Published | VU# | Title |
|---|
2014-12-19 | 2014-12-19 | 2017-05-09 | VU#561444 | 6.4 | Multiple broadband routers use vulnerable versions of Allegro RomPager |
2014-12-19 | 2014-12-19 | 2015-10-27 | VU#852879 | 5.9 | NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated) |
2014-12-19 | 2014-12-12 | 2015-01-07 | VU#1680209 | 0 | AppsGeyser generates Android applications that fail to properly validate SSL certificates |
2014-12-18 | 2014-12-18 | 2014-12-18 | VU#843044 | 6.4 | Multiple Dell iDRAC IPMI v1.5 implementations use insufficiently random session ID values |
2014-12-15 | 2014-12-15 | 2014-12-17 | VU#343060 | 1.5 | CA LISA Release Automation contains multiple vulnerabilities |
2014-12-15 | 2014-12-15 | 2017-01-06 | VU#315340 | 6.7 | EMC Documentum products contain multiple vulnerabilities |
2014-12-12 | 2014-12-11 | 2014-12-12 | VU#659684 | 5.9 | Honeywell OPOS suite Stack Buffer Overflow vulnerability |
2014-12-09 | 2014-12-08 | 2015-10-27 | VU#264212 | 3.4 | Recursive DNS resolver implementations may follow referrals infinitely |
2014-12-05 | 2014-12-05 | 2014-12-08 | VU#449452 | 7.7 | Zenoss Core contains multiple vulnerabilities |
2014-11-18 | 2014-11-18 | 2014-11-19 | VU#213119 | 8.5 | Microsoft Windows Kerberos Key Distribution Center (KDC) fails to properly validate Privilege Attribute Certificate (PAC) signature |
2014-11-13 | 2014-11-11 | 2014-11-18 | VU#158647 | 7.3 | Microsoft Windows Object Linking and Embedding (OLE) OleAut32 library SafeArrayRedim function vulnerable to remote code execution via Internet Explorer |
2014-11-13 | 2014-11-11 | 2014-11-17 | VU#505120 | 9 | Microsoft Secure Channel (Schannel) vulnerable to remote code execution via specially crafted packets |
2014-11-07 | 2014-10-31 | 2014-11-13 | VU#432608 | 2.9 | IBM Notes Traveler for Android transmits user credentials over HTTP |
2014-11-03 | 2014-11-03 | 2017-02-13 | VU#210620 | 5 | uIP and lwIP DNS resolver vulnerable to cache poisoning |
2014-10-31 | 2014-10-31 | 2014-11-07 | VU#447516 | 5.3 | Linksys SMART WiFi firmware contains multiple vulnerabilities |
2014-10-29 | 2014-10-29 | 2014-10-29 | VU#973460 | 3.6 | drchrono Electronic Health Record (EHR) web applications vulnerable to cross-site scripting and cross-site request forgery |
2014-10-28 | 2014-10-27 | 2014-10-31 | VU#685996 | 3.6 | GNU Wget creates arbitrary symbolic links during recursive FTP download |
2014-10-23 | 2014-10-21 | 2015-06-29 | VU#184540 | 5.3 | Incorrect implementation of NAT-PMP in multiple devices |
2014-10-17 | VU#577193 | POODLE vulnerability in SSL 3.0;;; |
|---|
2014-10-17 | 2014-10-15 | 2014-10-17 | VU#298796 | 6.1 | Centreon contains multiple vulnerabilities |
2014-10-08 | 2014-09-18 | 2014-10-16 | VU#573356 | 3.9 | IBM WebSphere Application Server contains multiple vulnerabilities |
2014-10-07 | 2014-10-07 | 2014-10-27 | VU#121036 | 6.1 | BMC Track-It! contains multiple vulnerabilities |
2014-10-07 | 2014-10-07 | 2014-10-07 | VU#280844 | 4.9 | Cryoserver Security Appliance vulnerable to privilege escalation |
2014-10-06 | 2014-09-11 | 2014-10-06 | VU#251276 | 4.6 | Rejetto HTTP File Server (HFS) search feature fails to handle null bytes |
2014-10-06 | 2014-10-06 | 2014-10-06 | VU#941108 | 2.3 | NetCommWireless NB604N ADSL2+ Wireless N300 Modem Router contains a stored cross-site scripting vulnerability |
2014-10-03 | 2014-09-30 | 2014-10-03 | VU#125228 | 1.4 | HP System Management Homepage vulnerable to cross-site scripting |
2014-10-03 | 2014-10-03 | 2014-10-03 | VU#111588 | 6.1 | Brocade Vyatta 5400 vRouter contains multiple vulnerabilities |
2014-09-25 | 2014-09-24 | 2015-04-14 | VU#252743 | 9.6 | GNU Bash shell executes commands in exported functions in environment variables |
2014-09-24 | 2014-09-24 | 2014-09-24 | VU#772676 | 8.7 | Mozilla Network Security Services (NSS) fails to properly verify RSA signatures |
2014-09-19 | 2014-08-19 | 2014-09-19 | VU#730964 | 0.9 | FortiNet FortiGate and FortiWiFi appliances contain multiple vulnerabilities |
2014-09-11 | 2014-08-20 | 2014-12-12 | VU#646748 | 5.1 | Embarcadero Delphi and C++Builder VCL BMP file processing buffer overflow |
2014-09-10 | 2014-09-10 | 2014-09-10 | VU#241508 | 3.5 | CacheGuard OS contains a cross-site request forgery vulnerability |
2014-09-08 | 2014-09-08 | 2014-09-08 | VU#396212 | 2 | Netgear ProSafe Plus Configuration Utility writes out plaintext passwords to backup configuration files |
2014-09-04 | VU#855836 | Arris Touchstone cable modem information leakage vulnerabiliity |
|---|
2014-09-04 | 2014-08-21 | 2014-09-04 | VU#259548 | 4.5 | Netmaster cable modem information leakage vulnerability |
2014-09-03 | 2012-10-16 | 2016-11-08 | VU#582497 | 7.5 | Multiple Android applications fail to properly validate SSL certificates |
2014-08-07 | 2014-08-07 | 2014-09-12 | VU#578598 | 9.2 | Iridium Pilot and OpenPort contain multiple vulnerabilities |
2014-08-07 | 2014-08-07 | 2014-09-18 | VU#882207 | 2 | Cobham Aviator satellite terminals contain multiple vulnerabilities |
2014-08-07 | 2014-08-07 | 2014-08-14 | VU#269991 | 1.4 | Cobham Sailor 6000 series satellite terminal contain hardcoded credentials |
2014-08-07 | 2014-08-07 | 2014-08-14 | VU#460687 | 2 | Cobham Sailor satellite terminals contain hardcoded credentials |
2014-08-07 | 2014-08-07 | 2014-08-14 | VU#179732 | 5.1 | Cobham thraneLINK improper verification of firmware updates vulnerability |
2014-08-07 | 2014-08-07 | 2014-08-07 | VU#602006 | 4.7 | Cobham SATCOM products' web interface contains a weak password recovery vulnerability |
2014-08-07 | 2014-08-07 | 2015-10-22 | VU#552286 | 7.3 | UEFI EDK2 Capsule Update vulnerabilities |
2014-08-04 | 2014-08-04 | 2014-08-04 | VU#252068 | 4.6 | Symantec Endpoint Protection Client contains a kernel pool overflow vulnerability |
2014-07-28 | 2014-07-28 | 2014-07-28 | VU#867980 | 0 | Silver Peak VX is vulnerable to cross-site request forgery and cross-site scripting |
2014-07-25 | 2014-07-25 | 2014-07-25 | VU#394540 | 5.6 | Sabre AirCentre Crew solutions contain a SQL injection vulnerability |
2014-07-24 | 2014-07-24 | 2014-07-25 | VU#565580 | 2.9 | BulletProof FTP Client 2010 is vulnerable to a stack-based buffer overflow |
2014-07-24 | 2014-07-24 | 2014-07-24 | VU#669804 | 0 | TestRail cross-site scripting vulnerability |
2014-07-23 | VU#162308 | Resin Pro improperly performs Unicode transformations; |
|---|
2014-07-21 | 2014-07-21 | 2014-07-21 | VU#875548 | 1 | MicroPact iComplaints cross-site scripting vulnerability |
2014-07-21 | 2014-07-21 | 2014-07-21 | VU#688812 | 1.5 | Huawei E355 contains a stored cross-site scripting vulnerability |
2014-07-14 | 2014-07-14 | 2014-07-28 | VU#204988 | 1.5 | Kaseya's agent driver contains NULL pointer dereference |
2014-07-11 | 2014-07-11 | 2014-08-14 | VU#917348 | 2 | Datum Systems satellite modem devices contain multiple vulnerabilities |
2014-07-10 | 2014-07-10 | 2014-07-10 | VU#712660 | 7 | Raritian PX power distribution software is vulnerable to the cipher zero attack. |
2014-07-09 | 2014-07-09 | 2014-07-10 | VU#100972 | 2 | Liferay Portal PCE contains multiple cross-site scripting vulnerabilities |
2014-07-07 | 2014-07-07 | 2014-07-25 | VU#960193 | 6 | AVG Safeguard and Secure Search ActiveX controls provides insecure methods |
2014-07-03 | 2014-07-03 | 2014-07-08 | VU#143740 | 1.7 | Netgear GS105PE Prosafe Plus Switch contains hard-coded login credentials |
2014-07-03 | 2014-06-24 | 2014-07-03 | VU#402020 | 6.3 | Autodesk VRED contains an unauthenticated remote code execution vulnerability |
2014-06-23 | 2014-06-03 | 2014-06-23 | VU#849500 | 1 | SpamTitan contains a reflected cross-site scripting (XSS) vulnerability |
2014-06-18 | 2014-06-18 | 2015-09-29 | VU#774788 | 4.6 | Belkin N150 path traversal vulnerability |
2014-06-17 | 2014-06-06 | 2014-06-17 | VU#210884 | 1.4 | F5 ARX Data Manager contains a SQL injection vulnerability |
2014-06-17 | 2014-06-16 | 2014-06-17 | VU#719172 | 4.4 | Symantec Web Gateway contains SQL injection and cross-site scripting vulnerabilities |
2014-06-10 | 2014-06-09 | 2014-06-10 | VU#613308 | 2.7 | Cisco AsyncOS contains a reflected cross-site scripting (XSS) vulnerability |
2014-06-09 | VU#758382 | Unauthorized modification of UEFI variables in UEFI systems |
|---|
2014-06-05 | 2014-06-05 | 2015-10-27 | VU#978508 | 8.1 | OpenSSL is vulnerable to a man-in-the-middle attack |
2014-05-30 | 2014-05-15 | 2014-05-30 | VU#124908 | 6.3 | Dell ML6000 and Quantum Scalar i500 tape backup system command injection vulnerability |
2014-05-30 | 2014-05-30 | 2014-06-05 | VU#325636 | 1.1 | Huawei E303 contains a cross-site request forgery vulnerability |
2014-05-28 | 2014-05-28 | 2014-05-28 | VU#537684 | 1.1 | Alfresco Enterprise contains multiple cross-site scripting vulnerabilities |
2014-05-22 | 2014-05-22 | 2014-08-11 | VU#112412 | 1.9 | Bizagi BPM Suite contains multiple vulnerabilities |
2014-05-21 | 2014-05-21 | 2014-05-23 | VU#239151 | 8.2 | Microsoft Internet Explorer 8 CMarkup use-after-free vulnerability |
2014-05-20 | 2014-05-20 | 2014-05-20 | VU#767044 | 2 | Hanvon facial recognition (Face ID) devices do not authenticate commands |
2014-05-16 | 2014-04-16 | 2014-05-16 | VU#480428 | 6.8 | Juniper ScreenOS is vulnerable to a denial of service from malformed SSL packets |
2014-05-07 | 2014-05-02 | 2014-05-07 | VU#902790 | 1.3 | Fortinet Fortiweb 5.1 contains a cross-site request forgery vulnerability |
2014-05-07 | 2014-05-07 | 2014-05-07 | VU#693092 | 5.3 | Caldera 9.20 contains multiple vulnerabilities |
2014-05-01 | 2014-05-01 | 2014-05-01 | VU#673313 | 3.4 | Google Search Appliance dynamic navigation cross-site scripting vulnerability |
2014-04-29 | 2014-04-29 | 2014-04-29 | VU#489228 | 5.5 | Ignite Realtime Smack XMPP API contains multiple vulnerabilities |
2014-04-27 | 2014-04-26 | 2014-05-07 | VU#222929 | 9.5 | Microsoft Internet Explorer CMarkup use-after-free vulnerability |
2014-04-25 | 2014-04-24 | 2014-07-24 | VU#719225 | 6.9 | Apache Struts2 ClassLoader allows access to class properties via request parameters |
2014-04-24 | VU#118748 | POCO C++ Libraries NetSSL library fails to properly validate wildcard certificates |
|---|
2014-04-22 | 2014-04-18 | 2014-04-22 | VU#350089 | 2.9 | IBM Notes and Domino on x86 Linux specify an executable stack |
2014-04-21 | 2014-04-01 | 2014-04-21 | VU#622950 | 1.8 | Toshiba Global Commerce Solutions' 4690 Point of Sale operating system contains a password hashing algorithm that can be reversed |
2014-04-16 | 2014-04-16 | 2014-04-23 | VU#495476 | 5.3 | Openfire contains an uncontrolled resource consumption vulnerability |
2014-04-14 | 2014-04-14 | 2014-04-14 | VU#657622 | 2.1 | Xangati software release contains relative path traversal and command injection vulnerabilities |
2014-04-14 | 2014-04-01 | 2014-04-14 | VU#215284 | 0.5 | Artiva Agency Single Sign-On (SSO) feature vulnerability |
2014-04-14 | 2014-04-14 | 2014-04-14 | VU#437385 | 6.4 | PaperThin CommonSpot CMS contains multiple vulnerabilities |
2014-04-11 | 2014-03-05 | 2014-07-24 | VU#901156 | 1.3 | PivotX 2.3.8 contains multiple vulnerabilities |
2014-04-11 | 2014-04-11 | 2014-04-18 | VU#251628 | 1.4 | AMTELCO miSecureMessages Server insecurely authenticates clients |
2014-04-11 | 2014-04-11 | 2014-04-15 | VU#667340 | 2.8 | Fortinet FortiADC D-series contains a cross-site scripting vulnerability |
2014-04-11 | 2014-03-10 | 2014-04-16 | VU#939260 | 5.7 | ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities |
2014-04-10 | 2014-04-08 | 2014-04-10 | VU#882841 | 5.9 | Microsoft Office file format converter memory corruption vulnerability |
2014-04-08 | 2014-04-08 | 2014-04-08 | VU#345337 | 2.3 | J2k-Codec contains multiple exploitable vulnerabilities |
2014-04-08 | 2014-04-07 | 2016-05-13 | VU#720951 | 6.5 | OpenSSL TLS heartbeat extension read overflow discloses sensitive information |
2014-04-07 | 2014-03-24 | 2014-04-07 | VU#568252 | 0.9 | Websense Triton Unified Security Center 7.7.3 information disclosure vulnerability |
2014-04-02 | VU#917700 | ;;Huawei Echo Life HG8247 optical router XSS vulnerability |
|---|
2014-04-01 | 2013-08-06 | 2014-04-01 | VU#893726 | 4.1 | Zyxel P660 series modem/router denial of service vulnerability |
2014-04-01 | 2014-04-03 | 2014-04-01 | VU#163188 | 1 | Pearson eSIS Enterprise Student Information System XSS vulnerability |
2014-03-27 | 2014-03-27 | 2014-03-27 | VU#140886 | 1.2 | ManageEngine OpStor Build 8300 and earlier contain multiple vulnerabilities |
2014-03-25 | 2014-03-25 | 2014-03-25 | VU#213046 | 0.7 | Virtual Access GW6110A router privilege escalation vulnerability |
2014-03-14 | 2014-03-14 | 2014-03-14 | VU#381692 | 2.5 | Webmin contains a cross-site scripting vulnerability |
2014-03-13 | 2014-03-13 | 2014-03-13 | VU#807134 | 0.8 | WatchGuard Fireware XTM devices contain a cross-site scripting vulnerability |
2014-03-06 | 2014-03-06 | 2014-03-06 | VU#687278 | 0.8 | Aker Secure Mail Gateway reflected XSS vulnerability |
2014-03-06 | 2014-03-06 | 2014-03-06 | VU#341526 | 0.8 | Huawei E355 contains a direct request vulnerability |
2014-03-05 | 2014-03-07 | 2015-09-17 | VU#823452 | 1.4 | Serena Dimensions CM 12.2 Build 7.199.0 web client vulnerabilities |
2014-03-04 | 2014-03-03 | 2014-03-19 | VU#600724 | 5.3 | ZTE F460/F660 cable modems contain an unauthenticated backdoor |
2014-03-03 | 2014-03-03 | 2014-03-03 | VU#525132 | 1.7 | Foscam IP camera authentication bypass vulnerability |
2014-02-28 | 2014-02-21 | 2014-02-28 | VU#221620 | 4.6 | Blue Coat ProxySG local user changes contain a time and state vulnerability |
2014-02-28 | 2014-02-28 | 2014-02-28 | VU#526062 | 0.9 | CMS Made Simple contains multiple cross-site scripting vulnerabilities |
2014-02-27 | 2013-12-01 | 2014-03-04 | VU#534284 | 2 | Synology DiskStation Manager VPN module hard-coded password vulnerability |
2014-02-25 | VU#684412 | libpng denial-of-service vulnerability |
|---|
2014-02-18 | 2013-12-09 | 2014-07-29 | VU#656302 | 1.5 | Belkin Wemo Home Automation devices contain multiple vulnerabilities |
2014-02-18 | 2013-04-25 | 2014-02-18 | VU#539289 | 6.4 | Microsoft XMLDOM ActiveX control information disclosure vulnerability |
2014-02-14 | 2014-02-13 | 2014-02-20 | VU#732479 | 9.5 | Internet Explorer CMarkup use-after-free vulnerability |
2014-02-11 | 2014-02-11 | 2015-09-17 | VU#727318 | 0.8 | DELL SonicWALL GMS/Analyzer/UMA contains a cross-site scripting (XSS) vulnerability |
2014-02-06 | 2013-02-04 | 2014-02-06 | VU#146430 | 6.2 | F5 Networks BIG-IP Edge Client information leakage vulnerability |
2014-02-04 | 2014-02-03 | 2014-02-11 | VU#813382 | 3.5 | Dell KACE K1000 management appliance contains a cross-site scripting vulnerability |
2014-02-03 | 2014-02-03 | 2014-02-04 | VU#593118 | 3.3 | Fortinet Fortiweb 5.0.3 contains a reflected cross-site scripting vulnerability |
2014-02-03 | 2014-02-03 | 2014-02-04 | VU#728638 | 3.3 | Fortinet FortiOS 5.0.5 contains a reflected cross-site scripting (XSS) vulnerability |
2014-02-03 | 2014-02-03 | 2014-02-11 | VU#431726 | 1.6 | Seowon Intech WiMAX SWU-9100 mobile router contains multiple vulnerabilities |
2014-02-03 | 2014-02-03 | 2014-03-14 | VU#228886 | 5.4 | ZTE ZXV10 W300 router contains hardcoded credentials |
2014-02-03 | 2014-01-27 | 2014-02-03 | VU#566894 | 1 | Visibility Software Cyber Recruiter authentication bypass vulnerability |
2014-02-03 | 2014-01-23 | 2014-04-07 | VU#252294 | 0.8 | Mediatrix 4402 digital gateway web interface contains a cross-site scripting (XSS) vulnerability |
2014-01-31 | 2014-01-31 | 2014-08-14 | VU#250358 | 1.2 | Hughes Network Systems Broadband Global Area Network (BGAN) satellite terminal firmware contains multiple vulnerabilities |
2014-01-31 | 2014-01-31 | 2014-01-31 | VU#108062 | 1.9 | Lexmark laser printers contain multiple vulnerabilities |
2014-01-28 | VU#686662 | Fail2ban postfix and cyrus-imap filters contain denial-of-service vulnerabilities |
2014-01-27 | 2014-01-27 | 2014-01-28 | VU#863369 | 2.9 | Mozilla Thunderbird does not adequately restrict HTML elements in email message content |
2014-01-23 | 2013-01-20 | 2014-01-28 | VU#405942 | 0.9 | CS-Cart version 4.0.2 contains cross-site scripting vulnerabilities |
2014-01-23 | 2014-01-23 | 2014-02-10 | VU#105686 | 2.4 | Thecus NAS Server N8800 contains multiple vulnerabilities |
2014-01-23 | 2014-01-17 | 2014-07-24 | VU#869702 | 1.4 | Avanset Visual CertExam Manager 3.3 SQL injection vulnerability |
2014-01-23 | 2014-01-23 | 2014-02-07 | VU#168751 | 0.9 | Emerson Network Power Avocent MergePoint Unity 2016 KVM and possibly other model switches contain a directory traversal vulnerability |
2014-01-20 | 2013-12-20 | 2014-01-20 | VU#219470 | 5.7 | MW6 Technologies ActiveX controls contain multiple vulnerabilities |
2014-01-17 | 2014-01-17 | 2014-01-17 | VU#122582 | 4.3 | Dell PowerConnect 3348, 3524p, and 5324 switches are vulnerable to denial-of-service attacks |
2014-01-13 | 2013-11-25 | 2016-05-11 | VU#191750 | 0.9 | ASUS Wireless Router products contain a static DNS entry |
2014-01-10 | 2013-12-01 | 2014-10-02 | VU#204950 | 1.5 | Atmail Webmail Server version 7.1.3 contains cross-site scripting (XSS) and cross-site request forgery (CSRF) vulnerabilities |
2014-01-10 | 2014-01-02 | 2014-08-26 | VU#348126 | 4.6 | NTP can be abused to amplify denial-of-service attack traffic |
2014-01-09 | 2013-12-19 | 2014-01-09 | VU#650142 | 2.5 | libpng 1.6.1 through 1.6.7 contain a null-pointer dereference vulnerability |
2014-01-09 | 2013-12-13 | 2014-01-09 | VU#612076 | 4.1 | VASCO IDENTIKEY Authentication Server contains an authentication bypass vulnerability |
2014-01-08 | 2014-01-08 | 2014-01-08 | VU#487078 | 1.7 | QNAP QTS path traversal vulnerability |
2014-01-07 | 2014-01-07 | 2014-01-07 | VU#615910 | 2 | Synology DiskStation Manager arbitrary file modification |
2014-01-02 | VU#553166 | BlogEngine.net information disclosure vulnerability |
|---|