Alert News 2014 - 2026(13) 2025(47) 2024(19) 2023(11) 2022(19) 2021(21) 2020(40) 2019(27) 2018(32) 2017(54) 2016(100) 2015(118) 2014(139)
2014-12-19
2017-05-09
VU#561444
6.4
Multiple broadband routers use vulnerable versions of Allegro RomPager
2015-10-27
VU#852879
5.9
NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)
2014-12-12
2015-01-07
VU#1680209
0
AppsGeyser generates Android applications that fail to properly validate SSL certificates
2014-12-18
VU#843044
Multiple Dell iDRAC IPMI v1.5 implementations use insufficiently random session ID values
2014-12-15
2014-12-17
VU#343060
1.5
CA LISA Release Automation contains multiple vulnerabilities
2017-01-06
VU#315340
6.7
EMC Documentum products contain multiple vulnerabilities
2014-12-11
VU#659684
Honeywell OPOS suite Stack Buffer Overflow vulnerability
2014-12-09
2014-12-08
VU#264212
3.4
Recursive DNS resolver implementations may follow referrals infinitely
2014-12-05
VU#449452
7.7
Zenoss Core contains multiple vulnerabilities
2014-11-18
2014-11-19
VU#213119
8.5
Microsoft Windows Kerberos Key Distribution Center (KDC) fails to properly validate Privilege Attribute Certificate (PAC) signature
2014-11-13
2014-11-11
VU#158647
7.3
Microsoft Windows Object Linking and Embedding (OLE) OleAut32 library SafeArrayRedim function vulnerable to remote code execution via Internet Explorer
2014-11-17
VU#505120
9
Microsoft Secure Channel (Schannel) vulnerable to remote code execution via specially crafted packets
2014-11-07
2014-10-31
VU#432608
2.9
IBM Notes Traveler for Android transmits user credentials over HTTP
2014-11-03
2017-02-13
VU#210620
5
uIP and lwIP DNS resolver vulnerable to cache poisoning
VU#447516
5.3
Linksys SMART WiFi firmware contains multiple vulnerabilities
2014-10-29
VU#973460
3.6
drchrono Electronic Health Record (EHR) web applications vulnerable to cross-site scripting and cross-site request forgery
2014-10-28
2014-10-27
VU#685996
GNU Wget creates arbitrary symbolic links during recursive FTP download
2014-10-23
2014-10-21
2015-06-29
VU#184540
Incorrect implementation of NAT-PMP in multiple devices
2014-10-17
2014-10-14
2015-01-21
VU#577193
POODLE vulnerability in SSL 3.0;;;
2014-10-15
VU#298796
6.1
Centreon contains multiple vulnerabilities
2014-10-08
2014-09-18
2014-10-16
VU#573356
3.9
IBM WebSphere Application Server contains multiple vulnerabilities
2014-10-07
VU#121036
BMC Track-It! contains multiple vulnerabilities
VU#280844
4.9
Cryoserver Security Appliance vulnerable to privilege escalation
2014-10-06
2014-09-11
VU#251276
4.6
Rejetto HTTP File Server (HFS) search feature fails to handle null bytes
VU#941108
2.3
NetCommWireless NB604N ADSL2+ Wireless N300 Modem Router contains a stored cross-site scripting vulnerability
2014-10-03
2014-09-30
VU#125228
1.4
HP System Management Homepage vulnerable to cross-site scripting
VU#111588
Brocade Vyatta 5400 vRouter contains multiple vulnerabilities
2014-09-25
2014-09-24
2015-04-14
VU#252743
9.6
GNU Bash shell executes commands in exported functions in environment variables
VU#772676
8.7
Mozilla Network Security Services (NSS) fails to properly verify RSA signatures
2014-09-19
2014-08-19
VU#730964
0.9
FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities
2014-08-20
VU#646748
5.1
Embarcadero Delphi and C++Builder VCL BMP file processing buffer overflow
2014-09-10
VU#241508
3.5
CacheGuard OS contains a cross-site request forgery vulnerability
2014-09-08
VU#396212
2
Netgear ProSafe Plus Configuration Utility writes out plaintext passwords to backup configuration files
2014-09-04
2014-08-21
VU#855836
Arris Touchstone cable modem information leakage vulnerabiliity
VU#259548
4.5
Netmaster cable modem information leakage vulnerability
2014-09-03
2012-10-16
2016-11-08
VU#582497
7.5
Multiple Android applications fail to properly validate SSL certificates
2014-08-07
2014-09-12
VU#578598
9.2
Iridium Pilot and OpenPort contain multiple vulnerabilities
VU#882207
Cobham Aviator satellite terminals contain multiple vulnerabilities
2014-08-14
VU#269991
Cobham Sailor 6000 series satellite terminal contain hardcoded credentials
VU#460687
Cobham Sailor satellite terminals contain hardcoded credentials
VU#179732
Cobham thraneLINK improper verification of firmware updates vulnerability
VU#602006
4.7
Cobham SATCOM products' web interface contains a weak password recovery vulnerability
2015-10-22
VU#552286
UEFI EDK2 Capsule Update vulnerabilities
2014-08-04
VU#252068
Symantec Endpoint Protection Client contains a kernel pool overflow vulnerability
2014-07-28
VU#867980
Silver Peak VX is vulnerable to cross-site request forgery and cross-site scripting
2014-07-25
VU#394540
5.6
Sabre AirCentre Crew solutions contain a SQL injection vulnerability
2014-07-24
VU#565580
BulletProof FTP Client 2010 is vulnerable to a stack-based buffer overflow
VU#669804
TestRail cross-site scripting vulnerability
2014-07-23
VU#162308
1.3
Resin Pro improperly performs Unicode transformations;
2014-07-21
VU#875548
1
MicroPact iComplaints cross-site scripting vulnerability
VU#688812
Huawei E355 contains a stored cross-site scripting vulnerability
2014-07-14
VU#204988
Kaseya's agent driver contains NULL pointer dereference
2014-07-11
VU#917348
Datum Systems satellite modem devices contain multiple vulnerabilities
2014-07-10
VU#712660
7
Raritian PX power distribution software is vulnerable to the cipher zero attack.
2014-07-09
VU#100972
Liferay Portal PCE contains multiple cross-site scripting vulnerabilities
2014-07-07
VU#960193
6
AVG Safeguard and Secure Search ActiveX controls provides insecure methods
2014-07-03
2014-07-08
VU#143740
1.7
Netgear GS105PE Prosafe Plus Switch contains hard-coded login credentials
2014-06-24
VU#402020
6.3
Autodesk VRED contains an unauthenticated remote code execution vulnerability
2014-06-23
2014-06-03
VU#849500
SpamTitan contains a reflected cross-site scripting (XSS) vulnerability
2014-06-18
2015-09-29
VU#774788
Belkin N150 path traversal vulnerability
2014-06-17
2014-06-06
VU#210884
F5 ARX Data Manager contains a SQL injection vulnerability
2014-06-16
VU#719172
4.4
Symantec Web Gateway contains SQL injection and cross-site scripting vulnerabilities
2014-06-10
2014-06-09
VU#613308
2.7
Cisco AsyncOS contains a reflected cross-site scripting (XSS) vulnerability
2014-05-27
2015-02-03
VU#758382
Unauthorized modification of UEFI variables in UEFI systems
2014-06-05
VU#978508
8.1
OpenSSL is vulnerable to a man-in-the-middle attack
2014-05-30
2014-05-15
VU#124908
Dell ML6000 and Quantum Scalar i500 tape backup system command injection vulnerability
VU#325636
1.1
Huawei E303 contains a cross-site request forgery vulnerability
2014-05-28
VU#537684
Alfresco Enterprise contains multiple cross-site scripting vulnerabilities
2014-05-22
2014-08-11
VU#112412
1.9
Bizagi BPM Suite contains multiple vulnerabilities
2014-05-21
2014-05-23
VU#239151
8.2
Microsoft Internet Explorer 8 CMarkup use-after-free vulnerability
2014-05-20
VU#767044
Hanvon facial recognition (Face ID) devices do not authenticate commands
2014-05-16
2014-04-16
VU#480428
6.8
Juniper ScreenOS is vulnerable to a denial of service from malformed SSL packets
2014-05-07
2014-05-02
VU#902790
Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability
VU#693092
Caldera 9.20 contains multiple vulnerabilities
2014-05-01
VU#673313
Google Search Appliance dynamic navigation cross-site scripting vulnerability
2014-04-29
VU#489228
5.5
Ignite Realtime Smack XMPP API contains multiple vulnerabilities
2014-04-27
2014-04-26
VU#222929
9.5
Microsoft Internet Explorer CMarkup use-after-free vulnerability
2014-04-25
2014-04-24
VU#719225
6.9
Apache Struts2 ClassLoader allows access to class properties via request parameters
VU#118748
1.2
POCO C++ Libraries NetSSL library fails to properly validate wildcard certificates
2014-04-22
2014-04-18
VU#350089
IBM Notes and Domino on x86 Linux specify an executable stack
2014-04-21
2014-04-01
VU#622950
1.8
Toshiba Global Commerce Solutions' 4690 Point of Sale operating system contains a password hashing algorithm that can be reversed
2014-04-23
VU#495476
Openfire contains an uncontrolled resource consumption vulnerability
2014-04-14
VU#657622
2.1
Xangati software release contains relative path traversal and command injection vulnerabilities
VU#215284
0.5
Artiva Agency Single Sign-On (SSO) feature vulnerability
VU#437385
PaperThin CommonSpot CMS contains multiple vulnerabilities
2014-04-11
2014-03-05
VU#901156
PivotX 2.3.8 contains multiple vulnerabilities
VU#251628
AMTELCO miSecureMessages Server insecurely authenticates clients
2014-04-15
VU#667340
2.8
Fortinet FortiADC D-series contains a cross-site scripting vulnerability
2014-03-10
VU#939260
5.7
ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities
2014-04-10
2014-04-08
VU#882841
Microsoft Office file format converter memory corruption vulnerability
VU#345337
J2k-Codec contains multiple exploitable vulnerabilities
2014-04-07
2016-05-13
VU#720951
6.5
OpenSSL TLS heartbeat extension read overflow discloses sensitive information
2014-03-24
VU#568252
Websense Triton Unified Security Center 7.7.3 information disclosure vulnerability
2014-04-02
2014-03-02
VU#917700
;;Huawei Echo Life HG8247 optical router XSS vulnerability
2013-08-06
VU#893726
4.1
Zyxel P660 series modem/router denial of service vulnerability
2014-04-03
VU#163188
Pearson eSIS Enterprise Student Information System XSS vulnerability
2014-03-27
VU#140886
ManageEngine OpStor Build 8300 and earlier contain multiple vulnerabilities
2014-03-25
VU#213046
0.7
Virtual Access GW6110A router privilege escalation vulnerability
2014-03-14
VU#381692
2.5
Webmin contains a cross-site scripting vulnerability
2014-03-13
VU#807134
0.8
WatchGuard Fireware XTM devices contain a cross-site scripting vulnerability
2014-03-06
VU#687278
Aker Secure Mail Gateway reflected XSS vulnerability
VU#341526
Huawei E355 contains a direct request vulnerability
2014-03-07
2015-09-17
VU#823452
Serena Dimensions CM 12.2 Build 7.199.0 web client vulnerabilities
2014-03-04
2014-03-03
2014-03-19
VU#600724
ZTE F460/F660 cable modems contain an unauthenticated backdoor
VU#525132
Foscam IP camera authentication bypass vulnerability
2014-02-28
2014-02-21
VU#221620
Blue Coat ProxySG local user changes contain a time and state vulnerability
VU#526062
CMS Made Simple contains multiple cross-site scripting vulnerabilities
2014-02-27
2013-12-01
VU#534284
Synology DiskStation Manager VPN module hard-coded password vulnerability
2014-02-25
VU#684412
libpng denial-of-service vulnerability
2014-02-18
2013-12-09
2014-07-29
VU#656302
Belkin Wemo Home Automation devices contain multiple vulnerabilities
2013-04-25
VU#539289
Microsoft XMLDOM ActiveX control information disclosure vulnerability
2014-02-14
2014-02-13
2014-02-20
VU#732479
Internet Explorer CMarkup use-after-free vulnerability
2014-02-11
VU#727318
DELL SonicWALL GMS/Analyzer/UMA contains a cross-site scripting (XSS) vulnerability
2014-02-06
2013-02-04
VU#146430
6.2
F5 Networks BIG-IP Edge Client information leakage vulnerability
2014-02-04
2014-02-03
VU#813382
Dell KACE K1000 management appliance contains a cross-site scripting vulnerability
VU#593118
3.3
Fortinet Fortiweb 5.0.3 contains a reflected cross-site scripting vulnerability
VU#728638
Fortinet FortiOS 5.0.5 contains a reflected cross-site scripting (XSS) vulnerability
VU#431726
1.6
Seowon Intech WiMAX SWU-9100 mobile router contains multiple vulnerabilities
VU#228886
5.4
ZTE ZXV10 W300 router contains hardcoded credentials
2014-01-27
VU#566894
Visibility Software Cyber Recruiter authentication bypass vulnerability
2014-01-23
VU#252294
Mediatrix 4402 digital gateway web interface contains a cross-site scripting (XSS) vulnerability
2014-01-31
VU#250358
Hughes Network Systems Broadband Global Area Network (BGAN) satellite terminal firmware contains multiple vulnerabilities
VU#108062
Lexmark laser printers contain multiple vulnerabilities
2014-01-28
2014-01-20
VU#686662
4.8
Fail2ban postfix and cyrus-imap filters contain denial-of-service vulnerabilities
VU#863369
Mozilla Thunderbird does not adequately restrict HTML elements in email message content
2013-01-20
VU#405942
CS-Cart version 4.0.2 contains cross-site scripting vulnerabilities
2014-02-10
VU#105686
2.4
Thecus NAS Server N8800 contains multiple vulnerabilities
2014-01-17
VU#869702
Avanset Visual CertExam Manager 3.3 SQL injection vulnerability
2014-02-07
VU#168751
Emerson Network Power Avocent MergePoint Unity 2016 KVM and possibly other model switches contain a directory traversal vulnerability
2013-12-20
VU#219470
MW6 Technologies ActiveX controls contain multiple vulnerabilities
VU#122582
4.3
Dell PowerConnect 3348, 3524p, and 5324 switches are vulnerable to denial-of-service attacks
2014-01-13
2013-11-25
2016-05-11
VU#191750
ASUS Wireless Router products contain a static DNS entry
2014-01-10
2014-10-02
VU#204950
Atmail Webmail Server version 7.1.3 contains cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities
2014-01-02
2014-08-26
VU#348126
NTP can be abused to amplify denial-of-service attack traffic
2014-01-09
2013-12-19
VU#650142
libpng 1.6.1 through 1.6.7 contain a null-pointer dereference vulnerability
2013-12-13
VU#612076
VASCO IDENTIKEY Authentication Server contains an authentication bypass vulnerability
2014-01-08
VU#487078
QNAP QTS path traversal vulnerability
2014-01-07
VU#615910
Synology DiskStation Manager arbitrary file modification
VU#553166
BlogEngine.net information disclosure vulnerability