pineapp mailsecure no authenticated privilege escalation & remote execution code CVE-2013-6830 CVE-2013-6831
FULLDISC:20131119 pineapp mailsecure pwnage CVE-2013-6827 CVE-2013-6828 CVE-2013-6829
FULLDISC:20131127 CVE-2013-6271 Remove Android Device Lock by rouge app CVE-2013-6271
FULLDISC:20131128 CVE-2013-6223: Local Password Disclosure in Livezilla prior version 5.1.1.0 CVE-2013-6223
FULLDISC:20131128 CVE-2013-6224: XSS in Livezilla prior version 5.1.1.0 CVE-2013-6224
FULLDISC:20131203 McAfee Email Gateway multiple vulns CVE-2013-7092 CVE-2013-7103 CVE-2013-7104
FULLDISC:20131203 Tftpd32 Client Side Format String Vulnerability CVE-2013-6809
FULLDISC:20131203 [CVE-2013-6237] ISL Light - Desktop 3.5.4, Clipboard security issue CVE-2013-6237
FULLDISC:20131205 Reflected XSS Attacks XSS vulnerabilities in NagiosQL 3.2.0 Servicepack 2 (CVE: CVE-2013-6039) CVE-2013-6039
FULLDISC:20131205 Sonicwall GMS v7.x - Filter Bypass & Persistent Vulnerability CVE-2013-7025
FULLDISC:20131206 [CVE-2013-5676] Plain Text Password In SonarQube Jenkins Plugin CVE-2013-5676
FULLDISC:20131206 [CVE-2013-6985]SQL Injection Vulnerability In Enorth Webpublisher CMS CVE-2013-6985
FULLDISC:20131206 [CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application CVE-2013-6986
FULLDISC:20131210 CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability CVE-2013-4988
FULLDISC:20131212 Ditto Forensic FieldStation, multiple vulnerabilities CVE-2013-6881 CVE-2013-6882 CVE-2013-6883 CVE-2013-6884
FULLDISC:20131213 Multiple vulnerabilities in SMF forum software CVE-2013-7234 CVE-2013-7235 CVE-2013-7236
FULLDISC:20131215 Re: WordPress OptimizePress Theme - File Upload Vulnerability CVE-2013-7102
FULLDISC:20131215 iscripts autohoster , multiple vulns / php code injection exploit CVE-2013-7189 CVE-2013-7190
FULLDISC:20131217 CSRF, DoS and IL vulnerabilities in WordPress CVE-2013-7233
FULLDISC:20131217 [CVE-2013-5573] Jenkins v1.523 Default markup formatter permits offsite-bound forms CVE-2013-5573
FULLDISC:20131218 Apache Santuario security advisory CVE-2013-4517 released CVE-2013-4517
FULLDISC:20131219 URL Redirector Abuse and XSS vulnerabilities in WordPress CVE-2013-4339
FULLDISC:20131220 Synology DSM multiple directory traversal CVE-2013-6987
FULLDISC:20131224 Happy Holidays / Xmas Advisory CVE-2013-7222 CVE-2013-7223 CVE-2013-7224 CVE-2013-7225 CVE-2013-7249
FULLDISC:20131226 [CVE-2013-7209]JForum CSRF(Cross-site request forgery) Vulnerability CVE-2013-7209
FULLDISC:20140108 [CVE-2014-1203] Eyou Mail System Remote Code Execution CVE-2014-1203
FULLDISC:20140113 [CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application CVE-2014-0647
FULLDISC:20140114 [CVE-2013-6838] Enghouse Interactive IVR Pro (VIP2000) remote root authentication bypass Vulnerability CVE-2013-6838
FULLDISC:20140115 Collabtive Sql Injection CVE-2013-6872
FULLDISC:20140115 [Security-news] SA-CONTRIB-2014-002 - Anonymous Posting - Cross Site Scripting (XSS) CVE-2014-1611
FULLDISC:20140117 Re: [CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application CVE-2014-0647
FULLDISC:20140120 0day - MuPDF Stack-based Buffer Overflow in xps_parse_color() CVE-2014-2013
FULLDISC:20140120 TWSL2014-002: Buffer Overflow Vulnerability in DaumGame ActiveX CVE-2013-7246
FULLDISC:20140123 Remote Command Injection Vulnerability in SkyBlueCanvas CMS CVE-2014-1683
FULLDISC:20140123 [CVE-2013-6235] - Multiple Reflected XSS vulnerabilities in JAMon v2.7 CVE-2013-6235
FULLDISC:20140124 ADV: IBM QRadar SIEM CVE-2014-0835 CVE-2014-0836 CVE-2014-0837
FULLDISC:20140127 Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability CVE-2013-6674
FULLDISC:20140127 Oracle Reports Exploit - Remote Shell/Dump Passwords CVE-2012-3152 CVE-2012-3153
FULLDISC:20140127 [CVE-2014-1673] Check Point Session Authentication Agent vulnerability CVE-2014-1673
FULLDISC:20140131 CVE-2014-1213 - Denial of Service in Sophos Anti Virus CVE-2014-1213
FULLDISC:20140131 [CVE-2014-1403] DOM XSS in EasyXDM 2.4.18 CVE-2014-1403
FULLDISC:20140203 XSS Reflected vulnerabilities in OS of FortiWeb v 5.0.3 (CVE-2013-7181) CVE-2013-7181
FULLDISC:20140203 [CVE-2014-1836] Arbitrary file deletion in ImpressCMS < 1.3.6 and two XSS issues CVE-2014-1836
FULLDISC:20140205 CORE-2014-0001 - Publish-It Buffer Overflow Vulnerability CVE-2014-0980
FULLDISC:20140205 CVE-2014-1237 (XSS in i-doit Pro) CVE-2014-1237
FULLDISC:20140205 Core FTP Server Vulnerabilities CVE-2014-1441 CVE-2014-1442 CVE-2014-1443
FULLDISC:20140206 [CVE-2013-2055] Apache Wicket information disclosure vulnerability CVE-2013-2055
FULLDISC:20140207 New vulnerabilities in Google Maps plugin for Joomla CVE-2014-9686
FULLDISC:20140210 Titan FTP Server Directory Traversal Vulnerabilities - [CVE-2014-1841 / CVE-2014-1842 / CVE-2014-1843] CVE-2014-1841 CVE-2014-1842 CVE-2014-1843
FULLDISC:20140211 Freepbx , php code execution exploit CVE-2014-1903
FULLDISC:20140211 Re: Freepbx , php code execution exploit CVE-2014-1903
FULLDISC:20140217 SQL Injection i-doit Pro (CVE-2014-1597) CVE-2014-1597
FULLDISC:20140219 CVE-2014-0053 Information Disclosure when using Grails CVE-2014-0053
FULLDISC:20140222 [CVE-2014-2069] 'eshtery CMS' allows remote attackers to read arbitrary files CVE-2014-2069
FULLDISC:20140223 Fortinet FortiOS 5.0.5 contains a reflected cross-site scripting (XSS) vulnerability ( CVE-2013-7182) CVE-2013-7182
FULLDISC:20140227 Update: CVE-2014-0053 Information Disclosure when using Grails CVE-2014-0053 CVE-2014-2857 CVE-2014-2858
FULLDISC:20140304 [CVE-2014-0072] Apache Cordova File-Transfer insecure defaults CVE-2014-0072
FULLDISC:20140304 [CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation CVE-2014-0073
FULLDISC:20140306 CVE-2014-2044 - Remote Code Execution in ownCloud CVE-2014-2044
FULLDISC:20140310 [HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability CVE-2014-100010
FULLDISC:20140311 CORE-2014-0002 - Oracle VirtualBox 3D Acceleration Multiple Memory Corruption Vulnerabilities CVE-2014-0981 CVE-2014-0983
FULLDISC:20140311 [CVE-2013-6835] - iOS 7.0.6 Safari/Facetime-Audio Privacy issue CVE-2013-6835
FULLDISC:20140312 CVE-2014-1686 -- Information disclosure: webserver source path in Mediawiki 1.18.0 CVE-2014-1686
FULLDISC:20140312 CVE-2014-1904 XSS when using Spring MVC CVE-2014-1904
FULLDISC:20140312 CVE-2014-2043 - SQL Injection in Procentia IntelliPen CVE-2014-2043
FULLDISC:20140312 Medium severity flaw in BlackBerry QNX Neutrino RTOS CVE-2014-2533 CVE-2014-2534
FULLDISC:20140312 Multiplus XSS in Proxmox Mail Gateway 3.1 (CVE-2014-2325) CVE-2014-2325
FULLDISC:20140313 Re: Medium severity flaw in BlackBerry QNX Neutrino RTOS CVE-2014-2533 CVE-2014-2534
FULLDISC:20140313 WatchGuard Fireware XTM devices contain a cross-site scripting vulnerability (CVE-2014-0338) CVE-2014-0338
FULLDISC:20140313 [CVE-2014-2087] Free Download Manager CDownloads_Deleted::UpdateDownload() Buffer Overflow Remote Code Execution CVE-2014-2087
FULLDISC:20140314 MacOSX Safari Firefox Kaspersky RegExp Remote/Local Denial of Service CVE-2011-3336
FULLDISC:20140315 Re: XSS Vulnerability in the Youtube Gallery 3.4.0 Component CVE-2013-5956
FULLDISC:20140315 Reflected XSS Attacks XSS vulnerabilities in Webmin 1.670 (CVE-2014-0339) CVE-2014-0339
FULLDISC:20140315 XSS Vulnerability in the Youtube Gallery 3.4.0 Component CVE-2013-5956
FULLDISC:20140315 [CVE-2013-5951] Multiple Cross Site Scripting Vulnerabilities in eXtplorer 2.1.3 CVE-2013-5951
FULLDISC:20140315 [CVE-2013-5952] Multiple Cross Site Scripting Vulnerabilities in Freichat CVE-2013-5952
FULLDISC:20140315 [CVE-2013-5953] CVE-2013-5953
FULLDISC:20140315 [CVE-2013-5954] Multiple Cross Site Request Forgery Vulnerabilities in OpenX 2.8.11 CVE-2013-5954
FULLDISC:20140315 [CVE-2013-5955] Cross-site scripting Vulnerability in the Pbbooking 2.4 CVE-2013-5955
FULLDISC:20140317 [CVE-2014-2339] GNUboard SQL Injection Vulnerability CVE-2014-2339
FULLDISC:20140318 McAfee Cloud SSO and McAfee Asset Manager vulns CVE-2014-2586 CVE-2014-2587 CVE-2014-2588
FULLDISC:20140318 [Quantum Leap Advisory] #QLA140216 - VLC Reflected XSS vulnerability CVE-2014-9743
FULLDISC:20140326 [GTA-2014-01] - Allied Telesis AT-RG634A ADSL Broadband router hidden administrative unauthenticated webshell. CVE-2014-1982
FULLDISC:20140327 [RT-SA-2014-002] rexx Recruitment: Cross-Site Scripting in User Registration CVE-2014-1224
FULLDISC:20140328 Dell SonicWall EMail Security 7.4.5 - Multiple Vulnerabilities (Bulletin) CVE-2014-2879
FULLDISC:20140328 XSS, CSRF and blind SQL injection in GD Star Rating 1.9.22 (WordPress plugin) CVE-2014-2838 CVE-2014-2839
FULLDISC:20140331 EMC CTA v10.0 unauthenticated XXE with root perms CVE-2014-0644 CVE-2014-0645
FULLDISC:20140402 Drupal Custom Search module XSS CVE-2014-8320
FULLDISC:20140402 [Quantum Leap Advisory] #QLA140402 - A10 Networks remote Buffer Overflow CVE-2014-3976
FULLDISC:20140403 Drupal Custom Search module XSS CVE-2014-7870
FULLDISC:20140403 XSS Reflected vulnerabilities in OS of FortiADC v3.2 (CVE-2014-0331) CVE-2014-0331
FULLDISC:20140404 Re: Remote Command Execution within the ASUS RT-AC68U Managing Web Interface CVE-2013-5948
FULLDISC:20140404 Reflected Cross-Site Scripting within the ASUS RT-AC68U Managing Web Interface CVE-2013-5948 CVE-2014-2925
FULLDISC:20140408 Re: heartbleed OpenSSL bug CVE-2014-0160 CVE-2014-0160
FULLDISC:20140408 heartbleed OpenSSL bug CVE-2014-0160 CVE-2014-0160
FULLDISC:20140409 Re: heartbleed OpenSSL bug CVE-2014-0160 CVE-2014-0160
FULLDISC:20140409 iis cgi 0day CVE-2011-5279
FULLDISC:20140410 Re: iis cgi 0day CVE-2011-5279
FULLDISC:20140411 CSRF and stored XSS in Quick Page/Post Redirect Plugin (WordPress plugin) CVE-2014-2598
FULLDISC:20140411 CSRF/XSS vulnerability in Twitget 3.3.1 (WordPress plugin) CVE-2014-2559 CVE-2014-2995
FULLDISC:20140411 CVE-2014-2384 - Invalid Pointer Dereference in VMware Workstation and Player CVE-2014-2384
FULLDISC:20140411 MRI Rubies may contain statically linked, vulnerable OpenSSL CVE-2014-0160
FULLDISC:20140412 Re: heartbleed OpenSSL bug CVE-2014-0160 CVE-2014-0160
FULLDISC:20140413 Adobe Reader for Android exposes insecure Javascript interfaces CVE-2014-0514
FULLDISC:20140414 CVE-2014-2591 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH in BMC Patrol for AIX CVE-2014-2591
FULLDISC:20140415 Unitrends enterprise backup remote unauthenticated root CVE-2014-3008 CVE-2014-3139
FULLDISC:20140415 Xerox DocuShare authenticated SQL injection CVE-2014-3138
FULLDISC:20140416 ASUS RT-XXXX SOHO routers expose admin password, fixed in 3.0.0.4.374.5517 CVE-2014-2719
FULLDISC:20140416 CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server CVE-2014-2597
FULLDISC:20140416 Reflected XSS Attacks vulnerabilities F-Secure Messaging Security Gateway V7.5.0.892 (CVE-2014-2844) CVE-2014-2844
FULLDISC:20140416 Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC CVE-2014-2734
FULLDISC:20140417 NRPE - Nagios Remote Plugin Executor <= 2.15 Remote Command Execution CVE-2014-2913
FULLDISC:20140418 CSRF, AoF and XSS vulnerabilities in D-Link DAP 1150 CVE-2014-3760 CVE-2014-3761
FULLDISC:20140418 Re: NRPE - Nagios Remote Plugin Executor <= 2.15 Remote Command Execution CVE-2014-2913
FULLDISC:20140418 Remote Command Injection in Ruby Gem sfpagent 0.4.14 CVE-2014-2888
FULLDISC:20140419 Re: iis cgi 0day CVE-2011-5279
FULLDISC:20140420 phpManufaktur / kitForm Unauthenticated SQL Injection Vulnerability CVE-2014-3757
FULLDISC:20140422 (CVE-2014-1648) Symantec Messaging Gateway Management Console Cross Site Scripting Vulnerability CVE-2014-1648
FULLDISC:20140423 CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive CVE-2014-1217
FULLDISC:20140423 CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive CVE-2014-2042
FULLDISC:20140423 CVE-2014-2383 - Arbitrary file read in dompdf CVE-2014-2383
FULLDISC:20140423 SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances CVE-2014-2846
FULLDISC:20140424 Multiple Vulnerabilities in iMember360 (Wordpress plugin) CVE-2014-3842 CVE-2014-3848 CVE-2014-3849 CVE-2014-8948 CVE-2014-8949
FULLDISC:20140426 Divx plugin suite heap-based buffer overflow CVE-2014-10024
FULLDISC:20140427 Re: Exploit: McAfee ePolicy 0wner (ePowner ) – Release CVE-2013-0140 CVE-2013-0141
FULLDISC:20140428 [Onapsis Security Advisory 2014-005] Information disclosure in SAP Software Lifeclycle Manager CVE-2014-3129
FULLDISC:20140428 [Onapsis Security Advisory 2014-006] Missing authorization check in SAP Background Processing RFC CVE-2014-3132
FULLDISC:20140428 [Onapsis Security Advisory 2014-007] Missing authorization check in SAP Profile Maintenance CVE-2014-3131
FULLDISC:20140428 [Onapsis Security Advisory 2014-008] SAP NW Portal WD Information Disclosure CVE-2014-3133
FULLDISC:20140428 [Onapsis Security Advisory 2014-009] SAP BASIS Missing Authorization Check CVE-2014-3130
FULLDISC:20140428 [Onapsis Security Advisory 2014-010] SAP BusinessObjects InfoView Reflected Cross Site Scripting CVE-2014-3134
FULLDISC:20140429 Arbitrary code execution by admins in File Gallery 1.7.7 (WordPress plugin) CVE-2014-2558
FULLDISC:20140430 LSE Leading Security Experts GmbH - LSE-2014-04-10 - Sitepark IES - Unauthenticated Access CVE-2014-3006
FULLDISC:20140430 SEC Consult SA-20140430-0 :: SQL injection and persistent XSS in the Typo3 3rd party extension si_bibtex CVE-2014-3758 CVE-2014-3759
FULLDISC:20140501 F5 BIG-IQ authed arbitrary user password change CVE-2014-3220
FULLDISC:20140502 Re: F5 BIG-IQ authed arbitrary user password change CVE-2014-3220
FULLDISC:20140502 Re: Ruby OpenSSL private key spoofing ~ CVE-2014-2734 with PoC CVE-2014-2734
FULLDISC:20140504 Re: F5 BIG-IQ authed arbitrary user password change CVE-2014-3220
FULLDISC:20140506 CVE Request ---- SOAPpy 0.12.5 Multiple Vulnerabilities CVE-2014-3242 CVE-2014-3243
FULLDISC:20140507 Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability (CVE-2014-3115) CVE-2014-3115
FULLDISC:20140507 Moar F5 fun in iControl API CVE-2014-2928
FULLDISC:20140508 CVE-2014-1849 Foscam Dynamic DNS predictable credentials vulnerability CVE-2014-1849
FULLDISC:20140509 Drupal Flag 7.x-3.5 Module Vulnerability report: Arbitrary code execution due to improper input handling in flag importer CVE-2014-3453
FULLDISC:20140512 CodeIgniter <= 2.1.4 and Kohana <= 3.2.3, 3.3.2 - Timing Attacks and Object Injection CVE-2014-8684
FULLDISC:20140513 CVE-2014-2046 - Unauthenticated Credential And Configuration Retrieval In Broadcom Ltd PIPA C211 CVE-2014-2046
FULLDISC:20140513 [CVE-2014-1603] XSS in GetSimple CMS 3.3.1 CVE-2014-1603
FULLDISC:20140514 FD - Multiple stored XSS in FOG imaging deployment system CVE-2014-3111 CVE-2014-3111
FULLDISC:20140515 [REVIVE-SA-2014-001] Revive Adserver 3.0.5 fixes CSRF vulnerability CVE-2013-5954
FULLDISC:20140516 [CVE-2014-3749] Construtiva CIS Manager CMS POST SQLi CVE-2014-3749
FULLDISC:20140516 check_dhcp - Nagios Plugins <= 2.0.1 Arbitrary Option File Read CVE-2014-4701
FULLDISC:20140520 CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS CVE-2014-3446
FULLDISC:20140520 CVE-2014-3450 - Privilege Escalation in Panda Security CVE-2014-3450
FULLDISC:20140521 [KIS-2014-05] Dotclear <= 2.6.2 (XML-RPC Interface) Authentication Bypass Vulnerability CVE-2014-3781
FULLDISC:20140521 [KIS-2014-06] Dotclear <= 2.6.2 (Media Manager) Unrestricted File Upload Vulnerability CVE-2014-3782
FULLDISC:20140521 [KIS-2014-07] Dotclear <= 2.6.2 (categories.php) SQL Injection Vulnerability CVE-2014-3783
FULLDISC:20140522 Re: [KIS-2014-06] Dotclear <= 2.6.2 (Media Manager) Unrestricted File Upload Vulnerability CVE-2014-3782
FULLDISC:20140523 Re: [KIS-2014-06] Dotclear <= 2.6.2 (Media Manager) Unrestricted File Upload Vulnerability CVE-2014-3782
FULLDISC:20140527 CVE-2014-3004 - Castor Library Default Config could lead to XML External Entity (XXE) Attacks CVE-2014-3004
FULLDISC:20140527 [SECURITY] Re: [SECURITY] CVE-2014-0099 Apache Tomcat information disclosure CVE-2014-0099
FULLDISC:20140527 [SECURITY] CVE-2014-0095 Apache Tomcat denial of service CVE-2014-0095
FULLDISC:20140527 [SECURITY] CVE-2014-0096 Apache Tomcat information disclosure CVE-2014-0096
FULLDISC:20140527 [SECURITY] CVE-2014-0097 Apache Tomcat information disclosure CVE-2014-0099
FULLDISC:20140527 [SECURITY] CVE-2014-0119 Apache Tomcat information disclosure CVE-2014-0119
FULLDISC:20140528 CS and XSS vulnerabilities in DZS Video Gallery for WordPress CVE-2014-3923
FULLDISC:20140528 LSE Leading Security Experts GmbH - LSE-2014-05-21 - Check_MK - Arbitrary File Disclosure Vulnerability CVE-2014-0243
FULLDISC:20140528 [RT-SA-2014-004] Remote Command Execution in webEdition CMS Installer Script CVE-2014-2302
FULLDISC:20140528 [RT-SA-2014-005] SQL Injection in webEdition CMS File Browser Installer Script CVE-2014-2303
FULLDISC:20140529 XSS Attacks vulnerability in InterScan Messaging Security Virtual Appliance 8.5.1.1516 (Zero-DAY) CVE-2014-3922
FULLDISC:20140601 Yarubo #1: Arbitrary SQL Execution in Participants Database for Wordpress CVE-2014-3961
FULLDISC:20140603 CVE-2014-0907 - SetUID/SetGID Programs Allow Privilege Escalation Via Insecure RPATH In IBM DB2 CVE-2014-0907
FULLDISC:20140604 CVE-2013-6825 DCMTK Root Privilege escalation CVE-2013-6825
FULLDISC:20140604 CVE-2013-6876 s3dvt Root shell CVE-2013-6876
FULLDISC:20140604 CVE-2014-1226 s3dvt Root shell (still) CVE-2014-1226
FULLDISC:20140604 IPSwitch IMail Server WEB client 12.4 persistent XSS CVE-2014-3878
FULLDISC:20140604 More /tmp fun (PHP, Lynis) CVE-2014-3981 CVE-2014-3986
FULLDISC:20140604 [CVE-2014-2577] XSS on Transform Foundation Server 4.3.1 and 5.2 from Bottomline Technologies CVE-2014-2577
FULLDISC:20140605 [RT-SA-2014-006] Directory Traversal in DevExpress ASP.NET File Manager CVE-2014-2575
FULLDISC:20140606 [Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components CVE-2014-4004 CVE-2014-4005 CVE-2014-4006 CVE-2014-4007 CVE-2014-4008 CVE-2014-4009 CVE-2014-4010 CVE-2014-4011 CVE-2014-4012
FULLDISC:20140606 [Onapsis Security Advisory 2014-020] SAP SLD Information Tampering CVE-2014-4003
FULLDISC:20140607 Re: More OpenSSL issues CVE-2014-0224
FULLDISC:20140608 CVE-2014-3740 - SpiceWorks Cross-site scripting CVE-2014-3740
FULLDISC:20140608 Xornic Contact Us Form - Captcha Bypass / XSS CVE-2014-8365
FULLDISC:20140609 Cisco AsyncOS Cross-Site Scripting Vulnerability CVE-2014-3289 CVE-2014-3289
FULLDISC:20140610 CSRF in Featured Comments 1.2.1 allows an attacker to set and unset comment statuses (WordPress plugin) CVE-2014-4163
FULLDISC:20140610 CSRF in JW Player for Flash & HTML5 Video 2.1.2 permits deletion of players (WordPress plugin) CVE-2014-4030
FULLDISC:20140610 CSRF in Member Approval 131109 permits unapproved registrations (WordPress plugin) CVE-2014-3850
FULLDISC:20140612 CVE-2014-3427 CRLF Injection and CVE-2014-3428 XSS Injection in Yealink VoIP Phones CVE-2014-3427 CVE-2014-3428
FULLDISC:20140617 [CVE-2014-3005]Zabbix 1.8.x-2.2.x Local File Inclusion via XXE Attack CVE-2014-3005
FULLDISC:20140618 [CVE-2014-3244]SugarCRM v6.5.16 rss dashlet LFI via XXE Attack CVE-2014-3244
FULLDISC:20140623 SpamTitan contains a reflected cross-site scripting (XSS) vulnerability CVE-2014-2965 CVE-2014-2965
FULLDISC:20140624 Wordpress TimThumb 2.8.13 WebShot Remote Code Execution (0-day) CVE-2014-4663
FULLDISC:20140625 CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) CVE-2014-2385
FULLDISC:20140625 CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014 CVE-2014-3752
FULLDISC:20140625 [RT-SA-2013-002] Endeca Latitude Cross-Site Request Forgery CVE-2014-2399
FULLDISC:20140625 [RT-SA-2013-003] Endeca Latitude Cross-Site Scripting CVE-2014-2400
FULLDISC:20140626 CSRF and stored XSS in Simple Share Buttons Adder 4.4 (WordPress plugin) CVE-2014-4717
FULLDISC:20140626 HP Enterprise Maps 1.00 Authenticated XXE CVE-2014-4669
FULLDISC:20140628 SECV-05-1402 - Reportico php admin credentials leak CVE-2014-3777
FULLDISC:20140628 check_dhcp - Nagios Plugins = 2.0.2 Race Condition CVE-2014-4703
FULLDISC:20140628 openSIS 4.5 - 5.3 SQL Injection vulnerability CVE-2014-8366
FULLDISC:20140630 SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS CVE-2014-0864 CVE-2014-0865 CVE-2014-0866 CVE-2014-0867 CVE-2014-0868 CVE-2014-0869 CVE-2014-0870 CVE-2014-0871 CVE-2014-0894
FULLDISC:20140701 Re: Wordpress TimThumb 2.8.13 WebShot Remote Code Execution (0-day) CVE-2014-4663
FULLDISC:20140701 SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom CVE-2014-2512
FULLDISC:20140703 Raritan IPMI vulnerability CVE-2014-2955
FULLDISC:20140706 Conduct phonecalls on Android without the necessary permission, advisory+testapplication+exploits for testing (CVE-2013-6272 and CVE-2014-N/A) CVE-2013-6272
FULLDISC:20140708 CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX CVE-2014-3074
FULLDISC:20140709 CVE-2014-3418 - OS Command Injection Infoblox Network Automation CVE-2014-3418
FULLDISC:20140710 Dell Scrutinizer 11.01 multiple vulnerabilities CVE-2014-4976 CVE-2014-4977
FULLDISC:20140710 SEC Consult SA-20140710-0 :: Multiple critical vulnerabilities in Shopizer webshop CVE-2014-4962 CVE-2014-4963 CVE-2014-4964 CVE-2014-4965 CVE-2014-5385
FULLDISC:20140710 SEC Consult SA-20140710-2 :: Multiple critical vulnerabilites in Schrack MICROCONTROL emergency light system CVE-2014-5382 CVE-2014-5396 CVE-2014-8329
FULLDISC:20140711 QNAP TS-469U shadow file world readable CVE-2014-5457
FULLDISC:20140711 Re: QNAP TS-469U shadow file world readable CVE-2014-5457
FULLDISC:20140714 XSS, FPD and RCE vulnerabilities in DZS Video Gallery for WordPress CVE-2014-9094
FULLDISC:20140714 [KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability CVE-2014-3990
FULLDISC:20140715 Http DoS Requests Flooding Crash Device Vulnerabilities Elipse E3 Scada PLC. CVE-2014-8652
FULLDISC:20140716 SEC Consult SA-20140716-1 :: Remote Code Execution via CSRF in OpenVPN Access Server "Desktop Client" CVE-2014-9104
FULLDISC:20140716 SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway CVE-2014-4346 CVE-2014-4347
FULLDISC:20140716 SEC Consult SA-20140716-3 :: Multiple critical vulnerabilities in Bitdefender GravityZone CVE-2014-5350
FULLDISC:20140717 Raritan PowerIQ v4.10 and v4.2.1 Unauthenticated SQL injection and possible RCE CVE-2014-9095
FULLDISC:20140718 KL-001-2014-002 : Microsoft XP SP3 BthPan.sys Arbitrary Write Privilege Escalation CVE-2014-4971
FULLDISC:20140718 KL-001-2014-003 : Microsoft XP SP3 MQAC.sys Arbitrary Write Privilege Escalation CVE-2014-4971
FULLDISC:20140721 Apache HTTPd - description of the CVE-2014-0226. CVE-2014-0226
FULLDISC:20140721 IBM GCM16/32 v1.20.0.22575 vulnerabilities CVE-2014-3080 CVE-2014-3081
FULLDISC:20140722 Apache HTTPd - description of the CVE-2014-0117. CVE-2014-0117
FULLDISC:20140722 CVE-2014-4501 : Stack Overflow in Parsing client.reconnect Message of the Stratum Mining Protocol CVE-2014-4501
FULLDISC:20140722 CVE-2014-4502 : Invalid Handling of Length Parameter in Stratum mining.notify Message Leads to Heap Overflow CVE-2014-4502
FULLDISC:20140722 CVE-2014-4503 : Invalid Parameters in mining.notify Stratum Message Leads to Denial of Service CVE-2014-4503
FULLDISC:20140722 Reflected XSS vulnerabilities in DELL SonicWALL GMS 7.2 Build: 7221.1701 (CVE-2014-5024) CVE-2014-5024
FULLDISC:20140724 CVE-2014-2226: Ubiquiti Networks - UniFi Controller - Admin/root password hash sent via syslog CVE-2014-2226
FULLDISC:20140724 CVE-2014-2227: Ubiquiti Networks - AirVision v2.1.3 - Overly Permissive default crossdomain.xml CVE-2014-2227
FULLDISC:20140724 Pligg 2.x SQLi / PWD disclosure / RCE CVE-2014-9096
FULLDISC:20140726 SECV-07-1403 - Android SQLi Api - SQL Injection on delete() method CVE-2014-4959
FULLDISC:20140726 SECV-07-1403 - Android SQLi Api - SQL Injection on delete() method ( link correction) CVE-2014-4959
FULLDISC:20140729 [Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication CVE-2014-5171
FULLDISC:20140729 [Onapsis Security Advisory 2014-022] SAP HANA IU5 SDK Authentication Bypass CVE-2014-5173
FULLDISC:20140729 [Onapsis Security Advisory 2014-023] HTTP verb tampering issue in SAP_JTECHS CVE-2014-5175
FULLDISC:20140729 [Onapsis Security Advisory 2014-024] Hard-coded Username in SAP FI Manager Self-Service CVE-2014-5176
FULLDISC:20140729 [Onapsis Security Advisory 2014-025] Multiple Cross Site Scripting Vulnerabilities in SAP HANA XS Administration Tool CVE-2014-5172
FULLDISC:20140729 [Onapsis Security Advisory 2014-026] Missing authorization check in function modules of BW-SYS-DB-DB4 CVE-2014-5174
FULLDISC:20140730 Re: Bypassing Content-Disposition: attachment for XSS on Chrome/Safari(IOS 6.x) CVE-2011-3426
FULLDISC:20140812 CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service CVE-2014-5035
FULLDISC:20140812 Multiple Vulnerabilities in Disqus for Wordpress v2.7.5 CVE-2014-5345 CVE-2014-5347
FULLDISC:20140816 CSRF in Disqus for Wordpress 2.77 CVE-2014-5346
FULLDISC:20140816 XSS Reflected vulnerability in RiverBed Stingray Traffic Manager Virtual Appliance V 9.6 CVE-2014-5348
FULLDISC:20140818 CVE-2014-3577: Apache HttpComponents client: Hostname verification susceptible to MITM attack CVE-2014-3577
FULLDISC:20140818 Hilariously Bad SQRL Implementation CVE-2014-5458
FULLDISC:20140819 [The ManageOwnage Series, part I]: blind SQL injection in two servlets (metasploit module included) CVE-2014-3996 CVE-2014-3997
FULLDISC:20140820 CVE-2014-4973 - Privilege Escalation in ESET Windows Products CVE-2014-4973
FULLDISC:20140820 CVE-2014-5307 - Privilege Escalation in Panda Security Products CVE-2014-5307
FULLDISC:20140825 CVE-2014-2081 - VTLS Virtua InfoStation.cgi SQLi. CVE-2014-2081
FULLDISC:20140825 ntopng 1.2.0 XSS injection using monitored network traffic CVE-2014-5464
FULLDISC:20140826 VMware vm-support multiple vulnerabilities CVE-2014-4199 CVE-2014-4200
FULLDISC:20140827 ManageEngine EventLog Analyzer 7 Reflective cross-site scripting Vulnerability [CVE-2014-4930] CVE-2014-4930
FULLDISC:20140827 PHP-Wiki Command Injection CVE-2014-5519
FULLDISC:20140827 Re: [The ManageOwnage Series, part II]: User credential disclosure in ManageEngine DeviceExpert CVE-2014-5377
FULLDISC:20140827 XRMS SQLi to RCE 0day CVE-2014-5520 CVE-2014-5521
FULLDISC:20140827 [The ManageOwnage Series, part II]: User credential disclosure in ManageEngine DeviceExpert CVE-2014-5377
FULLDISC:20140830 Re: [The ManageOwnage Series, part II]: User credential disclosure in ManageEngine DeviceExpert CVE-2014-5377
FULLDISC:20140830 Re: [The ManageOwnage Series, part I]: blind SQL injection in two servlets (metasploit module included) CVE-2014-3996 CVE-2014-3997
FULLDISC:20140830 [CVE-2014-5440] MX-SmartTimer SQL Injection CVE-2014-5440
FULLDISC:20140831 Mogwai Security Advisory MSA-2014-01: ManageEngine EventLog Analyzer Multiple Vulnerabilities CVE-2014-6037 CVE-2014-6043
FULLDISC:20140831 [The ManageOwnage Series, part III]: Multiple vulnerabilities / RCE in ManageEngine Desktop Central CVE-2014-5005 CVE-2014-5006
FULLDISC:20140901 [The ManageOwnage Series, part IV]: RCE / file upload in Eventlog Analyzer, feat. special guests h0ng10 and Mogwai Security CVE-2014-6037
FULLDISC:20140902 Reflected XSS Attacks vulnerabilities used MIME Sniffing in Facebook Messenger and Facebook App for iOS. CVE-2014-6392
FULLDISC:20140902 Syslog LogAnalyzer persistent XSS injection CVE-2014-6070 CVE-2014-6070
FULLDISC:20140902 XSS Reflected JQuery 1.4.2 - Create object option in runtime client-side CVE-2014-6071
FULLDISC:20140903 Mpay24 prestashop payment module multiple vulnerabilities CVE-2014-2008 CVE-2014-2009
FULLDISC:20140903 Re: Mogwai Security Advisory MSA-2014-01: ManageEngine EventLog Analyzer Multiple Vulnerabilities CVE-2014-6037 CVE-2014-6043
FULLDISC:20140903 Re: ntopng 1.2.0 XSS injection using monitored network traffic CVE-2014-5464
FULLDISC:20140903 Uninit memory disclosure via truncated images in Firefox CVE-2014-1564
FULLDISC:20140909 Re: ntopng 1.2.0 XSS injection using monitored network traffic CVE-2014-5464
FULLDISC:20140911 CSRF vulnerabilities in CacheGuard-OS v5.7.7 (CVE-2014-4865) CVE-2014-4865
FULLDISC:20140916 Vulnerabilities in In-Portal CMS CVE-2014-8304
FULLDISC:20140916 [CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow CVE-2014-0994
FULLDISC:20140916 [Quantum Leap Advisory] #QLA140808 Cart Engine 3.0 Multiple vulnerabilities - SQL Injection, XSS Reflected, Open Redirect CVE-2014-8305 CVE-2014-8306 CVE-2014-8307
FULLDISC:20140917 CSRF/XSS vulnerablity in Login Widget With Shortcode allows unauthenticated attackers to do anything an admin can do (WordPress plugin) CVE-2014-6312
FULLDISC:20140917 Multiple SQL Injection Vulnerabilities in ClassApps SelectSurvey.net CVE-2014-6030
FULLDISC:20140917 Reflected XSS in WooCommerce - excelling e Commerce allows attackers ability to do almost anything an admin user can do (WordPress plugin) CVE-2014-6313
FULLDISC:20140917 Vulnerability in WP-Ban allows visitors to bypass the IP blacklist in some configurations (WordPress plugin) CVE-2014-6230
FULLDISC:20140919 M/Monit - Account hijacking via CSRF CVE-2014-6409 CVE-2014-6607
FULLDISC:20140923 CVE-2014-6603 suricata 2.0.3 Out-of-bounds access in SSH parser CVE-2014-6603
FULLDISC:20140923 TP-LINK WDR4300 - Stored XSS & DoS CVE-2014-4727 CVE-2014-4728
FULLDISC:20140923 [KIS-2014-09] X2Engine <= 4.1.7 (SiteController.php) PHP Object Injection Vulnerability CVE-2014-5297
FULLDISC:20140923 [KIS-2014-10] X2Engine <= 4.1.7 (FileUploadsFilter.php) Unrestricted File Upload Vulnerability CVE-2014-5298
FULLDISC:20140925 LSE Leading Security Experts GmbH - LSE-2014-06-10 - Perl CORE - Deep Recursion Stack Overflow CVE-2014-4330
FULLDISC:20140925 MSA-2014-02: Typo3 Extension dmmjobcontrol Multiple Vulnerabilities (typo3-ext-sa-2014-012) CVE-2014-7200 CVE-2014-7201
FULLDISC:20140927 Openfiler DoS via CSRF (CVE-2014-7190) CVE-2014-7190
FULLDISC:20140927 XSS Reflected vulnerabilities and CSRF in Exinda WAN Optimization Suite (CVE-2014-7157, CVE-2014-7158) CVE-2014-7157 CVE-2014-7158
FULLDISC:20140927 [The ManageOwnage Series, part V]: RCE / file upload / arbitrary file deletion in OpManager, Social IT and IT360 CVE-2014-6034 CVE-2014-6035 CVE-2014-6036
FULLDISC:20141001 Blind SQLi vulnerability in Content Audit could allow a privileged attacker to exfiltrate password hashes (WordPress plugin) CVE-2014-5389
FULLDISC:20141001 CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink CVE-2014-5308
FULLDISC:20141001 CVE-2014-6389 - Remote Command Execution in PHPCompta/NOALYSS CVE-2014-6389
FULLDISC:20141001 Epicor Enterprise vulnerabilities CVE-2014-4311 CVE-2014-4312
FULLDISC:20141001 FW: NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities CVE-2014-6271 CVE-2014-7169 CVE-2014-7186 CVE-2014-7187
FULLDISC:20141001 Re: CVE-2014-5308 - Multiple SQL Injection Vulnerabilities in TestLink CVE-2014-5308
FULLDISC:20141003 CVE-2014-7277 Stored Server XSS in ZyXEL SBG-3300 Security Gateway CVE-2014-7277
FULLDISC:20141003 CVE-2014-7278 DoS in ZyXEL SBG-3300 Security Gateway CVE-2014-7278
FULLDISC:20141005 CVE-2014-4313 Epicor Procurement SQL Injection CVE-2014-4313
FULLDISC:20141007 CVE-2014-6251 : Stack Overflow in CPUMiner When Submitting Upstream Work CVE-2014-6251
FULLDISC:20141007 Nessus Web UI 2.3.3: Stored XSS CVE-2014-7280
FULLDISC:20141008 [Onapsis Security Advisory 2014-027] SAP HANA Multiple Reflected Cross Site Scripting Vulnerabilities CVE-2014-8314
FULLDISC:20141008 [Onapsis Security Advisory 2014-028] SAP HANA Web-based Development Workbench Code Injection CVE-2014-8313
FULLDISC:20141008 [Onapsis Security Advisory 2014-029] SAP Business Objects Information Disclosure CVE-2014-8309
FULLDISC:20141008 [Onapsis Security Advisory 2014-030] SAP Business Objects Denial of Service via CORBA CVE-2014-8310
FULLDISC:20141008 [Onapsis Security Advisory 2014-031] SAP Business Objects Information Disclosure via CORBA CVE-2014-8311
FULLDISC:20141008 [Onapsis Security Advisory 2014-032] SAP BusinessObjects Persistent Cross Site Scripting CVE-2014-8308
FULLDISC:20141008 [Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check CVE-2014-8312
FULLDISC:20141009 TWiki Security Alert CVE-2014-7237: Apache configuration file upload on TWiki on Windows server CVE-2014-7237
FULLDISC:20141010 SAP Security Note 1908531 - XXE in BusinessObjects Explorer CVE-2014-8316
FULLDISC:20141010 SAP Security Note 1908562 - Port scanning in BusinessObjects Explorer CVE-2014-8315
FULLDISC:20141013 CVE-2013-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API (post-auth) CVE-2014-2021
FULLDISC:20141013 CVE-2014-2022 - vbulletin 4.x - SQLi in breadcrumbs via xmlrpc API (post-auth) CVE-2014-2022
FULLDISC:20141013 CVE-2014-2023 - Tapatalk for vBulletin 4.x - multiple blind sql injection (pre-auth) CVE-2014-2023
FULLDISC:20141014 Re: CVE-2013-2021 - vBulletin 5.x/4.x - persistent XSS in AdminCP/ApiLog via xmlrpc API (post-auth) CVE-2014-2021
FULLDISC:20141016 Advisory 01/2014: Drupal7 - pre Auth SQL Injection Vulnerability CVE-2014-3704
FULLDISC:20141016 CVE-2014-2230 - OpenX Open Redirect Vulnerability CVE-2014-2230
FULLDISC:20141016 Multiple unauthenticated SQL injections and unauthenticated remote command injection in Centreon <= 2.5.2 and Centreon Enterprise Server <= 2.2|3.0 CVE-2014-3828 CVE-2014-3829
FULLDISC:20141016 [CORE-2014-0007] -SAP Netweaver Enqueue Server Trace Pattern Denial of Service Vulnerability CVE-2014-0995
FULLDISC:20141017 XSS vulnerabilities in Megapolis.Portal Manager CVE-2014-8381
FULLDISC:20141020 CVE-2014-7292 Newtelligence dasBlog Open Redirect Vulnerability CVE-2014-7292
FULLDISC:20141022 Incredible PBX remote command execution exploit CVE-2014-9001
FULLDISC:20141022 Mulesoft ESB Authenticated Privilege Escalation CVE-2014-9000
FULLDISC:20141022 Vulnerabilities in WordPress Database Manager v2.7.1 CVE-2014-8334
FULLDISC:20141023 CVE-2014-7180 - ElectricCommander Local Privilege Escalation CVE-2014-7180
FULLDISC:20141023 [KIS-2014-11] TestLink <= 1.9.12 (execSetResults.php) PHP Object Injection Vulnerability CVE-2014-8081
FULLDISC:20141023 [KIS-2014-12] TestLink <= 1.9.12 (database.class.php) Path Disclosure Weakness CVE-2014-8082
FULLDISC:20141024 Re: Mulesoft ESB Authenticated Privilege Escalation CVE-2014-9000
FULLDISC:20141025 Yourls XSS Stored CVE-2014-8488
FULLDISC:20141028 CVE-2014-2718: ASUS wireless router updates are vulnerable to a MITM attack CVE-2014-2718
FULLDISC:20141028 CVE-2014-4974 - Kernel Memory Leak in ESET Multiple Windows Products CVE-2014-4974
FULLDISC:20141028 CVE-2014-7176 - Authenticated Blind SQL Injection in Enalean Tuleap CVE-2014-7176
FULLDISC:20141028 CVE-2014-7177 - External XML Entity Injection in Enalean Tuleap CVE-2014-7177
FULLDISC:20141028 CVE-2014-7178 - Remote Command Execution in Enalean Tuleap CVE-2014-7178
FULLDISC:20141029 SEC Consult SA-20141029-1 :: Persistent cross site scripting in Confluence RefinedWiki Original Theme CVE-2014-8658
FULLDISC:20141030 CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP CVE-2014-6032
FULLDISC:20141030 CVE-2014-6033 - XML External Entity Injection in F5 Networks Big-IP CVE-2014-6032
FULLDISC:20141030 Re: CVE-2014-6032 - XML External Entity Injection in F5 Networks Big-IP CVE-2014-6032
FULLDISC:20141031 SEC Consult SA-20141031-0 :: XML External Entity Injection (XXE) and Reflected XSS in Scalix Web Access CVE-2014-9352 CVE-2014-9360
FULLDISC:20141103 CNIL CookieViz XSS + SQL injection leading to user pwnage CVE-2014-8351 CVE-2014-8352
FULLDISC:20141103 CVE-2014-5387 - Multiple Authenticated SQL Injections in EllisLab ExpressionEngine Core CVE-2014-5387
FULLDISC:20141106 CVE-2014-8557 - JExperts Tecnologia - Channel Software Cross Site Scripting Issues CVE-2014-8557
FULLDISC:20141106 CVE-2014-8558 - JExperts Tecnologia - Channel Software Escalation Access Issues CVE-2014-8558
FULLDISC:20141106 Cisco RV Series multiple vulnerabilities CVE-2014-2177 CVE-2014-2178 CVE-2014-2179
FULLDISC:20141106 SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection CVE-2014-3437 CVE-2014-3438 CVE-2014-3439
FULLDISC:20141106 Wordpress bulletproof-security <=.51 multiple vulnerabilities CVE-2014-8749
FULLDISC:20141109 IL and CSRF vulnerabilities in D-Link DAP-1360 CVE-2014-10025 CVE-2014-10026
FULLDISC:20141109 IP.Board <= 3.4.7 SQL Injection CVE-2014-9239
FULLDISC:20141109 [The ManageOwnage Series, part VII]: Super admin privesc + password DB dump in Password Manager Pro CVE-2014-8498 CVE-2014-8499
FULLDISC:20141109 [The ManageOwnage series, part VIII]: Remote code execution and blind SQLi in OpManager, Social IT and IT360 CVE-2014-7866 CVE-2014-7868
FULLDISC:20141112 Lantronix xPrintServer Code execution and CSRF vulnerability CVE-2014-9002 CVE-2014-9003
FULLDISC:20141112 Piwigo <= v2.6.0 - Blind SQL Injection CVE-2014-9115
FULLDISC:20141112 [ESNC-2039348] Multiple Critical Security Vulnerabilities in SAP Governance, Risk and Compliance (SAP GRC) CVE-2013-3678
FULLDISC:20141114 CVE-2014-7290 Atlas Systems Aeon XSS (Cross-Site Scripting) Vulnerability CVE-2014-7290
FULLDISC:20141114 CVE-2014-8681 Blind SQL Injection in Gogs label search CVE-2014-8681
FULLDISC:20141114 CVE-2014-8682 Multiple Unauthenticated SQL Injections in Gogs CVE-2014-8682
FULLDISC:20141114 CVE-2014-8683 XSS in Gogs Markdown Renderer CVE-2014-8683
FULLDISC:20141114 XSS Reflected in Page visualization agents in Pand ora FMS v5.1SP1 - Revisión PC141031 (CVE-2014- 8629) CVE-2014-8629
FULLDISC:20141114 xdg-open RCE CVE-2014-9622
FULLDISC:20141117 CVE-2014-8493 - ZTE ZXHN H108L Authentication Bypass CVE-2014-8493
FULLDISC:20141117 Proticaret E-Commerce Script v3.0 SQL Injection CVE-2014-9237
FULLDISC:20141117 Reflected XSS in Nibbleblog <= v4.0.1 CVE-2014-8996
FULLDISC:20141117 Vulnerabilities in D-Link DCS-2103 CVE-2014-9234 CVE-2014-9238
FULLDISC:20141117 WebsiteBaker <=2.8.3 - Multiple Vulnerabilities CVE-2014-9242 CVE-2014-9243
FULLDISC:20141117 XOOPS <= 2.5.6 - Blind SQL Injection CVE-2014-8999
FULLDISC:20141117 Zoph <= 0.9.1 - Multiple Vulnerabilities CVE-2014-9235 CVE-2014-9236
FULLDISC:20141118 CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload CVE-2014-8767
FULLDISC:20141118 CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload CVE-2014-8768
FULLDISC:20141118 CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload CVE-2014-8769
FULLDISC:20141118 PHPFox XSS AdminCP CVE-2014-8469
FULLDISC:20141119 CVE-2014-2382 - Arbitrary Code Execution In Faronics Deep Freeze Standard and Enterprise CVE-2014-2382
FULLDISC:20141119 CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM CVE-2014-7137
FULLDISC:20141119 CVE-2014-7911: Android <5.0 Privilege Escalation using ObjectInputStream CVE-2014-7911
FULLDISC:20141119 CVE-2014-8600 - Insufficient Input Validation By IO Slaves In KDE e.V. KDE CVE-2014-8600
FULLDISC:20141119 [CORE-2014-0008] - Advantech AdamView Buffer Overflow CVE-2014-8386
FULLDISC:20141119 [CORE-2014-0009] - Advantech EKI-6340 Command Injection CVE-2014-8387
FULLDISC:20141120 CVE-2014-8349 LIFERAY Portal Stored XSS CVE-2014-8349
FULLDISC:20141120 WordPress 3 persistent script injection CVE-2014-9031
FULLDISC:20141121 AST-2014-014: High call load may result in hung channels in ConfBridge. CVE-2014-8414
FULLDISC:20141121 FluxBB <= 1.5.6 SQL Injection CVE-2014-10029
FULLDISC:20141123 on Linux, 'less' can probably get you owned CVE-2014-9112
FULLDISC:20141126 CVE-2014-8507 Android < 5.0 SQL injection vulnerability in WAPPushManager CVE-2014-8507
FULLDISC:20141126 CVE-2014-8609 Android Settings application privilege leakage vulnerability CVE-2014-8609
FULLDISC:20141126 CVE-2014-8610 Android < 5.0 SMS resend vulnerability CVE-2014-8610
FULLDISC:20141127 CVE-2014-7291 Springshare LibCal XSS (Cross-Site Scripting) Vulnerability CVE-2014-7291
FULLDISC:20141127 CVE-2014-8754 WordPress "Ad-Manager Plugin " Dest Redirect Privilege Escalation CVE-2014-8754
FULLDISC:20141127 FileVista < v6.0.8.0 Insecure zip file handling CVE-2014-8788 CVE-2014-8789
FULLDISC:20141129 CSRF and XSS vulnerabilities in D-Link DAP-1360 CVE-2014-10027 CVE-2014-10028
FULLDISC:20141129 [KIS-2014-13] Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability CVE-2014-8791
FULLDISC:20141201 [RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire CVE-2014-8874
FULLDISC:20141201 [RT-SA-2014-011] EntryPass N5200 Credentials Disclosure CVE-2014-8868 CVE-2014-9303
FULLDISC:20141202 [RT-SA-2014-012] Unauthenticated Remote Code Execution in IBM Endpoint Manager Mobile Device Management Components CVE-2014-6140
FULLDISC:20141203 Re: CVE-2014-8610 Android < 5.0 SMS resend vulnerability CVE-2014-8610
FULLDISC:20141203 [The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360 CVE-2014-5445 CVE-2014-5446
FULLDISC:20141205 CVE-2014-5462 - Multiple Authenticated SQL Injections In OpenEMR CVE-2014-5462
FULLDISC:20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities CVE-2010-5298 CVE-2012-3544 CVE-2013-1620 CVE-2013-1739 CVE-2013-1740 CVE-2013-1741 CVE-2013-2461 CVE-2013-2877 CVE-2013-3751 CVE-2013-3774 CVE-2013-4286 CVE-2013-4322 CVE-2013-5605 CVE-2013-5606 CVE-2013-5855 CVE-2013-6438 CVE-2013-6449 CVE-2013-6450 CVE-2014-0015 CVE-2014-0033 CVE-2014-0050 CVE-2014-0075 CVE-2014-0096 CVE-2014-0098 CVE-2014-0099 CVE-2014-0119 CVE-2014-0138 CVE-2014-0160 CVE-2014-0195 CVE-2014-0198 CVE-2014-0209 CVE-2014-0210 CVE-2014-0211 CVE-2014-0221 CVE-2014-0224 CVE-2014-0436 CVE-2014-1490 CVE-2014-1491 CVE-2014-1492 CVE-2014-2456 CVE-2014-2477 CVE-2014-2479 CVE-2014-2480 CVE-2014-2481 CVE-2014-2482 CVE-2014-2483 CVE-2014-2484 CVE-2014-2485 CVE-2014-2486 CVE-2014-2487 CVE-2014-2488 CVE-2014-2489 CVE-2014-2490 CVE-2014-2491 CVE-2014-2492 CVE-2014-2493 CVE-2014-2494 CVE-2014-2495 CVE-2014-2496 CVE-2014-3470 CVE-2014-3797 CVE-2014-4201 CVE-2014-4202 CVE-2014-4203 CVE-2014-4204 CVE-2014-4205 CVE-2014-4206 CVE-2014-4207 CVE-2014-4208 CVE-2014-4209 CVE-2014-4210 CVE-2014-4211 CVE-2014-4212 CVE-2014-4213 CVE-2014-4214 CVE-2014-4215 CVE-2014-4216 CVE-2014-4217 CVE-2014-4218 CVE-2014-4219 CVE-2014-4220 CVE-2014-4221 CVE-2014-4222 CVE-2014-4223 CVE-2014-4224 CVE-2014-4225 CVE-2014-4226 CVE-2014-4227 CVE-2014-4228 CVE-2014-4229 CVE-2014-4230 CVE-2014-4231 CVE-2014-4232 CVE-2014-4233 CVE-2014-4234 CVE-2014-4235 CVE-2014-4236 CVE-2014-4237 CVE-2014-4238 CVE-2014-4239 CVE-2014-4240 CVE-2014-4241 CVE-2014-4242 CVE-2014-4243 CVE-2014-4244 CVE-2014-4245 CVE-2014-4246 CVE-2014-4247 CVE-2014-4248 CVE-2014-4249 CVE-2014-4250 CVE-2014-4251 CVE-2014-4252 CVE-2014-4253 CVE-2014-4254 CVE-2014-4255 CVE-2014-4256 CVE-2014-4257 CVE-2014-4258 CVE-2014-4260 CVE-2014-4261 CVE-2014-4262 CVE-2014-4263 CVE-2014-4264 CVE-2014-4265 CVE-2014-4266 CVE-2014-4267 CVE-2014-4268 CVE-2014-4269 CVE-2014-4270 CVE-2014-4271 CVE-2014-8371
FULLDISC:20141209 CVE-2014-8489 Ping Identity Corporation "PingFederate 6.10.1 SP Endpoints" Dest Redirect Privilege Escalation Security Vulnerability CVE-2014-8489
FULLDISC:20141209 CVE-2014-8751 goYWP WebPress Multiple XSS (Cross-Site Scripting) Security Vulnerabilities CVE-2014-8751
FULLDISC:20141209 Concrete5 CMS Reflected Cross-Site Scripting Vulnerabilities CVE-2014-9526
FULLDISC:20141209 Humhub SQL injection and multiple persistent XSS vulnerabilities CVE-2014-9528
FULLDISC:20141209 NEW VMSA-2014-0013 - VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability CVE-2014-8373
FULLDISC:20141210 AST-2014-019: Remote Crash Vulnerability in WebSocket Server CVE-2014-9374
FULLDISC:20141210 CVE-2014-7136 - Privilege Escalation In K7 Computing Multiple Products [K7FWFilt.sys] CVE-2014-7136
FULLDISC:20141210 CVE-2014-8608 - Null Pointer Dereference In K7 Computing Multiple Products [K7Sentry.sys] CVE-2014-8608
FULLDISC:20141210 CVE-2014-8956 - Privilege Escalation In K7 Computing Multiple Products [K7Sentry.sys] CVE-2014-8956
FULLDISC:20141210 Multiple vulnerabilities in InfiniteWP Admin Panel CVE-2014-9519 CVE-2014-9520 CVE-2014-9521
FULLDISC:20141210 NEW VMSA-2014-0014 - AirWatch by VMware product update addresses information disclosure vulnerabilities CVE-2014-8372
FULLDISC:20141211 RedCloth contains unfixed XSS vulnerability for 9 years CVE-2012-6684
FULLDISC:20141216 CA20141215-01: Security Notice for CA LISA Release Automation CVE-2014-8246 CVE-2014-8247 CVE-2014-8248
FULLDISC:20141216 CVE-2014-5437: Arris TG862G - Cross-site Request Forgery (CSRF) CVE-2014-5437 CVE-2014-9406
FULLDISC:20141216 CVE-2014-5438: Arris TG862G - Cross-site Scripting (XSS) CVE-2014-5437 CVE-2014-5438
FULLDISC:20141216 W3TotalFail: W3 Total Cache v 0.9.4 CSRF Vulnerability that Leads to Full Deface CVE-2014-9414
FULLDISC:20141216 [Onapsis Security Advisory 2014-034] SAP Business Objects Search Token Privilege Escalation via CORBA CVE-2014-9387
FULLDISC:20141217 Bird Feeder v1.2.3 WP Plugin - CSRF & XSS Vulnerability CVE-2014-9334
FULLDISC:20141217 Morfy CMS v1.05 - Command Execution Vulnerability CVE-2014-9185
FULLDISC:20141218 SEC Consult SA-20141218-0 :: Multiple critical vulnerabilities in VDG Security SENSE (formerly DIVA) CVE-2014-9451 CVE-2014-9452 CVE-2014-9575 CVE-2014-9576 CVE-2014-9577 CVE-2014-9578 CVE-2014-9579
FULLDISC:20141218 SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted CVE-2014-7208
FULLDISC:20141218 SEC Consult SA-20141218-2 :: Multiple high risk vulnerabilities in NetIQ Access Manager CVE-2014-5214 CVE-2014-5215 CVE-2014-5216 CVE-2014-5217 CVE-2014-9412
FULLDISC:20141218 iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability CVE-2014-9336
FULLDISC:20141219 BF and XSS vulnerabilities in D-Link DCS-2103 CVE-2014-9517
FULLDISC:20141219 CVE-2014-8752 JCE-Tech "Video Niche Script" XSS (Cross-Site Scripting) Security Vulnerability CVE-2014-8752
FULLDISC:20141219 TWiki Security Alert CVE-2014-9325: XSS Vulnerability with QUERYSTRING and QUERYPARAMSTRING Variables CVE-2014-9325
FULLDISC:20141219 TWiki Security Alert CVE-2014-9367: XSS Vulnerability with Scope and Other URL Parameters of WebSearch CVE-2014-9367
FULLDISC:20141219 The Misfortune Cookie Vulnerability CVE-2014-9222
FULLDISC:20141222 CVE-2014-9330: Libtiff integer overflow in bmp2tiff CVE-2014-9330
FULLDISC:20141222 VP-2014-004 SysAid Server Arbitrary File Disclosure CVE-2014-9436
FULLDISC:20141223 Stored XSS Vulnerability in CMS Serendipity v.2.0-rc1 CVE-2014-9432
FULLDISC:20141224 Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5 CVE-2014-9433
FULLDISC:20141227 Wordpress Frontend Uploader Cross Site Scripting(XSS) CVE-2014-9444
FULLDISC:20141229 CSRF vulnerability in CMS e107 v.2 alpha2 CVE-2014-9459
FULLDISC:20141229 CVE-2014-7293 Ex Libris Patron Directory Services (PDS) XSS (Cross-Site Scripting) Security Vulnerability CVE-2014-7293
FULLDISC:20141229 CVE-2014-7294 Ex Libris Patron Directory Services (PDS) Open Redirect Security Vulnerability CVE-2014-7294
FULLDISC:20141230 Multiple SQL Injections and Reflecting XSS in Absolut Engine v. 1.73 CMS CVE-2014-9434 CVE-2014-9435
FULLDISC:20141231 [KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability CVE-2014-8083
FULLDISC:20141231 [KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability CVE-2014-8084
FULLDISC:20141231 [KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability CVE-2014-8085
FULLDISC:20141231 [KIS-2014-17] GetSimple CMS <= 3.3.4 (api.php) XML External Entity Vulnerability CVE-2014-8790
FULLDISC:20150102 [The ManageOwnage Series, part X]: 0-day administrator account creation in Desktop Central CVE-2014-7862
FULLDISC:20150105 [The ManageOwnage Series, part XI]: Remote code execution in ServiceDesk, Asset Explorer, Support Center and IT360 CVE-2014-5301 CVE-2014-5302
FULLDISC:20150106 McAfee ePolicy Orchestrator Authenticated XXE and Credential Exposure CVE-2015-0921 CVE-2015-0922
FULLDISC:20150106 Re: [The ManageOwnage Series, part XI]: Remote code execution in ServiceDesk, Asset Explorer, Support Center and IT360 CVE-2014-5302
FULLDISC:20150106 Reflecting XSS vulnerability in CMS Kajona v. 4.6 CVE-2015-0917
FULLDISC:20150106 Reflecting XSS vulnerability in CMS Sefrengo v.1.6.0 CVE-2015-0918
FULLDISC:20150106 SQL-Injection in administrative Backend of Sefrengo CMS v.1.6.0 CVE-2015-0919
FULLDISC:20150107 CVE-2014-9510 - TP-Link TL-WR840N Configuration Import Cross-Site Request Forgery (CSRF) CVE-2014-9510
FULLDISC:20150108 Good for Enterprise Android HTML Injection (CVE-2014-4925) CVE-2014-4925
FULLDISC:20150108 Multiple persistent XSS vulnerabilites in CMS BEdita v. 3.4.0 CVE-2015-1040
FULLDISC:20150109 Reflecting XSS vulnerability in CMS e107 v. 1.0.4 CVE-2015-1041
FULLDISC:20150110 CVE-2014-9560 Softbb.net SoftBB SQL Injection Security Vulnerability CVE-2014-9560
FULLDISC:20150110 CVE-2014-9561 Softbb.net SoftBB XSS (Cross-Site Scripting) Security Vulnerability CVE-2014-9561
FULLDISC:20150112 CVE-2014-8870: Arbitrary Redirect in Tapatalk Plugin for WoltLab Burning Board 4.0 CVE-2014-8870
FULLDISC:20150112 Corel Software DLL Hijacking CVE-2014-8393 CVE-2014-8394 CVE-2014-8395 CVE-2014-8396 CVE-2014-8397 CVE-2014-8398
FULLDISC:20150112 Re: McAfee ePolicy Orchestrator Authenticated XXE and Credential Exposure CVE-2015-0921 CVE-2015-0922
FULLDISC:20150112 Reflecting XSS vulnerability in CMS Croogo v.2.2.0 CVE-2015-1053
FULLDISC:20150112 Reflecting XSS vulnerability in CMS PHPKit WCMS v. 1.6.6 CVE-2015-1052
FULLDISC:20150112 Wordpress Photo Gallery 1.2.7 unauthenticated SQL injection CVE-2015-1055
FULLDISC:20150112 Wordpress plugin Pods <= 2.4.3 XSS and CSRF vulnerabilities CVE-2014-7956 CVE-2014-7957
FULLDISC:20150112 [RT-SA-2014-015] Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0 CVE-2014-8869
FULLDISC:20150113 Reflecting XSS vulnerability in filemanager of CMS b2evolution v. 5.2.0 CVE-2014-9599
FULLDISC:20150113 SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower CVE-2015-1368 CVE-2015-1481 CVE-2015-1482
FULLDISC:20150113 [Corrected] Stored XSS Vulnerability in F5 BIG-IP Application Security Manager CVE-2015-1050
FULLDISC:20150114 Sierra Wireless AirCard 760S/762S/763S Mobile Hotspot CRLF Injection CVE-2015-2054
FULLDISC:20150116 CatBot v0.4.2 (PHP) - SQL Injection Vulnerability CVE-2015-1367
FULLDISC:20150116 VLC Media Player 2.1.5 Memory Corruption Vulnerabilities (CVE-2014-9597, CVE-2014-9597) CVE-2014-9597 CVE-2014-9598
FULLDISC:20150118 Reflecting XSS vulnerability in administrative backend of CMS Websitebaker v. 2.8.3 SP3 CVE-2015-0553
FULLDISC:20150120 Barracuda Load Balancer ADC VM multiple vulnerabilities CVE-2014-8426 CVE-2014-8428
FULLDISC:20150120 MSA-2015-01: Wordpress Plugin Pixabay Images Multiple Vulnerabilities CVE-2015-1365 CVE-2015-1366 CVE-2015-1375 CVE-2015-1376
FULLDISC:20150120 WebGUI 7.10.29 stable version Cross site scripting vulnerability CVE-2015-1564
FULLDISC:20150121 CVE-2015-1169 - CAS Server 3.5.2 allows remote attackers to bypass LDAP authentication via crafted wildcards. CVE-2015-1169
FULLDISC:20150121 SQL injection vulnerability in articleFR CMS 3.0.5 CVE-2015-1364
FULLDISC:20150121 [RT-SA-2014-010] AVM FRITZ!Box Firmware Signature Bypass CVE-2014-8872
FULLDISC:20150122 CVE-2014-9557 SmartCMS Multiple XSS (Cross-Site Scripting) Security Vulnerabilities CVE-2014-9557
FULLDISC:20150122 CVE-2014-9558 SmartCMS Multiple SQL Injection Security Vulnerabilities CVE-2014-9558
FULLDISC:20150122 Multiple stored/reflecting XSS- and SQLi-vulnerabilities and unrestricted file-upload in ferretCMS v. 1.0.4-alpha CVE-2015-1371 CVE-2015-1372 CVE-2015-1373
FULLDISC:20150122 SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP CVE-2014-7289 CVE-2014-9224 CVE-2014-9225 CVE-2014-9226
FULLDISC:20150122 USAA mobile app gives away personal data; fix released CVE-2015-1314
FULLDISC:20150122 XSS vulnerability in articleFR CMS 3.0.5 CVE-2015-1363
FULLDISC:20150126 [CORE-2015-0002] - Android WiFi-Direct Denial of Service CVE-2014-0997
FULLDISC:20150127 Reflecting XSS vulnerabilities in CMS Saurus v. 4.7 (CE) CVE-2015-1562
FULLDISC:20150127 [CORE-2015-0003] - FreeBSD Kernel Multiple Vulnerabilities CVE-2014-0998 CVE-2014-8612
FULLDISC:20150128 AST-2015-001: File descriptor leak when incompatible codecs are offered CVE-2015-1558
FULLDISC:20150128 CVE-2015-1042 - Mantis BugTracker 1.2.19 - URL Redirection to Untrusted Site ('Open Redirect') CVE-2015-1042
FULLDISC:20150128 Qualys Security Advisory CVE-2015-0235 - GHOST: glibc gethostbyname buffer overflow CVE-2015-0235
FULLDISC:20150128 Wordpress Geo Mashup plugin <= 1.8.2 XSS vulnerability CVE-2015-1383
FULLDISC:20150128 [AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability CVE-2014-8826
FULLDISC:20150128 [The ManageOwnage Series, part XII]: Multiple vulnerabilities in FailOverServlet (OpManager, AppManager, IT360) CVE-2014-7864
FULLDISC:20150129 Fortinet FortiClient Multiple Vulnerabilities CVE-2015-1453 CVE-2015-1569 CVE-2015-1570
FULLDISC:20150129 Fortinet FortiOS Multiple Vulnerabilities CVE-2015-1451 CVE-2015-1452 CVE-2015-1571
FULLDISC:20150130 Blubrry PowerPress Security Advisory - XSS Vulnerability - CVE-2015-1385 CVE-2015-1385
FULLDISC:20150131 Major Internet Explorer Vulnerability - NOT Patched CVE-2015-0072
FULLDISC:20150201 Banner Effect Header Security Advisory - XSS Vulnerability - CVE-2015-1384 CVE-2015-1384
FULLDISC:20150201 CVE-2014-9559 SnipSnap XSS (Cross-Site Scripting) Security Vulnerabilities CVE-2014-9559
FULLDISC:20150201 SQL injection vulnerabilities in zerocms <= v.1.3.3 CVE-2014-4034 CVE-2015-1442
FULLDISC:20150202 CVE-2014-5360 Landesk Management Suite XSS (Cross-Site Scripting) Security Vulnerability CVE-2014-5360
FULLDISC:20150202 CVE-2014-9562 OptimalSite Content Management System (CMS) XSS (Cross-Site Scripting) Security Vulnerabilities CVE-2014-9562
FULLDISC:20150203 My Little Forum Multiple XSS Security Vulnerabilities CVE-2015-1475
FULLDISC:20150203 SQL injection vulnerability in Pragyan CMS v.3.0 CVE-2015-1471
FULLDISC:20150208 LG On Screen Phone authentication bypass (CVE-2014-8757) CVE-2014-8757
FULLDISC:20150208 Multiple CSRF vulnerabilities in eFront v. 3.6.15.2 (CE) CVE-2015-1559
FULLDISC:20150211 CVE-2014-6412 - WordPress (all versions) lacks CSPRNG CVE-2014-6412
FULLDISC:20150212 CVE-2014-8753 Cit-e-Net Multiple XSS (Cross-Site Scripting) Security Vulnerabilities CVE-2014-8753
FULLDISC:20150212 CVE-2014-9469 vBulletin XSS (Cross-Site Scripting) Security Vulnerabilities CVE-2014-9469
FULLDISC:20150212 Followup on CVE-2014-6412 CVE-2014-6412
FULLDISC:20150212 Radexscript CMS 2.2.0 - SQL Injection vulnerability CVE-2015-1518
FULLDISC:20150213 Reflecting XSS vulnerabitlies, unrestricted file upload and underlaying CSRF in Landsknecht Adminsystems CMS v. 4.0.1 (DEV, beta version) CVE-2015-1603 CVE-2015-1604
FULLDISC:20150213 eTouch SamePage v4.4.0.0.239 multiple vulnerabilities CVE-2015-2070 CVE-2015-2071
FULLDISC:20150214 CVE-2015-1574 - Google Email App 4.2.2 remote denial of service CVE-2015-1574
FULLDISC:20150217 [CVE-REQUEST] Multiple vulnerabilities on GLPI CVE-2015-7684 CVE-2015-7685
FULLDISC:20150218 CVE-2014-9468 InstantASP InstantForum.NET Multiple XSS (Cross-Site Scripting) Security Vulnerabilities CVE-2014-9468
FULLDISC:20150218 DLGuard Full Path Disclosure (Information Leakage) Security Vulnerabilities CVE-2015-2209
FULLDISC:20150218 DLGuard Multiple XSS (Cross-Site Scripting) Security Vulnerabilities CVE-2015-2064
FULLDISC:20150218 DLGuard SQL Injection Security Vulnerabilities CVE-2015-2066
FULLDISC:20150218 Reflecting XSS- and SQL injection-vulnerabilities in the administrative backend of Piwigo <= v. 2.7.3 CVE-2015-2034 CVE-2015-2035
FULLDISC:20150218 [RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite CVE-2014-8871
FULLDISC:20150221 Easy Social Icons WordPress plugin v1.2.2 Persistent XSS and CSRF CVE-2015-2084
FULLDISC:20150221 Multiple stored XSS-vulnerabilities in MyBB v. 1.8.3 CVE-2015-2149
FULLDISC:20150221 Samsung iPolis XnsSdkDeviceIpInstaller.ocx ActiveX Remote Code Execution Vulnerabilities CVE-2015-0555
FULLDISC:20150221 WooCommerce WordPress plugin 2.2.10 Reflected XSS CVE-2015-2069
FULLDISC:20150223 ECommerce-Shopping Cart Zeuscart v. 4: Multiple reflecting XSS-, SQLi and InformationDisclosure-vulnerabilities CVE-2010-5322 CVE-2015-2182 CVE-2015-2183 CVE-2015-2184
FULLDISC:20150223 WESP SDK multiple Remote Code Execution Vulnerabilities CVE-2015-2097
FULLDISC:20150225 [Onapsis Security Advisory 2015-001] Multiple Reflected Cross Site Scripting Vulnerabilities in SAP HANA Web-based Development Workbench CVE-2015-2072
FULLDISC:20150225 [Onapsis Security Advisory 2015-004] SAP Business Objects Unauthorized Audit Information Delete via CORBA CVE-2015-2075
FULLDISC:20150225 [Onapsis Security Advisory 2015-005] SAP Business Objects Unauthorized Audit Information Access via CORBA CVE-2015-2076
FULLDISC:20150301 GDS Labs Alert [CVE-2015-2080] - JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server CVE-2015-2080
FULLDISC:20150302 CVE-2015-1187: D-Link DIR-636L Remote Command Injection - Incorrect Authentication CVE-2015-1187
FULLDISC:20150302 NetCat CMS Full Path Disclosure (Information Disclosure) Security Vulnerabilities CVE-2015-2214
FULLDISC:20150302 Slim Framework - (CVE-2015-2171, PHP Object Injection), Other Vulnerabilities CVE-2015-2171
FULLDISC:20150302 XSS Reflected vulnerabilities in Fortimail version 5.2.1 (CVE-2014-8617) CVE-2014-8617
FULLDISC:20150302 upstart logrotate privilege escalation in Ubuntu Vivid (development) CVE-2015-2285
FULLDISC:20150303 Multiple SQL injections in core Orion service affecting many Solarwinds products (CVE-2014-9566) CVE-2014-9566
FULLDISC:20150304 CSRF in Contact Form DB allows attacker to delete all stored form submissions (WordPress plugin) CVE-2015-1874
FULLDISC:20150304 PHPMoAdmin Unauthorized Remote Code Execution (0-Day) CVE-2015-2208
FULLDISC:20150305 ProjectSend r561 - SQL injection vulnerability CVE-2015-2564
FULLDISC:20150305 Webshop hun v1.062S Directory Traversal Security Vulnerabilities CVE-2015-2243
FULLDISC:20150305 Webshop hun v1.062S SQL Injection Security Vulnerabilities CVE-2015-2242
FULLDISC:20150305 Webshop hun v1.062S XSS (Cross-site Scripting) Security Vulnerabilities CVE-2015-2244
FULLDISC:20150307 Fw: Vulnerabilities in ASUS RT-G32 CVE-2015-2676 CVE-2015-2681
FULLDISC:20150309 MikroTik RouterOS Admin Password Change CSRF CVE-2015-2350
FULLDISC:20150309 OpenKM Platform Remote Reflected Cross Site Scripting CVE-2014-9017
FULLDISC:20150310 SuperWebMailer 5.50.0.01160 XSS (Cross-site Scripting) Security Vulnerabilities CVE-2015-2349
FULLDISC:20150310 Vastal I-tech phpVID 1.2.3 Multiple XSS (Cross-site Scripting) Security Vulnerabilities CVE-2008-2335
FULLDISC:20150310 Vastal I-tech phpVID 1.2.3 SQL Injection Security Vulnerabilities CVE-2008-4157 CVE-2015-2563
FULLDISC:20150310 [CORE-2015-0005] - Windows Pass-Through Authentication Methods Improper Validation CVE-2015-0005
FULLDISC:20150310 [CVE Identifier Updated] OpenKM Platform Remote Reflected Cross Site Scripting CVE-2014-9017
FULLDISC:20150311 Community Gallery - Srored Corss-Site Scripting vulnerability CVE-2015-2275
FULLDISC:20150311 Vulnerability in the Dropbox SDK for Android (CVE-2014-8889) CVE-2014-8889
FULLDISC:20150311 [CVE-2015-1474]Integer overflow leading to heap corruption while unflattening GraphicBuffer CVE-2015-1474
FULLDISC:20150312 Alkacon OpenCms 9.5.1 Multiple XSS Vulnerabilities CVE-2015-2351
FULLDISC:20150312 WPML WordPress plug-in SQL injection etc. CVE-2015-2314 CVE-2015-2315 CVE-2015-2791
FULLDISC:20150312 WordPress SEO by Yoast <= 1.7.3.3 - Blind SQL Injection CVE-2015-2292 CVE-2015-2293
FULLDISC:20150316 Citrix Netscaler NS10.5 WAF Bypass via HTTP Header Pollution CVE-2015-2841
FULLDISC:20150316 Re: WPML WordPress plug-in SQL injection etc. CVE-2015-2792
FULLDISC:20150318 Command injection vulnerability in EMC Secure Remote Services Virtual Edition CVE-2015-0525
FULLDISC:20150318 Command injection vulnerability in network diagnostics tool of Websense Appliance Manager CVE-2015-2746
FULLDISC:20150318 Cross-Site Scripting vulnerability in Websense Data Security block page CVE-2015-2703
FULLDISC:20150318 Cross-Site Scripting vulnerability in Websense Explorer report scheduler CVE-2014-9711
FULLDISC:20150318 EMC M&R (Watch4net) data storage collector credentials are not properly protected CVE-2015-0514
FULLDISC:20150318 EMC Secure Remote Services Virtual Edition Provisioning component is affected by SQL injection CVE-2015-0524
FULLDISC:20150318 Error messages of Websense Content Gateway are vulnerable to Cross-Site Scripting CVE-2015-2703
FULLDISC:20150318 Missing access control on Websense Explorer web folder CVE-2015-2748
FULLDISC:20150318 Multiple Cross-Site Scripting vulnerabilities in Websense Reporting CVE-2014-9711
FULLDISC:20150318 Path traversal vulnerability in EMC M&R (Watch4net) MIB Browser CVE-2015-0516
FULLDISC:20150318 Websense Data Security DLP incident Forensics Preview is vulnerable to Cross-Site Scripting CVE-2015-2747
FULLDISC:20150318 Websense Email Security vulnerable to persistent Cross-Site Scripting in audit log details view CVE-2015-2702
FULLDISC:20150318 [CORE-2015-0006] - Fortinet Single Sign On Stack Overflow CVE-2015-2281
FULLDISC:20150319 Advent JMX Servlet of Citrx Command Center is accessible to unauthenticated users CVE-2015-2683
FULLDISC:20150319 Citrix Command Center allows downloading of configuration files CVE-2015-2682
FULLDISC:20150319 Citrix NITRO SDK xen_hotfix page is vulnerable to Cross-Site Scripting CVE-2015-2839
FULLDISC:20150319 Citrix NetScaler VPX help pages are vulnerable to Cross-Site Scripting CVE-2015-2840
FULLDISC:20150319 Command injection vulnerability in Citrix NITRO SDK xen_hotfix page CVE-2015-2838
FULLDISC:20150319 Web-Dorado ECommerce-WD for Joomla plugin multiple unauthenticated SQL injections CVE-2015-2562
FULLDISC:20150322 [CVE-2015-0250] Apache Batik Information Disclosure Vulnerability (XXE Injection) CVE-2015-0250
FULLDISC:20150326 Insecure file upload in Berta CMS CVE-2015-2780
FULLDISC:20150327 Advisory: CVE-2014-9708: Appweb Web Server CVE-2014-9708
FULLDISC:20150328 Advisory: CVE-2014-9707: GoAhead Web Server 3.0.0 - 3.4.1 CVE-2014-9707
FULLDISC:20150328 Advisory: CVE-2014-9708: Appweb Web Server CVE-2014-9708
FULLDISC:20150401 Ceragon FibeAir IP-10 SSH Private Key Exposure (CVE-2015-0936) CVE-2015-0936
FULLDISC:20150404 Wordpress plugin Simple Ads Manager - Information Disclosure CVE-2015-2826
FULLDISC:20150405 Multiple SQL Injection CVE-2015-2824
FULLDISC:20150405 Wordpress plugin Simple Ads Manager - Arbitrary File Upload CVE-2015-2825
FULLDISC:20150405 Wordpress plugin Simple Ads Manager - SQL Injection CVE-2015-2824
FULLDISC:20150407 Re: [oss-security] Advisory: CVE-2014-9708: Appweb Web Server CVE-2014-9708
FULLDISC:20150407 [CVE-2015-0779]: Novell ZenWorks Configuration Management remote code execution CVE-2015-0779
FULLDISC:20150408 AST-2015-003: TLS Certificate Common name NULL byte exploit CVE-2015-3008
FULLDISC:20150408 HotExBilling Manager – Cross-site scriptin g (XSS) vulnerability CVE-2015-3319
FULLDISC:20150408 HotExBilling Manager - Cross-site scriptin g (XSS) vulnerability CVE-2015-2781
FULLDISC:20150408 Re: [oss-security] Advisory: CVE-2014-9708: Appweb Web Server CVE-2014-9708
FULLDISC:20150410 SEC Consult SA-20150410-0 :: Unauthenticated Local File Disclosure in multiple TP-LINK products (CVE-2015-3035) CVE-2015-3035
FULLDISC:20150414 several issues in SQLite (+ catching up on several other bugs) CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 CVE-2015-3417
FULLDISC:20150415 Huawei SEQ Analyst - Multiple Reflected Cross Site Scripting (XSS) CVE-2015-2347
FULLDISC:20150415 Huawei SEQ Analyst - XML External Entity Injection (XXE) CVE-2015-2346
FULLDISC:20150417 CVE-2014-5370 - Arbitrary File Retrieval + Deletion In New Atlanta BlueDragon CFChart Servlet CVE-2014-5370
FULLDISC:20150417 CVE-2014-7953 Android backup agent code execution CVE-2014-7953
FULLDISC:20150417 CVE-2014-7954 MTP path traversal vulnerability in Android CVE-2014-7954
FULLDISC:20150422 CVE-2015-0984 SCADA - Gaining remote shell on Honeywell Falcon XLWEB CVE-2015-0984
FULLDISC:20150424 [ALICLOUDSEC-VUL2015-001]Android wpa_supplicant WLAN Direct remote buffer overflow CVE-2015-1863
FULLDISC:20150426 WordPress 4.2 stored XSS CVE-2015-3440
FULLDISC:20150427 [CORE-2015-0008] - InFocus IN3128HD Projector Multiple Vulnerabilities CVE-2014-8383 CVE-2014-8384
FULLDISC:20150428 SonicWall SonicOS 7.5.0.12 & 6.x - Client Side Cross Site Scripting Vulnerability CVE-2015-3447
FULLDISC:20150429 CVE-ID 2015-1188: Swisscom DSL Router Centro Grande (ADB) CVE-2015-1188
FULLDISC:20150430 Heap overflow / invalid read in Libtasn1 before 4.5 (TFPA 005/2015) CVE-2015-3622
FULLDISC:20150505 Fortinet FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Vulnerability CVE-2015-3620
FULLDISC:20150505 [CVE-2014-8146/8147] - ICU heap and integer overflows / I-C-U-FAIL CVE-2014-8146 CVE-2014-8147
FULLDISC:20150508 Docker 1.6.1 - Security Advisory [150507] CVE-2015-3627 CVE-2015-3629 CVE-2015-3630 CVE-2015-3631
FULLDISC:20150508 Feed2JS v1.7 XSS (Cross-site Scripting) Web Security Vulnerabilities CVE-2005-3955
FULLDISC:20150509 0day Mailbird XSS ? CVE-2015-4657
FULLDISC:20150509 CVE-2014-3440 - Symantec Critical System Protection RCE CVE-2014-3440
FULLDISC:20150509 Wordpress Roomcloud plugin v1.1(rev @1115307) XSS vulnerability CVE-2015-3904
FULLDISC:20150509 Wordpress Twenty Fifteen Theme - DOM XSS Vulnerability - CVE-2015-3429 CVE-2015-3429
FULLDISC:20150513 Concrete5 Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-2250 CVE-2015-2250
FULLDISC:20150513 [CORE-2015-0009] - SAP LZC/LZH Compression Multiple Vulnerabilities CVE-2015-2278 CVE-2015-2282
FULLDISC:20150515 CSRF & XSS vulnerabilities in Encrypted Contact Form Wordpress Plugin v1.0.4 CVE-2015-4010
FULLDISC:20150518 KL-001-2015-002 : Piriform CCleaner Wiped Filename Recovery CVE-2015-3999
FULLDISC:20150519 0-day Denial of Service in IPsec-Tools CVE-2015-4047
FULLDISC:20150519 Milw0rm Clone Script v1.0 - (time based) SQLi CVE-2015-4137
FULLDISC:20150519 SEC Consult SA-20150519-0 :: Critical buffer overflow vulnerability in KCodes NetUSB (VU#177092, CVE-2015-3036) CVE-2015-3036
FULLDISC:20150519 SQLi in FeedWordPress WordPress plugin CVE-2015-4018
FULLDISC:20150520 Re: 0-day Denial of Service in IPsec-Tools CVE-2015-4047
FULLDISC:20150522 0day Mailbird XSS CVE-2015-4657
FULLDISC:20150522 SAP Security Notes May 2015 CVE-2015-2278 CVE-2015-2282 CVE-2015-4091 CVE-2015-4092 CVE-2015-4157 CVE-2015-4158 CVE-2015-4159 CVE-2015-4160 CVE-2015-4161
FULLDISC:20150522 [CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability CVE-2014-0999 CVE-2014-8391
FULLDISC:20150524 phpwind v8.7 Unvalidated Redirects and Forwards Web Security Vulnerabilities CVE-2015-4134
FULLDISC:20150524 phpwind v8.7 XSS (Cross-site Scripting) Web Security Vulnerabilities CVE-2015-4135
FULLDISC:20150525 Reflected Cross-Site Scripting in Synology DiskStation Manager CVE-2015-4655
FULLDISC:20150525 Synology Photo Station multiple Cross-Site Scripting vulnerabilities CVE-2015-4656
FULLDISC:20150527 ClearPass Policy Manager Stored XSS CVE-2015-1389
FULLDISC:20150527 [Onapsis Security Advisory 2015-006] SAP HANA Information Disclosure via SQL IMPORT FROM statement CVE-2015-3995
FULLDISC:20150527 [Onapsis Security Advisory 2015-007] SAP HANA Log Injection Vulnerability CVE-2015-3994
FULLDISC:20150531 CVE-2015-3935 HTML Injection in Dolibarr CVE-2015-3935
FULLDISC:20150531 [SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices CVE-2014-7857 CVE-2014-7858 CVE-2014-7859 CVE-2014-7860
FULLDISC:20150603 [Multiple CVE's]: various critical vulnerabilities in SysAid Help Desk (RCE, file download, DoS, etc) CVE-2015-2993 CVE-2015-2994 CVE-2015-2995 CVE-2015-2996 CVE-2015-2997 CVE-2015-2998 CVE-2015-2999 CVE-2015-3000 CVE-2015-3001
FULLDISC:20150604 [CVE-2015-4051]: Beckhoff IPC diagnostics < 1.8 : Authentication bypass CVE-2015-4051
FULLDISC:20150609 Fwd: Potentially critical buffer overflow in TinySRP CVE-2015-4675
FULLDISC:20150609 [CVE-2015-4342]SQL Injection and Location header injection from cdef id CVE-2015-4342
FULLDISC:20150610 [RT-SA-2015-003] Alcatel-Lucent OmniSwitch Web Interface Weak Session ID CVE-2015-2804
FULLDISC:20150610 [RT-SA-2015-004] Alcatel-Lucent OmniSwitch Web Interface Cross-Site Request Forgery CVE-2015-2805
FULLDISC:20150611 Apache vulnerability program faulting module ntdll.dll CVE-2015-0251
FULLDISC:20150611 XSS vulnerability Adobe Connect 9.3 (CVE-2015-0343 ) CVE-2015-0343
FULLDISC:20150613 Yoast Wordpress SEO Plugin <= 2.1.1 Stored, Authenticated XSS CVE-2012-6692
FULLDISC:20150615 [RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager CVE-2015-2803
FULLDISC:20150618 CVE-2015-4453 - Authentication bypass in OpenEMR CVE-2015-4453
FULLDISC:20150619 IBM Domino Web Server Cross-site Scripting Vulnerability (CVE-2015-1981) CVE-2015-1981
FULLDISC:20150623 CVE-2015-4413 - Wordpress "Nextend Facebo ok Connect" Cross Site Scripting CVE-2015-4413
FULLDISC:20150623 ERPSCAN Research Advisory [ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS CVE-2015-2815
FULLDISC:20150623 ERPSCAN Research Advisory [ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE CVE-2015-2812
FULLDISC:20150623 ERPSCAN Research Advisory [ERPSCAN-15-005] SAP Mobile Platform - XXE CVE-2015-2813
FULLDISC:20150623 ERPSCAN Research Advisory [ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE CVE-2015-2811
FULLDISC:20150623 ERPSCAN Research Advisory [ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure CVE-2015-2817
FULLDISC:20150623 ERPSCAN Research Advisory [ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll CVE-2015-2820
FULLDISC:20150623 ERPSCAN Research Advisory [ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check CVE-2015-2816
FULLDISC:20150623 ERPSCAN Research Advisory [ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS CVE-2015-2819
FULLDISC:20150623 XSS vulnerability in manage engine. CVE-2015-2169
FULLDISC:20150624 CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004 CVE-2015-3443
FULLDISC:20150625 SBA Research Vulnerability Disclosure - Multiple Critical Vulnerabilities in Koha ILS CVE-2015-4630 CVE-2015-4631 CVE-2015-4632 CVE-2015-4633
FULLDISC:20150626 SEC Consult SA-20150626-0 :: Critical vulnerabilities in Polycom RealPresence Resource Manager (RPRM) allow surveillance on conferences CVE-2015-4681 CVE-2015-4682 CVE-2015-4683 CVE-2015-4684 CVE-2015-4685
FULLDISC:20150629 CVE-2015-4674 - TimeDoctor autoupdate over plain-HTTP CVE-2015-4674
FULLDISC:20150630 ManageEngine Password Manager Pro 8.1 SQL Injection vulnerability CVE-2015-5459
FULLDISC:20150702 CVE-2015-3442 Authentication Bypass in Xpert.Line Version 3.0 CVE-2015-3442
FULLDISC:20150703 Re: [##2255763##] ManageEngine Password Manager Pro 8.1 SQL Injection vulnerability CVE-2015-5459
FULLDISC:20150703 SQL Injection in easy2map wordpress plugin v1.24 CVE-2015-4614 CVE-2015-4616
FULLDISC:20150703 Snorby 2.6.2 - Stored Cross-site Scripting Vulnerability CVE-2015-5460
FULLDISC:20150705 Open redirect vulnerability in StageShow Wordpress plugin v5.0.8 CVE-2015-5461
FULLDISC:20150706 Orchard CMS - Persistent XSS vulnerability CVE-2015-5520
FULLDISC:20150706 WideImage Demo Code Cross Site Scripting (XSS) CVE-2015-5519
FULLDISC:20150706 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection CVE-2015-2279
FULLDISC:20150708 SOPlanning - Simple Online Planning Tool multiple vulnerabilities CVE-2014-8675 CVE-2014-8676
FULLDISC:20150708 [CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection CVE-2015-2280
FULLDISC:20150710 CVE-2014-7952, Android ADB backup APK injection vulnerability CVE-2014-7952
FULLDISC:20150710 Reflected XSS in GD bbPress Attachments allows an attacker to do almost anything an admin can (WordPress plugin) CVE-2015-5481
FULLDISC:20150710 SOPlanning - Simple Online Planning Tool multiple vulnerabilities CVE-2014-8677
FULLDISC:20150713 CVE-2015-3449 - Weak File Permissions In SAP Afaria XeService.exe CVE-2015-3449
FULLDISC:20150713 CVE-2015-3621 - Privilege Escalation In SAP ECC CVE-2015-3621
FULLDISC:20150713 CVE-2015-4425 - Directory Traversal/Configuration Update In Pimcore CMS CVE-2015-4425
FULLDISC:20150713 CVE-2015-4426 - SQL Injection In Pimcore CMS CVE-2015-4426
FULLDISC:20150713 Reflected XSS Attacks vulnerabilities in PFSense Version 2.2.2 (CVE-2015-4029) CVE-2015-4029
FULLDISC:20150713 Reflected XSS in The Events Calendar: Eventbrite Tickets allows unauthenticated users to do almost anything an admin can (WordPress plugin) CVE-2015-5485
FULLDISC:20150713 Remote file upload vulnerability & SQLi in wordpress plugin wp-powerplaygallery v3.3 CVE-2015-5599 CVE-2015-5681
FULLDISC:20150717 OpenSSH keyboard-interactive authentication brute force vulnerability (MaxAuthTries bypass) CVE-2015-5600
FULLDISC:20150721 Cross-Site Request Forgery Vulnerability in Portfolio Plugin Wordpress Plugin v1.0 CVE-2015-6523
FULLDISC:20150727 Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne CVE-2015-0943 CVE-2015-6742 CVE-2015-6743 CVE-2015-6744 CVE-2015-6745 CVE-2015-6746 CVE-2015-6747
FULLDISC:20150805 SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network CVE-2015-5718
FULLDISC:20150811 CVE-2015-5699 - Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation CVE-2015-5699
FULLDISC:20150813 BFS-SA-2015-002: OpenSSH PAM Privilege Separation Vulnerabilities CVE-2015-6563 CVE-2015-6564
FULLDISC:20150818 Bolt 2.2.4 - Code Execution CVE-2015-7309
FULLDISC:20150818 UNIT4TETA TETA WEB - Authorization Bypass vulnerability CVE-2015-1173
FULLDISC:20150827 AnchorCMS - PHP Object Injection (CVE-2015-5687) and More CVE-2015-5687
FULLDISC:20150827 Publicly exploitable XSS in WordPress plugin Navis Documentcloud (WordPress plugin) CVE-2015-2807
FULLDISC:20150829 Re: AnchorCMS - PHP Object Injection (CVE-2015-5687) and More CVE-2015-5687
FULLDISC:20150901 KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation CVE-2015-5465
FULLDISC:20150901 [CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities CVE-2015-4077 CVE-2015-5735 CVE-2015-5736 CVE-2015-5737
FULLDISC:20150902 NibbleBlog 4.0.3 - CSRF - Not fixed CVE-2015-6966
FULLDISC:20150902 NibbleBlog 4.0.3 - Code Execution - Not fixed CVE-2015-6967
FULLDISC:20150902 Serendipity 2.0.1 - Blind SQL Injection CVE-2015-6943
FULLDISC:20150902 Serendipity 2.0.1 - Code Execution CVE-2015-6968
FULLDISC:20150902 Serendipity 2.0.1 - Persistent XSS CVE-2015-6969
FULLDISC:20150907 Checkmarx CxQL Sandbox bypass (CVE-2014-8778) CVE-2014-8778
FULLDISC:20150907 Glibc Pointer guarding weakness CVE-2013-4788
FULLDISC:20150907 [CVE-2014-7216] Yahoo! Messenger emoticons.xml Multiple Key Value Handling Local Buffer Overflow CVE-2014-7216
FULLDISC:20150909 Multiple Cross-Site Scripting vulnerabilities in Synology Download Station CVE-2015-6909 CVE-2015-6913
FULLDISC:20150909 Synology Video Station command injection and multiple SQL injection vulnerabilities CVE-2015-6910 CVE-2015-6911 CVE-2015-6912
FULLDISC:20150910 CubeCart 6.0.6 > 5.2.12 admin hijacking vulnerability CVE-2015-6928
FULLDISC:20150910 DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 CVE-2015-6584
FULLDISC:20150910 Nokia Solutions and Networks @vantage - Multiple Reflected XSS CVE-2015-6929
FULLDISC:20150910 [ERPSCAN-15-014] SAP Mobile Platform 3 - XXE in Add Repository CVE-2015-5068
FULLDISC:20150914 Sunny WebBox CVE-2015-3964 Fix CVE-2015-3964
FULLDISC:20150915 ManageEngine EventLog Analyzer SQL query execution CVE-2015-7387
FULLDISC:20150915 ManageEngine OpManager multiple vulnerabilities CVE-2015-7765 CVE-2015-7766
FULLDISC:20150915 [CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting CVE-2015-5956
FULLDISC:20150917 KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation CVE-2015-6923
FULLDISC:20150922 Cisco AnyConnect elevation of privileges via DLL side loading CVE-2015-6305
FULLDISC:20150922 [Onapsis Security Advisory 2015-013] SAP Business Objects Memory Corruption CVE-2015-7730
FULLDISC:20150923 CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth CVE-2015-5372
FULLDISC:20150923 Cisco AnyConnect elevation of privileges via DMG install script CVE-2015-6306
FULLDISC:20150925 CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine CVE-2015-5074
FULLDISC:20150925 CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine CVE-2015-5075
FULLDISC:20150925 CVE-2015-5076 - Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine CVE-2015-5076
FULLDISC:20150925 CVE-2015-7323 - Secure Meeting (Pulse Collaboration) issue may allow authenticated users to bypass meeting authorization CVE-2015-7323
FULLDISC:20150925 Stored XSS in 4images <= v1.7.11 CVE-2015-7708
FULLDISC:20150927 Apport kernel_crashdump symlink vulnerability exploitation CVE-2015-1338
FULLDISC:20150929 [Onapsis Security Advisory 2015-009] SAP HANA hdbsql Multiple Memory Corruption Vulnerabilities CVE-2015-6507
FULLDISC:20150929 [Onapsis Security Advisory 2015-015] SAP HANA SQL injection in _modifyUser function CVE-2015-7725
FULLDISC:20150929 [Onapsis Security Advisory 2015-016] SAP HANA SQL injection in _newUser function CVE-2015-7725
FULLDISC:20150929 [Onapsis Security Advisory 2015-017] SAP HANA XSJS Code Injection in test-net.xsjs CVE-2015-7729
FULLDISC:20150929 [Onapsis Security Advisory 2015-018] SAP HANA SQL injection in, setTraceLevelsForXsApps function CVE-2015-7725
FULLDISC:20150929 [Onapsis Security Advisory 2015-019] SAP HANA XSS in role deletion through Web-based development workbench CVE-2015-7726
FULLDISC:20150929 [Onapsis Security Advisory 2015-020] SAP HANA Trace configuration SQL injection CVE-2015-7727
FULLDISC:20150929 [Onapsis Security Advisory 2015-021] SAP HANA XSS in user creation through Web-based development workbench CVE-2015-7728
FULLDISC:20150929 [Onapsis Security Advisory 2015-022] SAP HANA SQL injection in getSqlTraceConfiguration function CVE-2015-7727
FULLDISC:20150929 [Onapsis Security Advisory 2015-023] SAP HANA Drop Credentials SQL injection CVE-2015-7725
FULLDISC:20151001 CVE-2015-2342 VMware vCenter Remote Code Execution CVE-2015-2342
FULLDISC:20151001 Mac OS X local root (rsh/libmalloc) CVE-2015-5889
FULLDISC:20151001 Shell Injection in Pygments FontManager._get_nix_font_path CVE-2015-8557
FULLDISC:20151005 Apple Safari URI spoofing (CVE-2015-5764) CVE-2015-5764
FULLDISC:20151005 Blind SQL Injection in admin panel PHP-Fusion <= v7.02.07 CVE-2014-8596
FULLDISC:20151005 CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability CVE-2015-6237
FULLDISC:20151005 Komento Joomla! component Persistent XSS CVE-2015-7324
FULLDISC:20151005 u-design wordpress theme DOM XSS CVE-2015-7357
FULLDISC:20151008 CVE-2015-2652 - Unauthenticated File Upload in Oracle E-business Suite. CVE-2015-2652
FULLDISC:20151008 Veeam Backup & Replication Local Privilege Escalation Vulnerability CVE-2015-5742
FULLDISC:20151008 [REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities CVE-2015-7364 CVE-2015-7365 CVE-2015-7366 CVE-2015-7367 CVE-2015-7368 CVE-2015-7369 CVE-2015-7370 CVE-2015-7371 CVE-2015-7372 CVE-2015-7373
FULLDISC:20151010 Exploit NetUSB CVE-2015-3036 CVE-2015-3036
FULLDISC:20151013 JScript 5.7 (MSIE 8) RegExpBase::FBadHeader regular expression use-after-free CVE-2015-2482
FULLDISC:20151013 Vantage Point Security Advisory 2015-002 CVE-2014-8357 CVE-2014-9118
FULLDISC:20151027 [ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability CVE-2015-4845
FULLDISC:20151027 [ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability CVE-2015-4846
FULLDISC:20151027 [ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability CVE-2015-4854
FULLDISC:20151029 CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver CVE-2015-7723
FULLDISC:20151029 CVE-2015-7724 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver CVE-2015-7724
FULLDISC:20151030 [ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability CVE-2015-4886
FULLDISC:20151030 [ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability CVE-2015-4849
FULLDISC:20151030 [ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability CVE-2015-4851
FULLDISC:20151102 CVE-2015-6498 CVE-2015-6498
FULLDISC:20151104 [KIS-2015-05] ATutor <= 2.2 (Custom Course Icon) Unrestricted File Upload Vulnerability CVE-2014-9752
FULLDISC:20151104 [KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability CVE-2015-7711
FULLDISC:20151104 [KIS-2015-08] ATutor <= 2.2 (edit_marks.php) PHP Code Injection Vulnerability CVE-2015-7712
FULLDISC:20151104 [KIS-2015-09] Piwik <= 2.14.3 (viewDataTable) Autoloaded File Inclusion Vulnerability CVE-2015-7815
FULLDISC:20151104 [KIS-2015-10] Piwik <= 2.14.3 (DisplayTopKeywords) PHP Object Injection Vulnerability CVE-2015-7816
FULLDISC:20151109 [Onapsis Security Advisory 2015-024-040] SAP HANA TrexNet Vulnerabilities CVE-2015-7828
FULLDISC:20151109 [Onapsis Security Advisory 2015-041] SAP HANA Remote Trace Disclosure CVE-2015-7991
FULLDISC:20151109 [Onapsis Security Advisory 2015-042] SAP HANA EXECUTE_SEARCH_RULE_SET Stored Procedure Memory corruption CVE-2015-7992
FULLDISC:20151109 [Onapsis Security Advisory 2015-043] SAP HANA Remote Code Execution (HTTP Login based) CVE-2015-7993
FULLDISC:20151109 [Onapsis Security Advisory 2015-044] SAP HANA Remote Code Execution (SQL Login based) CVE-2015-7994
FULLDISC:20151114 AlegroCart 1.2.8: LFI/RFI CVE-2015-9227
FULLDISC:20151114 AlegroCart 1.2.8: SQL Injection CVE-2015-9226
FULLDISC:20151114 D-link wireless router DIR-816L – Cross-Site Request Forgery (CSRF) vulnerability CVE-2015-5999
FULLDISC:20151114 ZTE ADSL modems - Multiple vulnerabilities CVE-2015-7257 CVE-2015-7258 CVE-2015-7259
FULLDISC:20151114 dotclear 2.8.1: Code Execution CVE-2015-8832
FULLDISC:20151114 dotclear 2.8.1: XSS CVE-2015-8831
FULLDISC:20151117 CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability CVE-2015-6357
FULLDISC:20151117 zTree v3 Security Advisory - XSS Vulnerability - CVE-2015-7348 CVE-2015-7348
FULLDISC:20151118 Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability CVE-2015-8051
FULLDISC:20151119 Re: LiteCart 1.3.2: Multiple XSS CVE-2014-7183
FULLDISC:20151124 : CVE-2015-8298 SQL Injection Vulnerability in RXTEC RXAdmin CVE-2015-8298
FULLDISC:20151124 CVE-2015-8300: Polycom BToE Connector v2.3.0 Privilege Escalation Vulnerability CVE-2015-8300
FULLDISC:20151124 [ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE CVE-2015-6662
FULLDISC:20151124 [ERPSCAN-15-019] SAP Afaria - Stored XSS CVE-2015-6663
FULLDISC:20151124 [ERPSCAN-15-020] SAP Mobile Platform 2.3 - XXE in application import CVE-2015-6664
FULLDISC:20151125 Slider Revolution/Showbiz Pro shell upload exploit CVE-2014-9735
FULLDISC:20151127 [CVE-2015-6942] CoreMail XT3.0 Stored XSS CVE-2015-6942
FULLDISC:20151209 Symfony CMS 2.6.3 – Multiple Cross-Site Scripting Vulnerability CVE-2015-8376
FULLDISC:20151209 [CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities CVE-2015-7706
FULLDISC:20151209 [CVE-2015-8369] Cacti SQL injection in graph.php CVE-2015-8369
FULLDISC:20151209 ntop-ng <= 2.0.151021 - Privilege Escalation CVE-2015-8368
FULLDISC:20151211 CLOUD4WI SPLASH PORTAL REFLECTED XSS VULNERABILITY CVE-2015-4699 CVE-2015-4699
FULLDISC:20151213 SilverStripe CMS & Framework v3.2.0 - Cross-Site Scripting Vulnerability CVE-2015-8606
FULLDISC:20151213 Symphony 2.6.3 – Multiple Persistent Cross-Site Scripting Vulnerabilities CVE-2015-8766
FULLDISC:20151213 XSS Vulnerability in Synnefo Client for Synnefo IMS 2015 - CVE-2015-8247 CVE-2015-8247
FULLDISC:20151213 [CVE-2015-8377] Cacti graphs_new.php SQL Injection Vulnerability CVE-2015-8377
FULLDISC:20151216 Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370] CVE-2015-8370
FULLDISC:20151216 [ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability CVE-2015-7239
FULLDISC:20151218 KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address CVE-2015-6856
FULLDISC:20151218 Samsung softap weak random generated password CVE-2015-5729
FULLDISC:20151222 [RT-SA-2015-013] Symfony PHP Framework: Session Fixation In "Remember Me" Login Functionality CVE-2015-8124
FULLDISC:20151223 Re: [FD] Symfony CMS 2.6.3 – Multiple Cross-Site Scripting Vulnerability CVE-2015-8376
FULLDISC:20151224 Nordex Control 2 (NC2) SCADA V16 and prior versions - XSS CVE-2015-6477
FULLDISC:20151224 eWON sa Industrial router - Multiple Vulnerabilities CVE-2015-7924 CVE-2015-7925 CVE-2015-7926 CVE-2015-7927 CVE-2015-7928 CVE-2015-7929
FULLDISC:20151231 CVE-2015-1438 - Arbitrary Code Execution [PSKMAD.sys] In Panda Security - Multiple Products CVE-2015-1438
FULLDISC:20151231 CVE-2015-1438 - Panda Security Multiple Products Arbitrary Code Execution CVE-2015-1438
FULLDISC:20151231 CVE-2015-4557 - Wordpress "Nextend Twitter Connect" & "Nextend Google Connect" Cross Site Scripting CVE-2015-4557
FULLDISC:20151231 Joomla! plugin Helpdesk Pro < 1.4.0 CVE-2015-4071 CVE-2015-4072 CVE-2015-4073 CVE-2015-4074 CVE-2015-4075
FULLDISC:20151231 New CVE's to be released the 17th of June. CVE-2015-4071
FULLDISC:20151231 [CORE-2015-0012] - AirLive Multiple Products OS Command Injection CVE-2014-8389
FULLDISC:20160105 Alcatel Lucent Home Device Manager - Management Console Multiple XSS CVE-2015-8687
FULLDISC:20160107 [RT-SA-2014-014] AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images CVE-2014-8886
FULLDISC:20160108 Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege CVE-2016-1281
FULLDISC:20160108 OpenCart Security Advisory - XSS Vulnerabiltiy - CVE-2015-4671 CVE-2015-4671
FULLDISC:20160108 Serendipity Security Advisory - XSS Vulnerability - CVE-2015-8603 CVE-2015-8603
FULLDISC:20160108 [CVE-2015-8604] Cacti SQL injection in graphs_new.php CVE-2015-8604
FULLDISC:20160111 CVE-2015-8396: GDCM buffer overflow in ImageRegionReader::ReadIntoBuffer CVE-2015-8396
FULLDISC:20160111 CVE-2015-8397: GDCM out-of-bounds read in JPEGLSCodec::DecodeExtent CVE-2015-8397
FULLDISC:20160111 SSH Backdoor for FortiGate OS Version 4.x up to 5.0.7 CVE-2016-1909
FULLDISC:20160113 Html injection Dolibarr 3.8.3 CVE-2015-8685
FULLDISC:20160115 Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778 CVE-2016-0777 CVE-2016-0778
FULLDISC:20160115 [KIS-2016-01] CakePHP <= 3.2.0 "_method" CSRF Protection Bypass Vulnerability CVE-2015-8379
FULLDISC:20160119 [CORE-2016-0001] - Intel Driver Update Utility MiTM CVE-2016-1493
FULLDISC:20160120 SeaWell Networks Spectrum - Multiple Vulnerabilities CVE-2015-8282 CVE-2015-8283 CVE-2015-8284
FULLDISC:20160121 SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices CVE-2015-8362 CVE-2016-1984
FULLDISC:20160125 [CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities CVE-2016-1489 CVE-2016-1490 CVE-2016-1491 CVE-2016-1492
FULLDISC:20160127 McAfee File Lock Driver - Kernel Memory Leak CVE-2015-8772
FULLDISC:20160127 McAfee File Lock Driver - Kernel Stack Based BOF CVE-2015-8773
FULLDISC:20160127 Multiple security issues in MOVEit Managed File Transfer application CVE-2015-7675 CVE-2015-7676 CVE-2015-7677 CVE-2015-7678 CVE-2015-7679 CVE-2015-7680
FULLDISC:20160127 [ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption CVE-2015-7986
FULLDISC:20160203 DLink DVG-N5402SP Multiple Vulnerabilities CVE-2015-7245 CVE-2015-7246 CVE-2015-7247
FULLDISC:20160203 Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability CVE-2016-2268
FULLDISC:20160203 GE Industrial Solutions - UPS SNMP Adapter Command Injection and Clear-text Sensitive Info Vulnerabilities CVE-2016-0861 CVE-2016-0862
FULLDISC:20160203 Sauter ModuWEB Vision SCADA vulnerabilities CVE-2015-7914 CVE-2015-7915 CVE-2015-7916
FULLDISC:20160203 Security Advisories CVE-2014-2045 CVE-2014-9754 CVE-2014-9755
FULLDISC:20160204 [CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300 CVE-2016-1524 CVE-2016-1525
FULLDISC:20160210 Apache Sling Framework v2.3.6 (Adobe AEM) [CVE-2016-0956] - Information Disclosure Vulnerability CVE-2016-0956
FULLDISC:20160210 CVE-2016-2046 Cross Site Scripting in Sophos UTM 9 CVE-2016-2046
FULLDISC:20160210 NPS Datastore server DLL side loading vulnerability CVE-2016-0041
FULLDISC:20160210 SEC Consult SA-20160210-0 :: Yeager CMS Multiple Vulnerabilities CVE-2015-7568 CVE-2015-7569 CVE-2015-7570 CVE-2015-7571
FULLDISC:20160210 [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox CVE-2016-0602 CVE-2016-0603
FULLDISC:20160212 [ERPSCAN-15-031] SAP MII - Encryption Downgrade vulnerability CVE-2015-8329
FULLDISC:20160212 [ERPSCAN-15-032] SAP PCo agent - DoS vulnerability CVE-2015-8330
FULLDISC:20160222 Avast Virtualization Driver - Elevation Of Privileges CVE-2015-8620
FULLDISC:20160222 BlackBerry Enterprise Service 12 Self-Service - SQLi and Reflected XSS CVE-2016-1914 CVE-2016-1915
FULLDISC:20160222 Vulnerability in WebSVN 2.3.3 CVE-2016-2511
FULLDISC:20160223 [KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability CVE-2016-2212
FULLDISC:20160225 CVE-2015-6541 : Multiple CSRF in Zimbra Mail interface CVE-2015-6541
FULLDISC:20160225 D-Link, Netgear Router Vulnerabiltiies CVE-2016-1555 CVE-2016-1556 CVE-2016-1557 CVE-2016-1558 CVE-2016-1559
FULLDISC:20160225 [CVE-2015-5345] Information disclosure vulnerability in Apache Tomcat CVE-2015-5345
FULLDISC:20160303 WAGO IO PLC 758-870, 750-849, 750-849 vulnerabilities CVE-2015-6472 CVE-2015-6473
FULLDISC:20160304 McAfee VirusScan Enterprise security restrictions bypass CVE-2016-3984 CVE-2016-4534
FULLDISC:20160309 Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr" CVE-2016-2851
FULLDISC:20160309 CVE-2016-2563 - PuTTY/PSCP <=0.66 buffer overflow - vuln-pscp-sink-sscanf CVE-2016-2563
FULLDISC:20160309 [CORE-2016-0004] - SAP Download Manager Password Weak Encryption CVE-2016-3684 CVE-2016-3685
FULLDISC:20160314 CVE-2016-3115 - OpenSSH <=7.2p1 xauth injection CVE-2016-3115
FULLDISC:20160314 CVE-2016-3116 - Dropbear SSH xauth injection CVE-2016-3115 CVE-2016-3116
FULLDISC:20160316 [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow CVE-2016-1885
FULLDISC:20160317 Defense in depth -- the Microsoft way (part 39): vulnerabilities, please meet the bar for security servicing CVE-2015-8264
FULLDISC:20160317 Re: [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow CVE-2016-1885
FULLDISC:20160320 FortiOS (Fortinet) - Open Redirect and Cross Site Scripting CVE-2016-3978
FULLDISC:20160404 DotCMS injection Vulnerability CVE-2016-3688
FULLDISC:20160404 SQL Injection Vulnerability in DotCms v3.3 CVE-2016-3688
FULLDISC:20160404 [CVE-2016-3659]Cacti graph_view.php SQL Injection Vulnerability CVE-2016-3659
FULLDISC:20160404 [SE-2012-01] Broken security fix in IBM Java 7/8 CVE-2013-3009 CVE-2016-0363
FULLDISC:20160405 Re: [SE-2012-01] Broken security fix in IBM Java 7/8 CVE-2013-3009 CVE-2016-0363
FULLDISC:20160406 CVE-2016-3672 - Unlimiting the stack not longer disables ASLR CVE-2016-3672
FULLDISC:20160406 Panda Security 2016 Home User Products - Privilege Escalation CVE-2015-7378
FULLDISC:20160406 Panda Security Multiple Business Products - Privilege Escalation CVE-2016-3943
FULLDISC:20160408 [CVE-2016-3971]DotCMS xss vulnerability CVE-2016-3971
FULLDISC:20160408 [CVE-2016-3972]DotCMS Directory traversal vulnerability CVE-2016-3972
FULLDISC:20160412 .NET Framework 4.6 allows side loading of Windows API Set DLL CVE-2016-0148
FULLDISC:20160412 [SE-2012-01] Yet another broken security fix in IBM Java 7/8 CVE-2016-0376
FULLDISC:20160415 [ERPSCAN-16-001] SAP NetWeaver 7.4 - XSS vulnerability CVE-2016-1911
FULLDISC:20160415 [ERPSCAN-16-002] SAP HANA - log injection and no size restriction CVE-2016-1929
FULLDISC:20160416 Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability CVE-2016-0160
FULLDISC:20160416 [ERPSCAN-16-003] SAP NetWeaver 7.4 - cryptographic issues CVE-2016-1910
FULLDISC:20160420 Multiple Reflected XSS vulnerabilities in Oliver (formerly Webshare) v1.3.1 CVE-2014-2710
FULLDISC:20160420 [ERPSCAN-16-004] SAP NetWeaver 7.4 (Pmitest servlet) - XSS vulnerability CVE-2016-1911
FULLDISC:20160420 [ERPSCAN-16-005] SAP HANA hdbxsengine JSON - DoS vulnerability CVE-2016-1928
FULLDISC:20160421 CVE-2016-3074: libgd: signedness vulnerability CVE-2016-3074
FULLDISC:20160427 EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection CVE-2016-0891
FULLDISC:20160503 CVE-2016-3627 CVE-2016-3705: libxml2: stack overflow in xml validator (parser) CVE-2016-3627
FULLDISC:20160503 CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection CVE-2016-4338
FULLDISC:20160503 Moxa MiiNePort - Multiple Vulnerabilities CVE-2016-2285 CVE-2016-2286 CVE-2016-2295
FULLDISC:20160506 CVE-2016-2784: CMS Made Simple < 2.1.3 & < 1.12.2 Web server Cache Poisoning CVE-2016-2784
FULLDISC:20160506 NetCommWireless HSPA 3G10WVE Wireless Router - Multiple vulnerabilities CVE-2015-6023 CVE-2015-6024
FULLDISC:20160506 Re: NetCommWireless HSPA 3G10WVE Wireless Router - Multiple vulnerabilities CVE-2015-6023 CVE-2015-6024
FULLDISC:20160512 Huawei Mobile Broadband HL Service Local Privilege Escalation CVE-2016-2855
FULLDISC:20160517 [ERPSCAN-16-008] SAP NetWeaver AS JAVA - XSS vulnerability in ProxyServer servlet CVE-2016-2387
FULLDISC:20160517 [ERPSCAN-16-009] SAP xMII - directory traversal vulnerability CVE-2016-2389
FULLDISC:20160517 [ICS] Meteocontrol WEB'log Multiple Vulnerabilities CVE-2016-2296 CVE-2016-2297 CVE-2016-2298
FULLDISC:20160523 [ERPSCAN-16-010] SAP NetWeaver AS JAVA - information disclosure vulnerability CVE-2016-2388
FULLDISC:20160523 [ERPSCAN-16-011] SAP NetWeaver AS JAVA - SQL injection vulnerability CVE-2016-2386
FULLDISC:20160525 CVE-2016-4803 dotCMS - Email Header Injection CVE-2016-4803
FULLDISC:20160526 CVE-2015-3854 Battery permission leakage in Android CVE-2015-3854
FULLDISC:20160526 Re: CVE-2015-3854 Battery permission leakage in Android CVE-2015-3854
FULLDISC:20160601 CVE-2016-3670 Stored Cross Site Scripting in Liferay CE CVE-2016-3670
FULLDISC:20160609 nagios phishing vector & xss CVE-2016-6209
FULLDISC:20160614 CVE-2016-5060 Stored Cross-Site Scripting vulnerability in nGrinder CVE-2016-5060
FULLDISC:20160615 CVE-2016-3642 - Java Deserialization in Solarwinds Virtualization Manager 6.3.1 CVE-2016-3642
FULLDISC:20160615 CVE-2016-3643 - Misconfiguration of sudo in Solarwinds Virtualization Manager CVE-2016-3643
FULLDISC:20160615 Java Deserialization in Solarwinds Virtualization Manager 6.3.1 CVE-2016-3642
FULLDISC:20160615 Microsoft Visio multiple DLL side loading vulnerabilities CVE-2016-3235
FULLDISC:20160616 CVE-2016-5709 - Use of Weak Encryption Algorithm in Solarwinds Virtualization Manager CVE-2016-5709
FULLDISC:20160618 CVE-2016-0199 / MS16-063: MSIE 11 garbage collector attribute type confusion CVE-2016-0199
FULLDISC:20160618 [CVE-2016-1014] Escalation of privilege via executable (un)installers of Flash Player CVE-2016-1014
FULLDISC:20160618 [ERPSCAN-16-012] SAP NetWeaver AS JAVA - directory traversal vulnerability CVE-2016-3976
FULLDISC:20160618 [ERPSCAN-16-013] SAP NetWeaver AS Java ctcprotocol servlet - XXE vulnerability CVE-2016-3974
FULLDISC:20160618 [ERPSCAN-16-014] SAP NetWeaver AS Java NavigationURLTester - XSS vulnerability CVE-2016-3975
FULLDISC:20160621 [ERPSCAN-16-016] SAP NetWeaver Java AS WD_CHAT - Information disclosure vulnerability CVE-2016-3973
FULLDISC:20160624 [ERPSCAN-16-017] SAP JAVA AS icman - DoS vulnerability CVE-2016-3979
FULLDISC:20160624 [ERPSCAN-16-018] SAP Application server for Javat - DoS vulnerability CVE-2016-3980
FULLDISC:20160706 CVE-2016-4979: HTTPD webserver - X509 Client certificate based authentication can be bypassed when HTTP/2 is used [vs] CVE-2016-4979
FULLDISC:20160707 Acer Portal Android Application - MITM SSL Certificate Vulnerability (CVE-2016-5648) CVE-2016-5648
FULLDISC:20160707 [KIS-2016-11] IPS Community Suite <= 4.1.12.3 Autoloaded PHP Code Injection Vulnerability CVE-2016-6174
FULLDISC:20160712 [RCESEC-2016-003][CVE-2016-4469] Apache Archiva 1.3.9 Multiple Cross-Site Request Forgeries CVE-2016-4469
FULLDISC:20160712 [RCESEC-2016-004][CVE-2016-5005] Apache Archiva 1.3.9 admin/addProxyConnector_commit.action connector.sourceRepoId Persistent Cross-Site Scripting CVE-2016-5005
FULLDISC:20160714 opensshd - user enumeration CVE-2016-6210
FULLDISC:20160715 [ERPSCAN-16-020] SAP NetWeaver AS JAVA UDDI component - XXE vulnerability CVE-2016-4014
FULLDISC:20160715 [ERPSCAN-16-021] SAP xMII - Reflected XSS vulnerability CVE-2016-4016
FULLDISC:20160719 Django CMS v3.3.0 - (Editor Snippet) Persistent Web Vulnerability (CVE-2016-6186) CVE-2016-6186
FULLDISC:20160725 CVE-2016-5080: Memory corruption in code generated by Objective Systems Inc. ASN1C compiler for C/C++ [STIC-2016-0603] CVE-2016-5080
FULLDISC:20160725 [SEARCH-LAB advisory] Technicolor TC7200 modem/router multiple vulnerabilities CVE-2014-1677
FULLDISC:20160801 Fortinet FortiManager & FortiAnalyzer - (filename) Persistent Web Vulnerability CVE-2016-3196
FULLDISC:20160805 Kaspersky Safe Browser iOS Application - MITM SSL Certificate Vulnerability (CVE-2016-6231) CVE-2016-6231
FULLDISC:20160805 [SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20) CVE-2016-5331
FULLDISC:20160809 Internet Explorer iframe sandbox local file name disclosure vulnerability CVE-2016-3321
FULLDISC:20160810 [CORE-2016-0006] - SAP CAR Multiple Vulnerabilities CVE-2016-5845 CVE-2016-5847
FULLDISC:20160812 [CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1 CVE-2016-6600 CVE-2016-6601 CVE-2016-6602 CVE-2016-6603
FULLDISC:20160818 Onapsis Security Advisory ONAPSIS-2016-006: SAP HANA Get Topology Information CVE-2016-3639
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-019: SAP TREX Remote Command Execution CVE-2016-6137
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-020: SAP TREX Remote Directory Traversal CVE-2016-6138
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-021: SAP TREX Remote file read CVE-2016-6139
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-022: SAP TREX Arbitrary file write CVE-2016-6140
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-025: SAP HANA arbitrary audit injection via SQL protocol CVE-2016-6142
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-026: SAP HANA SYSTEM user brute force attack CVE-2016-6144
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-027: SAP HANA User information disclosure CVE-2016-6145
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-033: SAP TREX TNS Information Disclosure in NameServer CVE-2016-6146
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-034: SAP TREX remote command execution CVE-2016-6147
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-037: SAP HANA Potential Remote Code Execution CVE-2016-6148
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-038: SAP HANA Information disclosure in EXPORT CVE-2016-6149
FULLDISC:20160819 Onapsis Security Advisory ONAPSIS-2016-040: SAP HANA potential wrong encryption CVE-2016-6150
FULLDISC:20160822 Onapsis Security Advisory ONAPSIS-2016-038: SAP HANA Information disclosure in EXPORT CVE-2016-6149
FULLDISC:20160822 [CVE-2016-6582] Doorkeeper gem does not revoke tokens & uses wrong auth/auth method CVE-2016-6582
FULLDISC:20160823 Re: Onapsis Security Advisory ONAPSIS-2016-019: SAP TREX Remote Command Execution CVE-2016-6137
FULLDISC:20160823 Re: Onapsis Security Advisory ONAPSIS-2016-020: SAP TREX Remote Directory Traversal CVE-2016-6138
FULLDISC:20160823 Re: Onapsis Security Advisory ONAPSIS-2016-021: SAP TREX Remote file read CVE-2016-6139
FULLDISC:20160824 [RCESEC-2016-005][CVE-2016-6913] AlienVault USM/OSSIM 5.2 conf/reload.php "back" DOM-based Cross-Site Scripting CVE-2016-6913
FULLDISC:20160825 Onapsis Security Advisory ONAPSIS-2016-00171: JD Edwards Server Manager Password Disclosure CVE-2016-0425
FULLDISC:20160825 Onapsis Security Advisory ONAPSIS-2016-009: JD Edwards JDENet Password Disclosure CVE-2016-0422
FULLDISC:20160825 Onapsis Security Advisory ONAPSIS-2016-010: JD Edwards Server Manager Shutdown CVE-2016-0421
FULLDISC:20160825 Onapsis Security Advisory ONAPSIS-2016-011: JD Edwards Server Manager Create users CVE-2016-0420
FULLDISC:20160825 Onapsis Security Advisory ONAPSIS-2016-012: JD Edwards JDENET function DoS CVE-2016-0424
FULLDISC:20160825 Onapsis Security Advisory ONAPSIS-2016-014: JD Edwards JDENET function DoS CVE-2016-0423
FULLDISC:20160825 SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise CVE-2016-5760 CVE-2016-5761 CVE-2016-5762
FULLDISC:20160830 Onapsis Security Advisory ONAPSIS-2016-018: Oracle E-Business Suite Cross Site Scripting (XSS) CVE-2016-3438 CVE-2016-3438
FULLDISC:20160912 CVE-2016-6662 - MySQL Remote Root Code Execution / Privilege Escalation ( 0day ) CVE-2016-6662
FULLDISC:20160921 CVE-2016-5725 - JCraft/JSch Java Secure Channel <= 0.1.53 recursive sftp-get path traversal (client-side, windows) CVE-2016-5725
FULLDISC:20160927 skype installer dll hijacking vulnerability - CVE-2016-5720 CVE-2016-5720
FULLDISC:20160928 Symantec Messaging Gateway <= 10.6.1 Directory Traversal CVE-2016-5312
FULLDISC:20161003 Onapsis Security Advisory ONAPSIS-2016-036: SAP Security Audit Log invalid address logging CVE-2016-4551
FULLDISC:20161003 Onapsis Security Advisory ONAPSIS-2016-041: SAP OS Command Injection in SCTC_REFRESH_EXPORT_TAB_COMP CVE-2016-7435
FULLDISC:20161003 Onapsis Security Advisory ONAPSIS-2016-042: SAP OS Command Injection in SCTC_REFRESH_CHECK_ENV CVE-2016-7435
FULLDISC:20161003 Onapsis Security Advisory ONAPSIS-2016-043: SAP OS Command Injection in SCTC_TMS_MAINTAIN_ALOG CVE-2016-7435
FULLDISC:20161006 [KIS-2016-12] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability CVE-2016-5313
FULLDISC:20161011 Onapsis Security Advisory ONAPSIS-2016-001: SAP console insecure password storage CVE-2016-3946
FULLDISC:20161011 Onapsis Security Advisory ONAPSIS-2016-002: SAP UCON Security Protection bypass CVE-2016-3635
FULLDISC:20161011 Onapsis Security Advisory ONAPSIS-2016-005: SAP SLDREG memory corruption CVE-2016-3638
FULLDISC:20161011 Onapsis Security Advisory ONAPSIS-2016-029: SAP Missing Signature Check in DSA Algorithm CVE-2016-4407
FULLDISC:20161011 Onapsis Security Advisory ONAPSIS-2016-051: SAP Business Objects Memory Corruption CVE-2016-7437
FULLDISC:20161011 [SECURITY] CVE-2016-6808 Apache Tomcat JK ISAPI Connector buffer overflow CVE-2016-6808
FULLDISC:20161012 New OpenSSL double-free and invalid free vulnerabilities in X509 parsing CVE-2016-6304
FULLDISC:20161019 Multiple Vulnerabilities in Plone CMS CVE-2016-7135 CVE-2016-7136 CVE-2016-7137 CVE-2016-7138 CVE-2016-7139 CVE-2016-7140
FULLDISC:20161101 MySQL / MariaDB / PerconaDB - Privilege Escalation / Race Condition Exploit [CVE-2016-6663 / OCVE-2016-5616] CVE-2016-6663 CVE-2016-6664
FULLDISC:20161102 Disclose [10 * cve] in Exponent CMS CVE-2016-7780 CVE-2016-7781 CVE-2016-7782 CVE-2016-7783 CVE-2016-7784 CVE-2016-7788 CVE-2016-7789 CVE-2016-9019 CVE-2016-9020 CVE-2016-9087
FULLDISC:20161107 [CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow CVE-2016-6563
FULLDISC:20161110 CA11/09/2016-01: Security Notice for CA Unified Infrastructure Management CVE-2016-9164
FULLDISC:20161110 CA11/09/2016-02: Security Notice for CA Service Desk Manager CVE-2016-9148
FULLDISC:20161115 OS-S 2016-22 - Local DoS: Linux Kernel EXT4 Memory Corruption / SLAB-Out-of-Bounds Read CVE-2016-10208
FULLDISC:20161116 Nginx (Debian-based distros) - Root Privilege Escalation Vulnerability (CVE-2016-1247) CVE-2016-1247
FULLDISC:20161118 CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details CVE-2016-3247
FULLDISC:20161125 CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details CVE-2015-0050
FULLDISC:20161125 CVE-2015-1251: Chrome blink SpeechÂ&shy;RecognitionÂ&shy;Controller use-after-free details CVE-2015-1251
FULLDISC:20161201 CVE-2015-6168: MS Edge CMarkup::EnsureDeleteCFState use-after-free details CVE-2015-6168
FULLDISC:20161205 CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption CVE-2016-3222
FULLDISC:20161209 [ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security CVE-2016-9832
FULLDISC:20161214 APPLE-SA-2016-12-13-1 macOS 10.12.2 CVE-2016-6304
FULLDISC:20161214 Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability CVE-2016-7866
FULLDISC:20161215 Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] CVE-2016-9565
FULLDISC:20161215 Nagios Core < 4.2.4 Root Privilege Escalation [CVE-2016-9566] CVE-2016-9566
FULLDISC:20161219 CVE-2013-6627: Chrome Chrome HTTP 1xx base::StringTokenizerT<...>::QuickGetNext OOBR CVE-2013-6627
FULLDISC:20161220 [ERPSCAN-16-035] SAP Solman - user accounts disclosure CVE-2016-10005
FULLDISC:20161227 PHPMailer < 5.2.18 Remote Code Execution [CVE-2016-10033] CVE-2016-10033
FULLDISC:20161227 PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch) CVE-2016-10045
FULLDISC:20161229 SwiftMailer <= 5.4.5-DEV Remote Code Execution (CVE-2016-10074) CVE-2016-10074
FULLDISC:20170103 Persisted Cross-Site Scripting (XSS) in Confluence Jira Software CVE-2016-6283
FULLDISC:20170106 Re: Persisted Cross-Site Scripting (XSS) in Confluence Jira Software CVE-2016-6283
FULLDISC:20170110 Docker 1.12.6 - Security Advisory CVE-2016-9962
FULLDISC:20170111 Re: [oss-security] Docker 1.12.6 - Security Advisory CVE-2016-9962
FULLDISC:20170112 [CVE-2016-3403] [Zimbra] Multiple CSRF in Administration interface - all versions CVE-2016-3403
FULLDISC:20170113 Nginx (Debian-based + Gentoo distros) - Root Privilege Escalation [CVE-2016-1247 UPDATE] CVE-2016-1247
FULLDISC:20170117 Reflected Cross-Site Scripting (XSS) in Atlassian Jira Software CVE-2016-6285
FULLDISC:20170119 [ERPSCAN-16-036] SAP ASE ODATA SERVER - DENIAL OF SERVICE CVE-2017-5371
FULLDISC:20170119 [ERPSCAN-16-037] SAP NetWeaver AS JAVA P4 - INFORMATION DISCLOSURE CVE-2017-5372
FULLDISC:20170206 Remote DoS against OpenBSD http server (up to 6.0) CVE-2017-5850
FULLDISC:20170214 [Kodi v17.1] - Local File Inclusion CVE-2017-5982
FULLDISC:20170221 Sawmill Enterprise v8.7.9 Pass The Hash Authentication Bypass CVE-2017-5496
FULLDISC:20170222 EasyCom PHP API Stack Buffer Overflow CVE-2017-5358
FULLDISC:20170222 EasyCom SQL iPlug Denial Of Service CVE-2017-5359
FULLDISC:20170223 Multiple cross-site request forgery (CSRF) vulnerabilities in the DIGISOL (DG-HR 1400) Wireless Router CVE-2017-6127
FULLDISC:20170227 CVE-2016-9892 - Remote Code Execution as Root via ESET Endpoint Antivirus 6 CVE-2016-9892
FULLDISC:20170228 CVE-2017-6189-Amazon Kindle for Windows CVE-2017-6189
FULLDISC:20170305 CVE-2017-6443: Persistent XSS in EPSON TMNet WebConfig Ver. 1.00 CVE-2017-6443
FULLDISC:20170310 CVE-2017-6550: Kinsey Infor-Lawson - Multiple SQL Injections CVE-2017-6550
FULLDISC:20170314 CVE-2017-6805 MobaXterm Personal Edition v9.4 Directory Traversal File Disclosure CVE-2017-6805
FULLDISC:20170316 Skype Insecure Library Loading Vulnerability (api-ms-win-core-winrt-string-l1-1-0.dll) CVE-2017-6517
FULLDISC:20170316 USB Pratirodh Insecure Password Storage Information Disclosure Vulnerability CVE-2017-6911
FULLDISC:20170316 USB Pratirodh XML External Entity Injection Vulnerability CVE-2017-6895
FULLDISC:20170318 [CVE-2017-6878]etInfo5.3.15 Stored Cross Site Scripting CVE-2017-6878
FULLDISC:20170327 CVE-2017-5900 CVE-2017-5900
FULLDISC:20170330 Splunk Enterprise Information Theft - CVE-2017-5607 CVE-2017-5607
FULLDISC:20170404 ManageEngine Applications Manager Multiple Vulnerabilities CVE-2016-9488 CVE-2016-9489 CVE-2016-9490 CVE-2016-9491 CVE-2016-9498
FULLDISC:20170411 CVE-2017-7456 MXview v2.8 Denial Of Service CVE-2017-7456
FULLDISC:20170411 CVE-2017-7643 Local root privesc in Proxifier for Mac <= 2.18 CVE-2017-7643
FULLDISC:20170411 Moxa MX AOPC-Server v1.5 XML External Entity CVE-2017-7457
FULLDISC:20170411 Moxa MXview v2.8 Remote Private Key Disclosure CVE-2017-7455
FULLDISC:20170523 [CORE-2017-0002] - Trend Micro ServerProtect Multiple Vulnerabilities CVE-2017-9032 CVE-2017-9033 CVE-2017-9034 CVE-2017-9035 CVE-2017-9036 CVE-2017-9037
FULLDISC:20170602 Qualys Security Advisory - CVE-2017-1000367 in Sudo's get_process_ttyname() for Linux CVE-2017-1000367
FULLDISC:20170628 [CORE-2017-0003] - Kaspersky Anti-Virus File Server Multiple Vulnerabilities CVE-2017-9810 CVE-2017-9811 CVE-2017-9812 CVE-2017-9813
FULLDISC:20170717 CVE-2017-7642 Local root privesc in Hashicorp vagrant-vmware-fusion <= 4.0.20 CVE-2017-7642
FULLDISC:20170717 Orion Elite Hidden IP Browser Pro - All Versions - Multiple Known Vulnerabilities CVE-2016-2177 CVE-2016-2178 CVE-2016-2181 CVE-2016-2182 CVE-2016-6304 CVE-2016-6306
FULLDISC:20170717 PEGA Platform <= 7.2 ML0 - Multiple vulnerabilities CVE-2017-11355 CVE-2017-11356
FULLDISC:20170719 APPLE-SA-2017-07-19-1 iOS 10.3.3 CVE-2017-8248
FULLDISC:20170720 Google's Android News and Weather App Doesn't Always Use SSL [CVE-2017-9245] CVE-2017-9245
FULLDISC:20170724 CVE-2017-9457 CompuLab Intense PC lacks firmware signature validation CVE-2017-9457
FULLDISC:20170726 libjpeg-turbo denial of service vulnerability CVE-2017-9614
FULLDISC:20170802 CVE-2017-11741 Local root privesc in Hashicorp vagrant-vmware-fusion <= 4.0.23 CVE-2017-11741
FULLDISC:20170808 minidjvu multiple vulnerabilities CVE-2017-12441 CVE-2017-12442 CVE-2017-12443 CVE-2017-12444 CVE-2017-12445
FULLDISC:20170808 wildmidi multiple vulnerabilities CVE-2017-11661 CVE-2017-11662 CVE-2017-11663 CVE-2017-11664
FULLDISC:20170811 Multiple unpatched flaws exist in NSS (CVE-2017-11695, CVE-2017-11696, CVE-2017-11697, CVE-2017-11698) CVE-2017-11695 CVE-2017-11696 CVE-2017-11697 CVE-2017-11698
FULLDISC:20170815 QuantaStor Software Define Storage mmultiple vulnerabilities CVE-2017-9978 CVE-2017-9979
FULLDISC:20170817 CVE-2017-6327: Symantec Messaging Gateway <= 10.6.3-2 unauthenticated root RCE CVE-2017-6327
FULLDISC:20170822 libgig-LinuxSampler multiple vulnerabilities CVE-2017-12950 CVE-2017-12951 CVE-2017-12952 CVE-2017-12953 CVE-2017-12954
FULLDISC:20170831 Lexmark Scan to Network (SNF) printer application <= 3.2.9 Information Exposure CVE-2017-13771
FULLDISC:20170904 CVE-2017-11567 Mongoose Web Server v6.5 CSRF Command Execution CVE-2017-11567
FULLDISC:20170904 Wibu Systems AG CodeMeter 6.50 - Persistent XSS Vulnerability CVE-2017-13754
FULLDISC:20170914 ESA-2017-098: EMC Data Protection Advisor Hardcoded Password Vulnerability CVE-2017-8013
FULLDISC:20170917 ZKTime_Web Software 2.0 - Cross Site Request Forgery CVE-2017-13129
FULLDISC:20170921 Pixie image Editor SSRF vulnerability for CVE-2017-12905 CVE-2017-12905
FULLDISC:20170922 WordPress Plugin Responsive Image Gallery 1.1.8 - SQL Injection CVE-2017-14125
FULLDISC:20170925 APPLE-SA-2017-09-25-1 macOS High Sierra 10.13 CVE-2016-9042 CVE-2017-6458
FULLDISC:20170925 OpenText Documentum Administrator and Webtop - Open Redirection CVE-2017-14524 CVE-2017-14525
FULLDISC:20170925 OpenText Documentum Administrator and Webtop - XML External Entity Injection CVE-2017-14526 CVE-2017-14527
FULLDISC:20170929 Trend Micro OfficeScan v11.0 and XG (12.0)* CURL (MITM) Remote Code Execution CVE-2017-14084 CVE-2017-14084
FULLDISC:20170929 Trend Micro OfficeScan v11.0 and XG (12.0)* Host Header Injection CVE-2017-14087 CVE-2017-14087
FULLDISC:20170929 Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized NT Domain / PHP Information Disclosures CVE-2017-14085 CVE-2017-14085
FULLDISC:20170929 Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Remote Encryption Key Disclosure CVE-2017-14083 CVE-2017-14083
FULLDISC:20170929 Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Remote Memory Corruption CVE-2017-14089 CVE-2017-14089
FULLDISC:20170929 Trend Micro OfficeScan v11.0 and XG (12.0)* Unauthorized Start Remote Process Code Execution / DOS - INI Corruption CVE-2017-14086 CVE-2017-14086
FULLDISC:20171007 CVE-2017-13706, Lansweeper 6.0.100.29 XXE Vulnerability CVE-2017-13706
FULLDISC:20171013 [RCESEC-2017-002][CVE-2017-14956] AlienVault USM v5.4.2 CVE-2017-14956
FULLDISC:20171016 [CVE-2017-15359] 3CX Phone System - Authenticated Directory Traversal CVE-2017-15359
FULLDISC:20171017 [CVE-2017-14322] Interspire Email Marketer - Remote Admin Authentication Bypass CVE-2017-14322
FULLDISC:20171023 [KIS-2017-02] Tuleap <= 9.6 Second-Order PHP Object Injection Vulnerability CVE-2017-7411
FULLDISC:20171101 APPLE-SA-2017-10-31-8 Additional information for APPLE-SA-2017-09-25-1 macOS High Sierra 10.13 CVE-2016-9042 CVE-2017-6458
FULLDISC:20171105 CVE-2017-12969 Avaya OfficeScan IPO Remote ActiveX Buffer Overflow CVE-2017-12969
FULLDISC:20171106 mkvalidator libebml2 mkclean multiple vulnerabilities CVE-2017-12779 CVE-2017-12780 CVE-2017-12781 CVE-2017-12782 CVE-2017-12783 CVE-2017-12800 CVE-2017-12801 CVE-2017-12802 CVE-2017-12803
FULLDISC:20171128 CVE-2017-14953 - Hikvision Wi-Fi IP Cameras associate to a default unencrypted rogue SSIDs in a wired configuration CVE-2017-14953
FULLDISC:20171201 Artica Web Proxy v3.06 Remote Code Execution / CVE-2017-17055 CVE-2017-17055
FULLDISC:20171201 Mist Server v2.12 Unauthenticated Persistent XSS CVE-2017-16884 CVE-2017-16884
FULLDISC:20171212 Meinberg LANTIME Web Configuration Utility - Arbitrary File Upload CVE-2017-16788
FULLDISC:20171212 Meinberg LANTIME Web Configuration Utility - Failure to Restrict URL Access CVE-2017-16787
FULLDISC:20171212 Three exploits for Zivif Web Cameras (may impact others) CVE-2017-17105 CVE-2017-17106 CVE-2017-17107
FULLDISC:20171215 Re: Meinberg LANTIME Web Configuration Utility - Arbitrary File Read CVE-2017-16786
FULLDISC:20171215 SyncBreeze <= 10.2.12 - Denial of Service CVE-2017-17088
FULLDISC:20171215 [CONVISO-17-002] - Zoom Linux Client Stack-based Buffer Overflow Vulnerability CVE-2017-15048
FULLDISC:20171215 [CONVISO-17-003] - Zoom Linux Client Command Injection Vulnerability (RCE) CVE-2017-15049
FULLDISC:20171219 CVE-2017-6094 - Genexis GAPS Access Control Vulnerability CVE-2017-6094
FULLDISC:20171219 Multiple Vulnerabilities in TP-Link TL-SG108E - CVE-2017-17745, CVE-2017-17746, CVE-2017-17747 CVE-2017-17745 CVE-2017-17746 CVE-2017-17747
FULLDISC:20171223 [CVE-2016-6914] Ubiquiti UniFi Video v3.7.3 (Windows) Local Privileges Escalation via Insecure Directory Permissions CVE-2016-6914
FULLDISC:20180102 EMC xDashboard - SQL Injection Vulnerability CVE-2017-14960
FULLDISC:20180105 [CVE-2017-7997] Gespage SQL Injection vulnerability CVE-2017-7997
FULLDISC:20180105 [CVE-2017-7998] Gespage stored cross-site-scripting (XSS) vulnerability CVE-2017-7998
FULLDISC:20180109 FiberHome MIFI LM53Q1 Multiple Vulnerabilities CVE-2017-16885 CVE-2017-16886 CVE-2017-16887
FULLDISC:20180109 SSD Advisory - Sophos XG from Unauthenticated Persistent XSS to Unauthorized Root Access CVE-2017-18014
FULLDISC:20180116 Multiple vulnerabilities in all versions of ASUS routers CVE-2017-15653 CVE-2017-15654 CVE-2017-15655 CVE-2017-15656
FULLDISC:20180122 CMS Made Simple 2.2.5[Reflected Cross-Site Scripting] CVE-2018-5965
FULLDISC:20180123 CMS Made Simple 2.2.5 [Stored Cross-Site Scripting] CVE-2018-5963
FULLDISC:20180123 CMS Made Simple 2.2.5[Reflected Cross-Site Scripting] CVE-2018-5964
FULLDISC:20180126 [CVE-2016-6598/9]: RCE and admin cred disclosure in BMC Track-It! 11.4 CVE-2016-6598 CVE-2016-6599
FULLDISC:20180126 [CVE-2018-6194, CVE-2018-6195] PHP Object Injection + XSS in WordPress Splashing Images Plugin CVE-2018-6194 CVE-2018-6195
FULLDISC:20180202 Flexense SyncBreeze Entreprise 10.3.14 Buffer Overflow (SEH-bypass) CVE-2017-17996
FULLDISC:20180208 SEC Consult SA-20180208-0 :: Multiple Cross-Site Scripting Vulnerabilities in Sonatype Nexus Repository Manager OSS/Pro CVE-2018-5306 CVE-2018-5307
FULLDISC:20180209 CVS Suite 2009R2 Insecure Library Loading CVE-2018-6461 CVE-2018-6461
FULLDISC:20180227 ActivePDF Toolkit < 8.1.0 multiple RCE CVE-2018-7264
FULLDISC:20180306 Rapid Scada - 5.5.0 - Insecure Permissions CVE-2018-5313
FULLDISC:20180309 10-Strike Network Monitor 5.4 - Unquoted Service Path CVE-2018-6016
FULLDISC:20180309 BitDefender Total Security 2018 - Insecure Pipe Permissions CVE-2018-6183
FULLDISC:20180309 Hola VPN 1.79.859 - Insecure service permissions CVE-2018-6623
FULLDISC:20180309 Panda Global Security 17.0.1 - NULL DACL grants full access CVE-2018-6322
FULLDISC:20180309 Panda Global Security 17.0.1 - Unquoted service path CVE-2018-6321
FULLDISC:20180309 Tuleap SQL Injection CVE-2018-7538
FULLDISC:20180309 WPS Free Office 10.2.0.5978 - NULL DACL grants full access CVE-2018-6400
FULLDISC:20180312 SEC Consult SA-20180312-0 :: Multiple Critical Vulnerabilities in SecurEnvoy SecurMail CVE-2018-7701 CVE-2018-7702 CVE-2018-7703 CVE-2018-7704 CVE-2018-7705 CVE-2018-7706 CVE-2018-7707
FULLDISC:20180313 SQL Injection in Textpattern <= 4.6.2 CVE-2018-7474
FULLDISC:20180315 [CORE-2018-0003] MikroTik RouterOS SMB Buffer Overflow CVE-2018-7445
FULLDISC:20180316 DSA-2018-037: Dell EMC NetWorker Buffer Overflow Vulnerability CVE-2018-1218
FULLDISC:20180319 DSA-2018-018: Dell EMC Isilon OneFS Multiple Vulnerabilities CVE-2018-1186 CVE-2018-1187 CVE-2018-1188 CVE-2018-1189 CVE-2018-1201 CVE-2018-1202 CVE-2018-1203 CVE-2018-1204 CVE-2018-1213
FULLDISC:20180322 LDAP Account Manager (6.2) CVE-2018-8763, CVE-2018-8764 CVE-2018-8763 CVE-2018-8764
FULLDISC:20180324 Cross-Site Scripting vulnerability in Zimbra Collaboration Suite due to the way it handles attachment links CVE-2018-6882
FULLDISC:20180326 DSA-2018-040: RSA Authentication Agent for Web for IIS and Apache Web Server Multiple Vulnerabilities CVE-2018-1232 CVE-2018-1233 CVE-2018-1234
FULLDISC:20180326 DSA-2018-058: Dell EMC ScaleIO Multiple Security Vulnerabilities CVE-2018-1205 CVE-2018-1237 CVE-2018-1238
FULLDISC:20180327 Blind SQL Injection in Square 9 GlobalForms <= 6.2.x (CVE-2018-8820) CVE-2018-8820
FULLDISC:20180327 ManageEngine Service Desk Plus < 9403 Cross-Site Scripting CVE-2018-5799
FULLDISC:20180330 CVE-2018-5708 CVE-2018-5708
FULLDISC:20180330 SSRF(Server Side Request Forgery) in Tpshop <= 2.0.6 (CVE-2017-16614) CVE-2017-16614
FULLDISC:20180403 CVE-2018-4863 Sophos Endpoint Protection v10.7 / Tamper Protection Bypass CVE-2018-4863
FULLDISC:20180403 CVE-2018-9233 Sophos Endpoint Protection Control Panel v10.7 / Insecure Crypto CVE-2018-9233
FULLDISC:20180405 DSA-2018-025: Dell EMC Avamar and Integrated Data Protection Appliance Installation Manager Missing Access Control Vulnerability CVE-2018-1217
FULLDISC:20180406 SSRF(Server Side Request Forgery) in Cockpit CMS 0.13.0 (CVE-2017-14611) CVE-2017-14611
FULLDISC:20180406 SSRF(Server Side Request Forgery) in Onethink All version (CVE-2017-14323) CVE-2017-14323
FULLDISC:20180409 [RT-SA-2017-014] CyberArk Password Vault Web Access Remote Code Execution CVE-2018-9843
FULLDISC:20180409 [RT-SA-2017-015] CyberArk Password Vault Memory Disclosure CVE-2018-9842
FULLDISC:20180411 DSA-2018-071: Dell EMC ViPR Controller Information Exposure Vulnerability CVE-2018-1240
FULLDISC:20180413 Re: CVE-2018-7539 Directory Traversal on Appear TV Maintenance centre 8088 CVE-2018-7539
FULLDISC:20180417 Kodi <= 17.6 - Persistent Cross-Site Scripting CVE-2018-8831
FULLDISC:20180424 SEC Consult SA-20180423-0 :: Multiple Stored XSS Vulnerabilities in WSO2 Carbon and Dashboard Server CVE-2018-8716
FULLDISC:20180424 Sitecore Directory Traversal Vulnerability CVE-2018-7669
FULLDISC:20180425 DSA-2018-013: Dell EMC ECOM XML External Entity Injection Vulnerability CVE-2018-1183
FULLDISC:20180427 Unvalidated Redirect in Shibboleth component of Blackboard Learn CVE-2017-18262
FULLDISC:20180429 ASUSTOR ADM 3.1.0.RFQ3 and below vulnerabilities CVE-2018-11340 CVE-2018-11341 CVE-2018-11342 CVE-2018-11343 CVE-2018-11344 CVE-2018-11345 CVE-2018-11346
FULLDISC:20180501 Backdoor in Tpshop <= 2.0.8 (CVE-2018-9919) CVE-2018-9919
FULLDISC:20180501 Multiple issues in WatchGuard AP100 AP102 AP200 result in remote code execution CVE-2018-10575 CVE-2018-10576 CVE-2018-10577 CVE-2018-10578
FULLDISC:20180501 SSRF(Server Side Request Forgery) in Cockpit 0.4.4-0.5.5 (CVE-2018-9302) CVE-2018-9302
FULLDISC:20180501 XSS in Flexense DiskPulse, affects all versions CVE-2018-10564
FULLDISC:20180501 XSS in Flexense DiskSavvy, affects all versions CVE-2018-10565
FULLDISC:20180501 XSS in Flexense DiskSorter, affects all versions CVE-2018-10568
FULLDISC:20180501 XSS in Flexense DupScout, affects all versions CVE-2018-10566
FULLDISC:20180501 XSS in Flexense SyncBreeze, affects all versions CVE-2018-10563
FULLDISC:20180501 XSS in Flexense VX Search, affects all versions CVE-2018-10567
FULLDISC:20180501 XSS-Flexense-DiskBoss-Enterprise-all-versions CVE-2018-10294
FULLDISC:20180503 DSA-2018-063: Dell EMC Unity Family OS Command Injection Vulnerability CVE-2018-1239
FULLDISC:20180504 DSA-2018-086: RSA Authentication Manager Multiple Vulnerabilities CVE-2018-1247 CVE-2018-1248
FULLDISC:20180513 CVE-2018-10759/CVE-2018-10760: Project Pier 0.8.8 vulnerabilities CVE-2018-10759 CVE-2018-10760
FULLDISC:20180516 CVE-2018-11101: Signal-desktop HTML tag injection variant 2 CVE-2018-11101
FULLDISC:20180516 PDFParser vulnerability CVE-2018-11128
FULLDISC:20180516 vcftools 0.1.15 vuln bugs CVE-2018-11099 CVE-2018-11129 CVE-2018-11130
FULLDISC:20180522 DSA-2018-095: Dell EMC RecoverPoint Multiple Vulnerabilities CVE-2018-1235 CVE-2018-1241 CVE-2018-1242
FULLDISC:20180528 libmobi 0.3 vulns CVE-2018-11432 CVE-2018-11433 CVE-2018-11434 CVE-2018-11435 CVE-2018-11436 CVE-2018-11437 CVE-2018-11438
FULLDISC:20180528 taglib 1.11.1 vuln CVE-2018-11439
FULLDISC:20180529 SEC Consult SA-20180529-0 :: Unprotected WiFi access & Unencrypted data transfer in Vgate iCar2 OBD2 Dongle CVE-2018-11476 CVE-2018-11477 CVE-2018-11478
FULLDISC:20180530 CVE-2018-11551 AXON PBX DLL Loading Arbitrary Code Execution & Privilege Escalation Vulnerability CVE-2018-11551
FULLDISC:20180530 CVE-2018-11552 AXON PBX 2.02 Cross Site Scripting CVE-2018-11552
FULLDISC:20180531 DSA-2018-085: RSA Web Threat Detection SQL Injection Vulnerability CVE-2018-1252
FULLDISC:20180531 [CORE-2018-0002] - Quest DR Series Disk Backup Multiple Vulnerabilities CVE-2018-11143 CVE-2018-11144 CVE-2018-11145 CVE-2018-11146 CVE-2018-11147 CVE-2018-11148 CVE-2018-11149 CVE-2018-11150 CVE-2018-11151 CVE-2018-11152 CVE-2018-11153 CVE-2018-11154 CVE-2018-11155 CVE-2018-11156 CVE-2018-11157 CVE-2018-11158 CVE-2018-11159 CVE-2018-11160 CVE-2018-11161 CVE-2018-11162 CVE-2018-11163 CVE-2018-11164 CVE-2018-11165 CVE-2018-11166 CVE-2018-11167 CVE-2018-11168 CVE-2018-11169 CVE-2018-11170 CVE-2018-11171 CVE-2018-11172 CVE-2018-11173 CVE-2018-11174 CVE-2018-11175 CVE-2018-11176 CVE-2018-11177 CVE-2018-11178 CVE-2018-11179 CVE-2018-11180 CVE-2018-11181 CVE-2018-11182 CVE-2018-11183 CVE-2018-11184 CVE-2018-11185 CVE-2018-11186 CVE-2018-11187 CVE-2018-11188 CVE-2018-11189 CVE-2018-11190 CVE-2018-11191 CVE-2018-11192 CVE-2018-11193 CVE-2018-11194
FULLDISC:20180601 DisplayLink Installer 8.2.1956 DLL Hijack to privilege escalation CVE-2018-7884 CVE-2018-7884
FULLDISC:20180605 Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688) CVE-2018-11688
FULLDISC:20180608 Gridbox extension for Joomla! <= 2.4.0 Reflected Cross Site Scripting (XSS) CVE-2018-11690
FULLDISC:20180608 Multiple Automated Logic Corporation WebCTRL XML External Entity Injection (CVE-2018-8819) CVE-2018-8819
FULLDISC:20180608 Open-Xchange Security Advisory 2018-06-08 CVE-2017-17062 CVE-2018-5751 CVE-2018-5752 CVE-2018-5753 CVE-2018-5754 CVE-2018-5755 CVE-2018-5756
FULLDISC:20180608 Re: Ignite Realtime Openfire Version 3.7.1 Reflected Cross Site Scripting (CVE-2018-11688) CVE-2018-11688
FULLDISC:20180608 libfsntfs 20180420 vulns CVE-2018-11727 CVE-2018-11728 CVE-2018-11729 CVE-2018-11730 CVE-2018-11731
FULLDISC:20180608 libmobi 0.3 vulnerabilities CVE-2018-11724 CVE-2018-11725 CVE-2018-11726
FULLDISC:20180608 libpff 20180428 vulnerability CVE-2018-11723
FULLDISC:20180612 DSA-2018-107: RSA Authentication Manager Cross-site scripting Vulnerabilities CVE-2018-1253 CVE-2018-1254
FULLDISC:20180614 liblnk 20180419 vulns CVE-2018-12096 CVE-2018-12097 CVE-2018-12098
FULLDISC:20180619 DSA-2018-126: EMC ECS S3 Authentication Bypass Vulnerability CVE-2018-11052
FULLDISC:20180619 XSS in Canopy login page CVE-2018-9036
FULLDISC:20180628 DSA-2018-122: RSA Certificate Manager Path Traversal Vulnerability CVE-2018-11051
FULLDISC:20180702 CVE-2018-12103 CVE-2018-12103
FULLDISC:20180702 Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction CVE-2018-12571
FULLDISC:20180702 Open-Xchange Security Advisory 2018-07-02 CVE-2018-9997 CVE-2018-9998
FULLDISC:20180702 Re: Microsoft Forefront Unified Access Gateway 2010 External DNS Interaction CVE-2018-12571
FULLDISC:20180702 XSS in Sencha Ext JS 4 to 6 CVE-2018-8046
FULLDISC:20180702 ntop-ng < 3.4.180617 - Authentication bypass / session hijacking CVE-2018-12520
FULLDISC:20180704 SEC Consult SA-20180704-0 :: Local root jailbreak via network file sharing flaw in all ADB Broadband Gateways / Routers CVE-2018-13108
FULLDISC:20180704 SEC Consult SA-20180704-1 :: Authorization Bypass in all ADB Broadband Gateways / Routers CVE-2018-13109
FULLDISC:20180704 SEC Consult SA-20180704-2 :: Privilege escalation via linux group manipulation in all ADB Broadband Gateways / Routers CVE-2018-13110
FULLDISC:20180705 DSA-2018-117 RSA Identity Governance and Lifecycle Uncontrolled Search Path Vulnerability CVE-2018-11049
FULLDISC:20180706 Sophos Safeguard Products - Multiple Privilege Escalation Vulnerabilities. CVE-2018-6851 CVE-2018-6852 CVE-2018-6853 CVE-2018-6854 CVE-2018-6855 CVE-2018-6856 CVE-2018-6857
FULLDISC:20180710 VLC media player 2.2.8 Arbitrary Code Execution PoC CVE-2018-11529
FULLDISC:20180710 [CVE-2018-10197] ELO 9/10 - Time-Based blind SQL injection CVE-2018-10197
FULLDISC:20180711 DSA-2018-084: RSA Identity Governance and Lifecycle Multiple Vulnerabilities CVE-2018-1245 CVE-2018-1255
FULLDISC:20180711 SEC Consult SA-20180711-0 :: Remote code execution via multiple attack vectors in WAGO e!DISPLAY 7300T CVE-2018-12979 CVE-2018-12980 CVE-2018-12981
FULLDISC:20180711 [CORE-2018-0006] - QNAP Qcenter Virtual Appliance Multiple Vulnerabilities CVE-2018-0706 CVE-2018-0707 CVE-2018-0708 CVE-2018-0709 CVE-2018-0710
FULLDISC:20180712 G DATA TOTAL SECURITY v25.4.0.3 Activex Buffer Overflow CVE-2018-10018
FULLDISC:20180712 Total AV 4.1.7 ~ 4 .6.19 - Insecure Permissions CVE-2018-7535
FULLDISC:20180712 eScan ISS for Business v14.0.1400.2029 - BSOD through of a IOCTL CVE-2018-10098
FULLDISC:20180718 DSA-2018-130: RSA Archer Multiple Vulnerabilities CVE-2018-11059 CVE-2018-11060
FULLDISC:20180720 [CVE-2018-12996] Zoho manageengine Applications Manager Reflected XSS CVE-2018-12996
FULLDISC:20180720 [CVE-2018-12997]Zoho manageengine Arbitrary File Read in multiple Products CVE-2018-12997
FULLDISC:20180720 [CVE-2018-12998]Zoho manageengine Reflected XSS in multiple Products CVE-2018-12998
FULLDISC:20180720 [CVE-2018-12999]Zoho manageengine Desktop Central Arbitrary File Deletion CVE-2018-12999
FULLDISC:20180725 DSA-2018-120: Dell EMC NetWorker Clear-Text authentication over network vulnerability CVE-2018-11050
FULLDISC:20180726 [CORE-2018-0009] - SoftNAS Cloud OS Command Injection CVE-2018-14417
FULLDISC:20180727 Integer overflow in SunContract CVE-2018-14576
FULLDISC:20180731 Out-of-Band XXE in Universal Media Server's SSDP Processing CVE-2018-13416
FULLDISC:20180802 (CVE-2018-13415) Out-of-Band XXE in Plex Media Server CVE-2018-13415
FULLDISC:20180802 (CVE-2018-13417) Out-of-Band XXE in Vuze Bittorrent Client CVE-2018-13417
FULLDISC:20180803 CVE-2018-14857 (Unrestricted File Upload (RCE) in OCS Inventory NG Webconsole before 2.5) CVE-2018-14857
FULLDISC:20180803 DSA-2018-112: Dell EMC Data Protection Advisor XML External Entity Vulnerability CVE-2018-11048
FULLDISC:20180813 [CONVISO-18-001] - Nasdaq BWise JMX/RMI RCE CVE-2018-11247
FULLDISC:20180814 DSA-2018-132: RSA NetWitness Platform Server-Side Template Injection Vulnerability CVE-2018-11061
FULLDISC:20180814 DSA-2018-144: RSA Archer SQL Injection Vulnerability within embedded WorkPoint component CVE-2018-11065
FULLDISC:20180816 SEC Consult SA-20180813-0 :: SQL Injection, XSS & CSRF vulnerabilities in Pimcore CVE-2018-14057 CVE-2018-14058 CVE-2018-14059
FULLDISC:20180821 CVE-2017-11563: Remote Code Execution via stack overflow in D-Link EyeOn Baby Monitor (DCS-825L) CVE-2017-11563
FULLDISC:20180821 CVE-2017-11564: multiple command inject in D-Link EyeOn Baby Monitor (DCS-825L) CVE-2017-11564
FULLDISC:20180821 CVE-2017-12573: command injection in PLANEX CS-W50HD CVE-2017-12573
FULLDISC:20180821 CVE-2017-12574: Hardcode credential in PLANEX CS-W50HD CVE-2017-12574
FULLDISC:20180821 CVE-2017-12575: information leakage in NEC Aterm WG2600HP2 CVE-2017-12575
FULLDISC:20180821 CVE-2017-12576: an hidden management page in PLANEX CS-QR20 CVE-2017-12576
FULLDISC:20180821 CVE-2017-12577: an hardcode credential in PLANEX CS-QR20 CVE-2017-12577
FULLDISC:20180821 RESPONSIVE filemanager CVE-2018-15535 CVE-2018-15536
FULLDISC:20180827 CVE-2018-12710 CVE-2018-12710
FULLDISC:20180828 DSA-2018-128: RSA BSAFE Micro Edition Suite and Crypto-C Micro Edition Multiple Security Vulnerabilities CVE-2018-11054 CVE-2018-11055 CVE-2018-11056 CVE-2018-11057 CVE-2018-11058
FULLDISC:20180904 [CORE-2018-0008] - Opsview Monitor Multiple Vulnerabilities CVE-2018-16144 CVE-2018-16145 CVE-2018-16146 CVE-2018-16147 CVE-2018-16148
FULLDISC:20180905 DSA-2018-150:RSA BSAFE SSL-J Multiple Vulnerabilities CVE-2018-11068 CVE-2018-11069 CVE-2018-11070
FULLDISC:20180906 SEC Consult SA-20180906-0 :: CSV Formula Injection in DokuWiki CVE-2018-15474
FULLDISC:20180907 CVE-2018-15898: Subsonic Music Streamer 4.4 (Android) - Improper Certificate Validation CVE-2018-15898
FULLDISC:20180907 DSA-2018-156: Dell EMC VPLEX Insecure File Permissions vulnerability on Witness CVE-2018-11078
FULLDISC:20180914 DSA-2018-147: Dell EMC Isilon OneFS and IsilonSD Edge Remote Process Crash Vulnerability CVE-2018-11071
FULLDISC:20180914 Disclose SSRF Vulnerability CVE-2018-16794
FULLDISC:20180916 [CVE-2018-16225] QBee MultiSensor Camera LAN Traffic Vulnerability CVE-2018-16225
FULLDISC:20180917 Disclose SSRF Vulnerability CVE-2018-16793
FULLDISC:20180918 DSA-2018-101: Dell EMC Unity Family Multiple Vulnerabilities CVE-2018-1246 CVE-2018-1250 CVE-2018-1251
FULLDISC:20180918 SEC Consult SA-20180918-0 :: Remote Code Execution via PHP unserialize in Moodle open-source learning platform CVE-2018-14630
FULLDISC:20180920 AST-2018-009: Remote crash vulnerability in HTTP websocket upgrade CVE-2018-17281
FULLDISC:20180920 WordPress Plugin Localize My Post 1.0 - Local File Inclusion CVE-2018-16299
FULLDISC:20180920 WordPress Plugin Wechat Broadcast 1.2.0 - Local/Remote File Inclusion CVE-2018-16283
FULLDISC:20180921 DSA-2018-152: RSA Authentication Manager Multiple Vulnerabilities CVE-2018-11073 CVE-2018-11074 CVE-2018-11075
FULLDISC:20180921 [CVE-2018-13140] Antidote Remote Code Execution against the update component CVE-2018-13140
FULLDISC:20180924 DSA-2018-158: Dell EMC ESRS Policy Manager Remote Code Execution Vulnerability CVE-2018-15764
FULLDISC:20180926 DSA-2018-141: Dell EMC Unity Family Incorrect File Permissions vulnerability CVE-2018-11064
FULLDISC:20180926 Re: SEC Consult SA-20180926-0 :: Stored Cross-Site Scripting in Progress Kendo UI Editor CVE-2018-14037
FULLDISC:20180926 SEC Consult SA-20180926-0 :: CVE-2018-14037
FULLDISC:20181001 Ivanti Workspace Control Application Whitelist bypass via PowerGrid /SEE command line argument CVE-2018-15591
FULLDISC:20181001 Ivanti Workspace Control Data Security bypass via localhost UNC path CVE-2018-15590
FULLDISC:20181001 Ivanti Workspace Control local privilege escalation via Named Pipe CVE-2018-15592
FULLDISC:20181001 Stored credentials Ivanti Workspace Control can be retrieved from Registry CVE-2018-15593
FULLDISC:20181003 CVE-2018-15903 - Stored XSS on Claromentis CVE-2018-15903
FULLDISC:20181004 [CORE-2010-0010] - D-Link Central WiFiManager Software Controller Multiple CVE-2018-17440 CVE-2018-17441 CVE-2018-17442 CVE-2018-17443
FULLDISC:20181008 Ektron Content Management System (CMS) 9.20 SP2, remote re-enabling users (CVE-2018-12596) CVE-2018-12596
FULLDISC:20181008 Multiple vulnerabilities in NPLUG wireless repeater CVE-2018-12455 CVE-2018-12456 CVE-2018-17337
FULLDISC:20181011 Cockpit CMS Multiple Vulnerabilities (CVE-2018-15538, CVE-2018-15539, CVE-2018-15540) CVE-2018-15538 CVE-2018-15539 CVE-2018-15540
FULLDISC:20181011 [SBA-ADV-20180319-01] CVE-2018-17532: Teltonika RUT9XX Unauthenticated OS Command Injection CVE-2018-17532
FULLDISC:20181011 [SBA-ADV-20180319-02] CVE-2018-17534: Teltonika RUT9XX Missing Access Control to UART Root Terminal CVE-2018-17534
FULLDISC:20181011 [SBA-ADV-20180410-01] CVE-2018-17533: Teltonika RUT9XX Reflected Cross-Site Scripting (XSS) CVE-2018-17533
FULLDISC:20181012 Multiple vulnerabilities in D-Link routers CVE-2018-10822 CVE-2018-10823 CVE-2018-10824
FULLDISC:20181015 DSA-2018-157: Dell EMC ESRS Virtual Edition Multiple Vulnerabilities CVE-2018-11079 CVE-2018-11080 CVE-2018-15765
FULLDISC:20181016 Vulnerability Disclose CVE-2018-18262
FULLDISC:20181019 Zoho ManageEngine OpManager 12.3 allows Unrestricted Arbitrary File Upload CVE-2018-18475
FULLDISC:20181023 CVE-2018-8955: Bitdefender GravityZone Arbitrary Code Execution CVE-2018-8955
FULLDISC:20181029 DSA-2018-136: Dell EMC Integrated Data Protection Appliance Undocumented Accounts Vulnerability CVE-2018-11062
FULLDISC:20181102 Loadbalancer.org Enterprise VA MAX - Unauthenticated Stored XSS CVE-2018-18864
FULLDISC:20181102 Multiple Privilege Escalation Vulnerabilities in LiquidVPN for MacOS (CVE-2018-18856, CVE-2018-18857, CVE-2018-18858, CVE-2018-18859) CVE-2018-18856 CVE-2018-18857 CVE-2018-18858 CVE-2018-18859
FULLDISC:20181102 Royal TS/X - Information Disclosure CVE-2018-18865
FULLDISC:20181102 Zoho ManageEngine OpManager 12.3 allows Self XSS Vulnerability CVE-2018-18716
FULLDISC:20181102 Zoho ManageEngine OpManager 12.3 allows Stored XSS CVE-2018-18715
FULLDISC:20181102 [CVE-2018-16222 to 16225] Multiple Vulnerabilities in QBee and iSmartAlarm Products CVE-2018-16222 CVE-2018-16223 CVE-2018-16224
FULLDISC:20181105 Re: Royal TS/X - Information Disclosure CVE-2018-18865
FULLDISC:20181108 DSA-2018-205: Dell EMC RecoverPoint Multiple Vulnerabilities CVE-2018-15771 CVE-2018-15772
FULLDISC:20181109 CVE-2018-15515 / D-LINK Central WifiManager CWM-100 / Trojan File SYSTEM Privilege Escalation CVE-2018-15515
FULLDISC:20181109 CVE-2018-15516 / D- LINK Central WifiManager CWM-100 / FTP Server PORT Bounce Scan CVE-2018-15516
FULLDISC:20181109 CVE-2018-15517 / D-LINK Central WifiManager CWM-100 / Server Side Request Forgery CVE-2018-15517
FULLDISC:20181109 [CVE-2018-18619] SQL injection in Advanced comment system v1.0 CVE-2018-18619
FULLDISC:20181109 [CVE-2018-18940] Cross Site Scripting in default SnoopServlet servlet Netscape Enterprise 3.63 CVE-2018-18940
FULLDISC:20181109 [CVE-2018-18941] Security Vulnerability in Vignette Content Management version 6 CVE-2018-18941
FULLDISC:20181111 Sensitive Data Exposure via Battery Information Broadcasts in Android OS [CVE-2018-15835] CVE-2018-15835
FULLDISC:20181112 DSA-2018-198: RSA BSAFE Micro Edition Suite Key Management Error Vulnerability CVE-2018-15769
FULLDISC:20181113 OCS Inventory NG ocsreports Authenticated RCE via Shell Upload (CVE-2018-15537) CVE-2018-15537
FULLDISC:20181113 SwitchVPN MacOS Privilege Escalation Vulnerability CVE-2018-18860
FULLDISC:20181116 Budabot !calc Denial of Service CVE-2018-19290
FULLDISC:20181120 DSA-2018-145: Dell EMC Avamar Multiple Vulnerabilities CVE-2018-11066 CVE-2018-11067
FULLDISC:20181120 DSA-2018-154: Dell EMC Avamar and Integrated Data Protection Appliance Information Exposure Vulnerability CVE-2018-11076
FULLDISC:20181120 DSA-2018-155: Dell EMC Avamar and Integrated Data Protection Appliance Command Injection Vulnerability CVE-2018-11077
FULLDISC:20181120 [CVE-2018-18006] Ricoh myPrint - Hardcoded application credentials and information disclosure via WSDL webservices CVE-2018-18006
FULLDISC:20181121 SEC Consult SA-20181116-0 :: Multiple critical vulnerabilities in Miss Marple Enterprise Edition CVE-2018-19233 CVE-2018-19234
FULLDISC:20181123 CVE-2018-19439 - Cross Site Scripting in Oracle Secure Global Desktop Administration Console - 4.4; Build: 20080807152602 CVE-2018-19439
FULLDISC:20181127 CVE-2018-19505 - Impersonation may lead to incorrect user context in Remedy AR System Server in BMC Remedy 7.1 CVE-2018-19505
FULLDISC:20181130 CVE-2017-9732: knc (kerberized netcat) memory exhaustion CVE-2017-9732
FULLDISC:20181130 CVE-2018-19753 - Directory Traversal in Tarantella Enterprise before 3.11 CVE-2018-19753
FULLDISC:20181130 CVE-2018-19754 - Security Bypass Access Control Vulnerability in Tarantella Enterprise before 3.11 CVE-2018-19754
FULLDISC:20181130 Multiple OS Command Injection in Moxa NPort W2x50A products CVE-2018-19659 CVE-2018-19660
FULLDISC:20181201 SolarWinds SFTP Vulnerabilities CVE-2018-16791 CVE-2018-16792
FULLDISC:20181204 CVE-2018-11741 / CVE-2018-11742 / NEC Univerge Sv9100 WebPro - 6.00 / Predictable Session ID / Clear Text Password Storage CVE-2018-11741 CVE-2018-11742
FULLDISC:20181204 Multiple Cross-Site Scripting Vulnerabilities in FreshRSS 1.11.1 CVE-2018-19782
FULLDISC:20181204 Multiple Cross-site Scripting and Blind SQL Injection Vulnerabilities in Plikli 4.0.0 CVE-2018-19414 CVE-2018-19415
FULLDISC:20181207 [CVE-2018-19649, CVE-2018-19765 to CVE-2018-19775, CVE-2018-19809 to CVE-2018-19822] - Multiple Cross Site Scripting in VistaPortal SE Version 5.1 (build 51029) CVE-2018-19649 CVE-2018-19765 CVE-2018-19766 CVE-2018-19767 CVE-2018-19768 CVE-2018-19769 CVE-2018-19770 CVE-2018-19771 CVE-2018-19772 CVE-2018-19773 CVE-2018-19774 CVE-2018-19775 CVE-2018-19809 CVE-2018-19810 CVE-2018-19811 CVE-2018-19812 CVE-2018-19813 CVE-2018-19814 CVE-2018-19815 CVE-2018-19816 CVE-2018-19817 CVE-2018-19818 CVE-2018-19819 CVE-2018-19820 CVE-2018-19821 CVE-2018-19822
FULLDISC:20181207 [CVE-2018-19861, CVE-2018-19862] Buffer overflow in MiniShare 1.4.1 HEAD and POST method CVE-2018-19861 CVE-2018-19862
FULLDISC:20181209 Multiple vulnerabilities found in Trendnet routers and IP Cameras. CVE-2018-19239 CVE-2018-19240 CVE-2018-19241 CVE-2018-19242
FULLDISC:20181221 CVE-2018-20193 - Privilege escalation in Juniper Secure Access SSL VPN - SA-4000, 5.1R5 (build 9627) 4.2 Release (build 7631) CVE-2018-20193
FULLDISC:20181221 CVE-2018-20211 - DLL Hijacking in Exiftool v8.3.2.0 CVE-2018-20211
FULLDISC:20181221 [CORE-2017-0012] - ASUS Drivers Elevation of Privilege Vulnerabilities CVE-2018-18535 CVE-2018-18536 CVE-2018-18537
FULLDISC:20181221 [CORE-2018-0007] - GIGABYTE Driver Elevation of Privilege Vulnerabilities CVE-2018-19320 CVE-2018-19321 CVE-2018-19322 CVE-2018-19323
FULLDISC:20181221 [CVE-2018-18007] atbox.htm on D-Link DSL-2770L devices allows remote unauthenticated attackers to discover admin credentials CVE-2018-18007
FULLDISC:20181221 [CVE-2018-18008] spaces.htm on multiple D-Link devices (DSL, DIR, DWR) allows remote unauthenticated attackers to discover admin credentials CVE-2018-18008
FULLDISC:20181221 [CVE-2018-18009] dirary0.js on D-Link DIR-140L, DIR-640L devices allows remote unauthenticated attackers to discover admin credentials CVE-2018-18009
FULLDISC:20181228 DSA-2018-224:RSA Archer GRC Platform Improper Access Control Vulnerability CVE-2018-15780
FULLDISC:20190103 DSA-2018-226: RSA Authentication Manager Relative Path Traversal Vulnerability CVE-2018-15782
FULLDISC:20190104 Open-Xchange Security Advisory 2018-12-31 CVE-2018-12609 CVE-2018-12610 CVE-2018-12611
FULLDISC:20190119 [CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone CVE-2019-8928
FULLDISC:20190124 CA20190124-01: Security Notice for CA Automic Workload Automation CVE-2019-6504
FULLDISC:20190204 DSA-2019-010: Dell EMC VNX2 Family OS Command Injection Vulnerability CVE-2019-3704
FULLDISC:20190206 CVE-2019-7418, CVE-2019-7419, CVE-2019-7420, CVE-2019-7421 Cross Site Scripting in SAMSUNG X7400GX Sync Thru Web Service CVE-2019-7418
FULLDISC:20190206 Cross Site Scripting in Ericsson Active Library Explorer Server Version 14.3 CVE-2019-7417
FULLDISC:20190206 Qkr! with MasterPass iOS Application - MITM SSL Certificate Vulnerability (CVE-2019-6702) CVE-2019-6702
FULLDISC:20190206 [CVE-2019-7418, CVE-2019-7419, CVE-2019-7420, CVE-2019-7421] Cross Site Scripting in SAMSUNG X7400GX Sync Thru Web Service CVE-2019-7419 CVE-2019-7420 CVE-2019-7421
FULLDISC:20190206 [CVE-2019-7422, CVE-2019-7423, CVE-2019-7424, CVE-2019-7425, CVE-2019-7426, CVE-2019-7427] Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone CVE-2019-7422 CVE-2019-7423 CVE-2019-7424 CVE-2019-7425
FULLDISC:20190212 KSA-DEV-001: CVE-2018-19524 : StackOverflow in Multiple Skyworth GPON HomeGateways and Optical Network terminals. CVE-2018-19524
FULLDISC:20190212 KSA-Dev-002: CVE-2018-19525 : Account takeover via XSRF in All ISG Series Firewall CVE-2018-19525
FULLDISC:20190212 KSA-Dev-003:CVE-2019-7383 : Remote Code Execution Via shell upload in all systorme ISG products CVE-2019-7383
FULLDISC:20190212 KSA-Dev-005:CVE-2019-7384: Authenticated Remote Code Execution in Raisecom GPON Devices CVE-2019-7384
FULLDISC:20190212 KSA-Dev-006:CVE-2019-7385: Authenticated remote code execution on Multiple Raisecom GPON Devices CVE-2019-7385
FULLDISC:20190212 KSA-Dev-007:CVE-2019-7386:DoS and gecko reboot in the nokia 8810 4G handset CVE-2019-7386 CVE-2019-7416
FULLDISC:20190217 [CVE-2019-8923, CVE-2019-8924] SQL injection and persistent Cross Site Scripting in XAMPP 5.6.8 (and previous) CVE-2019-8923
FULLDISC:20190219 [CVE-2019-8925 to CVE-2019-8929] Path traversal and Cross Site Scripting in Zoho ManageEngine Netflow Analyzer Professional v7.0.0.2 Administration zone CVE-2019-8929
FULLDISC:20190228 DSA-2019-038: RSA Authentication Manager Insecure Credential Management Vulnerability CVE-2019-3711
FULLDISC:20190305 SAP J2EE Engine/7.01/Fiori Reflected Cross Site Scripting (XSS) CVE-2018-17862
FULLDISC:20190305 SAP J2EE Engine/7.01/Portal/EPP Reflected Cross Site Scripting (XSS) CVE-2018-17861
FULLDISC:20190306 DSA-2019-025: RSA Archer GRC Platform Multiple Vulnerabilities CVE-2019-3715 CVE-2019-3716
FULLDISC:20190311 CVE-2019-9648 CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal CVE-2019-9648
FULLDISC:20190311 CVE-2019-9649 CoreFTP FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal CVE-2019-9649
FULLDISC:20190319 2FA & macOS Disk Encryption Bypass in Abine Blur 7.24* [CVE-2019-6481] CVE-2018-7213 CVE-2019-6481
FULLDISC:20190319 CVE-2018-19971: JFrog Artifactory Pro SAML SSO signature validation error CVE-2018-19971
FULLDISC:20190319 Re: WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion CVE-2019-9618
FULLDISC:20190319 WordPress Plugin GraceMedia Media Player 1.0 - Local File Inclusion CVE-2019-9618
FULLDISC:20190322 CVE-2018-17057: phar deserialization in TCPDF might lead to RCE CVE-2018-17057
FULLDISC:20190322 Re: Font_Organizer 2.1.1 - Reflected XSS (WordPress Plugin) CVE-2019-9908
FULLDISC:20190322 Re: Give 2.3.0 - Reflected XSS (WordPress Plugin) CVE-2019-9909
FULLDISC:20190322 Re: KingComposer 2.7.6 - Reflected XSS (WordPress Plugin) CVE-2019-9910
FULLDISC:20190322 Re: NextScripts: Social Networks Auto-Poster 4.2.7 - Reflected XSS (WordPress Plugin) CVE-2019-9911
FULLDISC:20190322 Re: WP Live Chat Support 8.0.17 - Reflected XSS (WordPress Plugin) CVE-2019-9913
FULLDISC:20190322 Re: YOP Poll 6.0.2 - Reflected XSS (WordPress Plugin) CVE-2019-9914
FULLDISC:20190322 Re: wpGoogleMaps 7.10.41 - Reflected XSS (WordPress Plugin) CVE-2019-9912
FULLDISC:20190326 APPLE-SA-2019-3-25-2 macOS Mojave 10.14.4, Security Update 2019-002 High Sierra, Security Update 2019-002 Sierra CVE-2018-12015 CVE-2018-18311 CVE-2018-18313
FULLDISC:20190326 CVE-2019-10009 Titan FTP Server Version 2019 Build 3505 Directory Traversal/Local File Inclusion CVE-2019-10009
FULLDISC:20190326 Repeat of CVE-2018-4251 in Razer Laptops CVE-2018-4251
FULLDISC:20190327 [RT-SA-2019-003] Cisco RV320 Unauthenticated Configuration Export CVE-2019-1653
FULLDISC:20190327 [RT-SA-2019-004] Cisco RV320 Unauthenticated Diagnostic Data Retrieval CVE-2019-1653
FULLDISC:20190327 [RT-SA-2019-005] Cisco RV320 Command Injection Retrieval CVE-2019-1652
FULLDISC:20190404 CVE-2019-7727 - JMX/RMI Nice ENGAGE <= 6.5 Remote Command Execution CVE-2019-7727
FULLDISC:20190405 Uniqkey Password Manager 1.14 - Remote Denial Of Service [CVE-2019-10845] CVE-2019-10845
FULLDISC:20190407 Loytec LGATE-902: Multiple Vulnerabilities (XSS, Path traversal and File Deletion) CVE-2018-14916 CVE-2018-14918 CVE-2018-14919
FULLDISC:20190409 GAT-Ship Web Module [All versions before 1.40] - Unrestricted File Upload CVE-2019-11028
FULLDISC:20190409 Loytec LGATE-902: Multiple Vulnerabilities (XSS, Path traversal and File Deletion) CVE-2018-14916 CVE-2018-14918 CVE-2018-14919
FULLDISC:20190413 Nagios XI 5.5.10: XSS to root RCE (CVE-2019-9164, 9165, 9166, 9167, 9202, 9203, 9204) CVE-2019-9164
FULLDISC:20190416 CVE-2019-9955 Refelected XSS on Zyxel Login page CVE-2019-9955
FULLDISC:20190418 CVE-2018-2879 - anniversary CVE-2018-2879
FULLDISC:20190423 Multiple vulnerabilities in Sony Smart TVs CVE-2019-10886 CVE-2019-11336
FULLDISC:20190426 Re: GAT-Ship Web Module [All versions before 1.40] - Unrestricted File Upload CVE-2019-11028
FULLDISC:20190430 OpenPGP and S/MIME signature forgery attacks in multiple email clients CVE-2017-17848 CVE-2018-12019 CVE-2018-12020 CVE-2018-12356 CVE-2018-12556 CVE-2018-15586 CVE-2018-15587 CVE-2018-15588 CVE-2018-18509 CVE-2019-0728 CVE-2019-8338
FULLDISC:20190504 RCE in CGI Servlet - Apache Tomcat on Windows - CVE-2019-0232 CVE-2019-0232
FULLDISC:20190504 [SYSS-2019-005]: ABUS Secvest - Proximity Key - Cryptographic Issues (CWE-310) CVE-2019-9861
FULLDISC:20190510 Re: dotCMS v5.1.1 HTML Injection & XSS Vulnerability CVE-2008-7220 CVE-2015-9251 CVE-2018-14040 CVE-2018-14041 CVE-2018-14042 CVE-2019-11358 CVE-2019-8331
FULLDISC:20190510 SEC Consult SA-20190510-0 :: Unauthenticated SQL Injection vulnerability in OpenProject CVE-2019-11600
FULLDISC:20190510 dotCMS v5.1.1 HTML Injection & XSS Vulnerability CVE-2008-7220 CVE-2015-9251 CVE-2018-14040 CVE-2018-14041 CVE-2018-14042 CVE-2019-11358 CVE-2019-8331
FULLDISC:20190510 dotCMS v5.1.1 Vulnerabilities CVE-2008-7220 CVE-2015-9251 CVE-2018-14040 CVE-2018-14041 CVE-2018-14042 CVE-2019-11358 CVE-2019-8331
FULLDISC:20190513 APPLE-SA-2019-5-13-2 macOS Mojave 10.14.5, Security Update 2019-003 High Sierra, Security Update 2019-003 Sierra CVE-2018-4456
FULLDISC:20190513 APPLE-SA-2019-5-13-6 Apple TV Software 7.3 CVE-2017-14315 CVE-2017-6975 CVE-2017-9417
FULLDISC:20190513 [CVE-2019-8978] Improper Authentication (CWE-287) in Ellucian Banner Web Tailor and Banner Enterprise Identity Services CVE-2019-8978
FULLDISC:20190514 [CVE-2018-7841] Schneider Electric U.Motion Builder <= 1.3.4 track_import_export.php object_id Unauthenticated Command Injection CVE-2018-7765 CVE-2018-7841
FULLDISC:20190517 [RT-SA-2019-002] Directory Traversal in Cisco Expressway Gateway CVE-2019-1854
FULLDISC:20190521 Re: GAT-Ship Web Module >1.30 - Unauthenticated Information Disclosure Vulnerability CVE-2019-12163
FULLDISC:20190524 CMS Made Simple 2.2.10 - (Authenticated) Persistent Cross-Site Scripting CVE-2019-11226
FULLDISC:20190524 [CVE-2019-11604] Quest KACE Systems Management Appliance <= 9.0 kbot_service_notsoap.php METHOD Reflected Cross-Site Scripting CVE-2019-11604
FULLDISC:20190529 CA20190523-01: Security Notice for CA Risk Authentication and CA Strong Authentication CVE-2019-7393 CVE-2019-7394
FULLDISC:20190529 Reflected Cross-site Scripting Vulnerability in Kanboard 1.2.7 CVE-2019-7324
FULLDISC:20190529 XSS in SSI printenv command - Apache Tomcat - CVE-2019-0221 CVE-2019-0221
FULLDISC:20190529 [SYSS-2019-012]: Siemens LOGO! 8 - Use of Hard-coded Cryptographic Key (CWE-321) CVE-2019-10920
FULLDISC:20190529 [SYSS-2019-013]: Siemens LOGO! 8 - Missing Authentication for Critical Function (CWE-306) CVE-2019-10919
FULLDISC:20190529 [SYSS-2019-014]: Siemens LOGO! 8 - Storing Passwords in a Recoverable Format (CWE-257) CVE-2019-10921
FULLDISC:20190609 [CVE-2018-15555 / 15556] Telus Actiontec WEB6000Q Local Privilege Escalation CVE-2018-15555
FULLDISC:20190609 [CVE-2018-15557] Telus Actiontec WEB6000Q Remote Privilege Escalation CVE-2018-15557
FULLDISC:20190611 APPLE-SA-2019-5-30-1 AirPort Base Station Firmware Update 7.9.1 CVE-2018-6918
FULLDISC:20190611 Rapid7's Windows InsightIDR Agent: Local Privilege Escalation CVE-2019-5629
FULLDISC:20190611 The Return of the WIZard: RCE in Exim (CVE-2019-10149) CVE-1999-0095 CVE-1999-0145 CVE-2019-10149
FULLDISC:20190611 [CVE-2018-15555 / 15556] Telus Actiontec WEB6000Q Local Privilege Escalation CVE-2018-15555 CVE-2018-15556
FULLDISC:20190611 [CVE-2018-15557] Telus Actiontec WEB6000Q Remote Privilege Escalation CVE-2018-15557
FULLDISC:20190611 [SYSS-2019-007]: Inateck 2.4 GHz Wireless Presenter WP1001 - Keystroke Injection Vulnerability CVE-2019-12505
FULLDISC:20190611 [SYSS-2019-008]: Inateck 2.4 GHz Wearable Wireless Presenter WP2002 - Keystroke Injection Vulnerability CVE-2019-12504
FULLDISC:20190611 [SYSS-2019-015]: Logitech R700 Laser Presentation Remote - Keystroke Injection Vulnerability CVE-2019-12506
FULLDISC:20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series CVE-2011-5325 CVE-2013-1813 CVE-2014-4043 CVE-2014-9761 CVE-2014-9984 CVE-2015-0235 CVE-2015-1472 CVE-2015-9261 CVE-2017-16544
FULLDISC:20190618 BlogEngine.NET Directory traversal + RCE CVE-2019-10719 CVE-2019-10720 CVE-2019-6714
FULLDISC:20190620 XL-19-007 - ABB IDAL FTP Server Buffer Overflow Vulnerability CVE-2019-7231
FULLDISC:20190620 XL-19-008 - ABB IDAL FTP Server Path Traversal Vulnerability CVE-2019-7227
FULLDISC:20190620 XL-19-009 - ABB HMI Hardcoded Credentials Vulnerability CVE-2019-7225
FULLDISC:20190620 XL-19-010 - ABB IDAL HTTP Server Authentication Bypass Vulnerability CVE-2019-7226
FULLDISC:20190620 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability CVE-2019-7228
FULLDISC:20190621 PC-Doctor Toolbox before 7.3 has an Uncontrolled Search Path Element CVE-2019-12280
FULLDISC:20190624 BlogEngine.NET 3.3.7 and earlier Directory Traversal + Listing CVE-2019-10717
FULLDISC:20190624 Quarking Password Manager 3.1.84 - Clickjacking Vulnerability CVE-2019-12880
FULLDISC:20190624 Re: Multiple Cross-site Scripting Vulnerabilities in Shopware 5.5.6 CVE-2019-12935
FULLDISC:20190624 XL-19-004 - ABB IDAL FTP Server Uncontrolled Format String Vulnerability CVE-2019-7230
FULLDISC:20190624 XL-19-005 - ABB HMI Absence of Signature Verification Vulnerability CVE-2019-7229
FULLDISC:20190624 XL-19-007 - ABB IDAL FTP Server Buffer Overflow Vulnerability CVE-2019-7231
FULLDISC:20190624 XL-19-008 - ABB IDAL FTP Server Path Traversal Vulnerability CVE-2019-7227
FULLDISC:20190624 XL-19-009 - ABB HMI Hardcoded Credentials Vulnerability CVE-2019-7225
FULLDISC:20190624 XL-19-010 - ABB IDAL HTTP Server Authentication Bypass Vulnerability CVE-2019-7226
FULLDISC:20190624 XL-19-011 - ABB IDAL HTTP Server Stack-Based Buffer Overflow Vulnerability CVE-2019-7232
FULLDISC:20190624 XL-19-012 - ABB IDAL HTTP Server Uncontrolled Format String Vulnerability CVE-2019-7228
FULLDISC:20190709 Cisco Data Center Manager multiple vulns; RCE as root CVE-2019-1619 CVE-2019-1620 CVE-2019-1621 CVE-2019-1622
FULLDISC:20190709 KEYNTO Team Password Manager 1.5.0 - Cross Site Scripting [CVE-2019-13380] CVE-2019-13380
FULLDISC:20190709 PowerPanel Business Edition 3.4.0 - Cross Site Request Forgery CVE-2019-13071
FULLDISC:20190709 Two vulnerabilities found in Sony BRAVIA Smart TVs CVE-2019-11889 CVE-2019-11890
FULLDISC:20190709 UPDATE: [SYSS-2019-021]: WolfVision Cynap - Use of Hard-coded Cryptographic Key (CWE-321) [CVE-2019-13352] CVE-2019-13352
FULLDISC:20190712 Reflected Cross-site Scripting Vulnerability in Ponzu CMS 0.9.4 CVE-2017-18364
FULLDISC:20190716 CVE-2019-13577 / MAPLE Computer WBT SNMP Administrator v2.0.195.15 / Unauthenticated Remote Buffer Overflow Code Execution 0day CVE-2019-13577
FULLDISC:20190716 CVE-2019-2107 a.k.a "Hevcfright" Proof of Concept exploit (Denial of Service PoC) CVE-2019-2107
FULLDISC:20190723 APPLE-SA-2019-7-22-1 iOS 12.4 CVE-2019-13118
FULLDISC:20190723 APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra CVE-2018-19860 CVE-2019-13118
FULLDISC:20190723 APPLE-SA-2019-7-22-4 watchOS 5.3 CVE-2019-13118
FULLDISC:20190723 APPLE-SA-2019-7-22-5 tvOS 12.4 CVE-2019-13118
FULLDISC:20190723 Tufin SecureChange uses Richfaces 4.3.5, vulnerable to CVE-2015-0279 (unauthenticated RCE) CVE-2015-0279
FULLDISC:20190723 Two vulnerabilities found in MikroTik's RouterOS CVE-2018-1157 CVE-2018-1158
FULLDISC:20190726 APPLE-SA-2019-7-23-1 iCloud for Windows 7.13 CVE-2019-13118
FULLDISC:20190726 APPLE-SA-2019-7-23-2 iTunes for Windows 12.9.6 CVE-2019-13118
FULLDISC:20190726 APPLE-SA-2019-7-23-3 iCloud for Windows 10.6 CVE-2019-13118
FULLDISC:20190726 [SYSS-2019-004]: ABUS Secvest (FUAA50000) - Message Transmission - Unchecked Error Condition (CWE-391) (CVE-2019-14261) CVE-2019-14261
FULLDISC:20190730 VTS19-002: Multiple Vulnerabilities in Veritas Resiliency Platform (VRP) CVE-2019-14415 CVE-2019-14416 CVE-2019-14417 CVE-2019-14418
FULLDISC:20190802 Avira Free Security Suite 2019 - Exploiting Arbitrary File Writes for Local Elevation of Privilege CVE-2019-11396
FULLDISC:20190809 Dlink-CVE-2019-13101 CVE-2019-13101
FULLDISC:20190816 APPLE-SA-2019-08-13-5 SwiftNIO HTTP/2 1.5.0 CVE-2019-9512 CVE-2019-9514 CVE-2019-9515 CVE-2019-9516 CVE-2019-9518
FULLDISC:20190816 APPLE-SA-2019-8-13-1 Additional information for APPLE-SA-2019-7-22-2 macOS Mojave 10.14.6, Security Update 2019-004 High Sierra, Security Update 2019-004 Sierra CVE-2018-16860 CVE-2018-19860 CVE-2019-13118 CVE-2019-9506
FULLDISC:20190816 APPLE-SA-2019-8-13-2 Additional information for APPLE-SA-2019-7-22-1 iOS 12.4 CVE-2018-16860 CVE-2019-13118 CVE-2019-9506
FULLDISC:20190816 APPLE-SA-2019-8-13-3 Additional information for APPLE-SA-2019-7-22-4 watchOS 5.3 CVE-2018-16860 CVE-2019-13118 CVE-2019-9506
FULLDISC:20190816 APPLE-SA-2019-8-13-4 Additional information for APPLE-SA-2019-7-22-5 tvOS 12.4 CVE-2018-16860 CVE-2019-13118 CVE-2019-9506
FULLDISC:20190821 SEC Consult SA-20190821-0 :: Unauthenticated sensitive information leakage in Zoho Corporation ManageEngine ServiceDesk Plus CVE-2019-15046
FULLDISC:20190825 CVE-2019-10071: Timing Attack in HMAC Verification in Apache Tapestry CVE-2014-1972
FULLDISC:20190825 CoreFTP Server FTP / SFTP Server v2 - Build 674 MDTM Directory Traversal (Metasploit) Exploit CVE-2019-9649
FULLDISC:20190825 CoreFTP Server FTP / SFTP Server v2 - Build 674 SIZE Directory Traversal (Metasploit) Exploit CVE-2019-9648
FULLDISC:20190825 Unquoted Path - Trend Micro CVE-2019-14685
FULLDISC:20190825 [CVE-2019-15150] CSRF in MediaWiki extension OAuth2 Client 0.3 CVE-2019-15150
FULLDISC:20190827 Multiple CSRF Vulnerabilities in Django CRM 0.2.1 CVE-2019-11457
FULLDISC:20190830 Multiple vulns in Cisco UCS Director: from unauth remote access to code execution as root CVE-2019-1935 CVE-2019-1936 CVE-2019-1937
FULLDISC:20190830 [SBA-ADV-20190305-01] CVE-2019-13564: Ping Identity Agentless Integration Kit <1.5 Reflected Cross-site Scripting (XSS) CVE-2019-13564
FULLDISC:20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X CVE-2014-4043 CVE-2014-9761 CVE-2014-9984 CVE-2015-1472 CVE-2015-8778 CVE-2015-8779 CVE-2015-9261 CVE-2017-1000366 CVE-2017-16544 CVE-2018-20679 CVE-2019-5747
FULLDISC:20190906 Re: Totaljs CMS authenticated path traversal (could lead to RCE) CVE-2019-15952
FULLDISC:20190909 CA20190904-01: Security Notice for CA Common Services Distributed Intelligence Architecture (DIA) CVE-2019-13656
FULLDISC:20190909 CVE-2018-18809 Path traversal in Tibco JasperSoft CVE-2018-18809
FULLDISC:20190912 SEC Consult SA-20190912-0 :: Stored and reflected XSS vulnerabilities in LimeSurvey CVE-2019-16172 CVE-2019-16173
FULLDISC:20190920 Reflected XSS - HRworks Login (v1.16.1) CVE-2019-11559
FULLDISC:20190925 [CVE-2019-14783] Arbitrary file create with system-app privilege in Samsung Mobile Android FotaAgent Component CVE-2019-14783
FULLDISC:20190927 APPLE-SA-2019-9-26-7 Xcode 11.0 CVE-2019-3855
FULLDISC:20191003 CA20190930-01: Security Notice for CA Network Flow Analysis CVE-2019-13658
FULLDISC:20191003 [AIT-SA-20190930-01] CVE-2019-15741: Privilege Escalation via Logrotate in Gitlab Omnibus CVE-2019-15741
FULLDISC:20191007 [KIS-2019-02] vBulletin <= 5.5.4 (updateAvatar) Remote Code Execution Vulnerability CVE-2019-17132
FULLDISC:20191008 APPLE-SA-2019-10-07-1 macOS Catalina 10.15 CVE-2019-11041 CVE-2019-11042
FULLDISC:20191008 Password disclosure in the web interface on socomec DIRIS A-40 devices before 48250501 CVE-2019-15859
FULLDISC:20191011 Open-Xchange Security Advisory 2019-10-09 CVE-2019-14227
FULLDISC:20191014 SEC Consult SA-20191014-0 :: Reflected XSS vulnerability in OpenProject CVE-2019-17092
FULLDISC:20191015 Reflected XSS via Broken Link Checker v.1.11.8 WordPress Plugin CVE-2019-17207
FULLDISC:20191015 Tomedo Server - Weak encryption mech. CVE-2019-17393
FULLDISC:20191018 CA20191015-01: Security Notice for CA Performance Management CVE-2019-13657
FULLDISC:20191018 CVE 2019-2215 Android Binder Use After Free CVE-2019-2215
FULLDISC:20191018 CVE-2019-3010 - Local privilege escalation on Solaris 11.x via xscreensaver CVE-2019-3010
FULLDISC:20191018 Information leakage found in FRITZ!OS 6.83 & 6.80 (AVM DSL Router Fritz!Box 7490) [DTC-A-20170323-001] CVE-2017-8087
FULLDISC:20191018 Sangoma SBC bypass authentication via argument injection - CVE-2019-12148 CVE-2019-12148
FULLDISC:20191018 Sangoma SBC local sudo user creation vulnerability without authentication - CVE-2019-12147 CVE-2019-12147
FULLDISC:20191018 WiKID 2FA Enterprise Server Multiple Issues CVE-2019-16917 CVE-2019-17114 CVE-2019-17115 CVE-2019-17116 CVE-2019-17117 CVE-2019-17118 CVE-2019-17119 CVE-2019-17120
FULLDISC:20191022 Trend Micro Anti-Threat Toolkit (ATTK) <= v1.62.0.1218 Remote Code Execution 0day CVE-2019-9491 CVE-2019-9491
FULLDISC:20191031 APPLE-SA-2019-10-29-1 iOS 13.2 and iPadOS 13.2 CVE-2017-7152
FULLDISC:20191031 APPLE-SA-2019-10-29-10 Additional information for APPLE-SA-2019-10-07-1 macOS Catalina 10.15 CVE-2018-12152 CVE-2018-12153 CVE-2018-12154 CVE-2019-11041 CVE-2019-11042
FULLDISC:20191031 APPLE-SA-2019-10-29-2 macOS Catalina 10.15.1, Security Update 2019-001 Mojave, Security Update 2019-006 High Sierra CVE-2017-7152 CVE-2018-12152 CVE-2018-12153 CVE-2018-12154
FULLDISC:20191031 APPLE-SA-2019-10-29-4 watchOS 6.1 CVE-2017-7152
FULLDISC:20191031 [RT-SA-2019-013] Unsafe Storage of Credentials in Carel pCOWeb HVAC CVE-2019-11369 CVE-2019-13553
FULLDISC:20191031 [RT-SA-2019-014] Unauthenticated Access to Modbus Interface in Carel pCOWeb HVAC CVE-2019-13549
FULLDISC:20191115 Raritan CommandCenter Secure Gateway XML External Entity < 8.0 CVE-2018-20687
FULLDISC:20191115 ScanGuard Antivirus (latest version) / Insecure Permissions CVE-2019-18895
FULLDISC:20191115 Vulnerability Disclosure and CVE assign CVE-2019-18957
FULLDISC:20191115 WordPress Plugin Social Photo Gallery 1.0 - Remote Code Execution CVE-2019-14467
FULLDISC:20191115 [AIT-SA-20191112-01] CVE-2019-10143: Privilege Escalation via Logrotate in FreeRadius CVE-2019-10143
FULLDISC:20191119 CVE-2019-16758 Lexmark Services Monitor 2.27.4.0.39 Directory Traversal CVE-2019-16758
FULLDISC:20191126 CVE-2019-11932 (double free in libpl_droidsonroids_gif) many apps vulnerable CVE-2019-11932
FULLDISC:20191129 CVE-2019-18922; Directory Traversal; Allied Telesis AT-GS950/8 until Firmware AT-S107 V.1.1.3 [1.00.047] CVE-2019-18922
FULLDISC:20191129 [SYSS-2019-027]: Inateck BCST-60 Barcode Scanner - Keystroke Injection Vulnerability (CVE-2019-12503) CVE-2019-12503
FULLDISC:20191203 Reflected XSS in CSS Hero (v.4.0.3) CVE-2019-19133
FULLDISC:20191204 [KIS-2019-10] YouPHPTube <= 7.7 (getChat.json.php) SQL Injection Vulnerability CVE-2019-18662
FULLDISC:20191206 Authentication vulnerabilities in OpenBSD CVE-2019-19519 CVE-2019-19520 CVE-2019-19521 CVE-2019-19522
FULLDISC:20191206 SiteVision Insufficient Module Access Control CVE-2019-12733 CVE-2019-12734
FULLDISC:20191206 SiteVision Remote Code Execution CVE-2019-12733 CVE-2019-12734
FULLDISC:20191206 Symantec Endoint Security LPE CVE-2019-12750 CVE-2019-12750
FULLDISC:20191206 [AIT-SA-20191129-01] CVE-2019-16885: Unauthenticated remote code execution in OkayCMS CVE-2019-16885
FULLDISC:20191210 CA20191209-01: Security Notice for CA Nolio (Release Automation) CVE-2019-19230
FULLDISC:20191210 CVE-2019-18345 Reflected Cross-Site Scripting (XSS) vulnerability in DAViCal CalDAV Server CVE-2019-18346 CVE-2019-18347
FULLDISC:20191210 CVE-2019-18346 Cross-Site Request Forgery (CSRF) vulnerability in DAViCal CalDAV Server CVE-2019-18346 CVE-2019-18347
FULLDISC:20191210 CVE-2019-18347 Persistent Cross-Site Scripting (XSS) vulnerability in DAViCal CalDAV Server CVE-2019-18346 CVE-2019-18347
FULLDISC:20191213 APPLE-SA-2019-12-10-1 iOS 13.3 and iPadOS 13.3 CVE-2019-15903
FULLDISC:20191213 APPLE-SA-2019-12-10-3 macOS Catalina 10.15.2, Security Update 2019-002 Mojave, Security Update 2019-007 High Sierra CVE-2015-1545 CVE-2017-16808 CVE-2018-10103 CVE-2018-10105 CVE-2018-14461 CVE-2018-14462 CVE-2018-14463 CVE-2018-14464 CVE-2018-14465 CVE-2018-14466 CVE-2018-14467 CVE-2018-14468 CVE-2018-14469 CVE-2018-14470 CVE-2018-14879 CVE-2018-14880 CVE-2018-14881 CVE-2018-14882 CVE-2018-16227 CVE-2018-16228 CVE-2018-16229 CVE-2018-16230 CVE-2018-16300 CVE-2018-16451 CVE-2018-16452 CVE-2019-13057 CVE-2019-13565 CVE-2019-15161 CVE-2019-15162 CVE-2019-15163 CVE-2019-15164 CVE-2019-15165 CVE-2019-15166 CVE-2019-15903
FULLDISC:20191213 APPLE-SA-2019-12-10-5 tvOS 13.3 CVE-2019-15903
FULLDISC:20191213 APPLE-SA-2019-12-10-8 watchOS 6.1.1 CVE-2019-15903
FULLDISC:20191213 CSV injection vulnerability in SolarWinds Serv-U FTP Server CVE-2019-13181
FULLDISC:20191213 CVE-2019-12750 - Exploitation Write-ups CVE-2019-12750
FULLDISC:20191213 Local Privilege Escalation in OpenBSD's dynamic loader (CVE-2019-19726) CVE-2019-19726
FULLDISC:20191213 Squiz Matrix CMS <= 5.5.3.2 - Multiple Issues may lead to Remote Code Execution CVE-2019-19373 CVE-2019-19374
FULLDISC:20191213 Stored Cross-Site Scripting in Serv-U FTP Server CVE-2019-13182
FULLDISC:20191217 D-Link DIR-615 -- Vertical Prviliege Escalation CVE-2019-19743
FULLDISC:20200103 CA20191218-01: Security Notice for CA Client Automation Agent for Windows CVE-2019-19231
FULLDISC:20200103 Open-Xchange Security Advisory 2020-01-02 CVE-2019-16716 CVE-2019-16717
FULLDISC:20200117 CVE-2020-2656 - Low impact information disclosure via Solaris xlock CVE-2020-2656
FULLDISC:20200117 CVE-2020-2696 - Local privilege escalation via CDE dtsession CVE-2020-2696
FULLDISC:20200121 Neowise CarbonFTP v1.4 / Insecure Proprietary Password Encryption / CVE-2020-6857 CVE-2020-6857
FULLDISC:20200122 SEC Consult SA-20200122-0 :: Reflected XSS in ZOHO ManageEngine ServiceDeskPlus CVE-2020-6843
FULLDISC:20200123 SEC Consult SA-20200123-0 :: Cross-Site Request Forgery (CSRF) in Umbraco CMS CVE-2020-7210
FULLDISC:20200124 CVE-2019-19363 - Local Privilege Escalation in many Ricoh Printer Drivers for Windows CVE-2019-19363
FULLDISC:20200124 Multiple vulnerabilities in TOTOLINK and other Realtek SDK based routers CVE-2019-19822 CVE-2019-19823 CVE-2019-19824 CVE-2019-19825
FULLDISC:20200124 [UPDATED - POC] Neowise CarbonFTP v1.4 / Insecure Proprietary Password Encryption / CVE-2020-6857 CVE-2020-6857
FULLDISC:20200131 APPLE-SA-2020-1-28-2 macOS Catalina 10.15.3, Security Update 2020-001 Mojave, Security Update 2020-001 High Sierra CVE-2019-11043 CVE-2019-18634
FULLDISC:20200131 LPE and RCE in OpenSMTPD (CVE-2020-7247) CVE-2020-7247
FULLDISC:20200131 Re: Multiple vulnerabilities in TOTOLINK and other Realtek SDK based routers CVE-2019-19822 CVE-2019-19823 CVE-2019-19824 CVE-2019-19825
FULLDISC:20200131 [CVE-2019-20358] CVE-2019-9491 in Trend Micro Anti-Threat Toolkit (ATTK) was NOT properly FIXED CVE-2019-20358 CVE-2019-9491
FULLDISC:20200207 xglance-bin exploit (CVE-2014-2630) CVE-2014-2630
FULLDISC:20200214 CVE-2019-18915 HP System Event Utility / Privilege Escalation Vulnerability CVE-2019-18915
FULLDISC:20200214 Re: [FD] Critical Bluetooth Vulnerability in Android (CVE-2020-0022) - BlueFrag CVE-2020-0022
FULLDISC:20200218 CVE-2020-0728: Windows Modules Installer Service Information Disclosure Vulnerability CVE-2020-0728
FULLDISC:20200218 Re: [TZO-03-2020] ESET Generic Malformed Archive Bypass (ZIP Compression Information) CVE-2020-9264
FULLDISC:20200220 Open-Xchange Security Advisory 2020-02-19 CVE-2019-9853
FULLDISC:20200227 CVE-2020-5497 - MITREid Connect XSS CVE-2020-5497
FULLDISC:20200227 Hostapd fails at seeding PRNGS, leading to insufficient entropy (CVE-2016-10743 and CVE-2019-10064) CVE-2016-10743 CVE-2019-10064
FULLDISC:20200227 LPE and RCE in OpenSMTPD's default install (CVE-2020-8794) CVE-2020-8794
FULLDISC:20200227 Local information disclosure in OpenSMTPD (CVE-2020-8793) CVE-2020-8793
FULLDISC:20200227 [TZO-16-2020] - F-SECURE Generic Malformed Container bypass (GZIP) CVE-2020-9342
FULLDISC:20200227 [TZO-19-2020] - AVIRA Generic AV Bypass (ISO Container) - CVE-2020-9320 CVE-2020-9320
FULLDISC:20200306 Buffer overflow in pppd - CVE-2020-8597 CVE-2020-8597
FULLDISC:20200306 [AIT-SA-20200301-01] CVE-2020-9364: Directory Traversal in Creative Contact Form CVE-2020-9364
FULLDISC:20200306 [TZO-20-2020] - Quickheal Malformed Archive bypass (ZIP GPFLAG) - CVE-2020-9362 CVE-2020-9362
FULLDISC:20200313 RichFaces exploitation toolkit CVE-2015-0279 CVE-2018-12532 CVE-2018-12533
FULLDISC:20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router & TC Cloud Client CVE-2013-1813 CVE-2014-9645 CVE-2017-16544 CVE-2020-9435 CVE-2020-9436
FULLDISC:20200320 LPE in Avast Secure Browser CVE-2019-17190
FULLDISC:20200320 Oce Colorwave 500 printer - multiple vulnerabilities CVE-2020-10667 CVE-2020-10668 CVE-2020-10669
FULLDISC:20200324 APPLE-SA-2020-03-24-2 macOS Catalina 10.15.4, Security Update 2020-002 Mojave, Security Update 2020-002 High Sierra CVE-2019-14615 CVE-2019-19232
FULLDISC:20200324 Authentication Bypass in Tribal SITS:Vision CVE-2019-19127
FULLDISC:20200324 HP ThinPro - Application filter bypass CVE-2019-16286
FULLDISC:20200324 HP ThinPro - Citrix command injection CVE-2019-18909
FULLDISC:20200324 HP ThinPro - Information disclosure CVE-2019-16285
FULLDISC:20200324 HP ThinPro - Privilege escalation CVE-2019-16287
FULLDISC:20200324 HP ThinPro - Privileged command injection CVE-2019-18910
FULLDISC:20200327 CVE-2019-4716: conf overwrite + auth bypass = rce as root / SYSTEM on IBM PA / TM1 CVE-2019-4716
FULLDISC:20200327 [SYSS-2019-047] Micro Focus Vibe - Cross-Site Scripting (CVE-2020-9520) CVE-2020-9520
FULLDISC:20200403 MicroStrategy Intelligence Server and Web 10.4 - multiple vulnerabilities CVE-2020-11450 CVE-2020-11451 CVE-2020-11452 CVE-2020-11453 CVE-2020-11454
FULLDISC:20200410 Re: TP-LINK Cloud Cameras NCXXX Remote NULL Pointer Dereference CVE-2020-10231
FULLDISC:20200414 Matrix42 Workspace Management 9.1.2.2765 - Reflected Cross-Site Scripting CVE-2019-19913
FULLDISC:20200414 Workspace Management 9.1.2.2765 - Stored Cross-Site Scripting CVE-2019-19500
FULLDISC:20200417 CA20200414-01: Security Notice for CA API Developer Portal CVE-2020-11658 CVE-2020-11659 CVE-2020-11660 CVE-2020-11661 CVE-2020-11662 CVE-2020-11663 CVE-2020-11664 CVE-2020-11665 CVE-2020-11666
FULLDISC:20200417 CVE-2020-2771, CVE-2020-2851, CVE-2020-2944 - Multiple vulnerabilities in Oracle Solaris CVE-2020-2771 CVE-2020-2851 CVE-2020-2944
FULLDISC:20200421 Arbitrary class instantiation & local file inclusion vulnerability in QRadar Forensics web application CVE-2020-4272
FULLDISC:20200421 Authorization bypass in QRadar Forensics web application CVE-2020-4274
FULLDISC:20200421 Cisco AnyConnect elevation of privileges due to insecure handling of path names CVE-2020-3153
FULLDISC:20200421 Local privilege escalation in QRadar due to run-result-reader.sh insecure file permissions CVE-2020-4270
FULLDISC:20200421 PHP object injection vulnerability in QRadar Forensics web application CVE-2020-4271
FULLDISC:20200421 QRadar RssFeedItem Server-Side Request Forgery vulnerability CVE-2020-4294
FULLDISC:20200421 Unauthorized access to QRadar configuration sets via default password CVE-2020-4269
FULLDISC:20200501 CVE-2020-1967: proving sigalg != NULL CVE-2020-1967
FULLDISC:20200501 [SYSS-2020-012] Improper Access Control (CWE-284) in xt:Commerce (CVE-2020-12101) CVE-2020-12101
FULLDISC:20200508 Asset Explorer Windows Agent - Remote Code Execution CVE-2020-8838
FULLDISC:20200508 ChopSlider3 Wordpress Plugin SQL Injection CVE-2020-11530
FULLDISC:20200508 SolarWinds MSP PME Cache Service - Insecure File Permissions / Code Execution CVE-2020-12608
FULLDISC:20200512 Two vulnerabilities in Oracle's iPlanet Web Server (CVE-2020-9315 and CVE-2020-9314) CVE-2012-0516 CVE-2020-9314 CVE-2020-9315
FULLDISC:20200514 KL-001-2020-002 : Cellebrite Restricted Desktop Escape and Escalation of User Privilege CVE-2015-1701
FULLDISC:20200515 Asset Explorer (Windows & Linux) - Authenticated Command Execution CVE-2019-19034
FULLDISC:20200519 Multiple vulnerabilities in Dovecot IMAP server CVE-2020-10957 CVE-2020-10958 CVE-2020-10967
FULLDISC:20200519 [SYSS-2019-039] Smartbear ReadyAPI/SoapUI Pro/jProductivity Licensing Unsafe Deserialization CVE-2020-12835
FULLDISC:20200522 APPLE-SA-2020-05-20-1 Xcode 11.5 CVE-2020-11008
FULLDISC:20200522 Composr CMS 10.0.30 - (Authenticated) Cross-Site Scripting CVE-2020-8789
FULLDISC:20200522 Remote Code Execution in qmail (CVE-2005-1513) CVE-2005-1513 CVE-2005-1514 CVE-2005-1515
FULLDISC:20200529 APPLE-SA-2020-05-26-1 iOS 13.5 and iPadOS 13.5 CVE-2019-20044 CVE-2019-20503 CVE-2020-6616
FULLDISC:20200529 APPLE-SA-2020-05-26-3 macOS Catalina 10.15.5, Security Update 2020-003 Mojave, Security Update 2020-003 High Sierra CVE-2019-20044
FULLDISC:20200529 APPLE-SA-2020-05-26-4 tvOS 13.4.5 CVE-2019-20044 CVE-2019-20503
FULLDISC:20200529 APPLE-SA-2020-05-26-5 watchOS 6.2.5 CVE-2019-20044 CVE-2019-20503
FULLDISC:20200529 APPLE-SA-2020-05-26-7 Safari 13.1.1 CVE-2019-20503
FULLDISC:20200602 BIAS (Bluetooth Impersonation Attack) CVE 2020-10135 reproduction CVE-2020-10135
FULLDISC:20200602 [CVE-2020-9484] Apache Tomcat RCE via PersistentManager CVE-2020-9484
FULLDISC:20200605 Castel NextGen DVR multiple CVEs CVE-2020-11679 CVE-2020-11680 CVE-2020-11681 CVE-2020-11682
FULLDISC:20200609 Avaya IP Office v9.1.8.0 - 11 Insecure Transit Password Disclosure CVE-2020-7030 CVE-2020-7030
FULLDISC:20200609 CVE-2020-13432 - HFS HTTP File Server / Remote Buffer Overflow DoS CVE-2020-13432
FULLDISC:20200609 RoyalTS SSH Tunnel - Authentication Bypass CVE-2020-13872
FULLDISC:20200609 WinGate v9.4.1.5998 Insecure Permissions EoP CVE-2020-13866 CVE-2020-13866
FULLDISC:20200616 Pulse Secure Client < 9.1R6 TOCTOU Privilege Escalation (CVE-2020-13162) CVE-2020-13162
FULLDISC:20200616 [CVE-2020-12827] MJML <= 4.6.2 mj-include "path" Path Traversal CVE-2020-12827
FULLDISC:20200623 DLL Hijacking at the Trend Micro Password Manager (CVE-2020-8469) CVE-2020-8469
FULLDISC:20200623 GilaCMS - CVE-2019-13364 CVE-2019-13363 CVE-2019-13363 CVE-2019-13364 CVE-2019-20803 CVE-2019-20804
FULLDISC:20200623 Re: Remote Code Execution in qmail (CVE-2005-1513) CVE-2005-1513
FULLDISC:20200623 [SYSS_2020-014]: ABUS Secvest Wireless Control Device (FUBE50001) - Missing Encryption of Sensitive Data (CWE-311) (CVE-2020-14157) CVE-2020-14157
FULLDISC:20200703 Bolt CMS <= 3.7.0 Multiple Vulnerabilities - CSRF to RCE CVE-2020-4040 CVE-2020-4041
FULLDISC:20200709 X41 D-Sec GmbH Security Advisory X41-2020-006: Memory Corruption Vulnerability in bspatch CVE-2014-9862
FULLDISC:20200717 APPLE-SA-2020-07-15-1 iOS 13.6 and iPadOS 13.6 CVE-2019-19906
FULLDISC:20200717 APPLE-SA-2020-07-15-2 macOS Catalina 10.15.6, Security Update 2020-004 Mojave, Security Update 2020-004 High Sierra CVE-2019-19906 CVE-2019-20807
FULLDISC:20200717 VMware ESXi: Multiple vulnerabilities [CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3960] CVE-2020-3963 CVE-2020-3964 CVE-2020-3965
FULLDISC:20200724 Defense in depth -- the Microsoft way (part 70): CVE-2014-0315 alias MS14-019 revisited CVE-2014-0315
FULLDISC:20200730 [SYSS-2020-015]: ABUS Secvest Hybrid module (FUMO50110) - Authentication Bypass Using an Alternate Path or Channel (CWE-288) (CVE-2020-14158) CVE-2020-14158
FULLDISC:20200804 October CMS <= Build 465 Multiple Vulnerabilities - Arbitrary File Read CVE-2020-11083 CVE-2020-5295 CVE-2020-5296 CVE-2020-5297 CVE-2020-5298 CVE-2020-5299
FULLDISC:20200804 [SYSS-2020-029]: Jira module "Gantt-Chart for Jira" - Improper Privilege Management (CWE-269)(CVE-2020-15943) CVE-2020-15943
FULLDISC:20200804 [SYSS-2020-030]: Jira module "Gantt-Chart for Jira" - Cross-Site Scripting (CWE-79)(CVE-2020-15944) CVE-2020-15944
FULLDISC:20200811 Re: [FD] ManageEngine ADSelfService Plus - Unauthenticated Remote Code Execution Vulnerability CVE-2020-11552
FULLDISC:20200811 Remote Code Execution 0day in vBulletin 5.x CVE-2019-16759
FULLDISC:20200821 Open-Xchange Security Advisory 2020-08-20 CVE-2020-12643 CVE-2020-8542
FULLDISC:20200821 Payment bypass in WordPress - WooCommerce - NAB Transact plugin disclosure CVE-2020-11497
FULLDISC:20200827 SEC Consult SA-20200826-0 :: Extensive file permissions on service executable in Eikon Thomson Reuters CVE-2019-10679
FULLDISC:20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S CVE-2011-5325 CVE-2013-1813 CVE-2015-9261 CVE-2017-16544 CVE-2019-3422
FULLDISC:20200901 Sagemcom router insecure deserialization > privilege escalation CVE-2020-24034
FULLDISC:20200902 SEC Consult SA-20200902-0 :: Multiple Vulnerabilities in Red Lion N-Tron 702-W, Red Lion N-Tron 702M12-W CVE-2017-16544 CVE-2020-16204 CVE-2020-16206 CVE-2020-16208 CVE-2020-16210
FULLDISC:20200902 [RT-SA-2020-004] Inconsistent Behavior of Go's CGI and FastCGI Transport May Lead to Cross-Site Scripting CVE-2020-24553
FULLDISC:20200904 Noise-Java AESGCMFallbackCipherState.encryptWithAd() insufficient boundary checks CVE-2020-17360 CVE-2020-17361 CVE-2020-25022
FULLDISC:20200904 Noise-Java AESGCMOnCtrCipherState.encryptWithAd() insufficient boundary checks CVE-2020-17360 CVE-2020-17361 CVE-2020-25023
FULLDISC:20200904 Noise-Java ChaChaPolyCipherState.encryptWithAd() insufficient boundary checks CVE-2020-17360 CVE-2020-17361 CVE-2020-25021
FULLDISC:20200904 Pulse Secure Windows Client <9.1.6 (CVE-2020-13162) - exploit CVE-2020-13162
FULLDISC:20200918 Apache + PHP <= 7.4.10 open_basedir bypass CVE-2007-3378
FULLDISC:20200922 Seat Reservation System 1.0 Unauthenticated Remote Code Execution (CVE-2020-25763) CVE-2020-25763
FULLDISC:20200922 Seat Reservation System 1.0 Unauthenticated SQL Injection (CVE-2020-25762) CVE-2020-25762
FULLDISC:20200922 Visitor Management System in PHP 1.0 - Authenticated SQL Injection CVE-2020-25760
FULLDISC:20200922 Visitor Management System in PHP 1.0 - Unauthenticated Stored XSS CVE-2020-25761
FULLDISC:20201002 CVE-2020-12676 - FusionAuth SAML v2.0 bindings in Java using JAXB - Signature Exclusion Attack CVE-2020-12676
FULLDISC:20201006 CVE-2020-25790 CVE-2020-25790
FULLDISC:20201006 Re: Navy Federal Reflective Cross Site Scripting (XSS) CVE-2020-25247 CVE-2020-25248 CVE-2020-25254
FULLDISC:20201016 Java deserialization vulnerability in QRadar RemoteJavaScript Servlet CVE-2020-4280
FULLDISC:20201020 LISTSERV Maestro Remote Code Execution Vulnerability CVE-2010-1870
FULLDISC:20201021 [RT-SA-2020-005] Arbitrary File Disclosure and Server-Side Request Forgery in BigBlueButton CVE-2018-10583
FULLDISC:20201105 Git LFS (git-lfs) - Remote Code Execution (RCE) exploit CVE-2020-27955 - Clone to Pwn CVE-2020-27955
FULLDISC:20201115 APPLE-SA-2020-11-13-3 Additional information for APPLE-SA-2020-09-16-1 iOS 14.0 and iPadOS 14.0 CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-15358 CVE-2020-6147 CVE-2020-9773 CVE-2020-9876 CVE-2020-9941 CVE-2020-9946 CVE-2020-9951 CVE-2020-9952 CVE-2020-9958 CVE-2020-9959 CVE-2020-9961 CVE-2020-9964 CVE-2020-9968 CVE-2020-9973 CVE-2020-9976 CVE-2020-9979 CVE-2020-9983 CVE-2020-9992
FULLDISC:20201115 APPLE-SA-2020-11-13-4 Additional information for APPLE-SA-2020-09-16-2 tvOS 14.0 CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-15358 CVE-2020-9876 CVE-2020-9951 CVE-2020-9952 CVE-2020-9961 CVE-2020-9968 CVE-2020-9976 CVE-2020-9979 CVE-2020-9983
FULLDISC:20201115 APPLE-SA-2020-11-13-5 Additional information for APPLE-SA-2020-09-16-3 Safari 14.0 CVE-2020-9948 CVE-2020-9951 CVE-2020-9952 CVE-2020-9983
FULLDISC:20201115 APPLE-SA-2020-11-13-6 Additional information for APPLE-SA-2020-09-16-4 watchOS 7.0 CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13631 CVE-2020-15358 CVE-2020-9876 CVE-2020-9941 CVE-2020-9946 CVE-2020-9951 CVE-2020-9952 CVE-2020-9961 CVE-2020-9968 CVE-2020-9976 CVE-2020-9983
FULLDISC:20201115 APPLE-SA-2020-11-13-7 Additional information for APPLE-SA-2020-09-24-1 macOS Catalina 10.15.7, Security Update 2020-005 High Sierra, Security Update 2020-005 Mojave CVE-2020-9941 CVE-2020-9961 CVE-2020-9968 CVE-2020-9973 CVE-2020-9986
FULLDISC:20201116 Intel NUC - Local Privilege Escalation Vulnerability CVE-2020-24525
FULLDISC:20201117 SEC Consult SA-20201117-0 :: Blind Out-Of-Band XML External Entity Injection in Avaya Web License Manager CVE-2020-7032
FULLDISC:20201118 TCMalloc viewer/dumper - TCMalloc Inspector Tool CVE-2020-15999
FULLDISC:20201123 CA20201116-01: Security Notice for CA Unified Infrastructure Management CVE-2020-28421
FULLDISC:20201130 scikit-learn 0.23.2 Local Denial of Service CVE-2020-28975
FULLDISC:20201204 ProCaster LE-32F430 SmartTV RCE via libsoup/2.51.3 stack overflow (CVE-2017-2885) CVE-2017-2885
FULLDISC:20201207 Request for full disclosure of CVE-2020-25889 & CVE-2020-25955 CVE-2020-25889 CVE-2020-25955
FULLDISC:20201211 Authenticated blind SQL injection (SQLi) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure CVE-2020-28860
FULLDISC:20201211 Cross-site request forgery (CSRF) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure CVE-2020-28858
FULLDISC:20201211 IP access control bypass in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure CVE-2020-28856
FULLDISC:20201211 Missing access controls in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure CVE-2020-28861
FULLDISC:20201211 Reflected XSS in WordPress - DirectoriesPro 1.3.45 plugin disclosure CVE-2020-29303
FULLDISC:20201211 Self-reflected XSS in WordPress DirectoriesPro 1.3.45 plugin disclosure. CVE-2020-29304
FULLDISC:20201211 Stored cross-site scripting (XSS) in OpenAsset Digital Asset Management 11.2.1/12.0.19 disclosure CVE-2020-28857
FULLDISC:20201215 APPLE-SA-2020-12-14-1 iOS 14.3 and iPadOS 14.3 CVE-2020-15969
FULLDISC:20201215 APPLE-SA-2020-12-14-3 macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave CVE-2020-10002 CVE-2020-10004 CVE-2020-10007 CVE-2020-10009 CVE-2020-10010 CVE-2020-10012 CVE-2020-10014 CVE-2020-10016 CVE-2020-10017 CVE-2020-13524 CVE-2020-15969 CVE-2020-27896 CVE-2020-27898 CVE-2020-27903 CVE-2020-27906 CVE-2020-27910 CVE-2020-27911 CVE-2020-27912 CVE-2020-27916 CVE-2020-27926 CVE-2020-9943 CVE-2020-9944 CVE-2020-9974
FULLDISC:20201215 APPLE-SA-2020-12-14-4 Additional information for APPLE-SA-2020-11-13-1 macOS Big Sur 11.0.1 CVE-2019-20838 CVE-2020-10002 CVE-2020-10003 CVE-2020-10004 CVE-2020-10006 CVE-2020-10007 CVE-2020-10009 CVE-2020-10010 CVE-2020-10011 CVE-2020-10012 CVE-2020-10014 CVE-2020-10016 CVE-2020-10017 CVE-2020-10663 CVE-2020-13434 CVE-2020-13435 CVE-2020-13524 CVE-2020-13630 CVE-2020-13631 CVE-2020-14155 CVE-2020-15358 CVE-2020-27894 CVE-2020-27896 CVE-2020-27898 CVE-2020-27900 CVE-2020-27903 CVE-2020-27904 CVE-2020-27906 CVE-2020-27909 CVE-2020-27910 CVE-2020-27911 CVE-2020-27912 CVE-2020-27916 CVE-2020-27917 CVE-2020-27918 CVE-2020-27927 CVE-2020-27930 CVE-2020-27932 CVE-2020-27950 CVE-2020-9849 CVE-2020-9876 CVE-2020-9883 CVE-2020-9941 CVE-2020-9942 CVE-2020-9943 CVE-2020-9944 CVE-2020-9945 CVE-2020-9949 CVE-2020-9963 CVE-2020-9965 CVE-2020-9966 CVE-2020-9969 CVE-2020-9974 CVE-2020-9977 CVE-2020-9988 CVE-2020-9989 CVE-2020-9991 CVE-2020-9996 CVE-2020-9999
FULLDISC:20201215 APPLE-SA-2020-12-14-5 watchOS 7.2 CVE-2020-15969
FULLDISC:20201215 APPLE-SA-2020-12-14-7 tvOS 14.3 CVE-2020-15969
FULLDISC:20201215 APPLE-SA-2020-12-14-8 Safari 14.0.2 CVE-2020-15969
FULLDISC:20201218 Programi Bilanc - Build 007 Release 014 31.01.2020 - Broken encryption with guessable static encryption key [CVE-2020-11719] CVE-2020-11719
FULLDISC:20201218 Programi Bilanc - Build 007 Release 014 31.01.2020 - Software-update packages are downloaded via unencrypted HTTP [CVE-2020-11718] CVE-2020-11718
FULLDISC:20201218 Programi Bilanc - Build 007 Release 014 31.01.2020 - Use of weak default Password - CVE-2020-11720 CVE-2020-11720
FULLDISC:20201225 Re: [FD] CVE-2020-8150 - Remote Code Execution as SYSTEM/root via Backblaze CVE-2020-8150
FULLDISC:20201225 Re: [FD] CVE-2020-8152 - Elevation of Privilege in Backblaze CVE-2020-8152
FULLDISC:20201225 SYSS-2020-040 Urve - Missing Authentication for Critical Function (CWE-306) CVE-2020-29552
FULLDISC:20201225 SYSS-2020-041 Urve - Missing Authorization (CWE-862) CVE-2020-29551
FULLDISC:20201225 SYSS-2020-042 Urve - Exposure of Sensitive Information to an Unauthorized Actor (CWE-200) CVE-2020-29550
FULLDISC:20201225 [CVE-2018-7580] - Philips Hue Denial of Service CVE-2018-7580
FULLDISC:20201229 Re: CVE-2020-8150 - Remote Code Execution as SYSTEM/root via Backblaze CVE-2020-8150 CVE-2020-8289
FULLDISC:20201229 Re: [FD] CVE-2020-8150 - Remote Code Execution as SYSTEM/root via Backblaze CVE-2020-8150 CVE-2020-8289
FULLDISC:20210103 Multiple vulnerabilities found in Rock RMS including RCE and account takeover CVE-2019-18641
FULLDISC:20210103 [KIS-2020-11] qdPM <= 9.1 (executeExport) PHP Object Injection Vulnerability CVE-2020-26165
FULLDISC:20210106 CVE-2020-24386: IMAP hibernation allows accessing other peoples mail CVE-2020-12100 CVE-2020-24386 CVE-2020-25275
FULLDISC:20210106 Re: [SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat CVE-2013-4444
FULLDISC:20210112 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability CVE-2020-28208
FULLDISC:20210113 SEC Consult SA-20210113-0 :: Multiple vulnerabilities in Pepperl+Fuchs IO-Link Master Series CVE-2017-16544
FULLDISC:20210119 Re: Trovent Security Advisory 2010-01 [updated] / CVE-2020-28208: Rocket.Chat email address enumeration vulnerability CVE-2020-28208
FULLDISC:20210122 CVE-2020-20269 - Caret Editor v4.0.0-rc21 Remote Code Execution CVE-2020-20269
FULLDISC:20210122 [REVIVE-SA-2021-001] Revive Adserver Vulnerabilities CVE-2021-22871 CVE-2021-22872 CVE-2021-22873
FULLDISC:20210126 Baron Samedit: Heap-based buffer overflow in Sudo (CVE-2021-3156) CVE-2021-3156
FULLDISC:20210201 APPLE-SA-2021-02-01-1 macOS Big Sur 11.2, Security Update 2021-001 Catalina, Security Update 2021-001 Mojave CVE-2019-20838 CVE-2020-14155 CVE-2020-15358 CVE-2020-25709 CVE-2020-27904
FULLDISC:20210201 Oracle DB: various issues related to malicious database gateways CVE-2020-2510 CVE-2020-2517
FULLDISC:20210211 APPLE-SA-2021-02-09-1 macOS Big Sur 11.2.1, macOS Catalina 10.15.7 Supplemental Update, and macOS Mojave 10.14.6 Security Update 2021-002 CVE-2021-3156
FULLDISC:20210211 Path traversal in SolarWinds Serv-U File Server <=15.2.1 CVE-2020-27994
FULLDISC:20210211 Stored XSS in SolarWinds Serv-U File Server <=15.2.1 CVE-2020-28001
FULLDISC:20210218 AST-2021-001: Remote crash in res_pjsip_diversion CVE-2020-35776
FULLDISC:20210218 AST-2021-002: Remote crash possible when negotiating T.38 CVE-2021-26717
FULLDISC:20210218 AST-2021-003: Remote attacker could prematurely tear down SRTP calls CVE-2021-26712
FULLDISC:20210218 AST-2021-005: Remote Crash Vulnerability in PJSIP channel driver CVE-2021-26906
FULLDISC:20210219 [CSA-2021-001] Cross-Site Request Forgery in Apache MyFaces CVE-2021-26296
FULLDISC:20210219 [KIS-2021-02] docsify <= 4.11.6 DOM-based Cross-Site Scripting Vulnerability CVE-2020-7680 CVE-2021-23342
FULLDISC:20210223 CIRA Canadian Shield iOS Application - MITM SSL Certificate Vulnerability (CVE-2021-27189) CVE-2021-27189
FULLDISC:20210226 VisualWare MyConnection Server 11.x Remote Code Execution Vulnerability CVE-2021-27198
FULLDISC:20210302 Multiple Vulnerabilities in jpeg-xl (CVE-2021-27804) CVE-2021-27804
FULLDISC:20210304 AST-2021-006: Crash when negotiating T.38 with a zero port CVE-2019-15297
FULLDISC:20210308 Unholy CRAP: Moziila's executable installers CVE-2014-1520
FULLDISC:20210311 [CVE-2021-28144] Authenticated Command Injection in D-Link DIR-3060 Web Interface CVE-2021-28144
FULLDISC:20210312 [AIT-SA-20210215-01] CVE-2020-24914: QCubed PHP Object Injection CVE-2020-24914
FULLDISC:20210312 [AIT-SA-20210215-02] CVE-2020-24913: QCubed SQL Injection CVE-2020-24913
FULLDISC:20210312 [AIT-SA-20210215-03] CVE-2020-24912: QCube Cross-Site-Scripting CVE-2020-24912 CVE-2020-24913
FULLDISC:20210312 [AIT-SA-20210215-04] CVE-2020-24036: ForkCMS PHP Object Injection CVE-2020-24036
FULLDISC:20210319 [SYSS-2020-044]: Zoom - Exposure of Resource to Wrong Sphere (CWE-668) (CVE-2021-28133) CVE-2021-28133
FULLDISC:20210323 CVE-2018-3635 revisited: executable installers are vulnerable^WEVIL (case 60): again arbitrary code execution WITH escalation of privilege via Intel Rapid Storage Technology User Interface and Driver CVE-2018-3635
FULLDISC:20210326 CVE-2021-3275 : Unauthenticated Stored Cross-site Scripting in Multiple TP-Link Devices CVE-2021-3275
FULLDISC:20210405 Onapsis Security Advisory 2021-0001: [CVE-2020-6207] - Unauthenticated RCE in SAP all SMD Agents connected to SAP SolMan CVE-2020-6207
FULLDISC:20210405 Onapsis Security Advisory 2021-0002: [CVE-2020-6234] - SAP Multiple root LPE through SAP Host Control CVE-2020-6234
FULLDISC:20210405 Onapsis Security Advisory 2021-0003: [CVE-2020-6287] - [SAP RECON] SAP JAVA: Unauthenticated execution of configuration tasks CVE-2020-6287
FULLDISC:20210405 Onapsis Security Advisory 2021-0004: [CVE-2020-26820] - SAP Java OS Remote Code Execution CVE-2020-26820
FULLDISC:20210406 Trojan.Win32.Sharer.h / Known Vulnerable Component - Heap Corruption CVE-2020-13432
FULLDISC:20210407 SEC Consult SA-20210407-0 :: Arbitrary File Upload and Bypassing .htaccess Rules in Monospace Directus Headless CMS CVE-2021-29641
FULLDISC:20210408 CVE-2021-26709 - Multiple Pre-Auth Stack Buffer Overflow in D-Link DSL-320B-D1 ADSL Modem CVE-2021-26709
FULLDISC:20210408 [SYSS-2020-032] Open Redirect in Tableau Server (CVE-2021-1629) CVE-2021-1629
FULLDISC:20210419 [CVE-2021-1472/CVE-2021-1473] Cisco RV Series Authentication Bypass and Remote Command Execution CVE-2021-1472 CVE-2021-1473
FULLDISC:20210419 [CVE-2021-20989, CVE-2021-20990, CVE-2021-20991, CVE-2021-20992] Multiple vulnerabilities in Fibaro Home Center CVE-2021-20989 CVE-2021-20990 CVE-2021-20991 CVE-2021-20992
FULLDISC:20210427 APPLE-SA-2021-04-26-1 iOS 14.5 and iPadOS 14.5 CVE-2020-7463
FULLDISC:20210427 APPLE-SA-2021-04-26-10 Xcode 12.5 CVE-2021-21300
FULLDISC:20210427 APPLE-SA-2021-04-26-2 macOS Big Sur 11.3 CVE-2020-7463 CVE-2020-8286
FULLDISC:20210427 APPLE-SA-2021-04-26-3 Security Update 2021-002 Catalina CVE-2020-3838 CVE-2020-8037 CVE-2020-8285 CVE-2020-8286 CVE-2021-1797
FULLDISC:20210427 APPLE-SA-2021-04-26-4 Security Update 2021-003 Mojave CVE-2020-3838 CVE-2020-8286 CVE-2021-1797 CVE-2021-1805 CVE-2021-1806
FULLDISC:20210427 APPLE-SA-2021-04-26-6 tvOS 14.5 CVE-2021-1844
FULLDISC:20210427 APPLE-SA-2021-04-26-7 Safari 14.1 CVE-2020-7463
FULLDISC:20210427 APPLE-SA-2021-04-26-8 iCloud for Windows 12.3 CVE-2020-7463
FULLDISC:20210427 APPLE-SA-2021-04-26-9 iTunes 12.11.3 for Windows CVE-2020-7463
FULLDISC:20210427 XSS stored in PFSense 2.5.0 CVE-2021-27933 CVE-2021-27933
FULLDISC:20210504 KSA-Dev-0010:CVE-2021-25328:Authenticated Stack Overflow in Skyworth RN510 mesh Device CVE-2021-25328
FULLDISC:20210504 KSA-Dev-0011:CVE-2021-25327: Authenticated XSRF in Skyworth RN510 Mesh Extender CVE-2021-25327
FULLDISC:20210504 KSA-Dev-0012:CVE-2021-25326:Unauthenticated Sensitive information Discloser in Skyworth RN510 Mesh Extender CVE-2021-25326
FULLDISC:20210507 Four vulnerabilities found in MikroTik's RouterOS CVE-2020-20214 CVE-2020-20222 CVE-2020-20236 CVE-2020-20237
FULLDISC:20210507 Re: Four vulnerabilities found in MikroTik's RouterOS CVE-2020-20253 CVE-2020-20254
FULLDISC:20210507 Re: Two vulnerabilities found in MikroTik's RouterOS CVE-2020-20225
FULLDISC:20210511 Four vulnerabilities found in MikroTik's RouterOS CVE-2020-20220 CVE-2020-20227 CVE-2020-20245 CVE-2020-20246
FULLDISC:20210520 CVE-2021-31535 libX11 Insufficient Length Checks PoC and Archeology CVE-2021-27135 CVE-2021-31535
FULLDISC:20210526 APPLE-SA-2021-05-25-1 iOS 14.6 and iPadOS 14.6 CVE-2021-23841
FULLDISC:20210526 APPLE-SA-2021-05-25-2 macOS Big Sur 11.4 CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230 CVE-2021-23841
FULLDISC:20210526 APPLE-SA-2021-05-25-3 Security Update 2021-004 Mojave CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230
FULLDISC:20210526 APPLE-SA-2021-05-25-4 Security Update 2021-003 Catalina CVE-2020-36221 CVE-2020-36222 CVE-2020-36223 CVE-2020-36224 CVE-2020-36225 CVE-2020-36226 CVE-2020-36227 CVE-2020-36228 CVE-2020-36229 CVE-2020-36230
FULLDISC:20210526 APPLE-SA-2021-05-25-5 Safari 14.1.1 CVE-2021-23841
FULLDISC:20210526 KL-001-2021-007: CommScope Ruckus IoT Controller Undocumented Account CVE-2019-1000018 CVE-2019-3463 CVE-2019-3464
FULLDISC:20210528 [KIS-2021-04] IPS Community Suite <= 4.5.4.2 (previewBlock) PHP Code Injection Vulnerability CVE-2021-32924
FULLDISC:20210601 SEC Consult SA-20210601-0 :: Multiple critical vulnerabilities in Korenix Technology JetNet Series CVE-2020-12500 CVE-2020-12501 CVE-2020-12502 CVE-2020-12503 CVE-2020-12504
FULLDISC:20210611 secuvera-SA-2021-01: Privilege Escalation in NetSetMan Pro 4.7.2 CVE-2021-34546
FULLDISC:20210614 Onapsis Security Advisory 2021-0005: SAP Solution Manager Open Redirect from Trace Analysis CVE-2020-26836
FULLDISC:20210614 Onapsis Security Advisory 2021-0006: [CVE-2020-26811] - SAP Hybris eCommerce - SSRF in acceleratorservices module CVE-2020-26811
FULLDISC:20210614 Onapsis Security Advisory 2021-0007: Exposure of Sensitive Information to an Unauthorized Actor CVE-2020-26809
FULLDISC:20210614 Onapsis Security Advisory 2021-0008: OS Command Injection in CA Introscope Enterprise Manager CVE-2020-6364
FULLDISC:20210614 Onapsis Security Advisory 2021-0009: Hard-coded Credentials in CA Introscope Enterprise Manager CVE-2020-6369
FULLDISC:20210614 Onapsis Security Advisory 2021-0010: File exfiltration and DoS in SolMan End-User Experience Monitoring CVE-2020-26837
FULLDISC:20210614 Onapsis Security Advisory 2021-0011 Missing authorization check in SolMan End-User Experience Monitoring CVE-2020-26830
FULLDISC:20210614 Onapsis Security Advisory 2021-0012: SAP Manufacturing Integration and Intelligence lack of server side validations leads to RCE CVE-2021-21480
FULLDISC:20210614 Onapsis Security Advisory 2021-0013: [CVE-2020-26829] - Missing Authentication Check In SAP NetWeaver AS JAVA P2P Cluster communication CVE-2020-26829
FULLDISC:20210614 Onapsis Security Advisory 2021-0014: Missing authorization check in SAP Solution Manager LM-SERVICE Component SP 11 PL 2 CVE-2020-6207
FULLDISC:20210618 Trovent Security Advisory 2105-01 / CVE-2021-32612: VeryFitPro unencrypted cleartext transmission of sensitive information CVE-2021-32612
FULLDISC:20210618 [SYSS-2021-007]: Protectimus SLIM NFC - External Control of System or Configuration Setting (CWE-15) (CVE-2021-32033) CVE-2021-32033
FULLDISC:20210629 CVE-2021-35523: Local Privilege Escalation in Securepoint SSL VPN Client 2.0.30 CVE-2021-35523
FULLDISC:20210709 Novus Managment System Vulnerabilities (CVE-2021-34820, CVE-2021-38421) CVE-2021-34820
FULLDISC:20210714 SEC Consult SA-20210714-0 :: Critical vulnerabilities in Schneider Electric EVlink Charging Stations CVE-2018-7801
FULLDISC:20210716 Open-Xchange Security Advisory 2021-07-15 CVE-2020-24700 CVE-2020-24701 CVE-2021-26698 CVE-2021-26699
FULLDISC:20210716 VMware ThinApp DLL hijacking vulnerability CVE-2021-22000
FULLDISC:20210719 [KIS-2021-05] Concrete5 <= 8.5.5 (Logging Settings) Phar Deserialization Vulnerability CVE-2021-36766
FULLDISC:20210720 Open-Xchange Security Advisory 2021-07-19 CVE-2021-28093 CVE-2021-28094 CVE-2021-28095
FULLDISC:20210722 AST-2021-007: Remote Crash Vulnerability in PJSIP channel driver CVE-2021-31878
FULLDISC:20210722 AST-2021-008: Remote crash when using IAX2 channel driver CVE-2021-32558
FULLDISC:20210723 APPLE-SA-2021-07-21-1 iOS 14.7 and iPadOS 14.7 CVE-2020-36328 CVE-2020-36329 CVE-2020-36330 CVE-2020-36331 CVE-2021-3518
FULLDISC:20210723 APPLE-SA-2021-07-21-2 macOS Big Sur 11.5 CVE-2021-3518
FULLDISC:20210723 APPLE-SA-2021-07-21-5 watchOS 7.6 CVE-2021-3518
FULLDISC:20210723 APPLE-SA-2021-07-21-6 tvOS 14.7 CVE-2021-3518
FULLDISC:20210813 [SYSS-2021-042] TJWS - Reflected Cross-Site Scripting (CVE-2021-37573) CVE-2021-37573
FULLDISC:20210816 Cyberoam NetGenie (C0101B1-20141120-NG11VO) - Cross Site Scripting (XSS) CVE-2021-38702
FULLDISC:20210819 SEC Consult SA-20210819-0 :: Multiple critical vulnerabilities in Altus Nexto and Hadron series CVE-2017-16544
FULLDISC:20210827 SEC Consult SA-20210827-1 :: XML Tag injection in BSCW Server CVE-2021-36359
FULLDISC:20210901 SEC Consult SA-20210901-0 :: Multiple vulnerabilities in MOXA devices CVE-2013-7423 CVE-2015-0235 CVE-2016-1234
FULLDISC:20210907 Re: a xss vulnerability in Jforum 2.7.0 CVE-2021-40509
FULLDISC:20210917 AMD Chipset Driver Information Disclosure Vulnerability [CVE-2021-26333] CVE-2021-26333
FULLDISC:20210917 APPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8 CVE-2021-30858 CVE-2021-30860
FULLDISC:20210917 APPLE-SA-2021-09-13-2 watchOS 7.6.2 CVE-2021-30860
FULLDISC:20210917 APPLE-SA-2021-09-13-3 macOS Big Sur 11.6 CVE-2021-30858 CVE-2021-30860
FULLDISC:20210917 APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina CVE-2021-30860
FULLDISC:20210917 APPLE-SA-2021-09-13-5 Safari 14.1.2 CVE-2021-30858
FULLDISC:20210921 APPLE-SA-2021-09-20-4 Xcode 13 CVE-2016-0742 CVE-2016-0746 CVE-2016-0747 CVE-2017-7529 CVE-2018-16843 CVE-2018-16844 CVE-2018-16845 CVE-2019-20372
FULLDISC:20210921 APPLE-SA-2021-09-20-6 Additional information for APPLE-SA-2021-09-13-1 iOS 14.8 and iPadOS 14.8 CVE-2021-30858 CVE-2021-30860
FULLDISC:20210921 APPLE-SA-2021-09-20-7 Additional information for APPLE-SA-2021-09-13-3 macOS Big Sur 11.6 CVE-2021-22925 CVE-2021-30858 CVE-2021-30860
FULLDISC:20210921 APPLE-SA-2021-09-20-8 Additional information for APPLE-SA-2021-09-13-4 Security Update 2021-005 Catalina CVE-2021-22925 CVE-2021-30713 CVE-2021-30783 CVE-2021-30860
FULLDISC:20210924 APPLE-SA-2021-09-23-1 iOS 12.5.5 CVE-2021-30858 CVE-2021-30860
FULLDISC:20211005 [Update]: Dahua Authentication bypass (CVE-2021-33044, CVE-2021-33045) CVE-2021-33044 CVE-2021-33045
FULLDISC:20211019 Yellowfin < 9.6.1 Multiple Vulnerabilities CVE-2021-36387 CVE-2021-36388 CVE-2021-36389
FULLDISC:20211022 Onapsis Security Advisory 2021-0016: XXE in SAP JAVA NetWeaver System Connections CVE-2021-27635
FULLDISC:20211022 Onapsis Security Advisory 2021-0020: SAP Enterprise Portal - Exposed sensitive data in html body CVE-2021-33687
FULLDISC:20211026 [ES2021-05] FreeSWITCH vulnerable to SIP digest leak for configured gateways CVE-2021-41158
FULLDISC:20211026 [ES2021-07] FreeSWITCH does not authenticate SIP MESSAGE requests, leading to spam and message spoofing CVE-2021-37624
FULLDISC:20211026 [ES2021-08] FreeSWITCH does not authenticate SIP SUBSCRIBE requests by default CVE-2021-41157
FULLDISC:20211026 [ES2021-09] FreeSWITCH susceptible to Denial of Service via invalid SRTP packets CVE-2021-41105
FULLDISC:20211027 APPLE-SA-2021-10-26-10 Additional information for APPLE-SA-2021-09-20-2 watchOS 8 CVE-2021-30810 CVE-2021-30811 CVE-2021-30835 CVE-2021-30837 CVE-2021-30841 CVE-2021-30842 CVE-2021-30843 CVE-2021-30846 CVE-2021-30847 CVE-2021-30849
FULLDISC:20211027 APPLE-SA-2021-10-26-11 Additional information for APPLE-SA-2021-09-20-3 tvOS 15 CVE-2021-30810 CVE-2021-30835 CVE-2021-30837 CVE-2021-30841 CVE-2021-30842 CVE-2021-30843 CVE-2021-30846 CVE-2021-30847 CVE-2021-30849 CVE-2021-30850
FULLDISC:20211027 APPLE-SA-2021-10-26-8 Additional information for APPLE-SA-2021-09-20-5 Safari 15 CVE-2021-30846 CVE-2021-30848 CVE-2021-30849
FULLDISC:20211027 APPLE-SA-2021-10-26-9 Additional information for APPLE-SA-2021-09-20-1 iOS 15 and iPadOS 15 CVE-2021-30810 CVE-2021-30811 CVE-2021-30815 CVE-2021-30819 CVE-2021-30825 CVE-2021-30826 CVE-2021-30835 CVE-2021-30837 CVE-2021-30838 CVE-2021-30841 CVE-2021-30842 CVE-2021-30843 CVE-2021-30846 CVE-2021-30847 CVE-2021-30848 CVE-2021-30849
FULLDISC:20211029 SEC Consult SA-20211028-0 :: Denial of Service in CODESYS V2 CVE-2021-34593
FULLDISC:20211104 SEC Consult SA-20211104-0 :: Reflected cross-site scripting vulnerability in IBM Sterling B2B Integrator CVE-2021-20562
FULLDISC:20211112 Trovent Security Advisory 2105-02 / CVE-2021-33618: Stored cross-site scripting in Dolibarr ERP & CRM CVE-2021-33618
FULLDISC:20211112 Trovent Security Advisory 2106-01 / CVE-2021-33816: Authenticated remote code execution in Dolibarr ERP & CRM CVE-2021-33816
FULLDISC:20211118 Responsible Full disclosure for LiquidFiles 3.5.13 CVE-2021-43397
FULLDISC:20211121 CVE-2021-44033: Ionic Identity Vault PIN Unlock Lockout Bypass (Android & iOS) CVE-2021-44033
FULLDISC:20211121 Open-Xchange Security Advisory 2021-11-18 CVE-2021-33488
FULLDISC:20211123 Re: Responsible Full disclosure for LiquidFiles 3.5.13 CVE-2021-43397
FULLDISC:20211203 CA20211201-01: Security Notice for CA Network Flow Analysis CVE-2021-44050
FULLDISC:20211203 CVE-2021-37253: M-Files Web Improper Range Header Processing Denial of Services (DoS) Vulnerability CVE-2021-37253
FULLDISC:20211203 usd AG Security Advisories 11/2021 CVE-2021-25273 CVE-2021-32718
FULLDISC:20211207 (Reprise License Manager) RLM 14.2 - Authenticated Remote Binary Execution CVE-2018-15573
FULLDISC:20211214 SEC Consult SA-20211214-0 :: Remote ADBC SQL Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG CVE-2021-33701
FULLDISC:20211214 SEC Consult SA-20211214-1 :: Remote ABAP Code Injection in SAP Netweaver IUUC_RECON_RC_COUNT_TABLE_BIG CVE-2021-33701
FULLDISC:20211217 APPLE-SA-2021-12-15-5 tvOS 15.2 CVE-2021-30916
FULLDISC:20211217 APPLE-SA-2021-12-15-6 watchOS 8.3 CVE-2021-30916
FULLDISC:20211217 Trovent Security Advisory 2109-01 / CVE-2021-41843: Authenticated SQL injection in OpenEMR calendar search CVE-2021-41843
FULLDISC:20220114 SEC Consult SA-20220113-0 :: Cleartext Storage of Phone Password in Cisco IP Phones CVE-2022-20660
FULLDISC:20220124 SEC Consult SA-20220117-0 :: Stored Cross-Site Scripting vulnerability in TYPO3 extension "femanager" CVE-2021-36787
FULLDISC:20220124 Unauthenticated RCE vuln in the H2 Database console: CVE-2022-23221. CVE-2022-23221
FULLDISC:20220124 [TO-2021-001] WebACMS 2.1.0 - Cross-Site Scripting CVE-2021-44829
FULLDISC:20220126 Onapsis Security Advisory 2021-0021: SAP Enterprise Portal - XSS NavigationReporter CVE-2021-33702
FULLDISC:20220126 Onapsis Security Advisory 2021-0022: SAP Enterprise Portal - XSS RunContentCreation CVE-2021-33703
FULLDISC:20220126 Onapsis Security Advisory 2021-0023: SAP Enterprise Portal - SSRF iviewCatcherEditor CVE-2021-33705
FULLDISC:20220126 Onapsis Security Advisory 2021-0024: SAP Enterprise Portal - Anonymous Stored Open Redirect CVE-2021-33707
FULLDISC:20220126 Onapsis Security Advisory 2021-0025: Null Pointer Dereference vulnerability in SAP CommonCryptoLib CVE-2021-38177
FULLDISC:20220126 Onapsis Security Advisory 2021-0026: SAP Enterprise Portal - XSLT injection CVE-2021-37531
FULLDISC:20220210 SEC Consult SA-20220209 :: Open Redirect in Login Page in SIEMENS-SINEMA Remote Connect CVE-2022-23102
FULLDISC:20220304 AST-2022-004: pjproject: integer underflow on STUN message CVE-2021-37706
FULLDISC:20220304 AST-2022-005: pjproject: undefined behavior after freeing a dialog set CVE-2022-23608
FULLDISC:20220304 AST-2022-006: pjproject: unconstrained malformed multipart SIP message CVE-2022-21723
FULLDISC:20220314 APPLE-SA-2022-03-14-1 iOS 15.4 and iPadOS 15.4 CVE-2021-36976
FULLDISC:20220314 APPLE-SA-2022-03-14-2 watchOS 8.5 CVE-2021-36976
FULLDISC:20220314 APPLE-SA-2022-03-14-4 macOS Monterey 12.3 CVE-2021-22945 CVE-2021-22946 CVE-2021-22947 CVE-2021-30918 CVE-2021-36976 CVE-2021-4136 CVE-2021-4166 CVE-2021-4173 CVE-2021-4187 CVE-2021-4192 CVE-2021-4193 CVE-2022-0128 CVE-2022-0156 CVE-2022-0158
FULLDISC:20220314 APPLE-SA-2022-03-14-7 Xcode 13.3 CVE-2019-14379 CVE-2021-44228
FULLDISC:20220320 [CVE-2021-42063] SAP Knowledge Warehouse <= 7.50 "SAPIrExtHelp" Reflected XSS CVE-2021-42063
FULLDISC:20220325 [SYSS-2021-058] Razer Synapse - Local Privilege Escalation CVE-2021-44226
FULLDISC:20220414 SEC Consult SA-20220413 :: Missing Authentication at File Download & Denial of Service in Siemens A8000 PLC CVE-2021-45034 CVE-2022-27480
FULLDISC:20220422 CVE-2021-40680: Artica Proxy VMWare Appliance 4.30.000000 <=[SP273] Rev.1 CVE-2021-40680
FULLDISC:20220504 Onapsis Security Advisory 2022-0002: Denial of Service in SAP NetWeaver JAVA CVE-2021-33670
FULLDISC:20220516 APPLE-SA-2022-05-16-1 iOS 15.5 and iPadOS 15.5 CVE-2015-4142 CVE-2022-23308
FULLDISC:20220516 APPLE-SA-2022-05-16-2 macOS Monterey 12.4 CVE-2018-25032 CVE-2021-44224 CVE-2021-44790 CVE-2021-45444 CVE-2022-0778 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23308
FULLDISC:20220516 APPLE-SA-2022-05-16-3 macOS Big Sur 11.6.6 CVE-2018-25032 CVE-2021-4136 CVE-2021-4166 CVE-2021-4173 CVE-2021-4187 CVE-2021-4192 CVE-2021-4193 CVE-2021-44224 CVE-2021-44790 CVE-2021-45444 CVE-2022-0128 CVE-2022-0778 CVE-2022-22589 CVE-2022-22665 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23308
FULLDISC:20220516 APPLE-SA-2022-05-16-4 Security Update 2022-004 Catalina CVE-2018-25032 CVE-2021-44224 CVE-2021-44790 CVE-2021-45444 CVE-2022-0778 CVE-2022-22589 CVE-2022-22665 CVE-2022-22719 CVE-2022-22720 CVE-2022-22721 CVE-2022-23308
FULLDISC:20220516 APPLE-SA-2022-05-16-5 watchOS 8.6 CVE-2022-23308
FULLDISC:20220516 APPLE-SA-2022-05-16-6 tvOS 15.5 CVE-2022-23308
FULLDISC:20220516 APPLE-SA-2022-05-16-8 Xcode 13.4 CVE-2022-24765
FULLDISC:20220518 LiquidFiles - 3.4.15 - Stored XSS - CVE-2021-30140 CVE-2021-30140
FULLDISC:20220518 PHPIPAM 1.4.4 - CVE-2021-46426 CVE-2021-46426
FULLDISC:20220518 SEC Consult SA-20220518-0 :: Multiple Critical Vulnerabilities in SAP Application Server, ABAP and ABAP Platform (Different Software Components) CVE-2020-26808 CVE-2020-26832 CVE-2020-6318 CVE-2021-21465 CVE-2021-21466 CVE-2021-21468 CVE-2021-21473 CVE-2021-33678
FULLDISC:20220603 Re: Three vulnerabilities found in MikroTik's RouterOS CVE-2021-36613 CVE-2021-36614
FULLDISC:20220603 SEC Consult SA-20220531-0 :: Backdoor account in Korenix JetPort 5601V3 CVE-2020-12501
FULLDISC:20220610 HNS-2022-02 - HN Security Advisory - Multiple vulnerabilities in Zyxel zysh CVE-2022-26531 CVE-2022-26532
FULLDISC:20220610 Hidden Functionality (Backdoor) (CWE-912) / CVE-2022-29854, CVE-2022-29855 CVE-2022-29854 CVE-2022-29855
FULLDISC:20220610 XML External Entity (XXE) vulnerability in the WSO2 Management Console CVE-2021-42646
FULLDISC:20220610 [SYSS-2022-001]: Verbatim Keypad Secure USB 3.2 Gen 1 Drive - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28384) CVE-2022-28384
FULLDISC:20220610 [SYSS-2022-002]: Verbatim Keypad Secure USB 3.2 Gen 1 Drive - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382) CVE-2022-28382
FULLDISC:20220610 [SYSS-2022-003]: Verbatim Keypad Secure USB 3.2 Gen 1 Drive - Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383) CVE-2022-28383
FULLDISC:20220610 [SYSS-2022-004]: Verbatim Keypad Secure USB 3.2 Gen 1 Drive - Expected Behavior Violation (CWE-440) (CVE-2022-28386) CVE-2022-28386
FULLDISC:20220610 [SYSS-2022-005]: Verbatim Store 'n' Go Secure Portable HDD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28384) CVE-2022-28384
FULLDISC:20220610 [SYSS-2022-006]: Verbatim Store 'n' Go Secure Portable HDD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382) CVE-2022-28382
FULLDISC:20220610 [SYSS-2022-007]: Verbatim Store 'n' Go Secure Portable HDD - Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383) CVE-2022-28383
FULLDISC:20220610 [SYSS-2022-008]: Verbatim Store 'n' Go Secure Portable HDD - Expected Behavior Violation (CWE-440) (CVE-2022-28386) CVE-2022-28386
FULLDISC:20220610 [SYSS-2022-009]: Verbatim Executive Fingerprint Secure SSD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28387) CVE-2022-28387
FULLDISC:20220610 [SYSS-2022-010]: Verbatim Executive Fingerprint Secure SSD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382) CVE-2022-28382
FULLDISC:20220610 [SYSS-2022-011]: Verbatim Executive Fingerprint Secure SSD - Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383) CVE-2022-28383
FULLDISC:20220610 [SYSS-2022-013]: Verbatim Executive Fingerprint Secure SSD - Insufficient Verification of Data Authenticity (CWE-345) (CVE-2022-28385) CVE-2022-28385
FULLDISC:20220610 [SYSS-2022-014]: Verbatim Fingerprint Secure Portable Hard Drive - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28387) CVE-2022-28387
FULLDISC:20220610 [SYSS-2022-015]: Verbatim Fingerprint Secure Portable Hard Drive - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382) CVE-2022-28382
FULLDISC:20220610 [SYSS-2022-016]: Verbatim Fingerprint Secure Portable Hard Drive - Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383) CVE-2022-28383
FULLDISC:20220610 [SYSS-2022-017]: Verbatim Fingerprint Secure Portable Hard Drive - Insufficient Verification of Data Authenticity (CWE-345) (CVE-2022-28385) CVE-2022-28385
FULLDISC:20220610 [SYSS-2022-024]: Lepin EP-KP001 - Violation of Secure Design Principles (CWE-657) (CVE-2022-29948) CVE-2022-29948
FULLDISC:20220614 SEC Consult SA-20220614-0 :: Reflected Cross Site Scripting in SIEMENS-SINEMA Remote Connect CVE-2022-29034
FULLDISC:20220617 SEC Consult SA-20220615-0 :: Hardcoded Backdoor User and Outdated Software Components in Nexans FTTO GigaSwitch series CVE-2015-0235 CVE-2015-9261 CVE-2017-16544
FULLDISC:20220621 # Onapsis Security Advisory 2022-0004: Missing Authentication check in SAP Focused Run (Simple Diagnostics Agent 1.0) CVE-2022-24396
FULLDISC:20220621 Onapsis Security Advisory 2022-0003: Cross-Site Scripting (XSS) vulnerability in SAP Focused Run (Real User Monitoring) CVE-2022-24399
FULLDISC:20220621 Onapsis Security Advisory 2022-0005: Cross-Site Scripting (XSS) vulnerability in SAP Fiori launchpad CVE-2022-26101
FULLDISC:20220621 Onapsis Security Advisory 2022-0006: Information Disclosure vulnerability in SAP Focused Run (Simple Diagnostics Agent 1.0) CVE-2022-22547
FULLDISC:20220621 Onapsis Security Advisory 2022-0007: Directory Traversal vulnerability in SAP Focused Run (Simple Diagnostics Agent 1.0) CVE-2022-27657
FULLDISC:20220630 BigBlueButton - Stored XSS in username (CVE-2022-31064) CVE-2022-31064
FULLDISC:20220718 Re: AnyDesk Public Exploit Disclosure - Arbitrary file write by symbolic link attack lead to denial-of-service attack on local machine CVE-2022-32450
FULLDISC:20220718 SCHUTZWERK-SA-2022-003: Remote Command Execution in Spryker Commerce OS CVE-2022-28888
FULLDISC:20220721 APPLE-SA-2022-07-20-1 iOS 15.6 and iPadOS 15.6 CVE-2022-26768 CVE-2022-26981
FULLDISC:20220721 APPLE-SA-2022-07-20-2 macOS Monterey 12.5 CVE-2022-24070 CVE-2022-26981
FULLDISC:20220721 APPLE-SA-2022-07-20-3 macOS Big Sur 11.6.8 CVE-2022-0156 CVE-2022-0158 CVE-2022-26704
FULLDISC:20220721 APPLE-SA-2022-07-20-4 Security Update 2022-005 Catalina CVE-2021-4136 CVE-2021-4166 CVE-2021-4173 CVE-2021-4187 CVE-2021-4192 CVE-2021-4193 CVE-2022-0128 CVE-2022-26704
FULLDISC:20220721 APPLE-SA-2022-07-20-5 tvOS 15.6 CVE-2022-26981
FULLDISC:20220721 APPLE-SA-2022-07-20-6 watchOS 8.7 CVE-2022-26981
FULLDISC:20220721 Open-Xchange Security Advisory 2022-07-21 CVE-2021-38374 CVE-2021-42550 CVE-2021-44228
FULLDISC:20220815 Re: typeorm CVE-2022-33171 CVE-2022-33171
FULLDISC:20220831 APPLE-SA-2022-08-31-1 iOS 12.5.6 CVE-2022-32893 CVE-2022-32894
FULLDISC:20220912 Multiple vulnerabilities discovered in Qualys Cloud Agent CVE-2022-29549 CVE-2022-29550
FULLDISC:20220915 SEC Consult SA-20220914-0 :: Improper Access Control in SAP SAProuter CVE-2022-27668
FULLDISC:20220915 SEC Consult SA-20220915-0 :: Local Privilege Escalation im SAP SAPControl Web Service Interface (sapuxuserchk) CVE-2022-29614
FULLDISC:20221003 Wordpress plugin - WPvivid Backup - CVE-2022-2863. CVE-2022-2863
FULLDISC:20221008 [SYSS-2022-043]: Verbatim Store 'n' Go Secure Portable SSD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28384) CVE-2022-28384
FULLDISC:20221008 [SYSS-2022-044]: Verbatim Store 'n' Go Secure Portable SSD - Use of a Cryptographic Primitive with a Risky Implementation (CWE-1240) (CVE-2022-28382) CVE-2022-28382
FULLDISC:20221008 [SYSS-2022-045]: Verbatim Store 'n' Go Secure Portable SSD - Missing Immutable Root of Trust in Hardware (CWE-1326) (CVE-2022-28383) CVE-2022-28383
FULLDISC:20221008 [SYSS-2022-046]: Verbatim Store 'n' Go Secure Portable SSD - Expected Behavior Violation (CWE-440) (CVE-2022-28386) CVE-2022-28386
FULLDISC:20221016 Re: over 2000 packages depend on abort()ing libgmp CVE-2021-43618
FULLDISC:20221030 APPLE-SA-2022-10-24-2 macOS Ventura 13 CVE-2021-36690 CVE-2021-39537 CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0392 CVE-2022-0554 CVE-2022-0572 CVE-2022-0629 CVE-2022-0685 CVE-2022-0696 CVE-2022-0714 CVE-2022-0729 CVE-2022-0943 CVE-2022-1381 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1621 CVE-2022-1629 CVE-2022-1674 CVE-2022-1720 CVE-2022-1725 CVE-2022-1733 CVE-2022-1735 CVE-2022-1769 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898 CVE-2022-1927 CVE-2022-1942 CVE-2022-1968 CVE-2022-2000 CVE-2022-2042 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-29458 CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 CVE-2022-32864 CVE-2022-32883 CVE-2022-32912
FULLDISC:20221030 APPLE-SA-2022-10-27-11 tvOS 16 CVE-2021-36690 CVE-2022-32864 CVE-2022-32912
FULLDISC:20221030 APPLE-SA-2022-10-27-13 watchOS 9 CVE-2021-36690 CVE-2022-32854 CVE-2022-32864 CVE-2022-32883 CVE-2022-32893 CVE-2022-32894 CVE-2022-32912
FULLDISC:20221030 APPLE-SA-2022-10-27-14 Additional information for APPLE-SA-2022-09-12-5 Safari 16 CVE-2022-32868 CVE-2022-32912
FULLDISC:20221030 APPLE-SA-2022-10-27-3 Additional information for APPLE-SA-2022-09-12-1 iOS 16 CVE-2021-36690 CVE-2022-26744 CVE-2022-32795 CVE-2022-32854 CVE-2022-32864 CVE-2022-32868 CVE-2022-32872 CVE-2022-32883 CVE-2022-32912 CVE-2022-32917
FULLDISC:20221030 APPLE-SA-2022-10-27-4 Additional information for APPLE-SA-2022-09-12-2 iOS 15.7 and iPadOS 15.7 CVE-2022-32795 CVE-2022-32854 CVE-2022-32864 CVE-2022-32868 CVE-2022-32872 CVE-2022-32883 CVE-2022-32912 CVE-2022-32917
FULLDISC:20221030 APPLE-SA-2022-10-27-5 Additional information for APPLE-SA-2022-10-24-2 macOS Ventura 13 CVE-2021-36690 CVE-2021-39537 CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0392 CVE-2022-0554 CVE-2022-0572 CVE-2022-0629 CVE-2022-0685 CVE-2022-0696 CVE-2022-0714 CVE-2022-0729 CVE-2022-0943 CVE-2022-1381 CVE-2022-1420 CVE-2022-1616 CVE-2022-1619 CVE-2022-1620 CVE-2022-1621 CVE-2022-1629 CVE-2022-1674 CVE-2022-1720 CVE-2022-1725 CVE-2022-1733 CVE-2022-1735 CVE-2022-1769 CVE-2022-1851 CVE-2022-1897 CVE-2022-1898 CVE-2022-1927 CVE-2022-1942 CVE-2022-1968 CVE-2022-2000 CVE-2022-2042 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-29458 CVE-2022-32205 CVE-2022-32206 CVE-2022-32207 CVE-2022-32208 CVE-2022-32864 CVE-2022-32883 CVE-2022-32912
FULLDISC:20221030 APPLE-SA-2022-10-27-7 Additional information for APPLE-SA-2022-09-12-4 macOS Monterey 12.6 CVE-2021-39537 CVE-2022-0261 CVE-2022-0318 CVE-2022-0319 CVE-2022-0351 CVE-2022-0359 CVE-2022-0361 CVE-2022-0368 CVE-2022-0392 CVE-2022-1720 CVE-2022-2000 CVE-2022-2042 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-32864 CVE-2022-32883 CVE-2022-32917
FULLDISC:20221030 APPLE-SA-2022-10-27-9 Additional information for APPLE-SA-2022-09-12-3 macOS Big Sur 11.7 CVE-2021-39537 CVE-2022-1720 CVE-2022-2000 CVE-2022-2042 CVE-2022-2124 CVE-2022-2125 CVE-2022-2126 CVE-2022-32854 CVE-2022-32864 CVE-2022-32883 CVE-2022-32894 CVE-2022-32917
FULLDISC:20221030 Authorization bypass and symlink attack in multipathd (CVE-2022-41974 and CVE-2022-41973) CVE-2022-41973 CVE-2022-41974
FULLDISC:20221030 wolfssl before 5.5.1: CVE-2022-39173 Buffer overflow when refining cipher suites CVE-2022-39173
FULLDISC:20221107 APPLE-SA-2022-11-01-1 Xcode 14.1 CVE-2022-29187 CVE-2022-39253 CVE-2022-39260
FULLDISC:20221115 SEC Consult SA-20221110-0 :: HTML Injection in BMC Remedy ITSM-Suite CVE-2022-26088
FULLDISC:20221115 SEC Consult SA-20221114-0 :: Path Traversal Vulnerability in Payara Platform CVE-2021-41381 CVE-2022-45129
FULLDISC:20221129 CyberDanube Security Research 20221124-0 | Authenticated Command Injection Hirschmann BAT-C2 CVE-2022-40282
FULLDISC:20221208 Intel Data Center Manager <= 5.1 Local Privileges Escalation CVE-2021-44228
FULLDISC:20221208 Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328) CVE-2021-3995 CVE-2021-3996 CVE-2021-44731 CVE-2022-41973 CVE-2022-41974
FULLDISC:20221208 SEC Consult SA-20221201-0 :: Replay attacks & Displaying arbitrary contents in Zhuhai Suny Technology ESL Tag / ETAG-TECH protocol (electronic shelf labels) CVE-2022-45914
FULLDISC:20221208 SEC Consult SA-20221206-0 :: Multiple critical vulnerabilities in ILIAS eLearning platform CVE-2022-45915 CVE-2022-45916 CVE-2022-45917 CVE-2022-45918
FULLDISC:20221208 [CVE-2022-21225] Intel Data Center Manager Console <= 4.1 "getRoomRackData" Authenticated (Guest+) SQL Injection CVE-2022-21225
FULLDISC:20221213 SEC Consult SA-20221213-0 :: Privilege Escalation Vulnerabilities (UNIX Insecure File Handling) in SAP Host Agent (saposcol) CVE-2022-35295
FULLDISC:20221220 APPLE-SA-2022-12-13-1 iOS 16.2 and iPadOS 16.2 CVE-2022-32943 CVE-2022-42837 CVE-2022-42840 CVE-2022-42842 CVE-2022-42844 CVE-2022-42845 CVE-2022-42846 CVE-2022-42848 CVE-2022-42850 CVE-2022-42851 CVE-2022-42855 CVE-2022-42859 CVE-2022-42861 CVE-2022-42862 CVE-2022-46690 CVE-2022-46693 CVE-2022-46694 CVE-2022-46701 CVE-2022-46702
FULLDISC:20221220 APPLE-SA-2022-12-13-2 iOS 15.7.2 and iPadOS 15.7.2 CVE-2022-40303 CVE-2022-40304 CVE-2022-42837 CVE-2022-42840 CVE-2022-42846 CVE-2022-42848 CVE-2022-42855 CVE-2022-42861 CVE-2022-46694
FULLDISC:20221220 APPLE-SA-2022-12-13-4 macOS Ventura 13.1 CVE-2022-24836 CVE-2022-29181 CVE-2022-32942 CVE-2022-32943 CVE-2022-42837 CVE-2022-42840 CVE-2022-42841 CVE-2022-42842 CVE-2022-42845 CVE-2022-42847 CVE-2022-42853 CVE-2022-42854 CVE-2022-42855 CVE-2022-42859 CVE-2022-42861 CVE-2022-42862 CVE-2022-46690 CVE-2022-46693 CVE-2022-46697 CVE-2022-46701
FULLDISC:20221220 APPLE-SA-2022-12-13-5 macOS Monterey 12.6.2 CVE-2022-32942 CVE-2022-40303 CVE-2022-40304 CVE-2022-42821 CVE-2022-42840 CVE-2022-42841 CVE-2022-42842 CVE-2022-42845 CVE-2022-42854 CVE-2022-42855 CVE-2022-42861
FULLDISC:20221220 APPLE-SA-2022-12-13-6 macOS Big Sur 11.7.2 CVE-2022-32942 CVE-2022-40303 CVE-2022-40304 CVE-2022-42821 CVE-2022-42840 CVE-2022-42841 CVE-2022-42842 CVE-2022-42845
FULLDISC:20221220 APPLE-SA-2022-12-13-7 tvOS 16.2 CVE-2022-40303 CVE-2022-40304 CVE-2022-42842 CVE-2022-42845 CVE-2022-42848 CVE-2022-42851 CVE-2022-42855 CVE-2022-46690 CVE-2022-46693 CVE-2022-46694 CVE-2022-46701
FULLDISC:20221220 APPLE-SA-2022-12-13-8 watchOS 9.2 CVE-2022-40303 CVE-2022-40304 CVE-2022-42837 CVE-2022-42842 CVE-2022-42845 CVE-2022-42859 CVE-2022-46690 CVE-2022-46693 CVE-2022-46694
FULLDISC:20221220 SEC Consult SA-20221216-0 :: Remote code execution bypass in Eclipse Business Intelligence Reporting Tool (BiRT) CVE-2021-34427
FULLDISC:20230106 Centos Web Panel 7 Unauthenticated Remote Code Execution - CVE-2022-44877 CVE-2022-44877
FULLDISC:20230119 SEC Consult SA-20230117-0 :: Pre-authenticated Remote Code Execution in cs.exe (@OpenText Content Server component of OpenText Extended ECM) CVE-2022-45923
FULLDISC:20230119 SEC Consult SA-20230117-1 :: Pre-authenticated Remote Code Execution via Java frontend and QDS endpoint in @OpenText Content Server component of OpenText Extended ECM CVE-2022-45927
FULLDISC:20230119 SEC Consult SA-20230117-2 :: Multiple post-authentication vulnerabilities including RCE in @OpenText Content Server component of OpenText Extended ECM CVE-2022-45922 CVE-2022-45924 CVE-2022-45925 CVE-2022-45926 CVE-2022-45928
FULLDISC:20230119 wolfSSL 5.3.0: Denial-of-service CVE-2022-38153
FULLDISC:20230119 wolfSSL before 5.5.0: Denial-of-service with session resumption CVE-2022-38152
FULLDISC:20230119 wolfSSL before 5.5.2: Heap-buffer over-read with WOLFSSL_CALLBACKS CVE-2022-42905
FULLDISC:20230123 APPLE-SA-2023-01-23-4 macOS Ventura 13.2 CVE-2022-32221 CVE-2022-35260 CVE-2022-3705 CVE-2022-42915 CVE-2022-42916
FULLDISC:20230123 APPLE-SA-2023-01-23-5 macOS Monterey 12.6.3 CVE-2022-32221 CVE-2022-32915 CVE-2022-35252 CVE-2022-35260 CVE-2022-42915 CVE-2022-42916
FULLDISC:20230123 APPLE-SA-2023-01-23-6 macOS Big Sur 11.7.3 CVE-2022-35252
FULLDISC:20230123 Re: HNS-2022-01 - HN Security Advisory - Multiple vulnerabilities in Solaris dtprintinfo and libXm/libXpm CVE-2023-24039 CVE-2023-24040
FULLDISC:20230126 [SYSS-2022-047] Razer Synapse - Local Privilege Escalation CVE-2021-44226
FULLDISC:20230130 Trovent Security Advisory 2203-01 / Micro Focus GroupWise transmits session ID in URL CVE-2022-38756
FULLDISC:20230214 OXAS-ADV-2022-0002: OX App Suite Security Advisory CVE-2022-42889
FULLDISC:20230216 Remote Code Execution in Kardex MLOG CVE-2023-22855
FULLDISC:20230227 [NetworkSEC NWSSA] CVE-2023-26602: ASUS ASMB8 iKVM RCE and SSH Root Access CVE-2023-26602
FULLDISC:20230227 [NetworkSEC NWSSA] CVE-2023-26609: ABUS Security Camera LFI, RCE and SSH Root CVE-2023-26609
FULLDISC:20230302 SEC Consult SA-20230228-0 :: OS Command Injectionin Barracuda CloudGen WAN CVE-2023-26213
FULLDISC:20230327 APPLE-SA-2023-03-27-3 macOS Ventura 13.3 CVE-2022-43552 CVE-2023-0049 CVE-2023-0051 CVE-2023-0054 CVE-2023-0288 CVE-2023-0433 CVE-2023-0512
FULLDISC:20230327 APPLE-SA-2023-03-27-4 macOS Monterey 12.6.4 CVE-2023-0433 CVE-2023-0512
FULLDISC:20230327 APPLE-SA-2023-03-27-5 macOS Big Sur 11.7.5 CVE-2022-26702 CVE-2023-0433 CVE-2023-0512
FULLDISC:20230330 RSA NetWitness EDR Agent / Incorrect Access Control - Code Execution / CVE-2022-47529 CVE-2022-47529
FULLDISC:20230418 [CVE-2023-22620] SecurePoint UTM <= 12.2.5 "spcgi.cgi" sessionId Information Disclosure Allowing Device Takeover CVE-2023-22620
FULLDISC:20230418 [CVE-2023-22897] SecurePoint UTM <= 12.2.5 "spcgi.cgi" Remote Memory Contents Information Disclosure CVE-2023-22897
FULLDISC:20230424 Security vulnerabilities in Telit Cinterion IoT (formerly Thales) devices CVE-2020-15858
FULLDISC:20230428 Piwigo - CVE-2023-26876 CVE-2023-26876
FULLDISC:20230508 SCHUTZWERK-SA-2023-001: SQL Injection in Spryker Commerce OS CVE-2022-28888 CVE-2023-27568
FULLDISC:20230511 CyberDanube Security Research 20230511-0 | Multiple Vulnerabilities in Advantech EKI-15XX Series CVE-2023-2573 CVE-2023-2574 CVE-2023-2575
FULLDISC:20230529 SEC Consult SA-20230516-0 :: Multiple Vulnerabilities in Serenity and StartSharp Software CVE-2023-31285 CVE-2023-31286 CVE-2023-31287
FULLDISC:20230530 CVE-2022-48335 - Buffer Overflow in Widevine Trustlet (PRDiagVerifyProvisioning @ 0x5f90) CVE-2015-6639 CVE-2015-6647
FULLDISC:20230530 SCHUTZWERK-SA-2022-001: Cross-Site-Scripting in Papaya Medical Viewer CVE-2023-33255
FULLDISC:20230530 [RT-SA-2023-003] Pydio Cells: Unauthorised Role Assignments CVE-2023-32749
FULLDISC:20230607 LPE and RCE in RenderDoc: CVE-2023-33865, CVE-2023-33864, CVE-2023-33863 CVE-2005-1513 CVE-2023-33863 CVE-2023-33864 CVE-2023-33865
FULLDISC:20230707 SEC Consult SA-20230703-0 :: Multiple Vulnerabilities including Unauthenticated RCE in Siemens A8000 CVE-2023-28489 CVE-2023-33919 CVE-2023-33920 CVE-2023-33921
FULLDISC:20230707 ServiceNow Account Takeover to Full Admin Compromise CVE-2022-43684
FULLDISC:20230719 CVE-2023-38408: Remote Code Execution in OpenSSH's forwarded ssh-agent CVE-2010-3856 CVE-2016-10009
FULLDISC:20230719 [RT-SA-2023-001] Session Token Enumeration in RWS WorldServer CVE-2023-38357
FULLDISC:20230721 [SYSS-2023-005]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38335) CVE-2023-38335
FULLDISC:20230721 [SYSS-2023-006]: Omnis Studio - Expected Behavior Violation (CWE-440) (CVE-2023-38334) CVE-2023-38334
FULLDISC:20230724 APPLE-SA-2023-07-24-1 Safari 16.6 CVE-2023-20593 CVE-2023-28130 CVE-2023-3269 CVE-2023-34434 CVE-2023-35088 CVE-2023-36542 CVE-2023-37895 CVE-2023-3817 CVE-2023-38334 CVE-2023-38335 CVE-2023-38435 CVE-2023-38633 CVE-2023-39508
FULLDISC:20230725 APPLE-SA-2023-07-24-4 macOS Ventura 13.5 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322 CVE-2023-2953
FULLDISC:20230725 APPLE-SA-2023-07-24-5 macOS Monterey 12.6.8 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322 CVE-2023-2953
FULLDISC:20230725 APPLE-SA-2023-07-24-6 macOS Big Sur 11.7.9 CVE-2023-28319 CVE-2023-28320 CVE-2023-28321 CVE-2023-28322 CVE-2023-2953
FULLDISC:20230801 CVE-2023-28130 - Hostname injection leads to Remote Code Execution RCE (Authenticated) CVE-2023-28130
FULLDISC:20230811 St. Poelten UAS | Multiple Vulnerabilities in Phoenix Contact TC Cloud Client / TC Router / Cloud Client CVE-2023-3526 CVE-2023-3569
FULLDISC:20230811 St. Poelten UAS | Multiple XSS in Advantech EKI 15XX Series CVE-2023-4202 CVE-2023-4203
FULLDISC:20230815 Missing Immutable Root of Trust in Hardware (CWE-1326) / CVE-2023-22955 CVE-2023-22955
FULLDISC:20230815 Use of Hard-coded Cryptographic Key (CWE-321) / CVE-2023-22956 CVE-2023-22956
FULLDISC:20230815 Use of Hard-coded Cryptographic Key (CWE-321) / CVE-2023-22957 CVE-2023-22957
FULLDISC:20230817 KL-001-2023-003: Cisco ThousandEyes Enterprise Agent Virtual Appliance Arbitrary File Modification via sudoedit CVE-2023-22809
FULLDISC:20230823 [KIS-2023-05] SugarCRM <= 12.2.0 (Notes) Unrestricted File Upload Vulnerability CVE-2023-35808
FULLDISC:20230823 [KIS-2023-06] SugarCRM <= 12.2.0 (updateGeocodeStatus) Bean Manipulation Vulnerability CVE-2023-35809
FULLDISC:20230823 [KIS-2023-07] SugarCRM <= 12.2.0 (Docusign_GlobalSettings) PHP Object Injection Vulnerability CVE-2023-35810
FULLDISC:20230823 [KIS-2023-08] SugarCRM <= 12.2.0 Two SQL Injection Vulnerabilities CVE-2023-35811
FULLDISC:20230823 [KIS-2023-09] CrafterCMS <= 4.0.2 Multiple Reflected Cross-Site Scripting Vulnerabilities CVE-2023-4136
FULLDISC:20230904 Vulnerabilities in Internet Radio auna IR-160 SE (UIProto) CVE-2019-13473 CVE-2019-13474
FULLDISC:20230908 APPLE-SA-2023-09-07-2 iOS 16.6.1 and iPadOS 16.6.1 CVE-2023-41061
FULLDISC:20230908 APPLE-SA-2023-09-07-3 watchOS 9.6.2 CVE-2023-41061
FULLDISC:20230918 SEC Consult SA-20230829-0 :: Reflected Cross-Site Scripting (XSS) in PTC - Codebeamer (ALM Solution) CVE-2023-4296
FULLDISC:20230918 [SYSS-2023-002] Razer Synapse - Local Privilege Escalation CVE-2021-44226 CVE-2022-47631 CVE-2022-47632
FULLDISC:20231002 APPLE-SA-09-26-2023-1 Safari 17 CVE-2023-35074 CVE-2023-40417 CVE-2023-40451 CVE-2023-41074
FULLDISC:20231002 APPLE-SA-09-26-2023-2 macOS Sonoma 14 CVE-2023-23495 CVE-2023-29497 CVE-2023-32361 CVE-2023-32377 CVE-2023-32396 CVE-2023-32421 CVE-2023-35074 CVE-2023-35984 CVE-2023-35990 CVE-2023-37448 CVE-2023-38586 CVE-2023-38596 CVE-2023-38615 CVE-2023-39233 CVE-2023-39434 CVE-2023-40384 CVE-2023-40386 CVE-2023-40388 CVE-2023-40391 CVE-2023-40395 CVE-2023-40399 CVE-2023-40400 CVE-2023-40402 CVE-2023-40403 CVE-2023-40406 CVE-2023-40407 CVE-2023-40410 CVE-2023-40417 CVE-2023-40420 CVE-2023-40422 CVE-2023-40424 CVE-2023-40426 CVE-2023-40427 CVE-2023-40429 CVE-2023-40432 CVE-2023-40434 CVE-2023-40436 CVE-2023-40441 CVE-2023-40448 CVE-2023-40450 CVE-2023-40452 CVE-2023-40454 CVE-2023-40455 CVE-2023-40541 CVE-2023-41063 CVE-2023-41065 CVE-2023-41066 CVE-2023-41067 CVE-2023-41070 CVE-2023-41073 CVE-2023-41074 CVE-2023-41078 CVE-2023-41079 CVE-2023-41968 CVE-2023-41979 CVE-2023-41980 CVE-2023-41981 CVE-2023-41984 CVE-2023-41986 CVE-2023-41995
FULLDISC:20231002 APPLE-SA-09-26-2023-3 Additional information for APPLE-SA-2023-09-21-3 iOS 16.7 and iPadOS 16.7 CVE-2023-35990 CVE-2023-40395 CVE-2023-40403 CVE-2023-40420 CVE-2023-40448 CVE-2023-40454 CVE-2023-41063 CVE-2023-41068 CVE-2023-41070 CVE-2023-41073 CVE-2023-41232 CVE-2023-41981 CVE-2023-41984
FULLDISC:20231002 APPLE-SA-09-26-2023-4 Additional information for APPLE-SA-2023-09-21-6 macOS Ventura 13.6 CVE-2023-40403 CVE-2023-40406 CVE-2023-40409 CVE-2023-40412 CVE-2023-40420 CVE-2023-40427 CVE-2023-40452 CVE-2023-41063 CVE-2023-41070 CVE-2023-41073 CVE-2023-41968 CVE-2023-41981 CVE-2023-41996
FULLDISC:20231002 APPLE-SA-09-26-2023-5 Additional information for APPLE-SA-2023-09-21-7 macOS Monterey 12.7 CVE-2023-40395 CVE-2023-40403 CVE-2023-40406 CVE-2023-40409 CVE-2023-40412 CVE-2023-40420 CVE-2023-40427 CVE-2023-40452 CVE-2023-41073 CVE-2023-41968
FULLDISC:20231002 APPLE-SA-09-26-2023-6 Xcode 15 CVE-2023-32396 CVE-2023-40391 CVE-2023-40435
FULLDISC:20231002 APPLE-SA-09-26-2023-7 iOS 17 and iPadOS 17 CVE-2023-32361 CVE-2023-32396 CVE-2023-35074 CVE-2023-35984 CVE-2023-35990 CVE-2023-38596 CVE-2023-39434 CVE-2023-40384 CVE-2023-40391 CVE-2023-40395 CVE-2023-40399 CVE-2023-40400 CVE-2023-40403 CVE-2023-40409 CVE-2023-40412 CVE-2023-40417 CVE-2023-40419 CVE-2023-40420 CVE-2023-40424 CVE-2023-40427 CVE-2023-40428 CVE-2023-40429 CVE-2023-40431 CVE-2023-40432 CVE-2023-40434 CVE-2023-40441 CVE-2023-40443 CVE-2023-40452 CVE-2023-40456 CVE-2023-40520 CVE-2023-41063 CVE-2023-41065 CVE-2023-41068 CVE-2023-41070 CVE-2023-41073 CVE-2023-41074 CVE-2023-41174 CVE-2023-41968 CVE-2023-41980 CVE-2023-41981 CVE-2023-41986 CVE-2023-41995
FULLDISC:20231002 APPLE-SA-09-26-2023-8 watchOS 10 CVE-2023-32361 CVE-2023-32396 CVE-2023-35074 CVE-2023-35984 CVE-2023-35990 CVE-2023-38596 CVE-2023-39434 CVE-2023-40395 CVE-2023-40399 CVE-2023-40400 CVE-2023-40403 CVE-2023-40409 CVE-2023-40410 CVE-2023-40412 CVE-2023-40417 CVE-2023-40418 CVE-2023-40419 CVE-2023-40420 CVE-2023-40424 CVE-2023-40427 CVE-2023-40429 CVE-2023-40432 CVE-2023-40452 CVE-2023-40456 CVE-2023-40520 CVE-2023-41065 CVE-2023-41068 CVE-2023-41070 CVE-2023-41073 CVE-2023-41074 CVE-2023-41174 CVE-2023-41968 CVE-2023-41981
FULLDISC:20231002 APPLE-SA-09-26-2023-9 tvOS 17 CVE-2023-32361 CVE-2023-32396 CVE-2023-35074 CVE-2023-35984 CVE-2023-38596 CVE-2023-40384 CVE-2023-40391 CVE-2023-40395 CVE-2023-40399 CVE-2023-40400 CVE-2023-40403 CVE-2023-40409 CVE-2023-40412 CVE-2023-40419 CVE-2023-40420 CVE-2023-40427 CVE-2023-40429 CVE-2023-40432 CVE-2023-40452 CVE-2023-40456 CVE-2023-40520 CVE-2023-41063 CVE-2023-41065 CVE-2023-41068 CVE-2023-41073 CVE-2023-41074 CVE-2023-41174 CVE-2023-41968 CVE-2023-41981
FULLDISC:20231005 APPLE-SA-2023-10-04-1 iOS 17.0.3 and iPadOS 17.0.3 CVE-2023-5217
FULLDISC:20231005 CVE-2023-4911: Local Privilege Escalation in the glibc's ld.so CVE-2019-19726
FULLDISC:20231005 SEC Consult SA-20231005 :: Open Redirect in SAP BSP Test Application it00 (Bypass for CVE-2020-6215 Patch) CVE-2020-6215
FULLDISC:20231016 APPLE-SA-10-10-2023-1 iOS 16.7.1 and iPadOS 16.7.1 CVE-2023-5217
FULLDISC:20231016 Defense in depth -- the Microsoft way (part 86): shipping rotten software to billions of unsuspecting customers CVE-2023-38039
FULLDISC:20231016 Squid Caching Proxy Security Audit: 55 Vulnerabilities, 35 0days. CVE-2021-28651 CVE-2021-28652 CVE-2021-28662 CVE-2021-31806 CVE-2021-31807 CVE-2021-31808 CVE-2021-33620
FULLDISC:20231025 APPLE-SA-10-25-2023-1 iOS 17.1 and iPadOS 17.1 CVE-2023-40408 CVE-2023-40413 CVE-2023-40416 CVE-2023-40423 CVE-2023-40445 CVE-2023-40447 CVE-2023-40449 CVE-2023-41072 CVE-2023-41254 CVE-2023-41976 CVE-2023-41982 CVE-2023-41983 CVE-2023-41988 CVE-2023-41997 CVE-2023-42841 CVE-2023-42845 CVE-2023-42846 CVE-2023-42847 CVE-2023-42849 CVE-2023-42852 CVE-2023-42857
FULLDISC:20231025 APPLE-SA-10-25-2023-2 iOS 16.7.2 and iPadOS 16.7.2 CVE-2023-32359 CVE-2023-40408 CVE-2023-40413 CVE-2023-40416 CVE-2023-40423 CVE-2023-40447 CVE-2023-40449 CVE-2023-41254 CVE-2023-41976 CVE-2023-41977 CVE-2023-41982 CVE-2023-41983 CVE-2023-41997 CVE-2023-42841 CVE-2023-42846 CVE-2023-42849 CVE-2023-42852
FULLDISC:20231025 APPLE-SA-10-25-2023-3 iOS 15.8 and iPadOS 15.8 CVE-2023-32434
FULLDISC:20231025 APPLE-SA-10-25-2023-4 macOS Sonoma 14.1 CVE-2023-30774 CVE-2023-38403 CVE-2023-40404 CVE-2023-40405 CVE-2023-40408 CVE-2023-40413 CVE-2023-40416 CVE-2023-40421 CVE-2023-40423 CVE-2023-40444 CVE-2023-40447 CVE-2023-40449 CVE-2023-41072 CVE-2023-41254 CVE-2023-41975 CVE-2023-41976 CVE-2023-41977 CVE-2023-41982 CVE-2023-41983 CVE-2023-41988 CVE-2023-41989 CVE-2023-41997 CVE-2023-42438 CVE-2023-42841 CVE-2023-42842 CVE-2023-42844 CVE-2023-42845 CVE-2023-42847 CVE-2023-42849 CVE-2023-42850 CVE-2023-42852 CVE-2023-42854 CVE-2023-42856 CVE-2023-42857 CVE-2023-42861 CVE-2023-4733 CVE-2023-4734 CVE-2023-4735 CVE-2023-4736 CVE-2023-4738 CVE-2023-4750 CVE-2023-4751 CVE-2023-4752 CVE-2023-4781
FULLDISC:20231025 APPLE-SA-10-25-2023-5 macOS Ventura 13.6.1 CVE-2023-38403 CVE-2023-40401 CVE-2023-40413 CVE-2023-40416 CVE-2023-40421 CVE-2023-40423 CVE-2023-40449 CVE-2023-41077 CVE-2023-41254 CVE-2023-41975 CVE-2023-42841 CVE-2023-42844 CVE-2023-42849 CVE-2023-42854 CVE-2023-42856
FULLDISC:20231025 APPLE-SA-10-25-2023-6 macOS Monterey 12.7.1 CVE-2023-40413 CVE-2023-40416 CVE-2023-40421 CVE-2023-40423 CVE-2023-40425 CVE-2023-40449 CVE-2023-41975 CVE-2023-42844 CVE-2023-42849 CVE-2023-42854 CVE-2023-42856
FULLDISC:20231025 APPLE-SA-10-25-2023-7 tvOS 17.1 CVE-2023-40447 CVE-2023-41976 CVE-2023-42846 CVE-2023-42852
FULLDISC:20231025 APPLE-SA-10-25-2023-8 watchOS 10.1 CVE-2023-40408 CVE-2023-40413 CVE-2023-40447 CVE-2023-41254 CVE-2023-41976 CVE-2023-41982 CVE-2023-41988 CVE-2023-41997 CVE-2023-42846 CVE-2023-42849 CVE-2023-42852
FULLDISC:20231025 APPLE-SA-10-25-2023-9 Safari 17.1 CVE-2023-40447 CVE-2023-41976 CVE-2023-41983 CVE-2023-42852
FULLDISC:20231027 LKX-2023-001 VinChin VMWare Backup CVE-2023-45498 CVE-2023-45499
FULLDISC:20231112 HNS-2023-03 - HN Security Advisory - Multiple vulnerabilities in Zephyr RTOS CVE-2023-3725 CVE-2023-4257 CVE-2023-4259 CVE-2023-4260 CVE-2023-4262 CVE-2023-4263 CVE-2023-4264 CVE-2023-4265 CVE-2023-5139 CVE-2023-5184 CVE-2023-5753
FULLDISC:20231127 SEC Consult SA-20231122 :: Multiple Vulnerabilities in m-privacy TightGate-Pro CVE-2006-1078 CVE-2006-1079 CVE-2007-0664 CVE-2009-4491 CVE-2023-47250 CVE-2023-47251
FULLDISC:20231127 SEC Consult SA-20231123 :: Uninstall Key Caching in Fortra Digital Guardian Agent Uninstaller CVE-2023-6253
FULLDISC:20231127 [CVE-2023-46383, CVE-2023-46384, CVE-2023-46385] Multiple vulnerabilities in Loytec products (2) CVE-2023-46383 CVE-2023-46384 CVE-2023-46385
FULLDISC:20231127 [CVE-2023-46386, CVE-2023-46387, CVE-2023-46388, CVE-2023-46389] Multiple vulnerabilities in Loytec products (3) CVE-2023-46386 CVE-2023-46387 CVE-2023-46388 CVE-2023-46389
FULLDISC:20231127 [SYSS-2023-019] SmartNode SN200 - Unauthenticated OS Command Injection CVE-2023-41109
FULLDISC:20231212 APPLE-SA-11-30-2023-1 Safari 17.1.2 CVE-2023-42916 CVE-2023-42917
FULLDISC:20231212 APPLE-SA-11-30-2023-2 iOS 17.1.2 and iPadOS 17.1.2 CVE-2023-42916 CVE-2023-42917
FULLDISC:20231212 APPLE-SA-11-30-2023-3 macOS Sonoma 14.1.2 CVE-2023-42916 CVE-2023-42917
FULLDISC:20231212 APPLE-SA-12-11-2023-1 Safari 17.2 CVE-2023-42883 CVE-2023-42890
FULLDISC:20231212 APPLE-SA-12-11-2023-2 iOS 17.2 and iPadOS 17.2 CVE-2023-42883 CVE-2023-42884 CVE-2023-42890 CVE-2023-42897 CVE-2023-42898 CVE-2023-42899 CVE-2023-42914 CVE-2023-42919 CVE-2023-42922 CVE-2023-42923 CVE-2023-42927 CVE-2023-45866
FULLDISC:20231212 APPLE-SA-12-11-2023-3 iOS 16.7.3 and iPadOS 16.7.3 CVE-2023-42883 CVE-2023-42884 CVE-2023-42899 CVE-2023-42914 CVE-2023-42916 CVE-2023-42917 CVE-2023-42919 CVE-2023-42922
FULLDISC:20231212 APPLE-SA-12-11-2023-4 macOS Sonoma 14.2 CVE-2020-19185 CVE-2020-19186 CVE-2020-19187 CVE-2020-19188 CVE-2020-19189 CVE-2020-19190 CVE-2023-42842 CVE-2023-42874 CVE-2023-42882 CVE-2023-42883 CVE-2023-42884 CVE-2023-42886 CVE-2023-42890 CVE-2023-42891 CVE-2023-42894 CVE-2023-42898 CVE-2023-42899 CVE-2023-42900 CVE-2023-42901 CVE-2023-42902 CVE-2023-42903 CVE-2023-42904 CVE-2023-42905 CVE-2023-42906 CVE-2023-42907 CVE-2023-42908 CVE-2023-42909 CVE-2023-42910 CVE-2023-42911 CVE-2023-42912 CVE-2023-42914 CVE-2023-42919 CVE-2023-42922 CVE-2023-42924 CVE-2023-42926 CVE-2023-42927 CVE-2023-42932 CVE-2023-45866 CVE-2023-5344
FULLDISC:20231212 APPLE-SA-12-11-2023-5 macOS Ventura 13.6.3 CVE-2020-19185 CVE-2020-19186 CVE-2020-19187 CVE-2020-19188 CVE-2020-19189 CVE-2020-19190 CVE-2023-42884 CVE-2023-42886 CVE-2023-42891 CVE-2023-42894 CVE-2023-42899 CVE-2023-42914 CVE-2023-42919 CVE-2023-42922 CVE-2023-42924 CVE-2023-42932 CVE-2023-5344
FULLDISC:20231212 APPLE-SA-12-11-2023-6 macOS Monterey 12.7.2 CVE-2020-19185 CVE-2020-19186 CVE-2020-19187 CVE-2020-19188 CVE-2020-19189 CVE-2020-19190 CVE-2023-42886 CVE-2023-42891 CVE-2023-42894 CVE-2023-42899 CVE-2023-42914 CVE-2023-42919 CVE-2023-42922 CVE-2023-42932 CVE-2023-5344
FULLDISC:20231212 APPLE-SA-12-11-2023-7 tvOS 17.2 CVE-2023-42883 CVE-2023-42884 CVE-2023-42890 CVE-2023-42898 CVE-2023-42899 CVE-2023-42914 CVE-2023-42916 CVE-2023-42917
FULLDISC:20231212 APPLE-SA-12-11-2023-8 watchOS 10.2 CVE-2023-42883 CVE-2023-42890 CVE-2023-42898 CVE-2023-42899 CVE-2023-42914 CVE-2023-42916 CVE-2023-42917 CVE-2023-42919 CVE-2023-42927
FULLDISC:20231212 HNS-2023-04 - HN Security Advisory - Buffer overflow vulnerabilities with long path names in TinyDir CVE-2023-49287
FULLDISC:20231212 SEC Consult SA-20231205 :: Argument injection leading to unauthenticated RCE and authentication bypass in Atos Unify OpenScape Session Border Controller (SBC), Branch, BCF CVE-2023-6269
FULLDISC:20231212 SEC Consult SA-20231211-0 :: Local Privilege Escalation via MSI installer in PDF24 Creator CVE-2023-49147
FULLDISC:20231212 [KIS-2023-13] ISPConfig <= 3.2.11 (language_edit.php) PHP Code Injection Vulnerability CVE-2023-46818
FULLDISC:20231219 APPLE-SA-12-19-2023-1 macOS Sonoma 14.2.1 CVE-2023-42940
FULLDISC:20231219 Disclosure of CVE-2023-50917: RCE Vulnerability in MajorDoM CVE-2023-50917
FULLDISC:20231219 [ES2023-01] Asterisk susceptible to Denial of Service via DTLS Hello packets during call initiation CVE-2023-49786
FULLDISC:20231219 [KIS-2023-14] PKP-WAL <= 3.4.0-3 (NativeImportExportPlugin) Remote Code Execution Vulnerability CVE-2023-47271
FULLDISC:20240114 CyberDanube Security Research 20240109-0 | Multiple Vulnerabilities in JetNet Series CVE-2023-5347 CVE-2023-5376
FULLDISC:20240126 APPLE-SA-01-22-2024-1 Safari 17.3 CVE-2024-23206 CVE-2024-23211 CVE-2024-23213
FULLDISC:20240126 APPLE-SA-01-22-2024-2 iOS 17.3 and iPadOS 17.3 CVE-2024-23203 CVE-2024-23204 CVE-2024-23206 CVE-2024-23207 CVE-2024-23208 CVE-2024-23210 CVE-2024-23211 CVE-2024-23212 CVE-2024-23213 CVE-2024-23214 CVE-2024-23215 CVE-2024-23217 CVE-2024-23218 CVE-2024-23219 CVE-2024-23223
FULLDISC:20240126 APPLE-SA-01-22-2024-3 iOS 16.7.5 and iPadOS 16.7.5 CVE-2023-38039 CVE-2023-38545 CVE-2023-38546 CVE-2023-42888 CVE-2023-42915 CVE-2023-42937 CVE-2024-23206 CVE-2024-23211 CVE-2024-23212 CVE-2024-23213 CVE-2024-23214
FULLDISC:20240126 APPLE-SA-01-22-2024-4 iOS 15.8.1 and iPadOS 15.8.1 CVE-2023-42916 CVE-2023-42917
FULLDISC:20240126 APPLE-SA-01-22-2024-5 macOS Sonoma 14.3 CVE-2024-23203 CVE-2024-23204 CVE-2024-23206 CVE-2024-23207 CVE-2024-23208 CVE-2024-23209 CVE-2024-23210 CVE-2024-23211 CVE-2024-23212 CVE-2024-23213 CVE-2024-23214 CVE-2024-23215 CVE-2024-23217 CVE-2024-23218 CVE-2024-23223 CVE-2024-23224
FULLDISC:20240126 APPLE-SA-01-22-2024-6 macOS Ventura 13.6.4 CVE-2023-38039 CVE-2023-38545 CVE-2023-38546 CVE-2023-40528 CVE-2023-42887 CVE-2023-42888 CVE-2023-42915 CVE-2023-42935 CVE-2023-42937 CVE-2024-23207 CVE-2024-23212 CVE-2024-23224
FULLDISC:20240126 APPLE-SA-01-22-2024-7 macOS Monterey 12.7.3 CVE-2023-38039 CVE-2023-38545 CVE-2023-38546 CVE-2023-42888 CVE-2023-42915 CVE-2023-42937 CVE-2024-23207 CVE-2024-23212
FULLDISC:20240126 APPLE-SA-01-22-2024-8 watchOS 10.3 CVE-2024-23204 CVE-2024-23206 CVE-2024-23207 CVE-2024-23208 CVE-2024-23210 CVE-2024-23211 CVE-2024-23212 CVE-2024-23213 CVE-2024-23215 CVE-2024-23217 CVE-2024-23218 CVE-2024-23223
FULLDISC:20240126 APPLE-SA-01-22-2024-9 tvOS 17.3 CVE-2024-23206 CVE-2024-23208 CVE-2024-23210 CVE-2024-23212 CVE-2024-23213 CVE-2024-23215 CVE-2024-23218 CVE-2024-23223
FULLDISC:20240126 Buffer Overflow in glXQueryServerString() of mesa CVE-2023-45919
FULLDISC:20240126 Multiple Vulnerabilities in Reprise License Manager 15.1 (CVE-2023-43183, CVE-2023-44031) CVE-2023-43183 CVE-2023-44031
FULLDISC:20240126 NULL pointer dereference in QT via the function QXcbConnection::initializeAllAtoms() CVE-2023-45935
FULLDISC:20240126 NULL pointer dereference in __glXGetDrawableAttribute() of Mesa CVE-2023-45922
FULLDISC:20240126 NULL pointer dereference in glXGetDrawableScreen() of OpenGL libglvnd CVE-2023-45924
FULLDISC:20240126 Null pointer deference in XGetWMHints() of Xfig CVE-2023-45920
FULLDISC:20240126 Null pointer deference in freedesktop mesa CVE-2023-45913
FULLDISC:20240126 [Full Disclosure] CVE-2024-22901: Default MYSQL Credentials in Vinchin Backup & Recovery v7.2 and Earlier CVE-2022-35866
FULLDISC:20240126 null pointer deference in GNU Midnight at /tty/x11conn.c CVE-2023-45925
FULLDISC:20240126 null pointer deference in MiniZinc via a crafted .mzn file CVE-2023-46046
FULLDISC:20240126 null pointer deference in Sane via a crafted config file CVE-2023-46047
FULLDISC:20240126 null pointer deference in tex-live CVE-2023-46051
FULLDISC:20240126 null pointer deference in tex-live via a crafted cmr10.pfb CVE-2023-46048
FULLDISC:20240127 Re: NULL pointer dereference in freedesktop Mesa via check_xshm() CVE-2023-45922
FULLDISC:20240204 CVE-2023-6246: Heap-based buffer overflow in the glibc's syslog() CVE-2021-3156 CVE-2022-39046
FULLDISC:20240213 Buffer Overflow Vulnerabilities in KiTTY Start Duplicated Session Hostname (CVE-2024-25003) & Username (CVE-2024-25004) Variables CVE-2024-23749 CVE-2024-25003 CVE-2024-25004
FULLDISC:20240213 Command Injection Vulnerability in KiTTY Get Remote File Through SCP Input (CVE-2024-23749) CVE-2024-23749 CVE-2024-25003 CVE-2024-25004
FULLDISC:20240213 SEC Consult SA-20240212-0 :: Multiple Stored Cross-Site Scripting vulnerabilities in Statamic CMS CVE-2024-24570
FULLDISC:20240220 Re: Buffer Overflow in graphviz via via a crafted config6a file CVE-2023-46045
FULLDISC:20240220 SEC Consult SA-20240220-0 :: Multiple Stored Cross-Site Scripting Vulnerabilities in OpenOLAT (Frentix GmbH) CVE-2024-25973 CVE-2024-25974
FULLDISC:20240302 JetStream Smart Switch - TL-SG2210P v5.0/ Improper Access Control / CVE-2023-43318 CVE-2023-43318
FULLDISC:20240302 Multilaser Router - Access Control Bypass through Cookie Manipulation - CVE-2023-38946 CVE-2023-38946
FULLDISC:20240302 Multilaser Router - Access Control Bypass through URL Manipulation - CVE-2023-38945 CVE-2021-31152 CVE-2023-38945
FULLDISC:20240302 SEC Consult SA-20240226-0 :: Local Privilege Escalation via DLL Hijacking in Qognify VMS Client Viewer CVE-2023-49114
FULLDISC:20240305 KL-001-2024-001: Artica Proxy Unauthenticated LFI Protection Bypass Vulnerability CVE-2024-2053
FULLDISC:20240305 KL-001-2024-002: Artica Proxy Unauthenticated PHP Deserialization Vulnerability CVE-2024-2054
FULLDISC:20240305 KL-001-2024-003: Artica Proxy Unauthenticated File Manager Vulnerability CVE-2024-2055
FULLDISC:20240305 KL-001-2024-004: Artica Proxy Loopback Services Remotely Accessible Unauthenticated CVE-2024-2056
FULLDISC:20240313 APPLE-SA-03-05-2024-1 iOS 17.4 and iPadOS 17.4 CVE-2024-23225 CVE-2024-23243 CVE-2024-23256 CVE-2024-23296
FULLDISC:20240313 APPLE-SA-03-05-2024-2 iOS 16.7.6 and iPadOS 16.7.6 CVE-2024-23225
FULLDISC:20240313 APPLE-SA-03-07-2024-1 Safari 17.4 CVE-2024-23252 CVE-2024-23254 CVE-2024-23263 CVE-2024-23273 CVE-2024-23280
FULLDISC:20240313 APPLE-SA-03-07-2024-2 macOS Sonoma 14.4 CVE-2022-42816 CVE-2022-48554 CVE-2023-42853 CVE-2023-48795 CVE-2023-51384 CVE-2023-51385 CVE-2024-0258 CVE-2024-23205 CVE-2024-23216 CVE-2024-23225 CVE-2024-23227 CVE-2024-23230 CVE-2024-23231 CVE-2024-23232 CVE-2024-23233 CVE-2024-23234 CVE-2024-23235 CVE-2024-23238 CVE-2024-23239 CVE-2024-23241 CVE-2024-23242 CVE-2024-23244 CVE-2024-23245 CVE-2024-23246 CVE-2024-23247 CVE-2024-23248 CVE-2024-23249 CVE-2024-23250 CVE-2024-23252 CVE-2024-23253 CVE-2024-23254 CVE-2024-23255 CVE-2024-23257 CVE-2024-23258 CVE-2024-23259 CVE-2024-23260 CVE-2024-23263 CVE-2024-23264 CVE-2024-23265 CVE-2024-23266 CVE-2024-23267 CVE-2024-23268 CVE-2024-23269 CVE-2024-23270 CVE-2024-23272 CVE-2024-23273 CVE-2024-23274 CVE-2024-23275 CVE-2024-23276 CVE-2024-23277 CVE-2024-23278 CVE-2024-23279 CVE-2024-23280 CVE-2024-23281 CVE-2024-23283 CVE-2024-23285 CVE-2024-23286 CVE-2024-23287 CVE-2024-23288 CVE-2024-23289 CVE-2024-23290 CVE-2024-23291 CVE-2024-23292 CVE-2024-23293 CVE-2024-23294 CVE-2024-23296
FULLDISC:20240313 APPLE-SA-03-07-2024-3 macOS Ventura 13.6.5 CVE-2023-28826 CVE-2024-23201 CVE-2024-23203 CVE-2024-23204 CVE-2024-23216 CVE-2024-23217 CVE-2024-23218 CVE-2024-23225 CVE-2024-23227 CVE-2024-23230 CVE-2024-23231 CVE-2024-23234 CVE-2024-23245 CVE-2024-23247 CVE-2024-23257 CVE-2024-23264 CVE-2024-23265 CVE-2024-23266 CVE-2024-23267 CVE-2024-23268 CVE-2024-23269 CVE-2024-23270 CVE-2024-23272 CVE-2024-23274 CVE-2024-23275 CVE-2024-23276 CVE-2024-23278 CVE-2024-23283 CVE-2024-23286
FULLDISC:20240313 APPLE-SA-03-07-2024-4 macOS Monterey 12.7.4 CVE-2023-28826 CVE-2024-23201 CVE-2024-23204 CVE-2024-23216 CVE-2024-23218 CVE-2024-23225 CVE-2024-23227 CVE-2024-23230 CVE-2024-23234 CVE-2024-23244 CVE-2024-23245 CVE-2024-23247 CVE-2024-23257 CVE-2024-23264 CVE-2024-23265 CVE-2024-23266 CVE-2024-23267 CVE-2024-23268 CVE-2024-23269 CVE-2024-23270 CVE-2024-23272 CVE-2024-23274 CVE-2024-23275 CVE-2024-23276 CVE-2024-23283 CVE-2024-23286
FULLDISC:20240313 APPLE-SA-03-07-2024-5 watchOS 10.4 CVE-2022-48554 CVE-2024-0258 CVE-2024-23225 CVE-2024-23231 CVE-2024-23235 CVE-2024-23239 CVE-2024-23246 CVE-2024-23250 CVE-2024-23254 CVE-2024-23263 CVE-2024-23265 CVE-2024-23278 CVE-2024-23280 CVE-2024-23286 CVE-2024-23287 CVE-2024-23288 CVE-2024-23289 CVE-2024-23290 CVE-2024-23291 CVE-2024-23293 CVE-2024-23296 CVE-2024-23297
FULLDISC:20240313 APPLE-SA-03-07-2024-6 tvOS 17.4 CVE-2022-48554 CVE-2024-0258 CVE-2024-23225 CVE-2024-23235 CVE-2024-23239 CVE-2024-23241 CVE-2024-23246 CVE-2024-23250 CVE-2024-23254 CVE-2024-23263 CVE-2024-23264 CVE-2024-23265 CVE-2024-23270 CVE-2024-23278 CVE-2024-23280 CVE-2024-23286 CVE-2024-23288 CVE-2024-23290 CVE-2024-23291 CVE-2024-23293 CVE-2024-23296 CVE-2024-23297
FULLDISC:20240313 APPLE-SA-03-07-2024-7 visionOS 1.1 CVE-2024-23220 CVE-2024-23225 CVE-2024-23235 CVE-2024-23246 CVE-2024-23254 CVE-2024-23257 CVE-2024-23258 CVE-2024-23262 CVE-2024-23263 CVE-2024-23264 CVE-2024-23265 CVE-2024-23286 CVE-2024-23295 CVE-2024-23296
FULLDISC:20240313 APPLE-SA-03-12-2024-1 GarageBand 10.4.11 CVE-2024-23300
FULLDISC:20240313 HNS-2024-05 - HN Security Advisory - Multiple vulnerabilities in RT-Thread RTOS CVE-2024-24334
FULLDISC:20240313 SEC Consult SA-20240307-0 :: Local Privilege Escalation via writable files in Checkmk Agent (CVE-2024-0670) CVE-2024-0670
FULLDISC:20240313 StimulusReflex CVE-2024-28121 CVE-2024-28121
FULLDISC:20240313 [Full Disclosure] CVE-2024-25228: Unpatched Command Injection in Vinchin Backup & Recovery Versions 7.2 and Earlier CVE-2024-25228
FULLDISC:20240327 APPLE-SA-03-25-2024-1 Safari 17.4.1 CVE-2024-1580
FULLDISC:20240327 APPLE-SA-03-25-2024-2 macOS Sonoma 14.4.1 CVE-2024-1580
FULLDISC:20240327 APPLE-SA-03-25-2024-3 macOS Ventura 13.6.6 CVE-2024-1580
FULLDISC:20240327 APPLE-SA-03-25-2024-4 iOS 17.4.1 and iPadOS 17.4.1 CVE-2024-1580
FULLDISC:20240327 APPLE-SA-03-25-2024-5 iOS 16.7.7 and iPadOS 16.7.7 CVE-2024-1580
FULLDISC:20240327 APPLE-SA-03-25-2024-6 visionOS 1.1.1 CVE-2024-1580
FULLDISC:20240405 SCHUTZWERK-SA-2023-003: Authentication Bypass in Visual Planning REST API CVE-2023-49231
FULLDISC:20240405 SCHUTZWERK-SA-2023-004: Authentication Bypass via Password Reset Functionality in Visual Planning CVE-2023-49232
FULLDISC:20240405 SCHUTZWERK-SA-2023-006: Arbitrary File Read via XML External Entities in Visual Planning CVE-2023-49234
FULLDISC:20240410 OXAS-ADV-2024-0001: OX App Suite Security Advisory CVE-2023-46604
FULLDISC:20240410 Trojan.Win32.Razy.abc / Insecure Permissions (In memory IPC) CVE-2022-47529
FULLDISC:20240419 MindManager 23 - full disclosure CVE-2021-41526
FULLDISC:20240424 Response to CVE-2023-26756 - Revive Adserver CVE-2023-26756
FULLDISC:20240506 OXAS-ADV-2024-0002: OX App Suite Security Advisory CVE-2024-23186 CVE-2024-23187 CVE-2024-23188 CVE-2024-23193
FULLDISC:20240514 APPLE-SA-05-08-2024-1 iTunes 12.13.2 for Windows CVE-2024-27793
FULLDISC:20240514 APPLE-SA-05-13-2024-1 Safari 17.5 CVE-2024-27834
FULLDISC:20240514 APPLE-SA-05-13-2024-2 iOS 17.5 and iPadOS 17.5 CVE-2023-42893 CVE-2024-27796 CVE-2024-27803 CVE-2024-27804 CVE-2024-27810 CVE-2024-27816 CVE-2024-27818 CVE-2024-27821 CVE-2024-27834 CVE-2024-27835 CVE-2024-27839 CVE-2024-27841 CVE-2024-27847 CVE-2024-27852
FULLDISC:20240514 APPLE-SA-05-13-2024-3 iOS 16.7.8 and iPadOS 16.7.8 CVE-2024-23296 CVE-2024-27789
FULLDISC:20240514 APPLE-SA-05-13-2024-4 macOS Sonoma 14.5 CVE-2023-42893 CVE-2024-23236 CVE-2024-27796 CVE-2024-27798 CVE-2024-27804 CVE-2024-27810 CVE-2024-27813 CVE-2024-27816 CVE-2024-27818 CVE-2024-27821 CVE-2024-27822 CVE-2024-27824 CVE-2024-27825 CVE-2024-27827 CVE-2024-27829 CVE-2024-27834 CVE-2024-27837 CVE-2024-27841 CVE-2024-27842 CVE-2024-27843 CVE-2024-27847
FULLDISC:20240514 APPLE-SA-05-13-2024-5 macOS Ventura 13.6.7 CVE-2023-42861 CVE-2024-23296 CVE-2024-27789
FULLDISC:20240514 APPLE-SA-05-13-2024-6 macOS Monterey 12.7.5 CVE-2024-23229