- Databáze Hot News Bugtraq -

Poslední aktualizace v 09.09.2016 20:29:20

 

#CONFidence 2014- Call for Papers, only 0111 days left to become CONFidence ninja 2014-02-08Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability 2016-08-31
%windir%\temp\sso\ssoexec.dll (or: how trustworthy is Microsoft's build process) 2012-03-04Cisco Security Advisory: Cisco Small Business Router Password Disclosure Vulnerability 2014-03-05
(AUSCERT#20131775e) AusCERT 2013 Call For Presentations - closing in 10 days 2013-01-21Cisco Security Advisory: Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability 2016-08-31
(CFP) LACSEC 2012: 7th Network Security Event for Latin America and the Caribbean 2012-01-15Cisco Security Advisory: Cisco Small Business SRP 500 Series Multiple Vulnerabilities 2012-02-23
*.Shell.com Port 443 DROWN decryption attack 2016-04-20Cisco Security Advisory: Cisco Small Business SRP500 Series Command Injection Vulnerability 2011-11-02
*CLOSING IN 5 DAYS * Re: AppSec DC 2012 - Call for Trainers 2011-12-09Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability 2013-04-17
.NET Framework 4.6 allows side loading of Windows API Set DLL 2016-04-12Cisco Security Advisory: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability 2014-01-22
.NET Framework EncoderParameter integer overflow vulnerability 2012-04-23Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability 2011-07-29
.Net Framework Tilde Character DoS - Sorry, exploit-db link corrected 2012-07-04Cisco Security Advisory: Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability 2016-04-06
.Net Framework Tilde Character DoS 2012-07-04Cisco Security Advisory: Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability 2016-04-06
/tmp race condition in IBM Installation Manager V1.8.1 install script 2015-11-14Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
[ GLSA 201110-01 ] OpenSSL: Multiple vulnerabilities 2011-10-09Cisco Security Advisory: Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability 2016-04-06
[ GLSA 201110-03 ] 2011-10-10Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability 2013-05-15
[ GLSA 201110-04 ] 2011-10-10Cisco Security Advisory: Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series Device Default Root Account Manufacturing Error 2011-11-09
[ GLSA 201110-05 ] GnuTLS: Multiple vulnerabilities 2011-10-10Cisco Security Advisory: Cisco TelePresence System Software Command Execution Vulnerability 2014-01-22
[ GLSA 201110-06 ] PHP: Multiple vulnerabilities 2011-10-10Cisco Security Advisory: Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities 2012-02-29
[ GLSA 201110-07 ] vsftpd: Denial of Service 2011-10-10Cisco Security Advisory: Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability 2014-01-22
[ GLSA 201110-08 ] feh: Multiple vulnerabilities 2011-10-13Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability 2013-11-06
[ GLSA 201110-09 ] Conky: Privilege escalation 2011-10-13Cisco Security Advisory: Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability 2016-05-04
[ GLSA 201110-10 ] Wget: User-assisted file creation or overwrite 2011-10-13Cisco Security Advisory: Cisco UCS Invicta Default SSH Key Vulnerability 2016-04-06
[ GLSA 201110-11 ] Adobe Flash Player: Multiple vulnerabilities 2011-10-13Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities 2011-08-24
[ GLSA 201110-12 ] Unbound: Denial of Service 2011-10-15Cisco Security Advisory: Cisco Unified Communications Manager Directory Traversal Vulnerability 2011-10-26
[ GLSA 201110-13 ] Tor: Multiple vulnerabilities 2011-10-18Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability 2013-08-21
[ GLSA 201110-14 ] D-Bus: Multiple vulnerabilities 2011-10-21Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability 2012-09-26
[ GLSA 201110-15 ] GnuPG: User-assisted execution of arbitrary code 2011-10-22Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerabilities 2011-09-28
[ GLSA 201110-16 ] Cyrus IMAP Server: Multiple vulnerabilities 2011-10-22Cisco Security Advisory: Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities 2012-02-29
[ GLSA 201110-17 ] Avahi: Denial of Service 2011-10-22Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability 2014-09-08
[ GLSA 201110-18 ] rgmanager: Privilege escalation 2011-10-22Cisco Security Advisory: Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability 2016-01-20
[ GLSA 201110-19 ] X.Org X Server: Multiple vulnerabilities 2011-10-22Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability 2011-10-26
[ GLSA 201110-20 ] Clam AntiVirus: Multiple vulnerabilities 2011-10-23Cisco Security Advisory: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability 2013-01-09
[ GLSA 201110-21 ] Asterisk: Multiple vulnerabilities 2011-10-24Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability 2015-07-22
[ GLSA 201110-22 ] PostgreSQL: Multiple vulnerabilities 2011-10-25Cisco Security Advisory: Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability 2012-09-12
[ GLSA 201110-23 ] Apache mod_authnz_external: SQL injection 2011-10-25Cisco Security Advisory: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities 2011-09-14
[ GLSA 201110-24 ] Squid: Multiple vulnerabilities 2011-10-26Cisco Security Advisory: Cisco Videoscape Delivery System Denial of Service Vulnerability 2015-07-15
[ GLSA 201110-25 ] Pure-FTPd: Multiple vulnerabilities 2011-10-26Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability 2013-11-06
[ GLSA 201110-26 ] libxml2: Multiple vulnerabilities 2011-10-26Cisco Security Advisory: Cisco Web Security Appliance Cache Reply Denial of Service Vulnerability 2015-11-04
[ GLSA 201111-01 ] Chromium, V8: Multiple vulnerabilities 2011-11-01Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability 2016-05-18
[ GLSA 201111-02 ] Oracle JRE/JDK: Multiple vulnerabilities 2011-11-05Cisco Security Advisory: Cisco Web Security Appliance Certificate Generation Command Injection Vulnerability 2015-11-04
[ GLSA 201111-03 ] OpenTTD: Multiple vulnerabilities 2011-11-11Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability 2016-05-18
[ GLSA 201111-04 ] phpDocumentor: Function call injection 2011-11-11Cisco Security Advisory: Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability 2016-05-18
[ GLSA 201111-05 ] Chromium, V8: Multiple vulnerabilities 2011-11-19Cisco Security Advisory: Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability 2016-05-18
[ GLSA 201111-06 ] MaraDNS: Arbitrary code execution 2011-11-20Cisco Security Advisory: Cisco Web Security Appliance Range Request Denial of Service Vulnerability 2015-11-04
[ GLSA 201111-07 ] TinTin++: Multiple vulnerabilities 2011-11-20Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution 2016-08-31
[ GLSA 201111-08 ] radvd: Multiple vulnerabilities 2011-11-20Cisco Security Advisory: Cisco Wide Area Application Service CIFS DoS Vulnerability 2016-01-27
[ GLSA 201111-09 ] Perl Safe module: Arbitrary Perl code injection 2011-11-20Cisco Security Advisory: Cisco Wireless LAN Controller Denial of Service Vulnerability 2016-04-20
[ GLSA 201111-10 ] Evince: Multiple vulnerabilities 2011-11-20Cisco Security Advisory: Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability 2016-04-20
[ GLSA 201111-11 ] GNU Tar: User-assisted execution of arbitrary code 2011-11-20Cisco Security Advisory: Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability 2016-04-20
[ GLSA 201201-01 ] phpMyAdmin: Multiple vulnerabilities 2012-01-04Cisco Security Advisory: Cisco Wireless LAN Controller Unauthorized Access Vulnerability 2016-01-13
[ GLSA 201201-02 ] MySQL: Multiple vulnerabilities 2012-01-05Cisco Security Advisory: Cisco Wireless Residential Gateway Remote Code Execution Vulnerability 2014-07-16
[ GLSA 201201-03 ] Chromium, V8: Multiple vulnerabilities 2012-01-08Cisco Security Advisory: Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability 2016-03-09
[ GLSA 201201-04 ] Logsurfer: Arbitrary code execution 2012-01-20Cisco Security Advisory: CiscoWorks Common Services Arbitrary Command Execution Vulnerability 2011-10-19
[ GLSA 201201-12 ] Tor: Multiple vulnerabilities 2012-01-23Cisco Security Advisory: CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities 2011-09-14
[ GLSA 201201-13 ] MIT Kerberos 5: Multiple vulnerabilities 2012-01-23Cisco Security Advisory: Denial of Service Vulnerabilities in Cisco Intercompany Media Engine 2011-08-24
[ GLSA 201201-14 ] MIT Kerberos 5 Applications: Multiple vulnerabilities 2012-01-23Cisco Security Advisory: Denial of Service Vulnerability in Cisco TelePresence Codecs 2011-08-31
[ GLSA 201201-15 ] ktsuss: Privilege escalation 2012-01-27Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras 2011-10-26
[ GLSA 201201-16 ] X.Org X Server/X Keyboard Configuration Database: Screen lock bypass 2012-01-27Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager 2011-10-05
[ GLSA 201201-17 ] Chromium: Multiple vulnerabilities 2012-01-28Cisco Security Advisory: GNU Bash Environmental Variable Command Injection Vulnerability 2014-09-26
[ GLSA 201201-18 ] bip: Multiple vulnerabilities 2012-01-30Cisco Security Advisory: GNU glibc gethostbyname Function Buffer Overflow Vulnerability 2015-01-28
[ GLSA 201201-19 ] Adobe Reader: Multiple vulnerabilities 2012-01-30Cisco Security Advisory: Jabber Extensible Communications Platform and Cisco Unified Presence XML Denial of Service Vulnerability 2011-09-28
[ MDVSA-2011:106 ] subversion 2011-06-04Cisco Security Advisory: Multiple Cisco Products libSRTP Denial of Service Vulnerability 2016-04-20
[ MDVSA-2011:107 ] fetchmail 2011-06-07Cisco Security Advisory: Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA 2015-06-25
[ MDVSA-2011:108 ] xerces-j2 2011-06-13Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client 2012-06-20
[ MDVSA-2011:109 ] webmin 2011-06-13Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module 2011-10-05
[ MDVSA-2011:110 ] gimp 2011-06-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module 2012-03-14
[ MDVSA-2011:111 ] mozilla 2011-06-22Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module 2012-10-10
[ MDVSA-2011:112 ] blender 2011-07-18Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2013-10-09
[ MDVSA-2011:114 ] blender 2011-07-18Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2014-04-09
[ MDVSA-2011:115 ] bind 2011-07-20Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2014-10-08
[ MDVSA-2011:116 ] curl 2011-07-22Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2015-02-11
[ MDVSA-2011:117 ] krb5-appl 2011-07-22Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2015-07-09
[ MDVSA-2011:118 ] wireshark 2011-07-24Cisco Security Advisory: Multiple Vulnerabilities in Cisco Content Security Management Appliance 2013-06-26
[ MDVSA-2011:119 ] libsndfile 2011-07-25Cisco Security Advisory: Multiple Vulnerabilities in Cisco Email Security Appliance 2013-06-26
[ MDVSA-2011:120 ] freetype2 2011-07-27Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module 2011-10-05
[ MDVSA-2011:121 ] samba 2011-07-27Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module 2012-10-10
[ MDVSA-2011:122 ] clamav 2011-08-13Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software 2013-10-09
[ MDVSA-2011:123 ] squirrelmail 2011-08-13Cisco Security Advisory: Multiple Vulnerabilities in Cisco Intrusion Prevention System Software 2013-07-17
[ MDVSA-2011:124 ] phpmyadmin 2011-08-14Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features 2012-03-28
[ MDVSA-2011:125 ] foomatic-filters 2011-08-14Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers 2013-10-30
[ MDVSA-2011:126 ] java-1.6.0-openjdk 2011-08-15Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product 2013-04-24
[ MDVSA-2011:127 ] mozilla 2011-08-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
[ MDVSA-2011:128 ] dhcp 2011-08-18Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-09-18
[ MDVSA-2011:129 ] mozilla 2011-09-03Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System 2014-01-15
[ MDVSA-2011:130 ] apache 2011-09-04Cisco Security Advisory: Multiple Vulnerabilities in Cisco Small Business RV Series Routers 2014-11-05
[ MDVSA-2011:130-1 ] apache 2011-09-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices 2012-07-11
[ MDVSA-2011:131 ] libxml 2011-09-05Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager 2012-07-11
[ MDVSA-2011:131-1 ] libxml 2011-10-09Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch 2012-07-11
[ MDVSA-2011:132 ] pidgin 2011-09-06Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server 2012-07-11
[ MDVSA-2011:132-1 ] pidgin 2011-09-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software 2013-06-19
[ MDVSA-2011:133 ] mozilla 2011-09-07Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager 2014-07-09
[ MDVSA-2011:133-1 ] mozilla 2011-09-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager 2013-07-17
[ MDVSA-2011:134 ] rsyslog 2011-09-09Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager 2013-08-21
[ MDVSA-2011:134-1 ] rsyslog 2011-09-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System 2013-04-24
[ MDVSA-2011:135 ] iproute2 2011-09-23Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software 2013-05-08
[ MDVSA-2011:136 ] openssl 2011-09-28Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing 2012-10-31
[ MDVSA-2011:137 ] openssl 2011-09-28Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unity Connection 2012-02-29
[ MDVSA-2011:138 ] wireshark 2011-09-28Cisco Security Advisory: Multiple Vulnerabilities in Cisco Web Security Appliance 2013-06-26
[ MDVSA-2011:139 ] firefox 2011-10-01Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers 2012-02-29
[ MDVSA-2011:140 ] mozilla-thunderbird 2011-10-01Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers 2013-01-23
[ MDVSA-2011:141 ] firefox 2011-10-01Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers 2014-03-05
[ MDVSA-2011:142 ] mozilla-thunderbird 2011-10-01Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 2015-10-22
[ MDVSA-2011:143 ] rpm 2011-10-05Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products 2014-12-23
[ MDVSA-2011:144 ] apache 2011-10-08Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 2016-05-04
[ MDVSA-2011:145 ] libxml2 2011-10-09Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 2016-09-27
[ MDVSA-2011:146 ] cups 2011-10-10Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Video Surveillance Manager 2013-07-24
[ MDVSA-2011:147 ] cups 2011-10-10Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players 2013-09-04
[ MDVSA-2011:148 ] samba 2011-10-11Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format Player 2012-10-10
[ MDVSA-2011:149 ] cyrus-imapd 2011-10-14Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server 2011-08-24
[ MDVSA-2011:150 ] squid 2011-10-15Cisco Security Advisory: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products 2015-07-10
[ MDVSA-2011:151 ] libpng 2011-10-17Cisco Security Advisory: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products 2014-04-09
[ MDVSA-2011:152 ] ncompress 2011-10-17Cisco Security Advisory: Portable SDK for UPnP Devices Contains Buffer Overflow Vulnerabilities 2013-01-29
[ MDVSA-2011:153 ] libxfont 2011-10-17Cisco Security Advisory: Vulnerability in GNU glibc Affecting Cisco Products: February 2016 2016-02-18
[ MDVSA-2011:154 ] systemtap 2011-10-17Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products 2015-12-09
[ MDVSA-2011:155 ] systemtap 2011-10-17Cisco Security Advisory:Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability 2016-08-17
[ MDVSA-2011:156 ] tomcat5 2011-10-18Cisco Security Advisory:Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability 2016-04-13
[ MDVSA-2011:157 ] freetype2 2011-10-21Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability 2016-03-09
[ MDVSA-2011:158 ] phpmyadmin 2011-10-21Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue 2013-03-18
[ MDVSA-2011:159 ] krb5 2011-10-22Cisco Systems Product Security Incident Response Team (psirt cisco com) 
[ MDVSA-2011:160 ] krb5 2011-10-22Cisco TelePresence Multiple Vulnerabilities - SOS-11-010 2011-09-19
[ MDVSA-2011:161 ] postgresql 2011-10-24Cisco Video Surveillance Operations Manager Multiple vulnerabilities 2013-03-13
[ MDVSA-2011:162 ] kdelibs4 2011-11-01Cisco/Linksys E1200 N300 Reflected XSS 2013-04-29
[ MDVSA-2011:163 ] phpldapadmin 2011-11-02Cisco/Linksys HTTP Service Remote DoS (Denial of Service) 2013-04-24
[ MDVSA-2011:164 ] wireshark 2011-11-02Citrix Receiver, XenDesktop "Pass-the-hash" Attack 2011-12-14
[ MDVSA-2011:165 ] php 2011-11-03CitrusDB 2.4.1 - LFI/SQLi Vulnerability 2012-04-07
[ MDVSA-2011:166 ] php 2011-11-03CJWSoft ASPGuest GuestBook 'edit.asp' - SQL Injection Vulnerability 2012-02-23
[ MDVSA-2011:167 ] gimp 2011-11-04Classic Infomedia (Login) - Auth Bypass Web Vulnerability 2016-01-27
[ MDVSA-2011:168 ] apache 2011-11-09Classified Ads Script PHP v1.1 - SQL Injection Vulnerabilities 2012-07-04
[ MDVSA-2011:170 ] java-1.6.0-openjdk 2011-11-11Clean Master v1.0 - Unquoted Path Privilege Escalation 2016-10-05
[ MDVSA-2011:171 ] networkmanager 2011-11-11ClipBucket CMS Xss Vulnerability 2014-06-14
[ MDVSA-2011:172 ] libreoffice 2011-11-12CLscript CMS v3.0 - Multiple Web Vulnerabilities 2012-07-04
[ MDVSA-2011:173 ] openssl0.9.8 2011-11-12ClubHack Magazine's April 2012 Issue is released. 2012-04-17
[ MDVSA-2011:174 ] graphite2 2011-11-14ClubHack2012 CFP Open Now 2012-07-05
[ MDVSA-2011:175 ] poppler 2011-11-15CM-AD-Changer XSS Vulnerability 2016-04-23
[ MDVSA-2011:176 ] bind 2011-11-17CMSimple_XH 1.5.2 Cross-site Scripting vulnerability 2012-03-21
[ MDVSA-2011:176-1 ] bind 2011-11-17CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies 2012-10-19
[ MDVSA-2011:176-2 ] bind 2011-11-18CmyDocument Content Management Application - XSS Vulnerabilities 2011-11-02
[ MDVSA-2011:177 ] freetype2 2011-11-21CNNVD Gov CN #1 - Filter Bypass & Persistent Web Vulnerability 2014-02-21
[ MDVSA-2011:178 ] glibc 2011-11-25Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability 2017-01-11
[ MDVSA-2011:179 ] glibc 2011-11-25CobraScripts (search_result.php?cid) Remote SQL injection Vulnerability 2011-07-24
[ MDVSA-2011:180 ] php-suhosin 2011-11-28CobraScripts (selloffers.php?cid) Remote SQL injection Vulnerability 2011-07-28
[ MDVSA-2011:181 ] proftpd 2011-12-07CodeIgniter <= 2.1.1 xss_clean() Cross Site Scripting filter bypass 2012-07-20
[ MDVSA-2011:182 ] dhcp 2011-12-08Coherendz (products.php?cat_id) Remote SQL injection Vulnerability 2011-07-28
[ MDVSA-2011:183 ] pidgin 2011-12-11Colasoft Capsa7.2.1 Malformed SNMP Packet Denial of Service 2011-09-14
[ MDVSA-2011:184 ] krb5 2011-12-12CollabNet Subversion Edge missing single login restriction 2015-06-28
[ MDVSA-2011:185 ] libcap 2011-12-12CollabNet Subversion Edge missing XSRF protection 2015-06-28
[ MDVSA-2011:186 ] nfs-utils 2011-12-12CollabNet Subversion Edge weak password policy 2015-06-28
[ MDVSA-2011:187 ] php-pear 2011-12-15CollabNet Subversion Edge weak password storage mechanism 2015-06-28
[ MDVSA-2011:188 ] libxml2 2011-12-15COM+ Services DLL side loading vulnerability 2015-12-12
[ MDVSA-2011:189 ] jasper 2011-12-16Command Injection in cool-video-gallery v1.9 Wordpress plugin 2015-12-07
[ MDVSA-2011:190 ] libarchive 2011-12-18Command injection vulnerability in Synology Photo Station 2015-05-25
[ MDVSA-2011:191 ] libarchive 2011-12-19Commentics 2.0 <= Multiple Vulnerabilities 2012-06-20
[ MDVSA-2011:192 ] mozilla 2011-12-24CommPort 1.01 <= SQL Injection Vulnerability 2012-08-27
[ MDVSA-2011:193 ] squid 2011-12-27Community Server - Reflected Cross-Site Scripting - 2011-08-04
[ MDVSA-2011:194 ] icu 2011-12-27Community Server - Stored Cross-Site Scripting in User's Signature 2011-08-04
[ MDVSA-2011:195 ] krb5-appl 2011-12-28Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability 2016-02-03
[ MDVSA-2011:196 ] ipmitool 2011-12-28ComSndFTP Server Remote Format String Overflow Vulnerability 2012-06-07
[ MDVSA-2011:197 ] php 2011-12-30Concrete CMS 5.4.1.1 <= Cross Site Scripting 2011-08-22
[ MDVSA-2011:198 ] phpmyadmin 2012-01-01CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops! 2013-05-17
[ MDVSA-2012:001 ] fcgi 2012-01-02CONFidence 2013 - Call for Papers - 28-29.05.2013 Krakow, Poland 2013-02-25
[ MDVSA-2012:002 ] t1lib 2012-01-02Confluence Vulnerabilities 2016-01-04
[ MDVSA-2012:003 ] apache 2012-01-10Construtiva CIS Manager CMS POST SQLi 2014-05-19
[ MDVSA-2012:004 ] t1lib 2012-01-12Contao 2.10.1 Cross-site scripting vulnerability 2011-10-08
[ MDVSA-2012:005 ] libxml2 2012-01-16Contenido v4.9.11 CMS - (Backend) Multiple XSS Vulnerabilities 2016-10-11
[ MDVSA-2012:006 ] openssl 2012-01-16Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072) 2015-02-09
[ MDVSA-2012:007 ] openssl 2012-01-16Copy to WebDAV v1.1 iOS - Multiple Web Vulnerabilities 2013-08-16
[ MDVSA-2012:008 ] perl 2012-01-18CORE Advisories Team (advisories coresecurity com) 
[ MDVSA-2012:009 ] perl 2012-01-18Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow 2016-11-27
[ MDVSA-2012:010 ] cacti 2012-01-20CORE-2010-1021: IBM WebSphere Application Server Cross-Site Request Forgery 2011-06-15
[ MDVSA-2012:011 ] openssl 2012-01-29CORE-2011-0106: Microsoft Publisher 2007 Pubconv.dll Memory Corruption 2011-10-12
[ MDVSA-2012:012 ] apache 2012-02-02CORE-2011-0203 - MS HyperV Persistent DoS Vulnerability 2011-06-14
[ MDVSA-2012:013 ] mozilla 2012-02-03CORE-2011-0506 - Multiples Vulnerabilities in ManageEngine ServiceDesk Plus 2011-09-14
[ MDVSA-2012:014 ] glpi 2012-02-06CORE-2011-0514: Multiple vulnerabilities in HP Data Protector 2011-06-29
[ MDVSA-2012:015 ] wireshark 2012-02-09CORE-2011-0606: HP Data Protector EXEC_CMD Buffer Overflow Vulnerability 2011-06-29
[ MDVSA-2012:016 ] glpi 2012-02-10CORE-2011-0919: Apple OS X Sandbox Predefined Profiles Bypass 2011-11-10
[ MDVSA-2012:017 ] firefox 2012-02-12CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow 2012-07-17
[ MDVSA-2012:018 ] mozilla-thunderbird 2012-02-13CORE-2012-0123 - SAP Netweaver Dispatcher Multiple Vulnerabilities 2012-05-08
[ MDVSA-2012:019 ] apr 2012-02-14CORE-2012-0530 - Lattice Diamond Programmer Buffer Overflow 2012-06-21
[ MDVSA-2012:020 ] phpldapadmin 2012-02-15CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities 2013-02-15
[ MDVSA-2012:021 ] java-1.6.0-openjdk 2012-02-17CORE-2013-0302 - Zavio IP Cameras multiple vulnerabilities 2013-05-28
[ MDVSA-2012:022 ] libpng 2012-02-22CORE-2013-0318 - TP-Link IP Cameras Multiple Vulnerabilities 2013-05-28
[ MDVSA-2012:022 ] mozilla 2012-02-23CORE-2013-0322 - MayGion IP Cameras multiple vulnerabilities 2013-05-28
[ MDVSA-2012:022-1 ] mozilla 2012-02-28CORE-2013-0430 - Buffer overflow in Ubiquiti airCam RTSP service 2013-06-11
[ MDVSA-2012:023 ] libvpx 2012-02-27CORE-2013-0517 - Xpient Cash Drawer Operation Vulnerability 2013-06-05
[ MDVSA-2012:023 ] libxml2 2012-02-22CORE-2013-0613 - FOSCAM IP-Cameras Improper Access Restrictions 2013-07-23
[ MDVSA-2012:023-1 ] libvpx 2012-02-28CORE-2013-0701 - Artweaver Buffer Overflow Vulnerability 2013-07-22
[ MDVSA-2012:025 ] samba 2012-02-28CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass 2013-11-05
[ MDVSA-2012:026 ] postgresql 2012-02-29CORE-2013-0705 - XnView Buffer Overflow Vulnerability 2013-07-22
[ MDVSA-2012:027 ] postgresql8.3 2012-02-29CORE-2013-0726 - AVTECH DVR multiple vulnerabilities 2013-08-28
[ MDVSA-2012:028 ] libxslt 2012-03-01CORE-2013-0807 - Divide Error in Windows Kernel 2013-12-11
[ MDVSA-2012:029 ] pidgin 2012-03-16CORE-2013-0808 - EPS Viewer Buffer Overflow Vulnerability 2013-08-28
[ MDVSA-2012:030 ] systemd 2012-03-16CORE-2013-0828 - PDFCool Studio Buffer Overflow Vulnerability 2013-10-01
[ MDVSA-2012:031 ] firefox 2012-03-17CORE-2013-0904 - PinApp Mail-SeCure Access Control Failure 2013-10-01
[ MDVSA-2012:032 ] mozilla 2012-03-20CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability 2013-12-10
[ MDVSA-2012:032-1 ] mozilla 2012-04-17Corel Software DLL Hijacking 2015-01-12
[ MDVSA-2012:033 ] libpng 2012-03-21Corrections about Squid/McAfee URL Filtering Bypass 2012-04-30
[ MDVSA-2012:034 ] libzip 2012-03-23Cosmoshop - XSS on Admin-Login Mask 2015-02-14
[ MDVSA-2012:035 ] file 2012-03-23Crashing Android devices with large Assisted-GPS Data Files [CVE-2016-5348] 2016-10-10
[ MDVSA-2012:036 ] libsoup 2012-03-23Crashing Browsers Remotely via Insecure Search Suggestions 2016-07-26
[ MDVSA-2012:037 ] cyrus-imapd 2012-03-23CreatiWeb Remote SQL injection Vulnerability 2011-08-24
[ MDVSA-2012:038 ] openssl 2012-03-26Critical issues affecting Steam users 2012-10-15
[ MDVSA-2012:039 ] libtasn1 2012-03-27Critical vulnerabilities discovered in Gazelle and TBDEV.net 2013-10-15
[ MDVSA-2012:040 ] gnutls 2012-03-27Cross site request forgery vulnerability in Linksys WAG120N 2015-08-23
[ MDVSA-2012:041 ] expat 2012-03-27Cross Site Scripting Vulnerability In Verint Impact 360 2016-11-08
[ MDVSA-2012:042 ] wireshark 2012-03-28Cross Site Scription Vulnerability in vBulletin 4.1.3, 4.1.4 and 4.1.5 2011-08-02
[ MDVSA-2012:043 ] nginx 2012-03-29Cross-Site Request Forgery (CSRF) in CMS Made Simple 2012-11-07
[ MDVSA-2012:044 ] cvs 2012-03-29Cross-Site Request Forgery (CSRF) in UMI.CMS 2013-05-08
[ MDVSA-2012:045 ] gnutls 2012-03-30Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network 2016-01-29
[ MDVSA-2012:050 ] phpmyadmin 2012-04-03Cross-Site Request Forgery in ALO EasyMail Newsletter WordPress Plugin 2016-08-01
[ MDVSA-2012:051 ] libvorbis 2012-04-03Cross-Site Request Forgery in Cerb 2015-09-02
[ MDVSA-2012:052 ] libvorbis 2012-04-03Cross-Site Request Forgery on Oxwall 2015-10-29
[ MDVSA-2012:053 ] ocsinventory 2012-04-04Cross-Site Request Forgery vulnerability in Add From Server WordPress Plugin 2016-08-08
[ MDVSA-2012:054 ] libtiff 2012-04-05Cross-Site Scripting (XSS) in BackWPup WordPress Plugin 2013-08-21
[ MDVSA-2012:055 ] samba 2012-04-11Cross-Site Scripting (XSS) in Duplicator WordPress Plugin 2013-07-24
[ MDVSA-2012:056 ] rpm 2012-04-12Cross-Site Scripting (XSS) in Feng Office 2013-10-09
[ MDVSA-2012:057 ] freetype2 2012-04-12Cross-Site Scripting (XSS) in Ilch CMS 2014-03-05
[ MDVSA-2012:058 ] curl 2012-04-13Cross-Site Scripting (XSS) in Kayako Fusion 2012-09-05
[ MDVSA-2012:059 ] python-sqlalchemy 2012-04-16Cross-Site Scripting (XSS) in Komento Joomla Extension 2014-01-23
[ MDVSA-2012:060 ] openssl 2012-04-19Cross-Site Scripting (XSS) in Magnolia CMS 2013-07-24
[ MDVSA-2012:061 ] raptor 2012-04-21Cross-Site Scripting (XSS) in Microsoft ReportViewer Controls 2011-08-22
[ MDVSA-2012:062 ] openoffice.org 2012-04-21Cross-Site Scripting (XSS) in Photo Gallery WordPress plugin 2014-10-01
[ MDVSA-2012:063 ] libreoffice 2012-04-21Cross-Site Scripting (XSS) in Pivotx 2012-05-09
[ MDVSA-2012:064 ] openssl0.9.8 2012-04-24Cross-Site Scripting (XSS) in qTranslate WordPress Plugin 2015-07-29
[ MDVSA-2012:065 ] php 2012-04-27Cross-Site Scripting (XSS) in Redaxo 2012-07-25
[ MDVSA-2012:066 ] mozilla 2012-04-27Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin 2013-11-15
[ MDVSA-2012:067 ] samba 2012-05-01Cross-Site Scripting (XSS) in Twilight CMS 2013-08-21
[ MDVSA-2012:068-1 ] php 2012-05-10Cross-Site Scripting (XSS) in WikkaWiki 2013-09-11
[ MDVSA-2012:069 ] cifs-utils 2012-05-04Cross-Site Scripting (XSS) Vulnerabilities in Flogr 2012-09-05
[ MDVSA-2012:070 ] samba 2012-05-04Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin 2013-02-06
[ MDVSA-2012:071 ] php 2012-05-10Cross-Site Scripting (XSS) vulnerability in gpEasy 2013-01-23
[ MDVSA-2012:072 ] roundcubemail 2012-05-10Cross-Site Scripting (XSS) vulnerability in Quick.Cms and Quick.Cart 2013-01-09
[ MDVSA-2012:073 ] openssl 2012-05-11Cross-Site Scripting | Zeuscart V4 2015-11-02
[ MDVSA-2012:074 ] ffmpeg 2012-05-14Cross-Site Scripting in Activity Log WordPress Plugin 2016-08-03
[ MDVSA-2012:074-1 ] ffmpeg 2012-08-30Cross-Site Scripting in Calendar WordPress Plugin 2016-11-08
[ MDVSA-2012:075 ] ffmpeg 2012-05-15Cross-Site Scripting in Code Snippets WordPress Plugin 2016-07-24
[ MDVSA-2012:076 ] ffmpeg 2012-05-15Cross-Site Scripting in Contact Bank WordPress Plugin 2016-08-01
[ MDVSA-2012:077 ] imagemagick 2012-05-17Cross-Site Scripting in Contact Form to Email WordPress Plugin 2016-07-24
[ MDVSA-2012:078 ] imagemagick 2012-05-17Cross-Site Scripting in Count per Day WordPress Plugin 2016-08-04
[ MDVSA-2012:079 ] sudo 2012-05-21Cross-site Scripting in EventLog Analyzer 9.0 build #9000 2014-07-22
[ MDVSA-2012:080 ] wireshark 2012-05-23Cross-Site Scripting in FormBuilder WordPress Plugin 2016-08-04
[ MDVSA-2012:081 ] firefox 2012-05-24Cross-Site Scripting in Uji Countdown WordPress Plugin 2016-08-02
[ MDVSA-2012:082 ] pidgin 2012-05-28Cross-Site Scripting in WangGuard WordPress Plugin 2016-08-02
[ MDVSA-2012:083 ] util-linux 2012-05-29Cross-Site Scripting in WordPress Landing Pages Plugin 2016-08-03
[ MDVSA-2012:084 ] ncpfs 2012-05-29Cross-Site Scripting Vuln in Zoho ManageEngine ADSelfServicePlus 2011-11-17
[ MDVSA-2012:085 ] tomcat5 2012-05-30Cross-Site Scripting vulnerability in Booking Calendar WordPress Plugin 2016-08-01
[ MDVSA-2012:086 ] acpid 2012-05-31Cross-Site Scripting vulnerability in Events Made Easy WordPress plugin 2016-08-04
[ MDVSA-2012:087 ] nut 2012-06-05Cross-site scripting vulnerability in Invision Power Board version 3.2.3 2012-03-29
[ MDVSA-2012:088 ] mozilla 2012-06-09Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin 2016-11-08
[ MDVSA-2012:088-1 ] mozilla 2012-06-23Cross-Site Scripting vulnerability in search function Activity Log WordPress Plugin 2016-08-03
[ MDVSA-2012:089 ] bind 2012-06-10CRUCMS Crucial Networking - SQL Injection Vulnerability 2015-05-18
[ MDVSA-2012:090 ] openoffice.org 2012-06-14Crushftp 7.2.0 - Multiple CSRF & XSS Vulnerabilitiesþ 2015-02-17
[ MDVSA-2012:091 ] libreoffice 2012-06-14Crystal Office Suite v1.43 - Buffer Overflow Vulnerability 2012-04-12
[ MDVSA-2012:091 ] libreoffice 2012-06-15CsForum v0.8 - Cross Site Scripting Vulnerability 2012-04-08
[ MDVSA-2012:092 ] postgresql 2012-06-15CSNC-2012-004 Generic XSS in AdNovum nevisProxy 2012-06-14
[ MDVSA-2012:093 ] php 2012-06-15CSNC-2016-002 - Open Redirect in OpenAM 2016-02-23
[ MDVSA-2012:094 ] clamav 2012-06-18CSRF - MySQL / PHP.INI Hijacking 2016-04-09
[ MDVSA-2012:095 ] java-1.6.0-openjdk 2012-06-18CSRF (Cross-Site Request Forgery) in DClassifieds 2012-01-25
[ MDVSA-2012:096 ] python 2012-06-20CSRF and Remote Code Execution in EGroupware 2014-05-14
[ MDVSA-2012:096-1 ] python 2012-07-02CSRF and XsS In Manage Engine oputils 2016-02-15
[ MDVSA-2012:097 ] python 2012-06-20CSRF Horde Groupware Web mail Edition 2013-11-03
[ MDVSA-2012:098 ] libxml2 2012-06-21CSV Import XSS Vulnerability 2016-02-24
[ MDVSA-2012:099 ] net-snmp 2012-06-21CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated] 2012-02-19
[ MDVSA-2012:100 ] rsyslog 2012-06-25CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability 2012-02-10
[ MDVSA-2012:101 ] libtiff 2012-07-04CubeCart 5.x | Cross Site Request Forgery (CSRF) Vulnerability 2013-01-01
[ MDVSA-2012:102 ] krb5 2012-07-06CubeCart 5.x | Multiple Cross Site Scripting Vulnerabilities 2013-01-01
[ MDVSA-2012:103 ] automake 2012-07-12Curl Ruby Gem Remote command execution 2013-03-15
[ MDVSA-2012:104 ] openjpeg 2012-07-12CVE 2016-6803: Apache OpenOffice Unquoted Search Path Vulnerability 2016-11-25
[ MDVSA-2012:105 ] pidgin 2012-07-12CVE for Apple's ECDHE-ECDSA SecureTransport bug? 2015-05-20
[ MDVSA-2012:106 ] libexif 2012-07-13CVE ID Syntax Change - Call for Public Feedback 2013-01-23
[ MDVSA-2012:107 ] exif 2012-07-13CVE ID Syntax Change - Deadline Approaching 2014-09-17
[ MDVSA-2012:108 ] php 2012-07-23CVE ID Syntax Change - Deadline Approaching 2014-09-18
[ MDVSA-2012:109 ] libxslt 2012-07-23CVE-2010-2404 | Persistent Cross Site Scripting Vulnerability in Oracle I-Recruitment - E-Business Suite 2011-07-13
[ MDVSA-2012:110 ] mozilla 2012-07-24CVE-2011-0527: VMware vFabric tc Server password obfuscation bypass 2011-08-11
[ MDVSA-2012:110-1 ] mozilla 2012-07-30CVE-2011-2664 Symlink Following and Second-Order Symlink Vulnerabilities in Multiple Check Point Security Management Products 2011-08-16
[ MDVSA-2012:111 ] krb5 2012-08-01CVE-2011-2730: Spring Framework Information Disclosure 2011-09-09
[ MDVSA-2012:111 ] libgdata 2012-07-25CVE-2011-2731: Spring Security privilege escalation when using RunAsManager 2011-09-09
[ MDVSA-2012:112 ] perl-DBD-Pg 2012-07-26CVE-2011-2732: Spring Security header injection vulnerability 2011-09-09
[ MDVSA-2012:113 ] arpwatch 2012-07-26CVE-2011-2894: Spring Framework and Spring Security serialization-based remoting vulnerabilities 2011-09-09
[ MDVSA-2012:114 ] apache-mod_auth_openid 2012-07-26CVE-2011-3682: 2WIRE-SINGTEL 2701HGV-E/2700HGV-2/2700HG GATEWAY ROUTER MANAGEMENT AND DIAGNOSTIC CONSOLE VULNERABILITY 2011-10-31
[ MDVSA-2012:115 ] dhcp 2012-07-26CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) 2012-03-24
[ MDVSA-2012:116 ] dhcp 2012-07-26CVE-2012-0769, the case of the perfect info leak 2012-04-09
[ MDVSA-2012:117 ] python-pycrypto 2012-07-27CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly 2012-02-07
[ MDVSA-2012:118 ] apache-mod_security 2012-07-27CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object 2012-05-16
[ MDVSA-2012:119 ] bind 2012-07-29CVE-2012-1661 - ESRI ArcMap arbitrary code execution via crafted map file. 2012-06-13
[ MDVSA-2012:121 ] libjpeg-turbo 2012-08-01CVE-2012-2149 OpenOffice.org memory overwrite vulnerability 2012-05-16
[ MDVSA-2012:122 ] icedtea-web 2012-08-02CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0 2012-05-16
[ MDVSA-2012:125 ] wireshark 2012-08-06CVE-2012-2380: Apache Roller Cross-Site-Resource-Forgery (XSRF) vulnerability 2012-06-24
[ MDVSA-2012:126 ] libxml2 2012-08-08CVE-2012-2381: Apache Roller Cross-Site-Scripting (XSS) vulnerability 2012-06-24
[ MDVSA-2012:127 ] libtiff 2012-08-08CVE-2012-2665 Manifest-processing errors in Apache OpenOffice 3.4.0 2012-08-27
[ MDVSA-2012:128 ] bash 2012-08-09CVE-2012-3287: md5crypt is no longer considered safe 2012-06-08
[ MDVSA-2012:129 ] busybox 2012-08-10CVE-2012-3819: Stack Overflow in DartWebserver.dll <= 1.9 2012-09-28
[ MDVSA-2012:129-1 ] busybox 2012-08-10CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers 2012-11-19
[ MDVSA-2012:130 ] openldap 2012-08-11CVE-2012-4415: guacamole local root vulnerability 2012-09-24
[ MDVSA-2012:131 ] libotr 2012-08-13CVE-2012-5641 Apache CouchDB Information disclosure via unescaped backslashes in URLs on Windows 2013-01-14
[ MDVSA-2012:132 ] glpi 2012-08-15CVE-2012-5649 Apache CouchDB JSONP arbitrary code execution with Adobe Flash 2013-01-14
[ MDVSA-2012:133 ] usbmuxd 2012-08-16CVE-2012-5650 Apache CouchDB DOM based Cross-Site Scripting via Futon UI 2013-01-14
[ MDVSA-2012:134 ] wireshark 2012-08-16CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2 2013-07-12
[ MDVSA-2012:136 ] phpmyadmin 2012-08-17CVE-2012-6451 Authentication Bypass in LOREX IP Cameras 2013-02-05
[ MDVSA-2012:137 ] acpid 2012-08-17CVE-2012-6452 Axway Secure Messenger Username Disclosure 2013-01-17
[ MDVSA-2012:138 ] acpid 2012-08-17CVE-2012-6493 - Nexpose Security Console - Cross-Site Request Forgery (CSRF) 2013-01-03
[ MDVSA-2012:139 ] postgresql 2012-08-19CVE-2012-6494 - Nexpose Security Console - Session Hijacking 2013-01-03
[ MDVSA-2012:140 ] mono 2012-08-20CVE-2013-0090: MSIE 9 IEFRAME CView::EnsureSize use-after-free 2016-12-16
[ MDVSA-2012:141 ] openslp 2012-08-21CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement 2013-02-22
[ MDVSA-2012:142 ] gimp 2012-08-21CVE-2013-0805 / CSNC-2013-001 2013-01-23
[ MDVSA-2012:143 ] python-django 2012-08-23CVE-2013-1306: MSIE 9 MSHTML CDisp­Node::Insert­Sibling­Node use-after-free details 2016-12-08
[ MDVSA-2012:144 ] tetex 2012-08-28CVE-2013-1402 - DigiLIBE Management Console - Execution After Redirect (EAR) Vulnerability 2013-01-22
[ MDVSA-2012:147 ] mozilla-thunderbird 2012-08-29CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException 2013-05-10
[ MDVSA-2012:148 ] ffmpeg 2012-08-30CVE-2013-2210 2013-06-27
[ MDVSA-2012:149 ] fetchmail 2012-09-01CVE-2013-2504 : Matrix42 Service Desk XSS 2013-04-18
[ MDVSA-2012:150 ] java-1.6.0-openjdk 2012-09-10CVE-2013-3143: MSIE 9 IEFRAME CMarkup..Remove­Pointer­Pos use-after-free 2016-12-14
[ MDVSA-2012:151 ] ghostscript 2012-09-12CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall) 2013-05-20
[ MDVSA-2012:152 ] bind 2012-09-13CVE-2013-3568 - Linksys CSRF + Root Command Injection 2013-07-12
[ MDVSA-2012:152-1 ] bind 2012-10-02CVE-2013-3662 - Sketchup MAC Pict Material Palette Stack Corruption 2013-05-31
[ MDVSA-2012:153 ] dhcp 2012-09-16CVE-2013-3663 - SketchUp BMP RLE8 Heap Overflow 2013-05-31
[ MDVSA-2012:153-1 ] dhcp 2012-10-02CVE-2013-3664 - Sketchup Multiple Vulnerabilities 2013-05-31
[ MDVSA-2012:154 ] apache 2012-09-28CVE-2013-3724 Monkey HTTPD 1.1.1 - Denial of Service Vulnerability 2013-06-04
[ MDVSA-2012:154-1 ] apache 2012-10-01CVE-2013-3734 - JBoss AS Administration Console - Password Returned in Later Response 2013-06-04
[ MDVSA-2012:155 ] xinetd 2012-09-28CVE-2013-3843 Monkey HTTPD 1.2.0 - Buffer Overflow DoS Vulnerability With Possible Arbitrary Code Execution 2013-06-04
[ MDVSA-2012:155-1 ] xinetd 2012-10-02CVE-2013-4124 samba nttrans dos private exploit 2013-08-21
[ MDVSA-2012:156 ] inn 2012-10-02CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework 2013-08-22
[ MDVSA-2012:157 ] openjpeg 2012-10-03CVE-2013-4200 - Plone URL redirection / Forwarding of cookie data (session hijack) in certain browsers 2014-01-16
[ MDVSA-2012:158 ] gc 2012-10-03CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application) 2013-11-06
[ MDVSA-2012:159 ] freeradius 2012-10-03CVE-2013-4788 - Eglibc PTR MANGLE bug 2013-07-15
[ MDVSA-2012:162 ] bind 2012-10-10CVE-2013-5118 - XSS Good for Enterprise iOS 2013-09-24
[ MDVSA-2012:163 ] firefox 2012-10-11CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS 2013-09-18
[ MDVSA-2012:164 ] libxslt 2012-10-11CVE-2013-5216 CapaSystems Performance Guard Path Traversal Vulnerability 2013-08-29
[ MDVSA-2012:165 ] graphicsmagick 2012-10-12CVE-2013-5694 Blind SQL Injection in Ops View 2013-10-28
[ MDVSA-2012:166 ] bacula 2012-10-12CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete 2014-01-14
[ MDVSA-2012:167 ] firefox 2012-10-13CVE-2013-6430 Possible XSS when using Spring MVC 2014-01-14
[ MDVSA-2012:168 ] hostapd 2012-10-22CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater 2013-11-22
[ MDVSA-2012:169 ] java-1.6.0-openjdk 2012-11-01CVE-2013-6825 DCMTK Root Privilege escalation 2014-06-02
[ MDVSA-2012:170 ] firefox 2012-11-02CVE-2014-0160 mitigation using iptables 2014-04-09
[ MDVSA-2012:171 ] icedtea-web 2012-11-09CVE-2014-0228: Apache Hive Authorization vulnerability 2014-06-12
[ MDVSA-2012:172 ] libproxy 2012-11-19CVE-2014-1215 - Local Code Execution in CoreFTP Core FTP Server 2014-02-18
[ MDVSA-2012:173 ] firefox 2012-11-21CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive 2014-04-23
[ MDVSA-2012:174 ] libtiff 2012-11-22CVE-2014-1226 s3dvt Root shell (still) 2014-06-02
[ MDVSA-2012:175 ] libssh 2012-11-29CVE-2014-1599 - 39 Type-1 XSS in SFR DSL/Fiber Box 2014-03-05
[ MDVSA-2013:001 ] gnupg 2013-01-02CVE-2014-1785: MSIE 11 MSHTML CSpliceTreeEngine::RemoveSplice use-after-free 2016-12-20
[ MDVSA-2013:002 ] firefox 2013-01-09CVE-2014-2025 Remote Code Execution (RCE) in "Intrexx Professional" 2014-12-14
[ MDVSA-2013:003 ] rootcerts 2013-01-09CVE-2014-2026 Reflected Cross-Site Scripting (XSS) in "Intrexx Professional" 2014-12-14
[ MDVSA-2013:004 ] tomcat5 2013-01-10CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive 2014-04-23
[ MDVSA-2013:005 ] perl 2013-01-28CVE-2014-2044 - Remote Code Execution in ownCloud 2014-03-06
[ MDVSA-2013:007 ] mysql 2013-02-05CVE-2014-2232 - "Absolute Path Traversal" (CWE-36) vulnerability in "infoware MapSuite" 2014-06-01
[ MDVSA-2013:008 ] mysql 2013-02-06CVE-2014-2233 - "Server-Side Request Forgery" (CWE-918) vulnerability in "infoware MapSuite" 2014-06-01
[ MDVSA-2013:009 ] libssh 2013-02-09CVE-2014-2383 - Arbitrary file read in dompdf 2014-04-23
[ MDVSA-2013:010 ] java-1.6.0-openjdk 2013-02-11CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) 2014-06-25
[ MDVSA-2013:011 ] samba 2013-02-13CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall 2014-08-04
[ MDVSA-2013:012 ] postgresql 2013-02-15CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server 2014-04-16
[ MDVSA-2013:013 ] squid 2013-02-20CVE-2014-2735 - WinSCP: missing X.509 validation 2014-04-16
[ MDVSA-2013:018 ] openssl 2013-03-06CVE-2014-2843 - "Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "infoware MapSuite" 2014-06-01
[ MDVSA-2013:019 ] gnutls 2013-03-07CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX 2014-07-08
[ MDVSA-2013:020 ] wireshark 2013-03-08CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS 2014-05-20
[ MDVSA-2013:021 ] java-1.6.0-openjdk 2013-03-08CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS 2014-05-20
[ MDVSA-2013:022 ] openssh 2013-03-13CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS 2014-05-20
[ MDVSA-2013:023 ] coreutils 2013-03-13CVE-2014-3450 - Privilege Escalation in Panda Security 2014-05-20
[ MDVSA-2013:024 ] firefox 2013-03-13CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability 2014-08-21
[ MDVSA-2013:025 ] pidgin 2013-03-14CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects 2014-08-21
[ MDVSA-2013:026 ] sudo 2013-03-18CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014 2014-06-25
[ MDVSA-2013:027 ] clamav 2013-03-18CVE-2014-3809: Reflected XSS in Alcatel Lucent 1830 PSS-32/16/4 2014-12-01
[ MDVSA-2013:028 ] nagios 2013-03-18CVE-2014-3863 - Stored XSS in JChatSocial 2014-07-07
[ MDVSA-2013:145 ] java-1.6.0-openjdk 2013-04-19CVE-2014-3977 - Privilege Escalation in IBM AIX 2014-06-11
[ MDVSA-2013:146 ] icedtea-web 2013-04-19CVE-2014-4138: MSIE 11 MSHTML CPaste­Command::Convert­Bitmapto­Png heap-based buffer overflow 2016-12-21
[ MDVSA-2013:147 ] libarchive 2013-04-19CVE-2014-4331 OctavoCMS reflected XSS vulnerability 2014-07-09
[ MDVSA-2013:148 ] roundcubemail 2013-04-22CVE-2014-4973 - Privilege Escalation in ESET Windows Products 2014-08-20
[ MDVSA-2013:149 ] roundcubemail 2013-04-22CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service 2014-08-12
[ MDVSA-2013:150 ] mysql 2013-04-22CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java 2014-08-05
[ MDVSA-2013:152 ] subversion 2013-04-26CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request 2014-08-17
[ MDVSA-2013:153 ] subversion 2013-04-26CVE-2014-5307 - Privilege Escalation in Panda Security Products 2014-08-20
[ MDVSA-2013:154 ] util-linux 2013-04-29CVE-2014-5392 XML eXternal Entity (XXE) in "JobScheduler" 2014-09-07
[ MDVSA-2013:155 ] fuse 2013-04-29CVE-2014-5439 - Root shell on Sniffit [with exploit] 2014-11-26
[ MDVSA-2013:157 ] krb5 2013-04-30CVE-2014-5516 CSRF protection bypass in "KonaKart" Java eCommerce product 2014-09-20
[ MDVSA-2013:158 ] krb5 2013-04-30CVE-2014-6616 Softing FG-100 Webui XSS 2014-11-05
[ MDVSA-2013:159 ] clamav 2013-04-30CVE-2014-6617 Softing FG-100 Backdoor Account 2014-11-05
[ MDVSA-2013:160 ] phpmyadmin 2013-05-03CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM 2014-11-19
[ MDVSA-2013:161 ] java-1.7.0-openjdk 2013-05-06CVE-2014-7952, Android ADB backup APK injection vulnerability 2015-07-10
[ MDVSA-2013:162 ] glibc 2013-05-07CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
[ MDVSA-2013:163 ] glibc 2013-05-07CVE-2014-8487: Kony EMM insecurity Direct Object Reference 2015-02-22
[ MDVSA-2013:164 ] mesa 2013-05-13CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2 2014-11-12
[ MDVSA-2013:165 ] firefox 2013-05-15CVE-2014-8732 2014-11-12
[ MDVSA-2013:166 ] krb5 2013-05-21CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 2014-11-18
[ MDVSA-2013:167 ] openvpn 2013-05-27CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 2014-11-18
[ MDVSA-2013:168 ] python-httplib2 2013-05-27CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload 2014-11-18
[ MDVSA-2013:169 ] socat 2013-05-29CVE-2014-8779: SSH Host keys on Pexip Infinity 2015-01-29
[ MDVSA-2013:170 ] socat 2013-05-29CVE-2014-8870: Arbitrary Redirect in Tapatalk Plugin for WoltLab Burning Board 4.0 2015-01-12
[ MDVSA-2013:171 ] gnutls 2013-05-30CVE-2014-8877 - Code Injection in Wordpress CM Download Manager plugin 2014-11-20
[ MDVSA-2013:172 ] wireshark 2013-06-12CVE-2014-9129: XSS and CSRF in CM Download Manager plugin for WordPress 2014-12-02
[ MDVSA-2013:173 ] subversion 2013-06-13CVE-2014-9215 - SQL Injection in PBBoard CMS 2014-12-04
[ MDVSA-2013:179 ] firefox 2013-06-26CVE-2015-0040: Microsoft Internet Explorer 11 MSHTML CMapElement::Notify use-after-free details 2016-11-14
[ MDVSA-2013:180 ] curl 2013-06-27CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details 2016-11-22
[ MDVSA-2013:181 ] mesa 2013-06-27CVE-2015-0061 and CVE-2015-0063 (MS16-009/MS16-011) 2016-02-12
[ MDVSA-2013:182 ] mesa 2013-06-27CVE-2015-0203: Apache Qpid's qpidd can be crashed by authenticated user 2015-01-13
[ MDVSA-2013:183 ] java-1.7.0-openjdk 2013-06-27CVE-2015-0223: anonymous access to qpidd cannot be prevented 2015-01-26
[ MDVSA-2013:184 ] perl-Dancer 2013-06-27CVE-2015-0224: qpidd can be crashed by unauthenticated user 2015-01-26
[ MDVSA-2013:193 ] apache 2013-07-11CVE-2015-0955 - Stored XSS in Adobe Experience Manager (AEM) 2016-02-23
[ MDVSA-2013:194 ] kernel 2013-07-11CVE-2015-1032 Kiwix Cross-Site Scripting Vulnerability 2015-01-18
[ MDVSA-2013:196 ] java-1.6.0-openjdk 2013-07-15CVE-2015-1176-xss-osticket 2015-01-22
[ MDVSA-2013:197 ] mysql 2013-07-23CVE-2015-1177-xss-exponent 2015-01-22
[ MDVSA-2013:198 ] libxml2 2013-07-24CVE-2015-1178-xss-x-cart-ecommerce 2015-01-22
[ MDVSA-2013:211 ] lcms2 2013-08-12CVE-2015-1179-xss-mango-automation-scada 2015-01-22
[ MDVSA-2013:212 ] otrs 2013-08-13CVE-2015-1180-xss-eventsentry 2015-01-22
[ MDVSA-2013:213 ] xymon 2013-08-13CVE-2015-1251: Chrome blink Speech­Recognition­Controller use-after-free details 2016-11-23
[ MDVSA-2013:214 ] python 2013-08-21CVE-2015-1574 - Google Email App 4.2.2 remote denial of service 2015-02-13
[ MDVSA-2013:215 ] cacti 2013-08-22CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four 2015-02-14
[ MDVSA-2013:219 ] libtiff 2013-08-23CVE-2015-1600 - Netatmo Weather Station Cleartext Password Leak 2015-02-13
[ MDVSA-2013:220 ] lcms 2013-08-27CVE-2015-1614 csrf/xss in in wordpress Plugin Image Metadata cruncher 2015-02-17
[ MDVSA-2013:221 ] php 2013-08-27CVE-2015-1730: MSIE jscript9 Java­Script­Stack­Walker memory corruption details and PoC 2016-12-06
[ MDVSA-2013:222 ] puppet 2013-08-27CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability) 2015-05-21
[ MDVSA-2013:223 ] asterisk 2013-08-30CVE-2015-2482 MSIE 8 jscript RegExpBase::FBadHeader use-after-free details 2016-11-16
[ MDVSA-2013:224 ] libtiff 2013-09-02CVE-2015-3251: Apache CloudStack VM Credential Exposure 2016-02-05
[ MDVSA-2013:225 ] libdigidoc 2013-09-02CVE-2015-3252: Apache CloudStack VNC authentication issue 2016-02-05
[ MDVSA-2013:226 ] roundcubemail 2013-09-05CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability 2015-08-19
[ MDVSA-2013:227 ] python-setuptools 2013-09-09CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004 2015-06-24
[ MDVSA-2013:228 ] cacti 2013-09-10CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
[ MDVSA-2013:229 ] bzr 2013-09-10CVE-2015-4010 - Cross-site Request Forgery & Cross-site Scripting in Encrypted Contact Form Wordpress Plugin v1.0.4 2015-06-06
[ MDVSA-2013:230 ] gdm 2013-09-11CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation] 2015-06-01
[ MDVSA-2013:231 ] openswan 2013-09-12CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS] 2015-06-01
[ MDVSA-2013:232 ] libmodplug 2013-09-13CVE-2015-4084 - WordPress Free Counter Plugin [Stored XSS] 2015-05-26
[ MDVSA-2013:233 ] python-OpenSSL 2013-09-13CVE-2015-4109 - WordPress Users Ultra Plugin [SQL injection] 2015-06-05
[ MDVSA-2013:234 ] python-django 2013-09-13CVE-2015-4153 - WordPress zM Ajax Login & Register Plugin [Local File Inclusion] 2015-06-04
[ MDVSA-2013:235 ] mediawiki 2013-09-16CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders 2015-06-24
[ MDVSA-2013:236 ] subversion 2013-09-17CVE-2015-4670 - AjaxControlToolkit File Upload Directory Traversal 2015-07-13
[ MDVSA-2013:238 ] wireshark 2013-09-19CVE-2015-4674 - TimeDoctor autoupdate over plain-HTTP 2015-06-29
[ MDVSA-2013:239 ] wordpress 2013-09-19CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine 2015-09-25
[ MDVSA-2013:240 ] glpi 2013-09-25CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine 2015-09-25
[ MDVSA-2013:241 ] perl-Crypt-DSA 2013-09-25CVE-2015-5076 - Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine 2015-09-25
[ MDVSA-2013:242 ] kernel 2013-09-26CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS 2016-04-27
[ MDVSA-2013:244 ] davfs2 2013-09-30CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS 2016-04-27
[ MDVSA-2013:245 ] proftpd 2013-10-03CVE-2015-5255: SSRF vulnerability in Apache Flex BlazeDS 4.7.1 2015-11-23
[ MDVSA-2013:246 ] openjpa 2013-10-07CVE-2015-5344 - Apache Camel medium disclosure vulnerability 2016-01-30
[ MDVSA-2013:247 ] gnupg 2013-10-10CVE-2015-5348 - Apache Camel medium disclosure vulnerability 2015-12-17
[ MDVSA-2013:248 ] xinetd 2013-10-10CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth 2015-09-21
[ MDVSA-2013:249 ] libraw 2013-10-10CVE-2015-5378 2015-11-06
[ MDVSA-2013:262 ] python-pycrypto 2013-10-28CVE-2015-5379: Axigen XSS vulnerability for html attachments 2015-07-21
[ MDVSA-2013:263 ] roundcubemail 2013-10-29CVE-2015-5603: JIRA and the HipChat For JIRA plugin - Velocity Template Injection 2015-09-02
[ MDVSA-2013:264 ] firefox 2013-10-31CVE-2015-5619 2015-11-06
[ MDVSA-2013:265 ] kernel 2013-11-10CVE-2015-5699 - Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation 2015-08-18
[ MDVSA-2013:266 ] java-1.6.0-openjdk 2013-11-19CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability 2015-10-02
[ MDVSA-2013:267 ] java-1.7.0-openjdk 2013-11-19CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability 2015-11-16
[ MDVSA-2013:268 ] torque 2013-11-19CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins 2015-08-26
[ MDVSA-2013:269 ] firefox 2013-11-20CVE-2015-6576: Bamboo - Deserialisation resulting in remote code execution 2015-10-23
[ MDVSA-2013:270 ] nss 2013-11-20CVE-2015-7319 - SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
[ MDVSA-2013:271 ] pmake 2013-11-21CVE-2015-7320 - Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
[ MDVSA-2013:272 ] poppler 2013-11-21CVE-2015-7326 (XXE vulnerability in Milton Webdav) 2015-11-02
[ MDVSA-2013:273 ] libjpeg 2013-11-21CVE-2015-7377: Unauthenticated Reflected XSS in Pie Register WordPress Plugin 2015-10-12
[ MDVSA-2013:274 ] libjpeg 2013-11-21CVE-2015-7521: Apache Hive authorization bug disclosure (update) 2016-02-18
[ MDVSA-2013:275 ] krb5 2013-11-21CVE-2015-7521: Apache Hive authorization bug disclosure 2016-01-28
[ MDVSA-2013:276 ] curl 2013-11-21CVE-2015-7682: Multiple Blind SQL Injections in Pie Register WordPress Plugin 2015-10-12
[ MDVSA-2013:277 ] lighttpd 2013-11-21CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin 2015-10-12
[ MDVSA-2013:278 ] samba 2013-11-21CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver 2015-10-29
[ MDVSA-2013:287 ] drupal 2013-11-26CVE-2015-7724 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver 2015-10-29
[ MDVSA-2014:001 ] kernel 2014-01-13CVE-2015-7944, CVE-2015-7945 - Ganeti Security Advisory (DoS, Unauthenticated Info Leak) 2016-01-04
[ MDVSA-2014:002 ] bind 2014-01-16CVE-2015-8131: Kibana CSRF vulnerability 2015-11-18
[ MDVSA-2014:003 ] nrpe 2014-01-16CVE-2015-8396: GDCM buffer overflow in ImageRegionReader::ReadIntoBuffer 2016-01-11
[ MDVSA-2014:004 ] nagios 2014-01-16CVE-2015-8397: GDCM out-of-bounds read in JPEGLSCodec::DecodeExtent 2016-01-11
[ MDVSA-2014:005 ] ejabberd 2014-01-16CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input 2016-02-25
[ MDVSA-2014:006 ] libxslt 2014-01-16CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-01
[ MDVSA-2014:011 ] java-1.7.0-openjdk 2014-01-20CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-26
[ MDVSA-2014:012 ] nss 2014-01-20CVE-2016-1518: GrandStream Android VoIP Phone / App Provisioning Vulnerability 2016-03-17
[ MDVSA-2014:013 ] libxfont 2014-01-21CVE-2016-1519: GrandStream Android VoIP App TLS MitM Vulnerability 2016-03-17
[ MDVSA-2014:014 ] php 2014-01-21CVE-2016-1520: GrandStream Android VoIP App Update Redirection 2016-03-17
[ MDVSA-2014:015 ] cups 2014-01-22CVE-2016-2166: Apache Qpid Proton python binding silently ignores request for 'amqps' if SSL/TLS not supported 2016-03-23
[ MDVSA-2014:016 ] spice 2014-01-22CVE-2016-2191: optipng: invalid write 2016-04-04
[ MDVSA-2014:017 ] net-snmp 2014-01-22CVE-2016-2385 Kamailio SEAS module heap buffer overflow 2016-03-30
[ MDVSA-2014:020 ] x11-server 2014-01-22CVE-2016-2783 - Avaya VOSS/VSP Release 4.1.0.0 Vulnerable to SPB Traffic traversal 2016-07-27
[ MDVSA-2014:035 ] libpng 2014-02-17CVE-2016-2784: CMS Made Simple < 2.1.3 & < 1.12.2 Web server Cache Poisoning 2016-05-04
[ MDVSA-2014:036 ] varnish 2014-02-17CVE-2016-3074: libgd: signedness vulnerability 2016-04-21
[ MDVSA-2014:038 ] kernel 2014-02-17CVE-2016-3078: php: integer overflow in ZipArchive::getFrom* 2016-04-28
[ MDVSA-2014:039 ] libgadu 2014-02-18CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details 2016-11-18
[ MDVSA-2014:040 ] puppet 2014-02-18CVE-2016-3672 - Unlimiting the stack not longer disables ASLR 2016-04-06
[ MDVSA-2014:045 ] libtar 2014-02-20CVE-2016-4021: pgpdump 0.29 - Endless loop parsing specially crafted input (SYSS-2016-030) 2016-04-18
[ MDVSA-2014:046 ] phpmyadmin 2014-02-21CVE-2016-4264 Adobe ColdFusion <= 11 XXE Vulnerability 2016-09-07
[ MDVSA-2014:048 ] gnutls 2014-03-10CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection 2016-05-03
[ MDVSA-2014:049 ] subversion 2014-03-10CVE-2016-4484: - Cryptsetup Initrd root Shell 2016-11-14
[ MDVSA-2014:050 ] wireshark 2014-03-10CVE-2016-6804 Apache OpenOffice Windows Installer Untrusted Search Path 2016-10-25
[ MDVSA-2014:067 ] openssl 2014-04-09CVE-2016-6809 â?? Arbitrary Code Execution Vulnerability in Apache Tikaâ??s MATLAB Parser 2016-11-10
[ MDVSA-2014:068 ] openssh 2014-04-09CVE-2016-6920 ffmpeg exr file Heap Overflow 2016-09-07
[ MDVSA-2014:069 ] perl-YAML-LibYAML 2014-04-09CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used 2016-12-05
[ MDVSA-2014:070 ] yaml 2014-04-09CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom 2016-12-16
[ MDVSA-2014:071 ] yaml 2014-04-09CVE-2016-9277: A IDX Out of Bound vulnerability in systemui can make crash and ui restart 2016-11-12
[ MDVSA-2014:072 ] php-ZendFramework 2014-04-09CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application 2017-01-12
[ MDVSA-2014:073 ] file 2014-04-09CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic. 2013-09-30
[ MDVSA-2014:075 ] php 2014-04-10CWM (dettaglio-prodotto.asp?id) Remote SQL injection Vulnerability 2011-08-30
[ MDVSA-2014:076 ] a2ps 2014-04-10CyberArk User Enumeration - Multiple vulnerabilities 2013-08-29
[ MDVSA-2014:078 ] asterisk 2014-04-16CyberCop Scanner Smbgrind v5.5 Buffer Overflow 2016-02-16
[ MDVSA-2014:079 ] json-c 2014-04-17Cyberoam advisory 2012-07-03
[ MDVSA-2014:087 ] php 2014-05-15Cyberoam Central Console v02.03.1 - Multiple Persistent Vulnerabilities 2016-04-25
[ MDVSA-2014:088 ] python-lxml 2014-05-15Cyberoam Central Console v2.00.2 - File Include Vulnerability 2012-02-07
[ MDVSA-2014:089 ] nagios 2014-05-16Cyberoam iview UTM v0.1.2.7 - (Ajax) XSS Web Vulnerability 2016-10-05
[ MDVSA-2014:091 ] cups 2014-05-16Cyberoam Unified Threat Management: Insecure Password Handling 2012-03-21
[ MDVSA-2014:092 ] cups 2014-05-16Cyberoam Unified Threat Management: OS Command Execution 2012-03-21
[ MDVSA-2014:093 ] couchdb 2014-05-16Сross-Site Request Forgery (CSRF) in TestLink 2012-09-05
[ MDVSA-2014:094 ] rxvt-unicode 2014-05-16Сross-Site Request Forgery (CSRF) in XCloner Standalone 2014-04-09
[ MDVSA-2014:095 ] struts 2014-05-16Сross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin 2014-04-02
[ MDVSA-2014:096 ] python-jinja2 2014-05-16DAEMON Tools IOCTL local denial-of-service vulnerability 2011-10-17
[ MDVSA-2014:097 ] libvirt 2014-05-16Dahua DVR Authentication Bypass - CVE-2013-6117 2013-11-13
[ MDVSA-2014:098 ] rawtherapee 2014-05-16Data Center Foz (product_cat.php?CATEGORIA_ID) Remote SQL injection Vulnerability 2011-08-23
[ MDVSA-2014:099 ] dovecot 2014-05-16Data Source: Scopus CMS - SQL Injection Web Vulnerability 2015-02-26
[ MDVSA-2014:100 ] java-1.7.0-openjdk 2014-05-16Dataminas (noticias.php?categoria_id) (galeria.php?galeria_id) Remote SQL injection Vulnerability 2011-08-23
[ MDVSA-2014:101 ] owncloud 2014-05-16DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
[ MDVSA-2014:102 ] mariadb 2014-05-16DataWatch Monarch BI v5.1 admin section reflected cross-site scripting 2012-07-30
[ MDVSA-2014:103 ] wordpress 2014-05-16DataWatch Monarch Business Intelligence (BI) v5.1 Admin Section Blind XPath Injection 2012-07-30
[ MDVSA-2014:104 ] egroupware 2014-05-16DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting 2012-07-30
[ MDVSA-2014:106 ] openssl 2014-06-09DataWatch Monarch Business Intelligence (BI) v5.1 Blind SQL injection 2012-07-30
[ MDVSA-2014:107 ] libtasn1 2014-06-09DataWatch Monarch Business Intelligence (BI) v5.1 client section stored cross-site scripting 2012-07-30
[ MDVSA-2014:108 ] gnutls 2014-06-09Datriks Solutions (prodotto.php?id) (dettaglio_socio.php?id) Remote SQL injection Vulnerability 2011-08-28
[ MDVSA-2014:109 ] gnutls 2014-06-09David Black (dblack atlassian com) 
[ MDVSA-2014:110 ] curl 2014-06-10Dawid Golunski (dawid legalhackers com) 
[ MDVSA-2014:111 ] otrs 2014-06-10DbNinja 3.2.6 Flash XSS Vulnerabilities 2015-05-28
[ MDVSA-2014:112 ] python-django 2014-06-10DC4420 - 2013 CFP 2013-01-16
[ MDVSA-2014:118 ] emacs 2014-06-10DC4420 - London DEFCON - 13 December 2011 2011-12-08
[ MDVSA-2014:119 ] mediawiki 2014-06-10DC4420 - London DEFCON - 24 January 2012 2012-01-20
[ MDVSA-2014:120 ] miniupnpc 2014-06-10DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013 2013-04-18
[ MDVSA-2014:121 ] libgadu 2014-06-10DC4420 - London DEFCON - April meet - Tuesday April 24th 2012 2012-04-20
[ MDVSA-2014:124 ] kernel 2014-06-13DC4420 - London DEFCON - August Meet - Tuesday 27th August 2013 2013-08-26
[ MDVSA-2014:126 ] phpmyadmin 2014-07-08DC4420 - London DEFCON - February meet - Tuesday February 21st 2012 2012-02-20
[ MDVSA-2014:127 ] gnupg 2014-07-09DC4420 - London DEFCON - January 2013 meet. Tuesday 29th January 2013 2013-01-23
[ MDVSA-2014:128 ] iodine 2014-07-09DC4420 - London DEFCON - January meet - Tuesday 28th January 2014 2014-01-27
[ MDVSA-2014:129 ] ffmpeg 2014-07-09DC4420 - London DEFCON - July meet - Tuesday 19th July 2011 2011-07-13
[ MDVSA-2014:130 ] php 2014-07-09DC4420 - London DEFCON - July meet - Tuesday July 17th 2012 2012-07-16
[ MDVSA-2014:131 ] file 2014-07-09DC4420 - London DEFCON - June meet - Lightning Talks!!! - Tuesday 25th June 2013 2013-06-21
[ MDVSA-2014:132 ] libxfont 2014-07-09DC4420 - London DEFCON - June meet - Tuesday 21st June 2011 2011-06-14
[ MDVSA-2014:133 ] gd 2014-07-10DC4420 - London DEFCON - June meet - Tuesday June 19th 2012 2012-06-18
[ MDVSA-2014:134 ] liblzo 2014-07-10DC4420 - London DEFCON - March meet - Tuesday 26th March 2013 2013-03-22
[ MDVSA-2014:135 ] python 2014-07-10DC4420 - London DEFCON - May meet - Tuesday 28th May 2013 2013-05-26
[ MDVSA-2014:138 ] asterisk 2014-07-11DC4420 - London DEFCON - May meet - Tuesday May 22nd 2012 2012-05-21
[ MDVSA-2014:139 ] nss 2014-07-29DC4420 - London DEFCON - November 2011 meet - Tuesday 15th November 2011-11-09
[ MDVSA-2014:140 ] owncloud 2014-07-29DC4420 - London DEFCON - November meet - Tuesday 20th November 2012-11-16
[ MDVSA-2014:141 ] java-1.7.0-openjdk 2014-07-29DC4420 - London DEFCON - October meet - tomorrow, Tuesday 23rd October. 2012-10-22
[ MDVSA-2014:143 ] phpmyadmin 2014-07-30DC4420 - London DEFCON - October meet - Tuesday October 18th 2011 2011-10-14
[ MDVSA-2014:144 ] live 2014-07-30DC4420 (DefCon London) meeting next Tuesday, 26th November 2013 2013-11-21
[ MDVSA-2014:147 ] sendmail 2014-07-31DDIVRT-2011-32 Axway SecureTransport '/icons/' Directory Traversal 2011-08-29
[ MDVSA-2014:148 ] dbus 2014-07-31DDIVRT-2011-33 IBM WebSphere Application Server 'help' Servlet Plug-in Bundle Directory Traversal [CVE-2011-1359] 2011-10-31
[ MDVSA-2014:149 ] php 2014-08-06DDIVRT-2011-34 Metropolis Technologies OfficeWatch Directory Traversal 2011-10-03
[ MDVSA-2014:151 ] cups 2014-08-06DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal [CVE-2011-3315] 2011-10-26
[ MDVSA-2014:152 ] glibc 2014-08-06DDIVRT-2011-36 Cybele Software, Inc. ThinVNC Product Suite Arbitrary File Retrieval 2011-10-03
[ MDVSA-2014:153 ] mediawiki 2014-08-06DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal (CVE-2011-4785) 2012-01-09
[ MDVSA-2014:154 ] readline 2014-08-06DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection 2011-12-07
[ MDVSA-2014:157 ] ipython 2014-08-08DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass 2012-01-23
[ MDVSA-2014:158 ] openssl 2014-08-08DDIVRT-2012-40 PacketVideo TwonkyServer and TwonkyMedia Directory Traversal 2012-04-26
[ MDVSA-2014:159 ] wireshark 2014-08-08DDIVRT-2012-41 ACTi Web Configurator cgi-bin Directory Traversal 2012-04-26
[ MDVSA-2014:160 ] gpgme 2014-09-02DDIVRT-2012-42 Novell GroupWise Agents Arbitrary File Retrieval (CVE-2012-0419) 2012-09-21
[ MDVSA-2014:161 ] subversion 2014-09-02DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass 2012-05-29
[ MDVSA-2014:162 ] catfish 2014-09-02DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection 2012-05-16
[ MDVSA-2014:163 ] python-imaging 2014-09-02DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal 2013-03-15
[ MDVSA-2014:164 ] phpmyadmin 2014-09-02DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion 2013-03-06
[ MDVSA-2014:165 ] krb5 2014-09-02DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities 2013-05-09
[ MDVSA-2014:166 ] serf 2014-09-02Debut issue of Web App Pentesting Magazine - Free Download! 2011-11-22
[ MDVSA-2014:167 ] file 2014-09-02dedacom (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-16
[ MDVSA-2014:168 ] libvncserver 2014-09-02DeepSec "Sector v6" - Call for Papers 2012-02-26
[ MDVSA-2014:169 ] bugzilla 2014-09-02DeepSec 2011 Conference - Final Schedule Published 2011-09-29
[ MDVSA-2014:170 ] jakarta-commons-httpclient 2014-09-02DEF CON 20 Capture the Flag Announcement 2012-02-06
[ MDVSA-2014:171 ] dhcpcd 2014-09-02DEFCON London - DC4420 - June CFP - Lightning talks!!! - Tuesday 25th June 2013 2013-06-07
[ MDVSA-2014:172 ] php 2014-09-03Defense in depth -- the Microsoft way (part 11): privilege escalation for dummies 2013-10-01
[ MDVSA-2014:173 ] busybox 2014-09-03Defense in depth -- the Microsoft way (part 15): unquoted arguments in 120 (of 462) command lines 2014-05-28
[ MDVSA-2014:174 ] apache 2014-09-04Defense in depth -- the Microsoft way (part 22): no DEP in Windows' filesystem (and ASLR barely used) 2014-11-27
[ MDVSA-2014:180 ] gnupg 2014-09-22Defense in depth -- the Microsoft way (part 23): two quotes or not to quote... 2014-12-13
[ MDVSA-2014:190 ] bash 2014-09-26Defense in depth -- the Microsoft way (part 26): "Set Program Access and Computer Defaults" hides applications like Outlook 2014-12-30
[ MDVSA-2014:194 ] phpmyadmin 2014-10-03Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames) 2015-02-19
[ MDVSA-2014:195 ] libvirt 2014-10-03Defense in depth -- the Microsoft way (part 32): yet another (trivial) UAC bypass resp. privilege escalation 2015-09-04
[ MDVSA-2014:213 ] curl 2014-11-18Defense in depth -- the Microsoft way (part 33): arbitrary code execution (and UAC bypass) via RegEdit.exe 2015-09-08
[ MDVSA-2014:214 ] dbus 2014-11-18Defense in depth -- the Microsoft way (part 35): Windows Explorer ignores "Run as administrator" ... 2015-09-19
[ MDVSA-2014:216 ] php-ZendFramework 2014-11-20Defense in depth -- the Microsoft way (part 38): does Microsoft follow their own security guidance/advisories? 2016-01-15
[ MDVSA-2014:217 ] clamav 2014-11-20Defense in depth -- the Microsoft way (part 39): vulnerabilities, please meet the bar for security servicing 2016-03-15
[ MDVSA-2014:218 ] asterisk 2014-11-21Defense in depth -- the Microsoft way (part 4) 2013-07-22
[ MDVSA-2014:219 ] srtp 2014-11-21Defense in depth -- the Microsoft way (part 41): vulnerable by (poor implementation of bad) design 2016-07-23
[ MDVSA-2014:220 ] qemu 2014-11-21Defense in depth -- the Microsoft way (part 42): Sysinternals utilities load and execute rogue DLLs from %TEMP% 2016-08-11
[ MDVSA-2014:221 ] php-smarty 2014-11-21Defense in depth -- the Microsoft way (part 44): complete failure of Windows Update 2016-10-20
[ MDVSA-2014:222 ] libvirt 2014-11-21Defense in depth -- the Microsoft way (part 45): filesystem redirection fails to redirect the application directory 2016-10-20
[ MDVSA-2014:223 ] wireshark 2014-11-21Defense in depth -- the Microsoft way (part 7): executable files in data directories 2013-08-17
[ MDVSA-2014:224 ] krb5 2014-11-21Defense in depth -- the Microsoft way (part 8): execute everywhere! 2013-08-24
[ MDVSA-2014:227 ] ffmpeg 2014-11-25Defense in depth -- the Microsoft way 2013-05-19
[ MDVSA-2014:229 ] libvncserver 2014-11-26DefenseCode Security Advisory (UPCOMING): Cisco Linksys Remote Preauth 0day Root Exploit 2013-01-10
[ MDVSA-2014:230 ] kernel 2014-11-27DefenseCode Security Advisory: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability 2013-01-31
[ MDVSA-2014:231 ] icecast 2014-11-27DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up 2013-02-06
[ MDVSA-2014:232 ] glibc 2014-11-27Dell IT Assistant detectIESettingsForITA.ocx ActiveX Control readRegVal() Remote Registry Dump Vulnerability 2011-07-13
[ MDVSA-2014:233 ] wordpress 2014-11-27Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities 2013-07-22
[ MDVSA-2014:234 ] libksba 2014-11-28Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities 2013-07-16
[ MDVSA-2014:235 ] perl-Plack 2014-11-28Dell Netvault Backup Remote Denial of Service 2015-07-30
[ MDVSA-2014:236 ] file 2014-11-28Dell PacketTrap MSP RMM 6.6.x - Multiple Persistent Web Vulnerabilities 2013-07-18
[ MDVSA-2014:237 ] perl-Mojolicious 2014-11-28DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability 2015-12-22
[ MDVSA-2014:238 ] bind 2014-12-13Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability 2016-02-03
[ MDVSA-2014:239 ] flac 2014-12-14Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities 2014-03-27
[ MDVSA-2014:242 ] yaml 2014-12-14Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation 2015-08-24
[ MDVSA-2014:243 ] phpmyadmin 2014-12-14Dell Webcam Software Bundled ActiveX Control CrazyTalk4Native.dll sprintf Remote Buffer Overflow Vulnerability 2012-03-19
[ MDVSA-2014:244 ] openafs 2014-12-14Dennis E. Hamilton (orcmid apache org) 
[ MDVSA-2014:245 ] mutt 2014-12-14DenyHosts 'regex.py' Remote Denial of Service Vulnerability
[ MDVSA-2014:246 ] openvpn 2014-12-14Department of Transport UK - SQL Injection Vulnerability 2013-08-29
[ MDVSA-2014:247 ] jasper 2014-12-14Detailed examples of two vulnerabilities in whitelisting software: SE46 (Cryptzone) and Application Control (McAfee) 2013-01-10
[ MDVSA-2014:248 ] graphviz 2014-12-14Details for CVE-2014-0220 2014-06-05
[ MDVSA-2014:249 ] qemu 2014-12-14Deutsche Telekom CERT Advisory [DTC-A-20140324-002] update140328 - vulnerabilities in check_mk 2014-03-28
[ MDVSA-2014:250 ] cpio 2014-12-14Deutsche Telekom CERT Advisory [DTC-A-20140820-001] check_mk vulnerabilities 2014-08-20
[ MDVSA-2014:251 ] rpm 2014-12-14Device Inspector v1.5 iOS - Command Inject Vulnerabilities 2015-08-07
[ MDVSA-2014:252 ] nss 2014-12-15Dexanet Remote SQL injection Vulnerability 2011-08-30
[ MDVSA-2014:253 ] apache-mod_wsgi 2014-12-15DIMVA 2013 - Extended deadline for paper submission: February 17, 2013! 2013-02-07
[ MDVSA-2015:001 ] c-icap 2015-01-05Dir2web3 Mutiple Vulnerabilities 2012-08-05
[ MDVSA-2015:002 ] pcre 2015-01-05Directadmin ControlPanel 1.50.0 Version Xss Vulnerability 2016-04-09
[ MDVSA-2015:003 ] ntp 2015-01-05Directadmin ControlPanel 1.50.0 Version Xss Vulnerability 2016-04-10
[ MDVSA-2015:004 ] php 2015-01-05Directadmin ControlPanel 1.50.1 Cross-Site-Scripting Vulnerability 2017-01-10
[ MDVSA-2015:005 ] subversion 2015-01-05Directadmin ControlPanel 1.50.1 denial of service Vulnerability 2017-01-10
[ MDVSA-2015:006 ] mediawiki 2015-01-08DirectAdmin v1.403 - Cross Site Scripting Vulnerability 2012-04-02
[ MDVSA-2015:007 ] unrtf 2015-01-08DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities 2012-04-26
[ MDVSA-2015:008 ] pwgen 2015-01-08Directory Traversal Vulnerability in ColoradoFTP v1.3 Prime Edition (Build 8) 2016-08-11
[ MDVSA-2015:009 ] krb5 2015-01-08dirtycow dirtcow ninja 
[ MDVSA-2015:010 ] file 2015-01-08Disassembling .NET Client Challenge 2011-09-09
[ MDVSA-2015:011 ] nail 2015-01-08Distimo Monitor 6.0 - Multiple Cross Site Vulnerabilities 2012-08-01
[ MDVSA-2015:012 ] jasper 2015-01-08DIY CMS v1.0 Poll - Multiple Web Vulnerabilities 2012-04-26
[ MDVSA-2015:013 ] znc 2015-01-08Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability 2016-04-14
[ MDVSA-2015:014 ] libjpeg 2015-01-08Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability 2016-04-25
[ MDVSA-2015:015 ] sox 2015-01-08D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities 2015-02-26
[ MDVSA-2015:016 ] unzip 2015-01-08D-Link DAP-1320 Wireless Range Extender Directory Traversal and XSS Vulnerabilities 2014-04-17
[ MDVSA-2015:017 ] libevent 2015-01-08Dlink DGL5500 Un-Authenticated Buffer overflow in HNAP functionality 2015-11-13
[ MDVSA-2015:018 ] asterisk 2015-01-08Dlink DIR-601 Command injection in ping functionality 2015-11-13
[ MDVSA-2015:020 ] libssh 2015-01-12D-Link DIR-601 TFTP Directory Traversal Vulnerability 2012-01-25
[ MDVSA-2015:021 ] curl 2015-01-12Dlink DIR-615 Authenticated Buffer overflow in Ping and Send email functionality 2015-11-13
[ MDVSA-2015:022 ] wireshark 2015-01-12Dlink DIR-645 UPNP Buffer Overflow 2015-11-13
[ MDVSA-2015:023 ] libvirt 2015-01-15Dlink DIR-815 Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
[ MDVSA-2015:024 ] libsndfile 2015-01-15Dlink DIR-817LW Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
[ MDVSA-2015:025 ] mpfr 2015-01-15Dlink DIR-818W Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
[ MDVSA-2015:026 ] untrf 2015-01-15Dlink DIR-825 (vC) Buffer overflows in authentication,HNAP and ping functionalities and also directory traversal issue exists 2015-11-13
[ MDVSA-2015:027 ] kernel 2015-01-16Dlink DIR-866L Buffer overflows in HNAP and send email functionalities 2015-11-13
[ MDVSA-2015:039 ] glibc 2015-02-10Dlink DIR-880L Buffer overflows in authenticatio and HNAP functionalities. 2015-11-13
[ MDVSA-2015:040 ] zarafa 2015-02-10Dlink DIR-890L/R Buffer overflows in authentication and HNAP functionalities. 2015-11-13
[ MDVSA-2015:041 ] cabextract 2015-02-10D-Link DIR-XXX remote root access exploit. 2013-12-02
[ MDVSA-2015:042 ] clamav 2015-02-10D-Link DSP-W110 - multiple vulnerabilities 2015-06-11
[ MDVSA-2015:043 ] otrs 2015-02-10D-Link SecuriCam DCS-5605 Network Surveillance ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Vulnerability 2012-03-28
[ MDVSA-2015:044 ] perl-Gtk2 2015-02-12Dlink SSDP command injection using UDP for a lot of Dlink routers including DIR-815, DIR-850L 2015-11-13
[ MDVSA-2015:045 ] e2fsprogs 2015-02-12D-link wireless router DIR-816L Cross-Site Request Forgery (CSRF) vulnerability 2015-11-14
[ MDVSA-2015:046 ] ntp 2015-02-12DLL side loading vulnerability in VMware Host Guest Client Redirector 2016-08-05
[ MDVSA-2015:047 ] elfutils 2015-02-12DNN (DotNetNuke®) ASPSlideshow Module Arbitrary File Download Vulnerability 2014-06-09
[ MDVSA-2015:048 ] postgresql 2015-02-12DNN (DotNetNuke®) CodeEditor Module Arbitrary File Download Vulnerability 2014-06-09
[ MDVSA-2015:049 ] cups 2015-03-02DNN (DotNetNuke®) dnnUI_NewsArticlesSlider Module Arbitrary File Download Vulnerability 2014-06-09
[ MDVSA-2015:052 ] tomcat 2015-03-03DNN (DotNetNuke®) EasyDnnGallery Module Arbitrary File Download Vulnerability 2014-06-09
[ MDVSA-2015:054 ] bind 2015-03-04DNN (DotNetNuke®) eventscalendar Module Arbitrary File Download Vulnerability 2014-06-09
[ MDVSA-2015:055 ] freetype2 2015-03-04DNN (DotNetNuke®) responsivesidebar Module Arbitrary File Download Vulnerability 2014-06-09
[ PayPal ] : 36View yourDNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config 2014-08-25
[ PayPal ] : 39View yourDNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config 2014-08-25
[ PayPal ] : View your recentDNS Poisoning via Port Exhaustion 2011-10-18
[ Paypal ] Your account willdns_dhcp Web Interface SQL Injection 2016-05-14
[ WELLS FARGO ] IMPORTANTDocebo LMS 6.9 - (Moxie) API Calls RST Remote Code Execution Vulnerability 2016-08-02
[#9384-BDA]Docker 1.3.2 - Security Advisory [24 Nov 2014] 2014-11-24
[0day] net2ftp multiple XSS on unauthenticated users 2016-08-05Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities 2016-03-31
[2.0 Update] Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability 2012-08-15Docker UI v0.10.0 - Multiple Persistent Vulnerabilities 2016-03-31
[2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability 2013-05-08Dogma India dogmaindia CMS - Auth Bypass Vulnerability 2015-08-28
[2.0 Update] Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client 2012-09-19DokuWiki Ver.2012/01/25 CSRF Add User Exploit 2012-04-17
[AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability 2015-01-28Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities 2012-02-10
[ANN] Apache Struts 2.3.20 GA release available with security fix 2014-12-08Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities 2012-02-10
[ANN] MSKB 3004375 available for Windows 2000 and later too (but NOT from Mcirosoft) 2015-02-11Dolphin <= 7.0.7 (member_menu_queries.php) Remote PHP Code Injection 2011-10-18
[ANN] Struts 2.3.14.1 GA (fast track | security) 2013-05-23Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities 2012-02-20
[ANN] Struts 2.3.14.3 GA (fast-track) release available 2013-06-05DomsHttpd 1.0 <= Remote Denial Of Service 2012-07-17
[ANN] Struts 2.3.15.2 GA release available - security fix 2013-09-21DoodleIT (gallery.php?id) (about.php?id) Remote SQL injection Vulnerability 2011-08-13
[ANN] Struts 2.3.16.1 GA release available - security fix 2014-03-06DornCMS Application v1.4 - Multiple Web Vulnerabilities 2013-10-15
[ANN] Struts 2.3.16.2 GA release available - security fix 2014-04-26DornCMS v1.4 - (FileManager) Persistent Cross Site Scripting Vulnerability 2016-07-27
[Annoucement] ClubHack Magazine - Call for Articles 2011-06-13Dorsa Web CMS - Multiple SQL Injection Vulnerabilities 2016-03-31
[Annoucement] ClubHack Magazine - Call for Articles 2011-07-13DoS attacks (ICMPv6-based) resulting from IPv6 EH drops 2014-08-22
[Annoucement] ClubHack Magazine - Call for Articles 2011-08-15DotComEgypt (products.php?cat_id) Remote SQL injection Vulnerability 2011-07-26
[Announce] Apache HTTP Server 2.2.22 Released 2012-01-31dotDefender Firewall CSRF 2016-02-10
[ANNOUNCE] Apache Traffic Server releases for security incident CVE-2012-0256 2012-03-22Dow Group (dynamic.php?id) (sub.php?solutioncat_id) (news_desc.php?id) (product.php?id) Remote SQL injection Vulnerability 2011-07-27
[ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities 2015-11-06Download Lite v4.3 iOS - Persistent File Web Vulnerability 2013-07-19
[ANNOUNCE][CVE-2016-0779] Apache TomEE 1.7.4 and 7.0.0-M3 releases 2016-03-15Downloads Folder: A Binary Planting Minefield 2012-02-17
[ANNOUNCE][CVE-2016-6802] Apache Shiro 1.3.2 released 2016-09-13dpconsulenze (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-16
[Announcement] ClubHack 2011 Hacking and Security Conference 2011-11-13Dr. Web Control Center Admin UI Remote Script Code Injection 2012-07-30
[Announcement] ClubHack Mag - Call for Articles 2012-01-16DRAM unreliable under specific access patern 2014-12-24
[Announcement] ClubHack Mag - Call for Articles 2012-02-11Dreammail 5 mail client XSS Vulnerability 2016-07-22
[Announcement] ClubHack Mag - Call for Articles 2012-03-16Dropbear SSH server use-after-free vulnerability 2012-02-24
[Announcement] ClubHack Mag Issue 20- September 2011 Released 2011-09-05Dropbox 6.4.14 DLL Hijacking Vulnerability 2016-07-26
[Announcement] ClubHack Mag Issue 21- October 2011 Released 2011-10-10Drupal 7.14 <= Full Path Disclosure Vulnerability (Update) 2012-05-10
[Announcement] ClubHack Mag Issue 22- Nov 2011 Released 2011-11-13Drupal 7.14 <= Full Path Disclosure Vulnerability 2012-05-10
[Announcement] ClubHack Mag Issue 24-Jan 2012 Released 2012-01-13Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS 2012-01-18
[Announcement] ClubHack Magazine - Call for Articles 2011-09-12Drupal Node View Permissions module and Flag module Vulnerabilities 2013-08-29
[Announcement] ClubHack Magazine - Call for Articles 2011-10-17DS3 Authentication Server - Multiple Issues 2013-06-01
[Announcement] ClubHACK Magazine Issue 17-June 2011 released 2011-06-09DSECRG-11-023 SAP NetWeaver SLD - Information Disclosure 2011-06-27
[Announcement] ClubHack Magazine Issue 18-July2011 Released 2011-07-12DSS TFTP 1.0 Server - Path Traversal Vulnerability 2015-02-26
[Announcement] ClubHack Magazine Issue 29, June 2012 Released 2012-06-20DUO Security push Timing Attack 2015-06-18
[Announcement] ClubHack Magazine's Aug 2012 Issue Released 2012-08-14Duplicator Wordpress Plugin - Source Code And Database Dump Via CSRF Vulnerability 2016-02-10
[Announcement] ClubHack Magazine's July 2012 Issue Released 2012-07-19DW Question Answer Stored XSS Vulnerability 2016-03-11
[Announcement] ClubHack Magazine's Sept 2012 Issue Out 2012-09-20EarthVPN certificate configuration vulnerabilities 2013-09-17
[Announcement] CHMag - Call for Articles 2012-09-25Easy Blog by JM LLC - Multiple Vulnerabilities 2013-07-24
[Announcement] CHMag's Issue 28, May 2012 Released 2012-05-21Easy file sharing web server - persist XSS in forum msgs 2014-07-25
[Apple] Check your informationEasy FileManager 1.1 iOS - Multiple Web Vulnerabilities 2014-03-27
[BGA - SignalSEC Advisory]:Adobe Shockwave Player Remote Code Execution 2011-06-14Easy FTP Pro v4.2 iOS - Command Inject Vulnerabilities 2014-08-07
[BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE] 2012-10-31Easy Hosting Control Panel (EHCP) - Multiple Vulnerabilities 2016-03-30
[CAL-2011-0052]Adobe Shockwave Player Director File Parsing PAMM memory corruption vulnerability 2011-11-09Easy Social Share Buttons for WordPress XSS Vulnerability 2016-04-23
[CAL-2011-0054]Adobe Shockwave Player Director File Parsing data of rcsl chunk multiple DOS vulnerabilities 2011-11-09EasyContent CMS (participant.php?id) Remote SQL injection Vulnerability 2011-08-05
[CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory corruption vulnerability 2012-02-15eBank IT Online Banking - Multiple Web Vulnerabilities 2012-01-28
[CAL-2011-0071]Adobe Shockwave Player Parsing cupt atom heap overflow 2012-02-15Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities 2016-02-08
[CAL-2012-0004] opera array integer overflow 2012-02-02Ebay Inc Magento Bug Bounty #5 - Persistent Validation & Mail Encoding Web Vulnerability 2015-02-17
[CAL-2012-0015] opera website spoof 2012-06-14Ebay Inc Magento ProStore CP #4 - Filter Validation Bypass & Persistent (Payment Information) Vulnerability 2014-08-04
[CAL-2012-0023]Microsoft IE Developer Toolbar Remote Code Execution Vulnerability 2012-06-13Ebay Magento Bug Bounty #10 - Persistent Filename Vulnerability 2015-06-19
[CAL-2012-0026] Microsfot IE Same ID Property Remote Code Execution Vulnerability 2012-06-13Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability 2015-06-19
[CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300 2016-02-04Ebay Magento Bug Bounty #14 - Persistent Description Vulnerability 2015-07-01
[CFP] Hacktivity 2014 CFP is open 2014-06-16Ebay Magento Bug Bounty #17 - Client Side Cross Site Scripting Web Vulnerability 2015-06-19
[CISTI'2014]: Call for Workshops 2013-10-13Ebay Magento Bug Bounty #2 - Persistent Web Vulnerability 2016-01-27
[CORE-2013-0103] Mac OSX Server DirectoryService buffer overflow 2013-06-04eClinicalWorks (CCMR) - Multiple Vulnerabilities 2016-01-31
[CORE-2013-0805] Aloaha PDF Suite Buffer Overflow Vulnerability 2013-08-28ECommerceMajor SQL Injection Vulnerability 2015-12-13
[CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities 2013-09-06Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP Object injection vulnerability 2016-08-05
[CORE-2014-0003] - SAP Router Password Timing Attack 2014-04-16Edimax BR-6478AC & Others Multiple Vulnerabilites 2015-12-07
[CORE-2014-0005] - Advantech WebAccess Vulnerabilities 2014-09-02Editel (news-dettaglio.php?id) Remote SQL injection Vulnerability 2011-09-03
[CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow 2014-09-16Edusson (Robotdon) - Client Side Cross Site Scripting Vulnerability 2016-11-07
[CORE-2014-0008] - Advantech AdamView Buffer Overflow 2014-11-19Edusson (Robotdon) BB - Filter Bypass & Persistent Vulnerability 2016-11-07
[CORE-2014-0009] - Advantech EKI-6340 Command Injection 2014-11-19eFront <= 3.6.10 (build 11944) Multiple Security Vulnerabilities 2011-10-27
[CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow 2014-11-19eFront 3.6.15.6 CMS â?? (Message Attachment) Persistent Cross Site Scripting Vulnerability 2016-02-24
[CORE-2015-0002] - Android WiFi-Direct Denial of Service 2015-01-26eFront Educational v3.6.11 - Multiple Web Vulnerabilities 2012-09-04
[CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability 2015-05-22eFront Enterprise v3.6.11 - Multiple Web Vulnerabilities 2012-09-04
[CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection 2015-07-08eFronts Community++ v3.6.10 - Cross Site Vulnerability 2012-02-07
[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities 2015-09-01ECHO Creative Company (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-16
[CORE-2015-0014] - Microsoft Windows Media Center link file incorrectly resolved reference 2015-12-09Echosign Plugin for WordPress XSS Vulnerability 2016-04-23
[CORE-2016-0001] - Intel Driver Update Utility MiTM 2016-01-19Eight Webcom CMS (2016 Q2) - SQL Injection Vulnerability 2016-04-07
[CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities 2016-01-25Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability 2015-05-20
[CORE-2016-0003] - Samsung SW Update Tool MiTM 2016-03-09Eissing Stefan (stefan eissing gmail com) 
[CORE-2016-0004] - SAP Download Manager Password Weak Encryption 2016-03-09E-Journal CMS (ID) - Multiple Web Vulnerabilities 2014-12-18
[CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow 2016-03-16Ektron CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-009 2012-09-05
[CORE-2016-0006] - SAP CAR Multiple Vulnerabilities 2016-08-10Ektron CMS 9.10 SP1 - CSRF Vulnerability 2015-05-31
[CORE-2016-0007] - TP-LINK TDDP Multiple Vulnerabilities 2016-11-22Ektron CMS 9.10 SP1 - XSS Vulnerability 2015-05-31
[Corrected] Stored XSS Vulnerability in F5 BIG-IP Application Security Manager 2015-01-13Ektron CMS Take Over - Hijacking Accounts 2014-01-30
[CTF] nullcon HackIM 2014 will start at 24-01-2014, when the clock will strike at 11:59 (+5:30 GMT) 2014-01-24Elasticsearch CVE-2015-5377 2015-07-16
[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities] 2014-08-04Elasticsearch CVE-2015-5531 2015-07-16
[CVE-2011-2569] Cisco Nexus OS (NX-OS) - Command "injection" / sanitization issues. 2011-10-22Elasticsearch vulnerability CVE-2014-6439 2014-10-02
[CVE-2011-2712] Apache Wicket XSS vulnerability 2011-08-23Elasticsearch vulnerability CVE-2015-1427 2015-02-11
[CVE-2011-3645] Multiple vulnerability in Newgen's Omnidocs 2011-09-26Elasticsearch vulnerability CVE-2015-4165 2015-06-09
[CVE-2012-0047] Apache Wicket XSS vulnerability via pageMapName request parameter 2012-03-22Elasticsearch vulnerability CVE-2015-4165 2015-11-06
[CVE-2012-0694] SugarCRM CE <= 6.3.1 "unserialize()" PHP Code Execution 2012-06-23Elasticsearch vulnerability CVE-2015-5377 2015-11-05
[CVE-2012-0694] SugarCRM CE <= 6.3.1 "unserialize()" PHP Code Execution 2012-06-26Elastix PBX Extensions Enumeration 2011-10-01
[CVE-2012-0911] Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution 2012-07-04Elcom CMS - Community Manager Insecure File Upload Vulnerability - Security Advisory - SOS-12-008 2012-08-23
[CVE-2012-1002] OpenConf <= 4.11 (author/edit.php) Blind SQL Injection Vulnerability 2012-05-02Elefant CMS v1.3.9 - Persistent Name Update Vulnerability 2014-12-16
[CVE-2012-1089] Apache Wicket serving of hidden files vulnerability 2012-03-22Elevation of Privilege Vulnerability in MediaTek Driver ( CVE-2016-6492) 2016-07-30
[CVE-2012-1574] Apache Hadoop user impersonation vulnerability 2012-04-06Eleytt Research ER-03-2012 2012-03-08
[CVE-2012-1622] Apache OFBiz information disclosure vulnerability 2012-04-15Elgg 1.7.10 <= | Multiple Vulnerabilities 2011-08-18
[CVE-2012-2098] Apache Commons Compress and Apache Ant denial of service vulnerability 2012-05-23Elgg 1.7.9 <= | Multiple Cross Site Scripting Vulnerabilities 2011-07-30
[CVE-2012-2273] Comodo Internet Security <5.10 BSOD (Win7 x64) 2012-04-19Ellucian Banner Student Vulnerability Disclosure 2015-12-02
[CVE-2012-3238] Astaro Security Gateway <= v8.304 Persistent Cross-Site Scripting Vulnerability 2012-06-10elproLOG MONITOR WebAccess 2.1 - Multiple Web Vulnerabilities 2013-10-03
[CVE-2012-3373] Apache Wicket XSS vulnerability via manipulated URL parameter 2012-09-06Embarcadero ER/Studio XE2 Server Portal Tom Sawyer's Default GET Extension Factory ActiveX Control Remote Code Execution 2011-09-07
[CVE-2012-3376] Apache Hadoop HDFS information disclosure vulnerability 2012-07-06EMC Avamar Client for VMware Sensitive Information Disclosure Vulnerability 2012-10-26
[CVE-2012-3870] Openconstructor CMS 3.12.0 'createobject.php', 'name' and 'description' parameters Stored Cross-site Scrpting vulnerabilities 2012-08-04EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution 2013-12-10
[CVE-2012-3871] Openconstructor CMS 3.12.0 'data/hybrid/i_hybrid.php', 'header' parameter Stored Cross-site Scripting Vulnerability 2012-08-04EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532) 2015-08-17
[CVE-2012-3872] Openconstructor CMS 3.12.0 Multiple Reflected Cross-site Scrpting vulnerabilities 2012-08-04EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection 2016-04-27
[CVE-2012-3873] Openconstructor CMS 3.12.0 'id' parameter multiple SQL injection vulnerabilities 2012-08-04EMC Product Security Response Center (Security_Alert emc com) 
[CVE-2012-4501] CloudStack configuration vulnerability 2012-10-10Empirum Password Obfuscation Design Flaw 2013-02-14
[CVE-2012-4750] Ezhometech EzServer 7.0 Remote Heap Corruption Vulnerability 2012-10-13Encore Discovery Solution Multiple Vulnerability Disclosure 2014-08-27
[CVE-2012-5692] Invision Power Board <= 3.3.4 "unserialize()" PHP Code Execution Vulnerability 2012-11-01Endpoint Protector v4.0.4.0 - Multiple Web Vulnerabilities 2012-10-08
[CVE-2012-5777]EmpireCMS Template Parser Remote PHP Code Execution Vulnerability 2012-11-05Enterasys SecureStack Switch v6.x - Multiple Vulnerabilities 2012-03-08
[CVE-2012-5858] [CVE-2012-5859] DoS/Authorization Bypass - Kies Air 2012-11-15ePhone Disk v1.0.2 iOS - Multiple Web Vulnerabilities 2014-03-27
[CVE-2012-6458] Multiple Persistent XSS in silverstripe-ecommerce 2013-07-14ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities 2013-07-17
[CVE-2013-0523] IBM WebSphere Commerce: Encrypted URL Parameter Vulnerable to Padding Oracle Attacks 2013-06-19EQDKP plus Cross Site Scripting and Bypass file extension 2011-06-17
[CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF 2013-02-06ERPScan inc (erpscan online gmail com) 
[CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏ 2013-02-06ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access 2015-10-16
[CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF‏ 2013-02-20ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS 2015-12-14
[CVE-2013-1814] Apache Rave exposes User over API 2013-03-12Erronous post concerning Backtrack 5 R2 0day 2012-04-12
[CVE-2013-2612] Huawei E587 3G Mobile Hotspot Command Injection 2013-07-15ES Job Search Engine v3.0 - SQL injection vulnerability 2012-09-04
[CVE-2013-2745, CVE-2013-2738, CVE-2013-2739] MiniDLNA v1.0.25 Multiple Vulnerabilities 2013-07-15ES746 DELL Support-Bulletin - EMS Vulnerability Resolved 2014-03-27
[CVE-2013-4484] DoS vulnerability in Varnish HTTP cache 2013-10-30ESA-2011-009 (revised): RSA, The Security Division of EMC, announces new fix for potential security vulnerability in RSA(r) Access Manager Server. 2011-06-06
[CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of Samsung Galaxy S3/S4 2013-07-16ESA-2011-018: Domain administration privilege enforcement bypass in EMC Avamar 2011-09-12
[CVE-2013-6232] Persistent Cross-Site Scripting (XSS) in SpagoBI v4.0 2014-03-01ESA-2011-021: EMC Data Protection Advisor sensitive information disclosure vulnerability 2011-07-26
[CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0 2014-03-01ESA-2011-022: EMC Documentum eRoom Indexing Server HummingBird Client Connector Buffer Overflow Vulnerability 2011-07-15
[CVE-2013-6234] XSS File Upload in SpagoBI v4.0 2014-03-01ESA-2011-024: EMC Captiva eInput multiple vulnerabilities 2011-07-26
[CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability 2013-11-16ESA-2011-025: Multiple buffer overflow vulnerabilities in EMC AutoStart 2011-08-18
[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application 2013-12-10ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication (On-Premise) 2011-08-16
[CVE-2014-0072] Apache Cordova File-Transfer insecure defaults 2014-03-04ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products 2011-09-14
[CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation 2014-03-04ESA-2011-030: RSA, The Security Division of EMC, announces security fixes for RSA enVision 2011-08-23
[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability 2014-08-19ESA-2011-032: EMC Documentum eRoom arbitrary file upload vulnerability. 2011-11-02
[CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application 2014-01-14ESA-2011-035: RSA, The Security Division of EMC, announces the release of Hotfix 6 with security updates for RSA Key Manager Appliance 2.7 Service Pack 1 2011-11-03
[CVE-2014-0683]Router Cisco RV110W - RV215W - CVR100W - Bypass Login Page - Admin Password Disclosure 2014-03-05ESA-2011-036: RSA, The Security Division of EMC, announces the release of a Security Fix for RSA(r) Adaptive Authentication (On-Premise) 2011-12-12
[CVE-2014-0749] TORQUE Buffer Overflow 2014-05-15ESA-2011-039: RSA(r), The Security Division of EMC, announces security fixes and improvements for RSASecurID(r) Software Token 4.1 for Microsoft(r)Windows(r) 2011-12-14
[CVE-2014-1238] Cross Site Scripting(XSS) in q-pulse application 2014-01-14ESA-2012-003: EMC SourceOne Web Search Sensitive Information Disclosure Vulnerability. 2012-01-17
[CVE-2014-1664] GoToMeeting Information Disclosure via Logging Output (Android) 2014-01-24ESA-2012-005: EMC NetWorker buffer overflow vulnerability 2012-01-26
[CVE-2014-2206] GetGo Download Manager HTTP Response Header Buffer Overflow Remote Code Execution 2014-03-02ESA-2012-007: RSA, The Security Division of EMC, announces security fixes for RSA enVision 2012-01-26
[CVE-2014-7216] Yahoo! Messenger emoticons.xml Multiple Key Value Handling Local Buffer Overflow 2015-09-03ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability 2012-02-01
[CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds 2014-12-08ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability 2012-02-03
[CVE-2014-8338] Cross Site Scripting (XSS) vulnerability in videowhisper 2014-11-06ESA-2012-013: RSA SecurID(r) Software Token Converter buffer overflow vulnerability 2012-03-05
[CVE-2014-8340] phpTrafficA SQL injection 2014-12-09ESA-2012-014: RSA enVision Multiple Vulnerabilities 2012-03-19
[CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8 2015-01-28ESA-2012-018: EMC Data Protection Advisor Multiple Vulnerabilities 2012-04-18
[CVE-2015-1394] Photo Gallery (Wordpress Plugin) - Multiple XSS Vulnerabilities Version 1.2.8 2015-01-28ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities 2012-05-10
[CVE-2015-1517] Piwigo - SQL Injection in Version 2.7.3 2015-02-18ESA-2012-020: EMC AutoStart Multiple Buffer Overflow Vulnerabilities 2012-05-22
[CVE-2015-1583] ATutor LCMS - CSRF Vulnerability in Version 2.2 2015-02-28ESA-2012-023: RSA Authentication Manager Multiple Vulnerabilities 2012-07-11
[CVE-2015-1585] Fat Free CRM - CSRF Vulnerability in Version 0.13.5 2015-02-14ESA-2012-025: EMC NetWorker Module for Microsoft Applications (NMM) Multiple Vulnerabilities 2012-10-10
[CVE-2015-2102] Clipbucket 2.7 RC3 0.9 - Blind SQL Injection 2015-03-04ESA-2012-026: RSA Access Manager Session Replay Vulnerability 2012-07-02
[CVE-2015-2552] Windows 8+ - Trusted Boot Security Feature Bypass Vulnerability 2015-10-14ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability 2012-07-11
[CVE-2015-3188] Apache Storm remote code execution vulnerability 2015-06-20ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities 2012-09-11
[CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure 2015-07-16ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities 2014-04-03
[CVE-2015-3623] Qlikview blind XXE Security Vulnerability 2015-09-08ESA-2012-031: Iomega StorCenter/EMC Lifeline Remote Access Vulnerability 2012-08-08
[CVE-2015-4108] Wing FTP Server Cross-site Request Forgery vulnerabilities 2015-06-05ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks 2012-09-07
[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting 2015-09-14ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks 2014-04-11
[CVE-2015-7242] AVM FRITZ!Box: HTML Injection VulnerabiESA-2012-034: EMC Cloud Tiering Appliance (CTA) Authentication Bypass Vulnerability 2012-08-28
[CVE-2015-7242] AVM FRITZ!Box: HTML Injection Vulnerability 2016-01-07ESA-2012-037: RSA(r) Authentication Agent 7.1 for Microsoft Windows(r) and RSA(r) Authentication Client 3.5 Access Control Vulnerability 2012-09-20
[CVE-2015-7670] Multiple SQL Injection in Support Ticket System 1.2 WordPress plugin 2015-10-06ESA-2012-038: EMC NetWorker Format String Vulnerability 2012-08-30
[CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities 2015-12-09ESA-2012-039: EMC ApplicationXtender Arbitrary File Upload Vulnerability 2012-08-23
[CVE-2016-0783] Predictable password reset token 2016-03-25ESA-2012-054: RSA ® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerabilities 2012-11-26
[CVE-2016-0784] Apache OpenMeetings ZIP file path traversal 2016-03-30ESA-2012-055: RSA® Data Protection Manager Multiple Vulnerabilities 2012-11-13
[CVE-2016-1919] Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3 2016-01-16ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities 2012-11-26
[CVE-2016-1920] VPN Man-in-the-Middle due to shared certificate store on KNOX 1.0 / Android 4.3 2016-01-16ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability 2013-01-07
[CVE-2016-1926] XSS in Greenbone Security Assistant ≥ 6.0.0 and < 6.0.8 2016-01-20ESA-2013-008: EMC AlphaStor Multiple Vulnerabilities 2013-01-18
[CVE-2016-2163] Stored Cross Site Scripting in Event description 2016-03-25ESA-2013-010: EMC AlphaStor Buffer Overflow Vulnerability 2013-01-28
[CVE-2016-2164] Arbitrary file read via SOAP API 2016-03-25ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities 2013-05-06
[CVE-2016-2345] Solarwinds Dameware Mini Remote Control Remote Code Execution Vulnerability 2016-03-17ESA-2013-016: EMC Smarts Network Configuration Manager 2013-03-26
[CVE-2016-3089] Apache OpenMeetings XSS in SWF panel 2016-08-12ESA-2013-018: EMC Smarts Product - Cross Site Scripting Vulnerability 2013-03-27
[CVE-2016-3996]KNOX clipboard data disclosure KNOX 1.0 - KNOX 2.3 / Android 2016-04-16ESA-2013-021: EMC Documentum Multiple Vulnerabilities 2013-05-09
[CVE-2016-5000] XML External Entity (XXE) Vulnerability in Apache POI's XLSX2CSV Example 2016-07-22ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability 2013-05-02
[CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability 2016-10-20ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability 2013-05-16
[CVE-2016-6480] Double-Fetch Vulnerability in Linux-4.5/drivers/scsi/aacraid/commctrl.c 2016-08-01ESA-2013-031: RSA® Authentication Agent Cross-Site Scripting (XSS) Vulnerability 2013-05-10
[CVE-2016-6484] Infoblox Network Automation CRLF Injection/ HTTP splitting 2016-09-06ESA-2013-032 RSA BSAFE® Micro Edition Suite Security Update for SSL/TLS Plaintext Recovery (aka ?Lucky Thirteen?) Vulnerability 2013-06-19
[CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow 2016-11-07ESA-2013-034: EMC Avamar Improper Authorization vulnerability 2013-05-02
[CVE-2016-6582] Doorkeeper gem does not revoke tokens & uses wrong auth/auth method 2016-08-18ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability 2013-05-02
[CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1 2016-08-08ESA-2013-037: EMC AlphaStor Buffer Overflow Vulnerability 2013-05-09
[CVE-2016-7098] GNU Wget < 1.18 Access List Bypass / Race Condition 2016-11-24ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities 2013-06-19
[CVE-2016-8736] Apache Openmeetings RMI Registry Java Deserialization RCE 2016-11-13ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities 2014-04-03
[CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage 2016-12-28ESA-2013-040: RSA® Authentication Manager 8.0 Multiple Vulnerabilities 2013-05-28
[CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities 2012-09-20ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability 2013-05-16
[CVE-ID REQUEST] vBulletin - Multiple Open Redirects 2011-06-02ESA-2013-045: RSA BSAFE® SSL-C Security Update for SSL/TLS Plaintext Recovery (aka ?Lucky Thirteen?) Vulnerability 2013-06-19
[DC-2012-11-001] DefenseCode ThunderScan PHP Advisory: Wordpress WP e-Commerce Plugin Multiple Security Vulnerabilities 2012-11-12ESA-2013-047: RSA® Authentication Agent for PAM Unlimited Login Attempts Vulnerability 2013-08-20
[DC-2012-11-002] DefenseCode ThunderScan ASP.Net C# Advisory: BugTracker.Net Multiple Security Vulnerabilities 2012-11-26ESA-2013-055: EMC Avamar Multiple Vulnerabilities 2013-07-17
[DCA-2011-0014] - Elxis CMS Cross Site Script 2011-12-05ESA-2013-057: RSA Archer(r) GRC Multiple Vulnerabilities 2013-09-03
[DCA-2011-0015] QuesCom Qportal User - OctoWebSvr/COM - Source Code Disclosure 2011-12-08ESA-2013-060: EMC VPLEX Information Disclosure Vulnerability 2013-09-26
[DCA-2011-0016] - Tufin SecureTrack Cross Site Script 2012-04-04ESA-2013-062: EMC Atmos Unauthenticated Database Access Vulnerability 2013-10-03
[Dear customer] : Hi Your UserESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability. 2013-11-05
[DSB-2011-01] Security Advisory FreeRADIUS 2.1.11 2011-07-25ESA-2013-072: EMC NetWorker Information Disclosure Vulnerability 2013-10-29
[DSECRG-11-030] SAP NetWeaver JavaMailExamples - XSS 2011-11-17ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. 2013-11-05
[DSECRG-11-031] SAP RFC EPS_DELETE_FILE - Authorisation bypass, smbrelay 2011-11-17ESA-2013-074: EMC Unisphere for VMAX Information Disclosure Vulnerability 2013-10-29
[DSECRG-11-032] SAP NetWeaver ipcpricing - information disclose (by ERPScan) 2011-09-16ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities 2013-11-21
[DSECRG-11-032] SAP NetWeaver ipcpricing - information disclose 2011-11-17ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities 2013-11-19
[DSECRG-11-033] SAP Crystal Report Server pubDBLogon - Linked ÕSS vulnerability (by ERPScan) 2011-09-16ESA-2013-080: RSA Security Analytics Multiple Vulnerabilities 2013-12-04
[DSECRG-11-033] SAP Crystal Report Server pubDBLogon - Linked ÕSS vulnerability 2011-11-17ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities 2013-12-11
[DSECRG-11-034] SAP NetWeaver J2EE MeSync ? information disclose 2011-11-17ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability 2014-04-11
[DSECRG-11-036] SAP NetWaver Virus Scan Interface - multiple XSS 2011-11-17ESA-2014-005: EMC Documentum Foundation Services (DFS) Content Access Vulnerability 2014-02-05
[DSECRG-11-037] SAP BW Doc - Multiple XSS 2011-11-17ESA-2014-012: EMC Documentum TaskSpace Multiple Vulnerabilities 2014-03-05
[DSECRG-11-038] SAP RSTXSCRP report - smb relay vulnerability 2011-11-17ESA-2014-015: RSA® Authentication Manager Cross Frame Scripting Vulnerability 2014-03-26
[DSECRG-11-039] SAP NetWeaver TH_GREP module - Code injection vulnerability (NEW) 2011-11-17ESA-2014-016: EMC VPLEX Multiple Vulnerabilities 2014-03-26
[DSECRG-11-040] SAP NetWeaver SPML - XML CSRF user creation 2011-11-17ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing Vulnerability 2014-04-11
[DSECRG-11-041] SAP NetWeaver - Authentication bypass (Verb Tampering) 2011-11-17ESA-2014-021: RSA Archer® GRC Multiple Cross-Site Scripting Vulnerabilities 2014-05-23
[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS 2015-06-25ESA-2014-024: EMC Documentum Digital Asset Manager Blind DQL Injection Vulnerability 2014-06-04
[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE 2015-06-25ESA-2014-026: EMC Documentum Content Server Information Disclosure Vulnerability 2014-04-11
[ERPSCAN-15-005] SAP Mobile Platform - XXE 2015-06-25ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities 2014-04-16
[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE 2015-06-25ESA-2014-032: RSA® Adaptive Authentication (Hosted) DOM Cross-Site Scripting Vulnerability 2014-06-02
[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure 2015-06-25ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities 2014-06-30
[ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll 2015-06-25ESA-2014-055: EMC Network Configuration Manager (NCM) Report Advisor Session Fixation Vulnerability 2014-08-08
[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check 2015-06-25ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability 2014-06-30
[ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS 2015-06-25ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability 2014-07-07
[ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE 2015-06-25ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities 2014-08-18
[ERPSCAN-15-012] SAP Afaria 7 XComms â?? Buffer Overflow 2015-08-17ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities 2014-06-30
[ERPSCAN-15-013] SAP NetWeaver AS Java CIM UPLOAD â?? XXE 2015-08-17ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities 2014-07-07
[ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE in Add Repository 2015-09-09ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability 2014-08-18
[ERPSCAN-15-015] SAP NetWeaver AS ABAPâ?? Hardcoded Credentials 2015-09-09ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities 2014-08-19
[ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials 2015-09-09ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities 2014-08-18
[ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE 2015-11-23ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities 2014-08-18
[ERPSCAN-15-019] SAP Afaria - Stored XSS 2015-11-23ESA-2014-081 RSA® Identity Management and Governance Authentication Bypass Vulnerability 2014-08-26
[ERPSCAN-15-020] SAP Mobile Platform 2.3 - XXE in application import 2015-11-23ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities 2014-09-15
[ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability 2015-12-14ESA-2014-135: RSA® Web Threat Detection SQL Injection Vulnerability 2014-11-05
[ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption 2016-01-27ESA-2014-156: EMC Documentum Content Server Insecure Direct Object Reference Vulnerability 2014-12-02
[ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability 2015-10-27ESA-2014-158: RSA BSAFE® Micro Edition Suite and SSL-J Triple Handshake Vulnerability 2014-12-30
[ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability 2015-10-27ESA-2014-160: RSA® Adaptive Authentication (On-Premise) Authentication Bypass Vulnerability 2014-12-02
[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability 2015-10-27ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability 2014-12-30
[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29ESA-2014-180: EMC Documentum Web Development Kit Multiple Vulnerabilities 2015-01-05
[ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities 2015-01-29
[ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability 2015-01-30
[ERPSCAN-15-031] SAP MII â?? Encryption Downgrade vulnerability 2016-02-12ESA-2015-043: RSA® Validation Manager Security Update for Multiple Vulnerabilities 2015-06-16
[ERPSCAN-15-032] SAP PCo agent â?? DoS vulnerability 2016-02-12ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability 2015-05-16
[ERPSCAN-16-001] SAP NetWeaver 7.4 - XSS vulnerability 2016-04-15ESA-2015-091: RSA® Web Threat Detection Cross-Site Request Forgery Vulnerability 2015-06-03
[ERPSCAN-16-002] SAP HANA - log injection and no size restriction 2016-04-15ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability 2015-06-25
[ERPSCAN-16-003] SAP NetWeaver 7.4 - cryptographic issues 2016-04-15ESA-2015-106: EMC Unified Infrastructure Manager/Provisioning (UIM/P) Authentication Bypass Vulnerability 2015-06-16
[ERPSCAN-16-004] SAP NetWeaver 7.4 (Pmitest servlet) â?? XSS vulnerability 2016-04-19ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities 2015-07-01
[ERPSCAN-16-005] SAP HANA hdbxsengine JSON â?? DoS vulnerability 2016-04-19ESA-2015-109: EMC Documentum D2 Cross-Site Scripting 2015-06-23
[ERPSCAN-16-008] SAP NetWeaver AS JAVA - XSS vulnerability in ProxyServer servlet 2016-05-16ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-06-23
[ERPSCAN-16-009] SAP xMII - directory traversal vulnerability 2016-05-16ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-09-09
[ERPSCAN-16-010] SAP NetWeaver AS JAVA â?? information disclosure vulnerability 2016-05-19ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities 2015-07-01
[ERPSCAN-16-011] SAP NetWeaver AS JAVA â?? SQL injection vulnerability 2016-05-19ESA-2015-112: EMC Isilon OneFS Command Injection Vulnerability 2015-07-01
[ERPSCAN-16-022] SAP Hybris E-commerce Suite VirtualJDBC â?? Default Credentials 2016-08-16ESA-2015-115: EMC RecoverPoint for Virtual Machines (VMs) Restriction Bypass Vulnerability 2015-07-10
[ERPSCAN-16-023] Potential backdoor via hardcoded system ID 2016-08-16ESA-2015-118: EMC Avamar Directory Traversal Vulnerability 2015-07-22
[ERPSCAN-16-030] SAP NetWeaver - buffer overflow vulnerability 2016-10-17ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability 2015-07-16
[ERPSCAN-16-031] SAP NetWeaver AS ABAP â?? directory traversal using READ DATASET 2016-11-18ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability 2015-07-16
[ERPSCAN-16-032] SAP Telnet Console â?? Directory traversal vulnerability 2016-11-18ESA-2015-130: EMC Documentum WebTop and WebTop Clients Cross-Site Request Forgery Vulnerability 2015-08-17
[ERPSCAN-16-034] SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component 2016-11-21ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities 2015-08-17
[ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver 2013-04-24ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability 2015-09-02
[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security 2016-12-07ESA-2015-140: RSA® Identity Management & Governance Multiple Cross-Site Scripting Vulnerabilities 2015-09-09
[FD] Celoxis <= 9.5 - Cross Site Scripting (XSS) 2015-11-23ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities 2015-09-23
[FD] CVE-2013-6876 s3dvt Root shell 2014-06-02ESA-2015-144: EMC Documentum Content Server Privilege Escalation Vulnerability 2015-09-03
[FD] Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) 2015-11-27ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
[FFRRA-20131213] Crafted ICMP ECHO REQUEST can cause denial of service on Juniper SSG20 2014-01-22ESA-2015-151: RSA® OneStep Path Traversal Vulnerability 2015-09-29
[Foreground Security 2011-001]: Casper Suite (JSS 8.1) Cross-Site Scripting 2011-08-27ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities 2015-09-29
[FOREGROUND SECURITY 2011-004] Infoblox NetMRI 6.2.1 Multiple Cross-Site Scripting (XSS) vulnerabilities 2011-11-11ESA-2015-153 EMC SourceOne Email Supervisor Security Update for Multiple Security Vulnerabilities 2015-10-11
[Foreground Security 2013-002]: Corda Path Disclosure and XSS 2013-07-12ESA-2015-163: EMC VPLEX Sensitive Information Exposure Vulnerability 2015-11-17
[FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues 2016-11-30ESA-2015-164: EMC Isilon OneFS Privilege Escalation Vulnerability 2015-11-24
[Full-disclosure] "Dell Data Protection | Access" for Windowscontains and installs outdated,superfluous and vulnerable system components and 3rd partycomponents/drivers 2012-09-24ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
[HBOS-28734MV]ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability 2015-12-22
[HITB-Announce] #HITB2013KUL Call for Papers 2013-05-01ESA-2015-177: RSA SecurID(r) Web Agent Authentication Bypass Vulnerability 2015-12-21
[HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL 2014-01-16ESA-2015-179: EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability 2015-12-22
[HITB-Announce] #HITB2014AMS Call for Papers Now Open 2013-11-27ESA-2016-010 EMC Documentum xCP Security Update for Multiple Vulnerabilities 2016-02-09
[HITB-Announce] #HITB2015AMS Call for Papers 1st Round is Closing in 10 Days 2015-01-22ESA-2016-012: EMC Documentum xCP ? User Information Disclosure Vulnerability 2016-03-07
[HITB-Announce] Haxpo CFP 2014-02-20ESA-2016-012: EMC Documentum xCP ? User Information Disclosure Vulnerability 2016-03-14
[HITB-Announce] HITB eZine Issue #006 Released! 2011-06-13ESA-2016-013: RSA BSAFE® Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Lenstra?s Attack Vulnerability 2016-04-11
[HITB-Announce] HITB Magazine Issue 008 (now with print edition!) 2012-04-23ESA-2016-034: EMC Documentum D2 Configuration Object Vulnerability 2016-04-04
[HITB-Announce] HITB Magazine Issue 009 - Call for Submissions 2012-08-09ESA-2016-036: EMC Unisphere for VMAX Virtual Appliance Arbitrary File Upload Vulnerability 2016-04-14
[HITB-Announce] HITB2011AMS Conference Materials & Photos 2011-06-08ESA-2016-039: EMC ViPR SRM Multiple Cross-Site Request Forgery Vulnerabilities 2016-04-19
[HITB-Announce] HITB2017AMS CFP 2016-10-31ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities 2016-05-02
[HITB-Announce] REMINDER: #HITB2013AMS Call for Papers Closes 8th Feb 2013-01-22ESA-2016-051: Patch 14 for RSA® Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities 2016-05-04
[HITB-Announce] REMINDER: #HITB2014KUL CFP Deadline: 1st August 2014-07-17ESA-2016-065: EMC Avamar Data Store and Avamar Virtual Edition Multiple Vulnerabilities 2016-09-19
[HITB-Announce] REMINDER: HITB2011 - Malaysia Call for Papers Closes on the 15th 2011-07-11ESA-2016-070: RSA® Authentication Manager Prime SelfService Insecure Direct Object Reference Vulnerability 2016-08-08
[HITB-Announce] Reminder: HITB2012AMS Call For Papers Closing Soon 2012-01-26ESA-2016-093: RSA® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerability 2016-09-20
[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability 2014-03-07ESA-2016-094: RSA BSAFE® Micro Edition Suite Multiple Vulnerabilities 2016-09-15
[IA30] Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Vulnerability 2012-07-02ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2016-09-19
[IA33] Serva v2.0.0 DNS Server Remote Denial of Service 2013-01-14ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2017-01-10
[IA34] Serva v2.0.0 HTTP Server GET Remote Denial of Service 2013-01-14ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability 2016-09-23
[IA38] NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Local Buffer Overflow 2012-09-16ESA-2016-104: EMC ViPR SRM Multiple Vulnerabilities 2016-09-13
[IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption 2013-02-14ESA-2016-108: EMC Documentum D2 Authentication Bypass Vulnerability 2016-09-13
[IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow 2013-02-16ESA-2016-111: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability 2016-10-20
[IA49] Photodex ProShow Producer v5.0.3310 ScsiAccess Local Privilege Escalation 2013-03-19ESA-2016-127: EMC ViPR SRM Stored Cross-Site Scripting Vulnerability 2016-09-27
[IBliss Security Advisory] Cross-site scripting ( XSS ) in Bradesco gateway wordpress plugin 2013-09-23ESA-2016-157: EMC ScaleIO Multiple Vulnerabilities 2017-01-05
[iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin 2013-09-12ESNC Security (secure esnc de) 
[IMF 2013] 2nd Call for Papers 2012-09-27Essential PIM 4.22: MANY vulnerabilities in 3rd party libraries 2011-06-17
[IMF 2013] 3rd Call for Papers: Deadline Extended 2012-10-17Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities 2012-03-05
[IMF 2013] Call for Papers 2012-09-05'e-ticketing' SQL Injection (CVE-2012-1673) 2012-04-04
[IMF 2013] Call for Participation 2013-02-04European Security Services GPS v1.0 - Multiple Vulnerabilities 2011-09-28
[IMF 2014] Call for Participation 2014-04-01EUSecWest 2012 - Amsterdam, Sept 19/20 featuring Mobile PWN2OWN - CFP Deadline June 15 2012-06-05
[IMPORTANT] : UPDATE YOUREvasion attacks expoliting file-parsing vulnerabilities in antivirus products 2012-03-19
[IMPORTANT] : YOUR ACCOUNTEvent Calendar PHP 1.2 - Multiple Web Vulnerabilites 2012-07-15
[IMPORTANT] Update your paypalEvent Easy Calendar 1.0.0 WP plugin 2013-09-07
[INTREST SEC] Atlassian Confluence Wiki XSS Vulnerability 2012-09-13Event Script PHP v1.1 CMS - Multiple Web Vulnerabilites 2012-07-04
[ISecAuditors Security Advisories] - Reflected XSS vulnerability in Boxcryptor (www.boxcryptor.com) 2014-02-13Event Viewer Snapin multiple DLL side loading vulnerabilities 2015-12-16
[ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability 2013-11-05Events Made Easy WordPress plugin CSRF + Persistent XSS 2015-10-16
[ISecAuditors Security Advisories] Multiple Reflected Cross-Site Scripting vulnerabilities 2013-09-26Eventy CMS v1.8 Plus - Multiple Web Vulnerablities 2012-11-13
[ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in BoltWire <= v3.5 2013-10-09Evernote for Windows DLL Loading Remote Code Execution Vulnerability 2016-10-14
[ISecAuditors Security Advisories] Multiple Vulnerabilities in Telaen <= 1.3.0 2013-06-03Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta) 2015-12-14
[ISecAuditors Security Advisories] Multiple Vulnerabilities in Uebimiau <= 2.7.11 2013-10-09Executable installers are vulnerable^WEVIL (case 13): ESET NOD32 antivirus installer allows remote code execution with escalation of privilege 2015-12-21
[ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA" 2013-11-05Executable installers are vulnerable^WEVIL (case 14): Rapid7's ScanNowUPnP.exe allows arbitrary (remote) code execution 2015-12-21
[ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics 2013-03-10Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege 2015-12-23
[ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system 2013-11-05Executable installers are vulnerable^WEVIL (case 16): Trend Micro's installers allows arbitrary (remote) code execution 2015-12-31
[ISecAuditors Security Advisories] URL Open Redirect in Google generic TLD and ccTLD 2015-10-15Executable installers are vulnerable^WEVIL (case 18): EMSISoft's installers allow arbitrary (remote) code execution and escalation of privilege 2016-01-07
[iTunes] Credit Card -Executable installers are vulnerable^WEVIL (case 19): ZoneAlarm's installers allow arbitrary (remote) code execution and escalation of privilege 2016-01-07
[KIS-2013-01] DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability 2013-01-28Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
[KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability 2013-02-06Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege 2016-01-08
[KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability 2013-04-26Executable installers are vulnerable^WEVIL (case 21): Panda Security's installers allow arbitrary (remote) code execution AND escalation of privilege with PANDAIS16.exe 2016-01-19
[KIS-2013-09] Vanilla Forums <= 2.0.18.5 (class.utilitycontroller.php) PHP Object Injection Vulnerability 2013-10-07Executable installers are vulnerable^WEVIL (case 22): python.org's executable installers allow arbitrary (remote) code execution 2016-01-15
[KIS-2013-10] openSIS <= 5.2 (ajax.php) PHP Code Injection Vulnerability 2013-12-05Executable installers are vulnerable^WEVIL (case 23): WinImage's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege 2016-01-30
[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability 2014-07-14Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege 2016-02-07
[KIS-2014-13] Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability 2014-11-27Executable installers are vulnerable^WEVIL (case 29): putty-0.66-installer.exe allowa arbitrary (remote) code execution WITH escalation of privilege 2016-03-01
[KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability 2014-12-31Executable installers are vulnerable^WEVIL (case 3): WiX Toolset's bootstrapper "burn.exe" 2016-01-21
[KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability 2014-12-31Executable installers are vulnerable^WEVIL (case 30): clamwin-0.99-setup.exe allows arbitrary (remote) code execution WITH escalation of privilege 2016-03-06
[KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability 2014-12-31Executable installers are vulnerable^WEVIL (case 31): MalwareBytes' installers allows arbitrary (remote) code execution WITH escalation of privilege 2016-03-06
[KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability 2014-12-31Executable installers are vulnerable^WEVIL (case 33): GData's installers allow escalation of privilege 2016-04-18
[KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability 2014-12-31Executable installers are vulnerable^WEVIL (case 37): eclipse-inst-win*.exe vulnerable to DLL redirection and manifest hijacking 2016-07-23
[KIS-2015-01] Concrete5 <= 5.7.3.1 (sendmail) Remote Code Execution Vulnerability 2015-06-11Executable installers are vulnerable^WEVIL (case 41): EmsiSoft's Emergency Kit allows elevation of privilege for everybody 2016-11-17
[KIS-2015-02] Concrete5 <= 5.7.3.1 Multiple Reflected Cross-Site Scripting Vulnerabilities 2015-06-11Executable installers are vulnerable^WEVIL (case 5): JRSoft InnoSetup 2015-12-07
[KIS-2015-03] Concrete5 <= 5.7.4 (Access.php) SQL Injection Vulnerability 2015-06-11Executable installers are vulnerable^WEVIL (case 6): SumatraPDF-*-installer.exe allows remote code execution with escalation of privilege 2015-12-07
[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability 2015-09-11Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege 2015-12-08
[KIS-2015-05] ATutor <= 2.2 (Custom Course Icon) Unrestricted File Upload Vulnerability 2015-11-04Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
[KIS-2015-06] ATutor <= 2.2 (confirm.php) Session Variable Overloading Vulnerability 2015-11-04Executable installers are vulnerable^WEVIL (case 9): Chrome's setup.exe allows arbitrary code execution and escalation of privilege 2015-12-09
[KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability 2015-11-04Executable installers/self-extractors are vulnerable^WEVIL (case 17): Kaspersky Labs utilities 2016-01-03
[KIS-2015-08] ATutor <= 2.2 (edit_marks.php) PHP Code Injection Vulnerability 2015-11-04Executable uninstallers are vulnerable^WEVIL (case 12): Avira Registry Cleaner allows arbitrary code execution with escalation of privilege 2015-12-18
[KIS-2015-09] Piwik <= 2.14.3 (viewDataTable) Autoloaded File Inclusion Vulnerability 2015-11-04Expedia Product Security Advisory: Cruise Ship Centers Information Disclosure 2015-06-05
[KIS-2015-10] Piwik <= 2.14.3 (DisplayTopKeywords) PHP Object Injection Vulnerability 2015-11-04Exploit - EasyITSP by Lemens Telephone Systems 2.0.2 2012-10-26
[KIS-2016-01] CakePHP <= 3.2.0 "_method" CSRF Protection Bypass Vulnerability 2016-01-15Exploit Code for ipTIME firmwares < 9.58 (root RCE against 127 router models) 2015-07-01
[KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability 2016-02-24exploit CVE-2016-2203 2016-04-21
[MajorSecurity-SA-2012-014]Apple Safari on iOS 5.1 - Adressbar spoofing vulnerability 2012-03-20Exploit for Asterisk Security Advisory AST-2011-013 2011-12-22
[MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing 2013-02-05Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin 2014-11-22
[MATTA-2011-001] pfSense x509 Insecure Certificate Creation 2011-12-22Exploit Title: Mihalism Multi Host v 5.0 2012-08-25
[MATTA-2011-003] Restorepoint Remote root command execution vulnerability - CVE-2011-4201 CVE-2011-4202 2011-12-12Exploit-DB Captcha Bypass 2016-05-01
[MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7 2012-04-05Exploiting XXE vulnerabilities in AMF libraries 2016-01-11
[MATTA-2012-002] CVE-2012-1493; F5 BIG-IP remote root authentication bypass Vulnerability 2012-06-11Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability 2016-07-28
[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability 2014-04-02Extended submission deadline for: The 6th International Conference for Internet Technology and Secured Transactions (ICITST-2011)! 2011-09-04
[Multiple CVE]: RCE, info disclosure, HQL injection and stored XSS in Novell Service Desk 7.1.0 2016-04-10eXtplorer v2.1.9 Archive Path Traversal 2016-05-14