Published |
VU# |
Title |
|---|
2014-12-19 |
2014-12-19 |
2017-05-09 |
VU#561444 |
6.4 |
Multiple broadband routers use vulnerable versions of Allegro RomPager |
2014-12-19 |
2014-12-19 |
2015-10-27 |
VU#852879 |
5.9 |
NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated) |
2014-12-19 |
2014-12-12 |
2015-01-07 |
VU#1680209 |
0 |
AppsGeyser generates Android applications that fail to properly validate SSL certificates |
2014-12-18 |
2014-12-18 |
2014-12-18 |
VU#843044 |
6.4 |
Multiple Dell iDRAC IPMI v1.5 implementations use insufficiently random session ID values |
2014-12-15 |
2014-12-15 |
2014-12-17 |
VU#343060 |
1.5 |
CA LISA Release Automation contains multiple vulnerabilities |
2014-12-15 |
2014-12-15 |
2017-01-06 |
VU#315340 |
6.7 |
EMC Documentum products contain multiple vulnerabilities |
2014-12-12 |
2014-12-11 |
2014-12-12 |
VU#659684 |
5.9 |
Honeywell OPOS suite Stack Buffer Overflow vulnerability |
2014-12-09 |
2014-12-08 |
2015-10-27 |
VU#264212 |
3.4 |
Recursive DNS resolver implementations may follow referrals infinitely |
2014-12-05 |
2014-12-05 |
2014-12-08 |
VU#449452 |
7.7 |
Zenoss Core contains multiple vulnerabilities |
2014-11-18 |
2014-11-18 |
2014-11-19 |
VU#213119 |
8.5 |
Microsoft Windows Kerberos Key Distribution Center (KDC) fails to properly validate Privilege Attribute Certificate (PAC) signature |
2014-11-13 |
2014-11-11 |
2014-11-18 |
VU#158647 |
7.3 |
Microsoft Windows Object Linking and Embedding (OLE) OleAut32 library SafeArrayRedim function vulnerable to remote code execution via Internet Explorer |
2014-11-13 |
2014-11-11 |
2014-11-17 |
VU#505120 |
9 |
Microsoft Secure Channel (Schannel) vulnerable to remote code execution via specially crafted packets |
2014-11-07 |
2014-10-31 |
2014-11-13 |
VU#432608 |
2.9 |
IBM Notes Traveler for Android transmits user credentials over HTTP |
2014-11-03 |
2014-11-03 |
2017-02-13 |
VU#210620 |
5 |
uIP and lwIP DNS resolver vulnerable to cache poisoning |
2014-10-31 |
2014-10-31 |
2014-11-07 |
VU#447516 |
5.3 |
Linksys SMART WiFi firmware contains multiple vulnerabilities |
2014-10-29 |
2014-10-29 |
2014-10-29 |
VU#973460 |
3.6 |
drchrono Electronic Health Record (EHR) web applications vulnerable to cross-site scripting and cross-site request forgery |
2014-10-28 |
2014-10-27 |
2014-10-31 |
VU#685996 |
3.6 |
GNU Wget creates arbitrary symbolic links during recursive FTP download |
2014-10-23 |
2014-10-21 |
2015-06-29 |
VU#184540 |
5.3 |
Incorrect implementation of NAT-PMP in multiple devices |
2014-10-17 |
VU#577193 |
POODLE vulnerability in SSL 3.0;;; |
|---|
2014-10-17 |
2014-10-15 |
2014-10-17 |
VU#298796 |
6.1 |
Centreon contains multiple vulnerabilities |
2014-10-08 |
2014-09-18 |
2014-10-16 |
VU#573356 |
3.9 |
IBM WebSphere Application Server contains multiple vulnerabilities |
2014-10-07 |
2014-10-07 |
2014-10-27 |
VU#121036 |
6.1 |
BMC Track-It! contains multiple vulnerabilities |
2014-10-07 |
2014-10-07 |
2014-10-07 |
VU#280844 |
4.9 |
Cryoserver Security Appliance vulnerable to privilege escalation |
2014-10-06 |
2014-09-11 |
2014-10-06 |
VU#251276 |
4.6 |
Rejetto HTTP File Server (HFS) search feature fails to handle null bytes |
2014-10-06 |
2014-10-06 |
2014-10-06 |
VU#941108 |
2.3 |
NetCommWireless NB604N ADSL2+ Wireless N300 Modem Router contains a stored cross-site scripting vulnerability |
2014-10-03 |
2014-09-30 |
2014-10-03 |
VU#125228 |
1.4 |
HP System Management Homepage vulnerable to cross-site scripting |
2014-10-03 |
2014-10-03 |
2014-10-03 |
VU#111588 |
6.1 |
Brocade Vyatta 5400 vRouter contains multiple vulnerabilities |
2014-09-25 |
2014-09-24 |
2015-04-14 |
VU#252743 |
9.6 |
GNU Bash shell executes commands in exported functions in environment variables |
2014-09-24 |
2014-09-24 |
2014-09-24 |
VU#772676 |
8.7 |
Mozilla Network Security Services (NSS) fails to properly verify RSA signatures |
2014-09-19 |
2014-08-19 |
2014-09-19 |
VU#730964 |
0.9 |
FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities |
2014-09-11 |
2014-08-20 |
2014-12-12 |
VU#646748 |
5.1 |
Embarcadero Delphi and C++Builder VCL BMP file processing buffer overflow |
2014-09-10 |
2014-09-10 |
2014-09-10 |
VU#241508 |
3.5 |
CacheGuard OS contains a cross-site request forgery vulnerability |
2014-09-08 |
2014-09-08 |
2014-09-08 |
VU#396212 |
2 |
Netgear ProSafe Plus Configuration Utility writes out plaintext passwords to backup configuration files |
2014-09-04 |
VU#855836 |
Arris Touchstone cable modem information leakage vulnerabiliity |
|---|
2014-09-04 |
2014-08-21 |
2014-09-04 |
VU#259548 |
4.5 |
Netmaster cable modem information leakage vulnerability |
2014-09-03 |
2012-10-16 |
2016-11-08 |
VU#582497 |
7.5 |
Multiple Android applications fail to properly validate SSL certificates |
2014-08-07 |
2014-08-07 |
2014-09-12 |
VU#578598 |
9.2 |
Iridium Pilot and OpenPort contain multiple vulnerabilities |
2014-08-07 |
2014-08-07 |
2014-09-18 |
VU#882207 |
2 |
Cobham Aviator satellite terminals contain multiple vulnerabilities |
2014-08-07 |
2014-08-07 |
2014-08-14 |
VU#269991 |
1.4 |
Cobham Sailor 6000 series satellite terminal contain hardcoded credentials |
2014-08-07 |
2014-08-07 |
2014-08-14 |
VU#460687 |
2 |
Cobham Sailor satellite terminals contain hardcoded credentials |
2014-08-07 |
2014-08-07 |
2014-08-14 |
VU#179732 |
5.1 |
Cobham thraneLINK improper verification of firmware updates vulnerability |
2014-08-07 |
2014-08-07 |
2014-08-07 |
VU#602006 |
4.7 |
Cobham SATCOM products' web interface contains a weak password recovery vulnerability |
2014-08-07 |
2014-08-07 |
2015-10-22 |
VU#552286 |
7.3 |
UEFI EDK2 Capsule Update vulnerabilities |
2014-08-04 |
2014-08-04 |
2014-08-04 |
VU#252068 |
4.6 |
Symantec Endpoint Protection Client contains a kernel pool overflow vulnerability |
2014-07-28 |
2014-07-28 |
2014-07-28 |
VU#867980 |
0 |
Silver Peak VX is vulnerable to cross-site request forgery and cross-site scripting |
2014-07-25 |
2014-07-25 |
2014-07-25 |
VU#394540 |
5.6 |
Sabre AirCentre Crew solutions contain a SQL injection vulnerability |
2014-07-24 |
2014-07-24 |
2014-07-25 |
VU#565580 |
2.9 |
BulletProof FTP Client 2010 is vulnerable to a stack-based buffer overflow |
2014-07-24 |
2014-07-24 |
2014-07-24 |
VU#669804 |
0 |
TestRail cross-site scripting vulnerability |
2014-07-23 |
VU#162308 |
Resin Pro improperly performs Unicode transformations; |
|---|
2014-07-21 |
2014-07-21 |
2014-07-21 |
VU#875548 |
1 |
MicroPact iComplaints cross-site scripting vulnerability |
2014-07-21 |
2014-07-21 |
2014-07-21 |
VU#688812 |
1.5 |
Huawei E355 contains a stored cross-site scripting vulnerability |
2014-07-14 |
2014-07-14 |
2014-07-28 |
VU#204988 |
1.5 |
Kaseya's agent driver contains NULL pointer dereference |
2014-07-11 |
2014-07-11 |
2014-08-14 |
VU#917348 |
2 |
Datum Systems satellite modem devices contain multiple vulnerabilities |
2014-07-10 |
2014-07-10 |
2014-07-10 |
VU#712660 |
7 |
Raritian PX power distribution software is vulnerable to the cipher zero attack. |
2014-07-09 |
2014-07-09 |
2014-07-10 |
VU#100972 |
2 |
Liferay Portal PCE contains multiple cross-site scripting vulnerabilities |
2014-07-07 |
2014-07-07 |
2014-07-25 |
VU#960193 |
6 |
AVG Safeguard and Secure Search ActiveX controls provides insecure methods |
2014-07-03 |
2014-07-03 |
2014-07-08 |
VU#143740 |
1.7 |
Netgear GS105PE Prosafe Plus Switch contains hard-coded login credentials |
2014-07-03 |
2014-06-24 |
2014-07-03 |
VU#402020 |
6.3 |
Autodesk VRED contains an unauthenticated remote code execution vulnerability |
2014-06-23 |
2014-06-03 |
2014-06-23 |
VU#849500 |
1 |
SpamTitan contains a reflected cross-site scripting (XSS) vulnerability |
2014-06-18 |
2014-06-18 |
2015-09-29 |
VU#774788 |
4.6 |
Belkin N150 path traversal vulnerability |
2014-06-17 |
2014-06-06 |
2014-06-17 |
VU#210884 |
1.4 |
F5 ARX Data Manager contains a SQL injection vulnerability |
2014-06-17 |
2014-06-16 |
2014-06-17 |
VU#719172 |
4.4 |
Symantec Web Gateway contains SQL injection and cross-site scripting vulnerabilities |
2014-06-10 |
2014-06-09 |
2014-06-10 |
VU#613308 |
2.7 |
Cisco AsyncOS contains a reflected cross-site scripting (XSS) vulnerability |
2014-06-09 |
VU#758382 |
Unauthorized modification of UEFI variables in UEFI systems |
|---|
2014-06-05 |
2014-06-05 |
2015-10-27 |
VU#978508 |
8.1 |
OpenSSL is vulnerable to a man-in-the-middle attack |
2014-05-30 |
2014-05-15 |
2014-05-30 |
VU#124908 |
6.3 |
Dell ML6000 and Quantum Scalar i500 tape backup system command injection vulnerability |
2014-05-30 |
2014-05-30 |
2014-06-05 |
VU#325636 |
1.1 |
Huawei E303 contains a cross-site request forgery vulnerability |
2014-05-28 |
2014-05-28 |
2014-05-28 |
VU#537684 |
1.1 |
Alfresco Enterprise contains multiple cross-site scripting vulnerabilities |
2014-05-22 |
2014-05-22 |
2014-08-11 |
VU#112412 |
1.9 |
Bizagi BPM Suite contains multiple vulnerabilities |
2014-05-21 |
2014-05-21 |
2014-05-23 |
VU#239151 |
8.2 |
Microsoft Internet Explorer 8 CMarkup use-after-free vulnerability |
2014-05-20 |
2014-05-20 |
2014-05-20 |
VU#767044 |
2 |
Hanvon facial recognition (Face ID) devices do not authenticate commands |
2014-05-16 |
2014-04-16 |
2014-05-16 |
VU#480428 |
6.8 |
Juniper ScreenOS is vulnerable to a denial of service from malformed SSL packets |
2014-05-07 |
2014-05-02 |
2014-05-07 |
VU#902790 |
1.3 |
Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability |
2014-05-07 |
2014-05-07 |
2014-05-07 |
VU#693092 |
5.3 |
Caldera 9.20 contains multiple vulnerabilities |
2014-05-01 |
2014-05-01 |
2014-05-01 |
VU#673313 |
3.4 |
Google Search Appliance dynamic navigation cross-site scripting vulnerability |
2014-04-29 |
2014-04-29 |
2014-04-29 |
VU#489228 |
5.5 |
Ignite Realtime Smack XMPP API contains multiple vulnerabilities |
2014-04-27 |
2014-04-26 |
2014-05-07 |
VU#222929 |
9.5 |
Microsoft Internet Explorer CMarkup use-after-free vulnerability |
2014-04-25 |
2014-04-24 |
2014-07-24 |
VU#719225 |
6.9 |
Apache Struts2 ClassLoader allows access to class properties via request parameters |
2014-04-24 |
VU#118748 |
POCO C++ Libraries NetSSL library fails to properly validate wildcard certificates |
|---|
2014-04-22 |
2014-04-18 |
2014-04-22 |
VU#350089 |
2.9 |
IBM Notes and Domino on x86 Linux specify an executable stack |
2014-04-21 |
2014-04-01 |
2014-04-21 |
VU#622950 |
1.8 |
Toshiba Global Commerce Solutions' 4690 Point of Sale operating system contains a password hashing algorithm that can be reversed |
2014-04-16 |
2014-04-16 |
2014-04-23 |
VU#495476 |
5.3 |
Openfire contains an uncontrolled resource consumption vulnerability |
2014-04-14 |
2014-04-14 |
2014-04-14 |
VU#657622 |
2.1 |
Xangati software release contains relative path traversal and command injection vulnerabilities |
2014-04-14 |
2014-04-01 |
2014-04-14 |
VU#215284 |
0.5 |
Artiva Agency Single Sign-On (SSO) feature vulnerability |
2014-04-14 |
2014-04-14 |
2014-04-14 |
VU#437385 |
6.4 |
PaperThin CommonSpot CMS contains multiple vulnerabilities |
2014-04-11 |
2014-03-05 |
2014-07-24 |
VU#901156 |
1.3 |
PivotX 2.3.8 contains multiple vulnerabilities |
2014-04-11 |
2014-04-11 |
2014-04-18 |
VU#251628 |
1.4 |
AMTELCO miSecureMessages Server insecurely authenticates clients |
2014-04-11 |
2014-04-11 |
2014-04-15 |
VU#667340 |
2.8 |
Fortinet FortiADC D-series contains a cross-site scripting vulnerability |
2014-04-11 |
2014-03-10 |
2014-04-16 |
VU#939260 |
5.7 |
ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities |
2014-04-10 |
2014-04-08 |
2014-04-10 |
VU#882841 |
5.9 |
Microsoft Office file format converter memory corruption vulnerability |
2014-04-08 |
2014-04-08 |
2014-04-08 |
VU#345337 |
2.3 |
J2k-Codec contains multiple exploitable vulnerabilities |
2014-04-08 |
2014-04-07 |
2016-05-13 |
VU#720951 |
6.5 |
OpenSSL TLS heartbeat extension read overflow discloses sensitive information |
2014-04-07 |
2014-03-24 |
2014-04-07 |
VU#568252 |
0.9 |
Websense Triton Unified Security Center 7.7.3 information disclosure vulnerability |
2014-04-02 |
VU#917700 |
;;Huawei Echo Life HG8247 optical router XSS vulnerability |
|---|
2014-04-01 |
2013-08-06 |
2014-04-01 |
VU#893726 |
4.1 |
Zyxel P660 series modem/router denial of service vulnerability |
2014-04-01 |
2014-04-03 |
2014-04-01 |
VU#163188 |
1 |
Pearson eSIS Enterprise Student Information System XSS vulnerability |
2014-03-27 |
2014-03-27 |
2014-03-27 |
VU#140886 |
1.2 |
ManageEngine OpStor Build 8300 and earlier contain multiple vulnerabilities |
2014-03-25 |
2014-03-25 |
2014-03-25 |
VU#213046 |
0.7 |
Virtual Access GW6110A router privilege escalation vulnerability |
2014-03-14 |
2014-03-14 |
2014-03-14 |
VU#381692 |
2.5 |
Webmin contains a cross-site scripting vulnerability |
2014-03-13 |
2014-03-13 |
2014-03-13 |
VU#807134 |
0.8 |
WatchGuard Fireware XTM devices contain a cross-site scripting vulnerability |
2014-03-06 |
2014-03-06 |
2014-03-06 |
VU#687278 |
0.8 |
Aker Secure Mail Gateway reflected XSS vulnerability |
2014-03-06 |
2014-03-06 |
2014-03-06 |
VU#341526 |
0.8 |
Huawei E355 contains a direct request vulnerability |
2014-03-05 |
2014-03-07 |
2015-09-17 |
VU#823452 |
1.4 |
Serena Dimensions CM 12.2 Build 7.199.0 web client vulnerabilities |
2014-03-04 |
2014-03-03 |
2014-03-19 |
VU#600724 |
5.3 |
ZTE F460/F660 cable modems contain an unauthenticated backdoor |
2014-03-03 |
2014-03-03 |
2014-03-03 |
VU#525132 |
1.7 |
Foscam IP camera authentication bypass vulnerability |
2014-02-28 |
2014-02-21 |
2014-02-28 |
VU#221620 |
4.6 |
Blue Coat ProxySG local user changes contain a time and state vulnerability |
2014-02-28 |
2014-02-28 |
2014-02-28 |
VU#526062 |
0.9 |
CMS Made Simple contains multiple cross-site scripting vulnerabilities |
2014-02-27 |
2013-12-01 |
2014-03-04 |
VU#534284 |
2 |
Synology DiskStation Manager VPN module hard-coded password vulnerability |
2014-02-25 |
VU#684412 |
libpng denial-of-service vulnerability |
|---|
2014-02-18 |
2013-12-09 |
2014-07-29 |
VU#656302 |
1.5 |
Belkin Wemo Home Automation devices contain multiple vulnerabilities |
2014-02-18 |
2013-04-25 |
2014-02-18 |
VU#539289 |
6.4 |
Microsoft XMLDOM ActiveX control information disclosure vulnerability |
2014-02-14 |
2014-02-13 |
2014-02-20 |
VU#732479 |
9.5 |
Internet Explorer CMarkup use-after-free vulnerability |
2014-02-11 |
2014-02-11 |
2015-09-17 |
VU#727318 |
0.8 |
DELL SonicWALL GMS/Analyzer/UMA contains a cross-site scripting (XSS) vulnerability |
2014-02-06 |
2013-02-04 |
2014-02-06 |
VU#146430 |
6.2 |
F5 Networks BIG-IP Edge Client information leakage vulnerability |
2014-02-04 |
2014-02-03 |
2014-02-11 |
VU#813382 |
3.5 |
Dell KACE K1000 management appliance contains a cross-site scripting vulnerability |
2014-02-03 |
2014-02-03 |
2014-02-04 |
VU#593118 |
3.3 |
Fortinet Fortiweb 5.0.3 contains a reflected cross-site scripting vulnerability |
2014-02-03 |
2014-02-03 |
2014-02-04 |
VU#728638 |
3.3 |
Fortinet FortiOS 5.0.5 contains a reflected cross-site scripting (XSS) vulnerability |
2014-02-03 |
2014-02-03 |
2014-02-11 |
VU#431726 |
1.6 |
Seowon Intech WiMAX SWU-9100 mobile router contains multiple vulnerabilities |
2014-02-03 |
2014-02-03 |
2014-03-14 |
VU#228886 |
5.4 |
ZTE ZXV10 W300 router contains hardcoded credentials |
2014-02-03 |
2014-01-27 |
2014-02-03 |
VU#566894 |
1 |
Visibility Software Cyber Recruiter authentication bypass vulnerability |
2014-02-03 |
2014-01-23 |
2014-04-07 |
VU#252294 |
0.8 |
Mediatrix 4402 digital gateway web interface contains a cross-site scripting (XSS) vulnerability |
2014-01-31 |
2014-01-31 |
2014-08-14 |
VU#250358 |
1.2 |
Hughes Network Systems Broadband Global Area Network (BGAN) satellite terminal firmware contains multiple vulnerabilities |
2014-01-31 |
2014-01-31 |
2014-01-31 |
VU#108062 |
1.9 |
Lexmark laser printers contain multiple vulnerabilities |
2014-01-28 |
VU#686662 |
Fail2ban postfix and cyrus-imap filters contain denial-of-service vulnerabilities |
2014-01-27 |
2014-01-27 |
2014-01-28 |
VU#863369 |
2.9 |
Mozilla Thunderbird does not adequately restrict HTML elements in email message content |
2014-01-23 |
2013-01-20 |
2014-01-28 |
VU#405942 |
0.9 |
CS-Cart version 4.0.2 contains cross-site scripting vulnerabilities |
2014-01-23 |
2014-01-23 |
2014-02-10 |
VU#105686 |
2.4 |
Thecus NAS Server N8800 contains multiple vulnerabilities |
2014-01-23 |
2014-01-17 |
2014-07-24 |
VU#869702 |
1.4 |
Avanset Visual CertExam Manager 3.3 SQL injection vulnerability |
2014-01-23 |
2014-01-23 |
2014-02-07 |
VU#168751 |
0.9 |
Emerson Network Power Avocent MergePoint Unity 2016 KVM and possibly other model switches contain a directory traversal vulnerability |
2014-01-20 |
2013-12-20 |
2014-01-20 |
VU#219470 |
5.7 |
MW6 Technologies ActiveX controls contain multiple vulnerabilities |
2014-01-17 |
2014-01-17 |
2014-01-17 |
VU#122582 |
4.3 |
Dell PowerConnect 3348, 3524p, and 5324 switches are vulnerable to denial-of-service attacks |
2014-01-13 |
2013-11-25 |
2016-05-11 |
VU#191750 |
0.9 |
ASUS Wireless Router products contain a static DNS entry |
2014-01-10 |
2013-12-01 |
2014-10-02 |
VU#204950 |
1.5 |
Atmail Webmail Server version 7.1.3 contains cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities |
2014-01-10 |
2014-01-02 |
2014-08-26 |
VU#348126 |
4.6 |
NTP can be abused to amplify denial-of-service attack traffic |
2014-01-09 |
2013-12-19 |
2014-01-09 |
VU#650142 |
2.5 |
libpng 1.6.1 through 1.6.7 contain a null-pointer dereference vulnerability |
2014-01-09 |
2013-12-13 |
2014-01-09 |
VU#612076 |
4.1 |
VASCO IDENTIKEY Authentication Server contains an authentication bypass vulnerability |
2014-01-08 |
2014-01-08 |
2014-01-08 |
VU#487078 |
1.7 |
QNAP QTS path traversal vulnerability |
2014-01-07 |
2014-01-07 |
2014-01-07 |
VU#615910 |
2 |
Synology DiskStation Manager arbitrary file modification |
2014-01-02 |
VU#553166 |
BlogEngine.net information disclosure vulnerability |
|---|