Published | VU# | Title |
|---|
2015-12-21 | 2015-12-17 | 2015-12-22 | VU#640184 | 6.2 | Juniper ScreenOS contains multiple vulnerabilities |
2015-12-18 | 2015-12-18 | 2015-12-18 | VU#757840 | 1.5 | Dovestones Software AD Self Password Reset fails to properly restrict password reset request to authorized users |
2015-12-16 | 2015-12-16 | 2015-12-27 | VU#176160 | 4.4 | IPswitch WhatsUp Gold contains multiple XSS vulnerabilities and a SQLi |
2015-12-10 | 2015-12-10 | 2015-12-10 | VU#403568 | 1.1 | Netgear G54/N150 Wireless Router WNR1000v3 uses insufficiently random values for DNS queries |
2015-12-10 | 2015-12-10 | 2016-01-25 | VU#646008 | 1.1 | Buffalo AirStation Extreme N600 Router WZR-600DHP2 uses insufficiently random values for DNS queries |
2015-12-10 | 2015-12-10 | 2015-12-10 | VU#330000 | 1.6 | ZyXEL NBG-418N router uses default credentials and is vulnerable to cross-site request forgery |
2015-12-10 | 2015-12-10 | 2015-12-10 | VU#167992 | 1.6 | ReadyNet WRT300N-DD Wireless Router contains multiple vulnerabilities |
2015-12-10 | 2015-12-10 | 2015-12-10 | VU#763576 | 1.6 | Amped Wireless R10000 router contains multiple vulnerabilities |
2015-12-08 | 2015-12-08 | 2016-05-16 | VU#377260 | 4.1 | Up.time agent for Windows contains multiple vulnerabilities |
2015-12-08 | 2015-12-08 | 2015-12-08 | VU#439016 | 4.4 | TaxiHail Android mobile app contains multiple vulnerabilties |
2015-12-04 | 2015-12-03 | 2017-03-22 | VU#294607 | 6.7 | Lenovo Solution Center LSCTaskService privilege escalation, directory traversal, and CSRF |
2015-12-01 | 2015-11-30 | 2015-12-09 | VU#630239 | 4.9 | Epiphany Cardio Server is vulnerable to SQL and LDAP injection |
2015-11-30 | 2015-11-30 | 2015-11-30 | VU#792004 | 5.5 | RSI Video Technologies Videofied security system Frontel software uses an insecure custom protocol |
2015-11-25 | 2015-11-25 | 2016-09-06 | VU#566724 | 3.5 | Embedded devices use non-unique X.509 certificates and SSH host keys |
2015-11-24 | 2015-11-24 | 2015-12-01 | VU#925497 | 6.4 | Dell System Detect installs root certificate and private key (DSDTestProvider) |
2015-11-24 | 2015-11-23 | 2015-12-01 | VU#870761 | 6.5 | Dell Foundation Services installs root certificate and private key (eDellRoot) |
2015-11-23 | 2015-11-23 | 2015-11-23 | VU#428280 | 2 | CSL DualCom GPRS CS2300-R alarm signalling boards contain multiple vulnerabilties |
2015-11-20 | 2015-11-20 | 2015-11-23 | VU#419568 | 6.7 | ARRIS cable modems generate passwords deterministically and contain XSS and CSRF vulnerabilities |
2015-11-13 | 2015-01-28 | 2018-08-27 | VU#576313 | 6.4 | Apache Commons Collections Java library insecurely deserializes data |
2015-11-06 | 2015-11-06 | 2015-11-09 | VU#438928 | 2 | Huawei HG532 routers contain a path traversal vulnerability |
2015-11-03 | 2015-11-03 | 2015-11-04 | VU#391604 | 5.9 | ZTE ZXHN H108N R1A routers contain multiple vulnerabilities |
2015-11-03 | 2015-11-03 | 2015-11-06 | VU#866432 | 2.1 | Commvault Edge Server deserializes cookie data insecurely |
2015-11-02 | 2015-10-31 | 2015-11-02 | VU#316888 | 4.4 | MobaXterm server may allow arbitrary command injection due to missing X11 authentication |
2015-10-29 | 2015-10-29 | 2015-10-29 | VU#573848 | 5.1 | Qolsys IQ Panel contains multiple vulnerabilities |
2015-10-27 | 2015-10-19 | 2015-11-03 | VU#350508 | 4.6 | HP ArcSight SmartConnector fails to properly validate SSL and contains a hard-coded password |
2015-10-27 | 2015-10-27 | 2015-11-19 | VU#672500 | 4.1 | EPSON Network Utility installs EpsonBidirectionalService with insecure permissions |
2015-10-21 | 2015-10-21 | 2015-10-21 | VU#840844 | 4.4 | HP Photosmart B210 printer SMB server buffer overflow vulnerability |
2015-10-20 | 2015-07-20 | 2017-08-14 | VU#966927 | 5.9 | HP Client Automation and Radia Client Automation is vulnerable to remote code execution |
2015-10-20 | 2015-07-30 | 2015-10-21 | VU#935424 | 1 | Virtual Machine Monitors (VMM) contain a memory deduplication vulnerability |
2015-10-20 | 2015-10-20 | 2015-10-20 | VU#675052 | 5 | Medicomp MEDCIN Engine contains multiple vulnerabilities |
2015-10-19 | 2015-10-19 | 2015-10-26 | VU#842252 | 2.3 | HP ArcSight Logger contains multiple vulnerabilities |
2015-10-16 | 2015-10-13 | 2015-10-20 | VU#943167 | 4.7 | Voice over LTE implementations contain multiple vulnerabilities |
2015-10-13 | 2015-10-13 | 2015-10-29 | VU#870744 | 5.3 | ZyXEL NBG-418N, PMG5318-B20A and P-660HW-T1 routers contain multiple vulnerabilities |
2015-10-12 | 2015-10-12 | 2015-10-13 | VU#751328 | 3.9 | QNAP QTS is vulnerable to a path traversal attack when used with the AFP protocol and OS X |
2015-09-30 | 2015-09-30 | 2015-09-30 | VU#693036 | 6.4 | Datalex airline booking software allowed authorization bypass for arbitrary users |
2015-09-24 | 2015-08-13 | 2015-10-28 | VU#804060 | 5.8 | Cookies set via HTTP requests may be used to bypass HTTPS and reveal private information |
2015-09-21 | 2015-09-21 | 2015-09-21 | VU#374092 | 1.7 | Web Reference Database (refbase) contains multiple vulnerabilities |
2015-09-10 | 2015-09-10 | 2015-09-15 | VU#906576 | 4.4 | Securifi Almond routers contains multiple vulnerabilities |
2015-09-09 | 2015-07-14 | 2015-09-10 | VU#549807 | 5.9 | Impero Education Pro classroom management software vulnerable to remote code execution |
2015-09-03 | 2015-09-03 | 2016-05-31 | VU#630872 | 4.6 | Mediabridge Medialink Wireless-N Broadband Router MWN-WAPR300N contains multiple vulnerabilities |
2015-09-03 | 2015-08-31 | 2015-09-03 | VU#845332 | 3.8 | OrientDB and Studio prior to version 2.1.1 contain multiple vulnerabilities |
2015-09-01 | 2015-09-01 | 2015-12-08 | VU#903500 | 4.5 | Seagate and LaCie wireless storage products contain multiple vulnerabilities |
2015-08-31 | 2015-08-31 | 2016-09-22 | VU#201168 | 4.6 | Belkin N600 DB Wireless Dual Band N+ router contains multiple vulnerabilities |
2015-08-31 | 2015-08-31 | 2016-01-04 | VU#361684 | 3.7 | Router devices do not implement sufficient UPnP authentication and security |
2015-08-31 | 2015-08-31 | 2016-04-17 | VU#525276 | 4.7 | Philippine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 contain multiple vulnerabilities |
2015-08-25 | 2015-08-25 | 2015-08-27 | VU#950576 | 6 | DSL routers contain hard-coded "XXXXairocon" credentials |
2015-08-20 | 2015-08-20 | 2015-08-20 | VU#276148 | 6.4 | Dedicated Micros DVR products use plaintext protocols and require no password by default |
2015-08-18 | 2015-08-18 | 2015-08-18 | VU#248692 | 3 | Trend Micro Deep Discovery threat appliance contains multiple vulnerabilities |
2015-08-17 | 2015-07-31 | 2015-08-17 | VU#300820 | 6.4 | Cisco Prime Infrastructure contains SUID root binaries |
2015-08-11 | 2015-08-11 | 2015-08-11 | VU#335192 | 4.9 | Actiontec GT784WN Wireless N DSL Modem contains multiple vulnerabilities |
2015-08-11 | 2015-08-11 | 2015-08-28 | VU#209512 | 7.1 | Mobile Devices C4 ODB2 dongle contains multiple vulnerabilities |
2015-08-07 | 2015-08-07 | 2015-08-10 | VU#628568 | 6.7 | Sierra Wireless GX, ES, and LS gateways running ALEOS contain hard-coded credentials |
2015-07-31 | 2015-07-31 | 2015-07-31 | VU#360431 | 4.8 | Chiyu Technology fingerprint access control contains multiple vulnerabilities |
2015-07-30 | 2015-07-30 | 2015-08-12 | VU#577140 | 7.2 | BIOS implementations fail to properly set UEFI write protections after waking from sleep mode |
2015-07-28 | 2015-07-21 | 2016-01-08 | VU#924951 | 3.5 | Android Stagefright contains multiple vulnerabilities |
2015-07-24 | 2015-07-21 | 2015-09-14 | VU#819439 | 6.2 | Fiat Chrysler Automobiles UConnect allows a vehicle to be remotely controlled |
2015-07-24 | 2015-07-24 | 2017-03-22 | VU#857948 | 1.8 | Honeywell Tuxedo Touch Controller contains multiple vulnerabilities |
2015-07-20 | 2015-07-20 | 2015-07-20 | VU#912036 | 4.9 | N-Able RSMWinService contains hard coded security constants allowing decryption of domain administrator password |
2015-07-20 | 2015-07-16 | 2015-07-20 | VU#813631 | 0.9 | Total Commander File Info plugin vulnerable to denial of service via an out-of-bounds read |
2015-07-13 | 2015-07-13 | 2015-07-13 | VU#919604 | 2.5 | Kaseya Virtual System Administrator contains multiple vulnerabilities |
2015-07-12 | 2015-07-05 | 2015-07-14 | VU#918568 | 6.7 | Adobe Flash ActionScript 3 BitmapData memory corruption vulnerability |
2015-07-11 | 2015-07-05 | 2015-07-14 | VU#338736 | 7.5 | Adobe Flash ActionScript 3 opaqueBackground use-after-free vulnerability |
2015-07-08 | 2015-07-05 | 2015-07-14 | VU#103336 | 6.8 | Windows Adobe Type Manager privilege escalation vulnerability |
2015-07-07 | 2015-07-07 | 2015-07-07 | VU#253708 | 3.8 | Grandsteam GXV3611_HD camera is vulnerable to SQL injection |
2015-07-07 | 2015-07-05 | 2015-07-11 | VU#561288 | 7.1 | Adobe Flash ActionScript 3 ByteArray use-after-free vulnerability |
2015-07-06 | 2015-07-06 | 2015-07-06 | VU#485324 | 4.6 | ANTLabs InnGate gateway device contains SQL injection and reflected cross-site scripting vulnerabilities |
2015-06-16 | 2015-06-16 | 2015-06-25 | VU#155412 | 4.5 | Samsung Galaxy S phones fail to properly validate SwiftKey language pack updates |
2015-06-16 | 2015-06-05 | 2015-06-16 | VU#842780 | 3.5 | Vesta Control Panel is vulnerable to cross-site request forgery |
2015-06-16 | 2015-06-15 | 2015-06-16 | VU#626420 | 1.3 | Pearson ProctorCache contains hard coded credentials |
2015-06-15 | 2014-07-09 | 2015-06-15 | VU#101500 | 4.6 | Retrospect Backup Client uses weak password hashing |
2015-06-10 | 2015-06-08 | 2015-06-10 | VU#555984 | 4.6 | Avigilon Control Center is vulnerable to path traversal |
2015-06-09 | 2015-06-08 | 2015-06-10 | VU#810572 | 5.5 | CUPS print service is vulnerable to privilege escalation and cross-site scripting |
2015-06-08 | 2015-06-08 | 2015-07-01 | VU#595884 | 2 | Aptexx Resident Anywhere exposes sensitive account information |
2015-06-08 | 2015-06-08 | 2015-06-08 | VU#924506 | 3.4 | Toshiba 4690 OS contains an information disclosure vulnerability |
2015-06-08 | 2015-06-08 | 2015-06-08 | VU#301788 | 4.5 | Toshiba CHEC contains a hard-coded cryptographic key |
2015-06-04 | 2015-06-04 | 2015-06-05 | VU#264092 | 5 | McAfee ePolicy Orchestrator fails to properly validate SSL/TLS certificates |
2015-05-29 | 2015-05-29 | 2015-06-02 | VU#498348 | 4 | Blue Coat SSL Visibility Appliance contains multiple vulnerabilities |
2015-05-26 | 2015-05-26 | 2015-05-27 | VU#551972 | 1.3 | Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files |
2015-05-19 | 2015-05-19 | 2015-06-05 | VU#177092 | 3.7 | KCodes NetUSB kernel driver is vulnerable to buffer overflow |
2015-05-08 | 2015-04-27 | 2015-05-08 | VU#110532 | 5.3 | Subrion CMS vulnerable to SQL injection by an authenticated user |
2015-05-05 | 2015-05-05 | 2015-05-05 | VU#978652 | 1.3 | Bomgar Remote Support Portal deserializes untrusted data |
2015-05-04 | 2015-05-04 | 2015-08-03 | VU#602540 | 3.4 | ICU Project ICU4C library contains multiple overflow vulnerabilities |
2015-04-30 | 2015-04-30 | 2015-04-30 | VU#581276 | 6.3 | EMC AutoStart is vulnerable to remote code execution via specially crafted packets |
2015-04-28 | 2015-04-28 | 2015-04-28 | VU#534407 | 5.2 | Barracuda Web Filter insecurely performs SSL inspection |
2015-04-20 | 2015-04-20 | 2015-05-07 | VU#260780 | 4.9 | NetNanny uses a shared private key and root CA |
2015-04-17 | 2015-04-17 | 2015-04-17 | VU#750060 | 4 | Hewlett-Packard Network Automation contains multiple vulnerabilities |
2015-04-14 | 2015-04-14 | 2015-04-17 | VU#274244 | 3.9 | Blue Coat Malware Analysis appliance contains a cross-site scripting (XSS) vulnerability and information disclosure |
2015-04-14 | 2015-04-14 | 2015-04-14 | VU#697316 | 5.5 | SearchBlox contains multiple vulnerabilities |
2015-04-13 | 2015-04-13 | 2017-09-05 | VU#672268 | 5.7 | Microsoft Windows NTLM automatically authenticates via SMB when following a file:// URL |
2015-04-07 | 2015-04-07 | 2015-04-10 | VU#374268 | 4.2 | NTP Project ntpd reference implementation contains multiple vulnerabilities |
2015-04-02 | 2015-04-02 | 2015-04-02 | VU#924124 | 3.6 | X-Cart contains multiple vulnerabilities |
2015-03-31 | 2015-03-31 | 2015-05-15 | VU#550620 | 3.9 | Multicast DNS (mDNS) implementations may respond to unicast queries originating outside the local link |
2015-03-27 | 2008-12-31 | 2015-04-07 | VU#591120 | 6.4 | Multiple SSL certificate authorities use predefined email addresses as proof of domain ownership |
2015-03-26 | 2015-03-26 | 2015-03-26 | VU#930956 | 6.2 | Multiple ANTlabs InnGate models allow unauthenticated read/write to filesystem |
2015-03-20 | 2015-03-20 | 2015-07-08 | VU#631788 | 5.3 | BIOS implementations permit unsafe SMM function calls to memory locations outside of SMRAM |
2015-03-20 | 2011-01-31 | 2015-09-08 | VU#894897 | 7.3 | NSIS Inetc plug-in fails to validate SSL certificates |
2015-03-17 | 2015-03-12 | 2015-03-17 | VU#868948 | 1.8 | HP ArcSight contains multiple vulnerabilities |
2015-03-16 | 2015-03-13 | 2015-03-16 | VU#184100 | 5.9 | D-Link DAP-1320 Rev Ax is vulnerable to a command injection |
2015-03-16 | 2015-03-13 | 2015-03-16 | VU#377348 | 6.1 | D-Link DCS-93xL model family allows unrestricted upload |
2015-03-10 | 2015-03-10 | 2015-03-13 | VU#794095 | 1.2 | Telerik Analytics Monitor Library allows DLL hijacking |
2015-03-06 | 2015-03-06 | 2015-10-27 | VU#243585 | 6.4 | SSL/TLS implementations accept export-grade RSA keys (FREAK attack) |
2015-03-03 | 2015-03-02 | 2015-03-03 | VU#302668 | 1.3 | ShareLaTeX vulnerable to remote command execution and information disclosure |
2015-02-27 | 2015-02-26 | 2015-03-05 | VU#632140 | 3.9 | Multiple Toshiba products are vulnerable to trusted service path privilege escalation |
2015-02-23 | 2015-02-22 | 2015-02-26 | VU#366544 | 8 | Adtrustmedia PrivDog fails to validate SSL certificates |
2015-02-19 | 2015-02-19 | 2015-03-17 | VU#529496 | 8.6 | Komodia Redirector with SSL Digestor fails to properly validate SSL and installs non-unique root CA certificates and private keys |
2015-02-13 | 2015-02-04 | 2015-02-27 | VU#695940 | 2.9 | Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability |
2015-02-13 | 2015-02-13 | 2015-02-13 | VU#787252 | 8.5 | Microsoft Windows domain-configured client Group Policy fails to authenticate servers |
2015-02-05 | 2014-02-05 | 2015-02-10 | VU#377644 | 3.2 | Ektron Content Management System (CMS) contains multiple vulnerabilities |
2015-02-05 | 2015-02-05 | 2015-02-06 | VU#669156 | 1.3 | Topline Systems Opportunity Form vulnerable to information disclosure |
2015-02-02 | 2015-02-02 | 2015-02-02 | VU#522460 | 5.9 | SerVision HVG Video Gateway web interface contains multiple vulnerabilities |
2015-01-28 | 2015-01-28 | 2015-10-22 | VU#967332 | 5.9 | GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow |
2015-01-23 | 2015-01-23 | 2015-01-23 | VU#546340 | 2.5 | QPR Portal contains multiple vulnerabilities |
2015-01-23 | 2015-01-23 | 2015-01-29 | VU#637068 | 5.8 | LabTech contains privilege escalation vulnerability |
2015-01-21 | 2015-01-21 | 2015-01-21 | VU#110652 | 5 | iPass Open Mobile Windows Client contains a remote code execution vulnerability |
2015-01-16 | 2015-01-16 | 2015-01-21 | VU#936356 | 6.8 | Ceragon FiberAir IP-10 Microwave Bridge contains a default root password |
2015-01-13 | 2014-12-11 | 2015-01-13 | VU#117604 | 1 | Panasonic Arbitrator Back-End Server (BES) uses unencrypted communication |
2015-01-05 | 2014-12-28 | 2015-08-03 | VU#976132 | 5.6 | UEFI implementations do not properly secure the EFI S3 Resume Boot Path boot script |
2015-01-05 | 2014-12-28 | 2015-07-23 | VU#766164 | 5.3 | Intel BIOS locking mechanism contains race condition that enables write protection bypass |
| | | |
|---|