Published |
VU# |
Title |
|---|
2015-12-21 |
2015-12-17 |
2015-12-22 |
VU#640184 |
6.2 |
Juniper ScreenOS contains multiple vulnerabilities |
2015-12-18 |
2015-12-18 |
2015-12-18 |
VU#757840 |
1.5 |
Dovestones Software AD Self Password Reset fails to properly restrict password reset request to authorized users |
2015-12-16 |
2015-12-16 |
2015-12-27 |
VU#176160 |
4.4 |
IPswitch WhatsUp Gold contains multiple XSS vulnerabilities and a SQLi |
2015-12-10 |
2015-12-10 |
2015-12-10 |
VU#403568 |
1.1 |
Netgear G54/N150 Wireless Router WNR1000v3 uses insufficiently random values for DNS queries |
2015-12-10 |
2015-12-10 |
2016-01-25 |
VU#646008 |
1.1 |
Buffalo AirStation Extreme N600 Router WZR-600DHP2 uses insufficiently random values for DNS queries |
2015-12-10 |
2015-12-10 |
2015-12-10 |
VU#330000 |
1.6 |
ZyXEL NBG-418N router uses default credentials and is vulnerable to cross-site request forgery |
2015-12-10 |
2015-12-10 |
2015-12-10 |
VU#167992 |
1.6 |
ReadyNet WRT300N-DD Wireless Router contains multiple vulnerabilities |
2015-12-10 |
2015-12-10 |
2015-12-10 |
VU#763576 |
1.6 |
Amped Wireless R10000 router contains multiple vulnerabilities |
2015-12-08 |
2015-12-08 |
2016-05-16 |
VU#377260 |
4.1 |
Up.time agent for Windows contains multiple vulnerabilities |
2015-12-08 |
2015-12-08 |
2015-12-08 |
VU#439016 |
4.4 |
TaxiHail Android mobile app contains multiple vulnerabilties |
2015-12-04 |
2015-12-03 |
2017-03-22 |
VU#294607 |
6.7 |
Lenovo Solution Center LSCTaskService privilege escalation, directory traversal, and CSRF |
2015-12-01 |
2015-11-30 |
2015-12-09 |
VU#630239 |
4.9 |
Epiphany Cardio Server is vulnerable to SQL and LDAP injection |
2015-11-30 |
2015-11-30 |
2015-11-30 |
VU#792004 |
5.5 |
RSI Video Technologies Videofied security system Frontel software uses an insecure custom protocol |
2015-11-25 |
2015-11-25 |
2016-09-06 |
VU#566724 |
3.5 |
Embedded devices use non-unique X.509 certificates and SSH host keys |
2015-11-24 |
2015-11-24 |
2015-12-01 |
VU#925497 |
6.4 |
Dell System Detect installs root certificate and private key (DSDTestProvider) |
2015-11-24 |
2015-11-23 |
2015-12-01 |
VU#870761 |
6.5 |
Dell Foundation Services installs root certificate and private key (eDellRoot) |
2015-11-23 |
2015-11-23 |
2015-11-23 |
VU#428280 |
2 |
CSL DualCom GPRS CS2300-R alarm signalling boards contain multiple vulnerabilties |
2015-11-20 |
2015-11-20 |
2015-11-23 |
VU#419568 |
6.7 |
ARRIS cable modems generate passwords deterministically and contain XSS and CSRF vulnerabilities |
2015-11-13 |
2015-01-28 |
2018-08-27 |
VU#576313 |
6.4 |
Apache Commons Collections Java library insecurely deserializes data |
2015-11-06 |
2015-11-06 |
2015-11-09 |
VU#438928 |
2 |
Huawei HG532 routers contain a path traversal vulnerability |
2015-11-03 |
2015-11-03 |
2015-11-04 |
VU#391604 |
5.9 |
ZTE ZXHN H108N R1A routers contain multiple vulnerabilities |
2015-11-03 |
2015-11-03 |
2015-11-06 |
VU#866432 |
2.1 |
Commvault Edge Server deserializes cookie data insecurely |
2015-11-02 |
2015-10-31 |
2015-11-02 |
VU#316888 |
4.4 |
MobaXterm server may allow arbitrary command injection due to missing X11 authentication |
2015-10-29 |
2015-10-29 |
2015-10-29 |
VU#573848 |
5.1 |
Qolsys IQ Panel contains multiple vulnerabilities |
2015-10-27 |
2015-10-19 |
2015-11-03 |
VU#350508 |
4.6 |
HP ArcSight SmartConnector fails to properly validate SSL and contains a hard-coded password |
2015-10-27 |
2015-10-27 |
2015-11-19 |
VU#672500 |
4.1 |
EPSON Network Utility installs EpsonBidirectionalService with insecure permissions |
2015-10-21 |
2015-10-21 |
2015-10-21 |
VU#840844 |
4.4 |
HP Photosmart B210 printer SMB server buffer overflow vulnerability |
2015-10-20 |
2015-07-20 |
2017-08-14 |
VU#966927 |
5.9 |
HP Client Automation and Radia Client Automation is vulnerable to remote code execution |
2015-10-20 |
2015-07-30 |
2015-10-21 |
VU#935424 |
1 |
Virtual Machine Monitors (VMM) contain a memory deduplication vulnerability |
2015-10-20 |
2015-10-20 |
2015-10-20 |
VU#675052 |
5 |
Medicomp MEDCIN Engine contains multiple vulnerabilities |
2015-10-19 |
2015-10-19 |
2015-10-26 |
VU#842252 |
2.3 |
HP ArcSight Logger contains multiple vulnerabilities |
2015-10-16 |
2015-10-13 |
2015-10-20 |
VU#943167 |
4.7 |
Voice over LTE implementations contain multiple vulnerabilities |
2015-10-13 |
2015-10-13 |
2015-10-29 |
VU#870744 |
5.3 |
ZyXEL NBG-418N, PMG5318-B20A and P-660HW-T1 routers contain multiple vulnerabilities |
2015-10-12 |
2015-10-12 |
2015-10-13 |
VU#751328 |
3.9 |
QNAP QTS is vulnerable to a path traversal attack when used with the AFP protocol and OS X |
2015-09-30 |
2015-09-30 |
2015-09-30 |
VU#693036 |
6.4 |
Datalex airline booking software allowed authorization bypass for arbitrary users |
2015-09-24 |
2015-08-13 |
2015-10-28 |
VU#804060 |
5.8 |
Cookies set via HTTP requests may be used to bypass HTTPS and reveal private information |
2015-09-21 |
2015-09-21 |
2015-09-21 |
VU#374092 |
1.7 |
Web Reference Database (refbase) contains multiple vulnerabilities |
2015-09-10 |
2015-09-10 |
2015-09-15 |
VU#906576 |
4.4 |
Securifi Almond routers contains multiple vulnerabilities |
2015-09-09 |
2015-07-14 |
2015-09-10 |
VU#549807 |
5.9 |
Impero Education Pro classroom management software vulnerable to remote code execution |
2015-09-03 |
2015-09-03 |
2016-05-31 |
VU#630872 |
4.6 |
Mediabridge Medialink Wireless-N Broadband Router MWN-WAPR300N contains multiple vulnerabilities |
2015-09-03 |
2015-08-31 |
2015-09-03 |
VU#845332 |
3.8 |
OrientDB and Studio prior to version 2.1.1 contain multiple vulnerabilities |
2015-09-01 |
2015-09-01 |
2015-12-08 |
VU#903500 |
4.5 |
Seagate and LaCie wireless storage products contain multiple vulnerabilities |
2015-08-31 |
2015-08-31 |
2016-09-22 |
VU#201168 |
4.6 |
Belkin N600 DB Wireless Dual Band N+ router contains multiple vulnerabilities |
2015-08-31 |
2015-08-31 |
2016-01-04 |
VU#361684 |
3.7 |
Router devices do not implement sufficient UPnP authentication and security |
2015-08-31 |
2015-08-31 |
2016-04-17 |
VU#525276 |
4.7 |
Philippine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 contain multiple vulnerabilities |
2015-08-25 |
2015-08-25 |
2015-08-27 |
VU#950576 |
6 |
DSL routers contain hard-coded "XXXXairocon" credentials |
2015-08-20 |
2015-08-20 |
2015-08-20 |
VU#276148 |
6.4 |
Dedicated Micros DVR products use plaintext protocols and require no password by default |
2015-08-18 |
2015-08-18 |
2015-08-18 |
VU#248692 |
3 |
Trend Micro Deep Discovery threat appliance contains multiple vulnerabilities |
2015-08-17 |
2015-07-31 |
2015-08-17 |
VU#300820 |
6.4 |
Cisco Prime Infrastructure contains SUID root binaries |
2015-08-11 |
2015-08-11 |
2015-08-11 |
VU#335192 |
4.9 |
Actiontec GT784WN Wireless N DSL Modem contains multiple vulnerabilities |
2015-08-11 |
2015-08-11 |
2015-08-28 |
VU#209512 |
7.1 |
Mobile Devices C4 ODB2 dongle contains multiple vulnerabilities |
2015-08-07 |
2015-08-07 |
2015-08-10 |
VU#628568 |
6.7 |
Sierra Wireless GX, ES, and LS gateways running ALEOS contain hard-coded credentials |
2015-07-31 |
2015-07-31 |
2015-07-31 |
VU#360431 |
4.8 |
Chiyu Technology fingerprint access control contains multiple vulnerabilities |
2015-07-30 |
2015-07-30 |
2015-08-12 |
VU#577140 |
7.2 |
BIOS implementations fail to properly set UEFI write protections after waking from sleep mode |
2015-07-28 |
2015-07-21 |
2016-01-08 |
VU#924951 |
3.5 |
Android Stagefright contains multiple vulnerabilities |
2015-07-24 |
2015-07-21 |
2015-09-14 |
VU#819439 |
6.2 |
Fiat Chrysler Automobiles UConnect allows a vehicle to be remotely controlled |
2015-07-24 |
2015-07-24 |
2017-03-22 |
VU#857948 |
1.8 |
Honeywell Tuxedo Touch Controller contains multiple vulnerabilities |
2015-07-20 |
2015-07-20 |
2015-07-20 |
VU#912036 |
4.9 |
N-Able RSMWinService contains hard coded security constants allowing decryption of domain administrator password |
2015-07-20 |
2015-07-16 |
2015-07-20 |
VU#813631 |
0.9 |
Total Commander File Info plugin vulnerable to denial of service via an out-of-bounds read |
2015-07-13 |
2015-07-13 |
2015-07-13 |
VU#919604 |
2.5 |
Kaseya Virtual System Administrator contains multiple vulnerabilities |
2015-07-12 |
2015-07-05 |
2015-07-14 |
VU#918568 |
6.7 |
Adobe Flash ActionScript 3 BitmapData memory corruption vulnerability |
2015-07-11 |
2015-07-05 |
2015-07-14 |
VU#338736 |
7.5 |
Adobe Flash ActionScript 3 opaqueBackground use-after-free vulnerability |
2015-07-08 |
2015-07-05 |
2015-07-14 |
VU#103336 |
6.8 |
Windows Adobe Type Manager privilege escalation vulnerability |
2015-07-07 |
2015-07-07 |
2015-07-07 |
VU#253708 |
3.8 |
Grandsteam GXV3611_HD camera is vulnerable to SQL injection |
2015-07-07 |
2015-07-05 |
2015-07-11 |
VU#561288 |
7.1 |
Adobe Flash ActionScript 3 ByteArray use-after-free vulnerability |
2015-07-06 |
2015-07-06 |
2015-07-06 |
VU#485324 |
4.6 |
ANTLabs InnGate gateway device contains SQL injection and reflected cross-site scripting vulnerabilities |
2015-06-16 |
2015-06-16 |
2015-06-25 |
VU#155412 |
4.5 |
Samsung Galaxy S phones fail to properly validate SwiftKey language pack updates |
2015-06-16 |
2015-06-05 |
2015-06-16 |
VU#842780 |
3.5 |
Vesta Control Panel is vulnerable to cross-site request forgery |
2015-06-16 |
2015-06-15 |
2015-06-16 |
VU#626420 |
1.3 |
Pearson ProctorCache contains hard coded credentials |
2015-06-15 |
2014-07-09 |
2015-06-15 |
VU#101500 |
4.6 |
Retrospect Backup Client uses weak password hashing |
2015-06-10 |
2015-06-08 |
2015-06-10 |
VU#555984 |
4.6 |
Avigilon Control Center is vulnerable to path traversal |
2015-06-09 |
2015-06-08 |
2015-06-10 |
VU#810572 |
5.5 |
CUPS print service is vulnerable to privilege escalation and cross-site scripting |
2015-06-08 |
2015-06-08 |
2015-07-01 |
VU#595884 |
2 |
Aptexx Resident Anywhere exposes sensitive account information |
2015-06-08 |
2015-06-08 |
2015-06-08 |
VU#924506 |
3.4 |
Toshiba 4690 OS contains an information disclosure vulnerability |
2015-06-08 |
2015-06-08 |
2015-06-08 |
VU#301788 |
4.5 |
Toshiba CHEC contains a hard-coded cryptographic key |
2015-06-04 |
2015-06-04 |
2015-06-05 |
VU#264092 |
5 |
McAfee ePolicy Orchestrator fails to properly validate SSL/TLS certificates |
2015-05-29 |
2015-05-29 |
2015-06-02 |
VU#498348 |
4 |
Blue Coat SSL Visibility Appliance contains multiple vulnerabilities |
2015-05-26 |
2015-05-26 |
2015-05-27 |
VU#551972 |
1.3 |
Synology Cloud Station sync client for OS X allows regular users to claim ownership of system files |
2015-05-19 |
2015-05-19 |
2015-06-05 |
VU#177092 |
3.7 |
KCodes NetUSB kernel driver is vulnerable to buffer overflow |
2015-05-08 |
2015-04-27 |
2015-05-08 |
VU#110532 |
5.3 |
Subrion CMS vulnerable to SQL injection by an authenticated user |
2015-05-05 |
2015-05-05 |
2015-05-05 |
VU#978652 |
1.3 |
Bomgar Remote Support Portal deserializes untrusted data |
2015-05-04 |
2015-05-04 |
2015-08-03 |
VU#602540 |
3.4 |
ICU Project ICU4C library contains multiple overflow vulnerabilities |
2015-04-30 |
2015-04-30 |
2015-04-30 |
VU#581276 |
6.3 |
EMC AutoStart is vulnerable to remote code execution via specially crafted packets |
2015-04-28 |
2015-04-28 |
2015-04-28 |
VU#534407 |
5.2 |
Barracuda Web Filter insecurely performs SSL inspection |
2015-04-20 |
2015-04-20 |
2015-05-07 |
VU#260780 |
4.9 |
NetNanny uses a shared private key and root CA |
2015-04-17 |
2015-04-17 |
2015-04-17 |
VU#750060 |
4 |
Hewlett-Packard Network Automation contains multiple vulnerabilities |
2015-04-14 |
2015-04-14 |
2015-04-17 |
VU#274244 |
3.9 |
Blue Coat Malware Analysis appliance contains a cross-site scripting (XSS) vulnerability and information disclosure |
2015-04-14 |
2015-04-14 |
2015-04-14 |
VU#697316 |
5.5 |
SearchBlox contains multiple vulnerabilities |
2015-04-13 |
2015-04-13 |
2017-09-05 |
VU#672268 |
5.7 |
Microsoft Windows NTLM automatically authenticates via SMB when following a file:// URL |
2015-04-07 |
2015-04-07 |
2015-04-10 |
VU#374268 |
4.2 |
NTP Project ntpd reference implementation contains multiple vulnerabilities |
2015-04-02 |
2015-04-02 |
2015-04-02 |
VU#924124 |
3.6 |
X-Cart contains multiple vulnerabilities |
2015-03-31 |
2015-03-31 |
2015-05-15 |
VU#550620 |
3.9 |
Multicast DNS (mDNS) implementations may respond to unicast queries originating outside the local link |
2015-03-27 |
2008-12-31 |
2015-04-07 |
VU#591120 |
6.4 |
Multiple SSL certificate authorities use predefined email addresses as proof of domain ownership |
2015-03-26 |
2015-03-26 |
2015-03-26 |
VU#930956 |
6.2 |
Multiple ANTlabs InnGate models allow unauthenticated read/write to filesystem |
2015-03-20 |
2015-03-20 |
2015-07-08 |
VU#631788 |
5.3 |
BIOS implementations permit unsafe SMM function calls to memory locations outside of SMRAM |
2015-03-20 |
2011-01-31 |
2015-09-08 |
VU#894897 |
7.3 |
NSIS Inetc plug-in fails to validate SSL certificates |
2015-03-17 |
2015-03-12 |
2015-03-17 |
VU#868948 |
1.8 |
HP ArcSight contains multiple vulnerabilities |
2015-03-16 |
2015-03-13 |
2015-03-16 |
VU#184100 |
5.9 |
D-Link DAP-1320 Rev Ax is vulnerable to a command injection |
2015-03-16 |
2015-03-13 |
2015-03-16 |
VU#377348 |
6.1 |
D-Link DCS-93xL model family allows unrestricted upload |
2015-03-10 |
2015-03-10 |
2015-03-13 |
VU#794095 |
1.2 |
Telerik Analytics Monitor Library allows DLL hijacking |
2015-03-06 |
2015-03-06 |
2015-10-27 |
VU#243585 |
6.4 |
SSL/TLS implementations accept export-grade RSA keys (FREAK attack) |
2015-03-03 |
2015-03-02 |
2015-03-03 |
VU#302668 |
1.3 |
ShareLaTeX vulnerable to remote command execution and information disclosure |
2015-02-27 |
2015-02-26 |
2015-03-05 |
VU#632140 |
3.9 |
Multiple Toshiba products are vulnerable to trusted service path privilege escalation |
2015-02-23 |
2015-02-22 |
2015-02-26 |
VU#366544 |
8 |
Adtrustmedia PrivDog fails to validate SSL certificates |
2015-02-19 |
2015-02-19 |
2015-03-17 |
VU#529496 |
8.6 |
Komodia Redirector with SSL Digestor fails to properly validate SSL and installs non-unique root CA certificates and private keys |
2015-02-13 |
2015-02-04 |
2015-02-27 |
VU#695940 |
2.9 |
Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability |
2015-02-13 |
2015-02-13 |
2015-02-13 |
VU#787252 |
8.5 |
Microsoft Windows domain-configured client Group Policy fails to authenticate servers |
2015-02-05 |
2014-02-05 |
2015-02-10 |
VU#377644 |
3.2 |
Ektron Content Management System (CMS) contains multiple vulnerabilities |
2015-02-05 |
2015-02-05 |
2015-02-06 |
VU#669156 |
1.3 |
Topline Systems Opportunity Form vulnerable to information disclosure |
2015-02-02 |
2015-02-02 |
2015-02-02 |
VU#522460 |
5.9 |
SerVision HVG Video Gateway web interface contains multiple vulnerabilities |
2015-01-28 |
2015-01-28 |
2015-10-22 |
VU#967332 |
5.9 |
GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow |
2015-01-23 |
2015-01-23 |
2015-01-23 |
VU#546340 |
2.5 |
QPR Portal contains multiple vulnerabilities |
2015-01-23 |
2015-01-23 |
2015-01-29 |
VU#637068 |
5.8 |
LabTech contains privilege escalation vulnerability |
2015-01-21 |
2015-01-21 |
2015-01-21 |
VU#110652 |
5 |
iPass Open Mobile Windows Client contains a remote code execution vulnerability |
2015-01-16 |
2015-01-16 |
2015-01-21 |
VU#936356 |
6.8 |
Ceragon FiberAir IP-10 Microwave Bridge contains a default root password |
2015-01-13 |
2014-12-11 |
2015-01-13 |
VU#117604 |
1 |
Panasonic Arbitrator Back-End Server (BES) uses unencrypted communication |
2015-01-05 |
2014-12-28 |
2015-08-03 |
VU#976132 |
5.6 |
UEFI implementations do not properly secure the EFI S3 Resume Boot Path boot script |
2015-01-05 |
2014-12-28 |
2015-07-23 |
VU#766164 |
5.3 |
Intel BIOS locking mechanism contains race condition that enables write protection bypass |
| | | |
|---|