Published | VU# | Title |
|---|
2016-12-13 | 2016-12-12 | 2016-12-19 | VU#535111 | 4.6 | McAfee VirusScan Enterprise for Windows scriptproxy COM object memory corruption vulnerability |
2016-12-13 | 2016-12-13 | 2016-12-14 | VU#779243 | 4.5 | EpubCheck 4.0.1 contains a XML external entity processing vulnerability |
2016-12-12 | 2016-12-09 | 2016-12-13 | VU#245327 | 5.5 | McAfee VirusScan for Linux contains multiple vulnerabilities |
2016-12-09 | 2016-12-07 | 2017-01-03 | VU#582384 | 7 | Multiple Netgear routers are vulnerable to arbitrary command injection |
2016-12-08 | 2016-12-05 | 2016-12-08 | VU#494015 | 7.5 | PHP FormMail Generator generates code with multiple vulnerabilities |
2016-12-07 | 2016-12-07 | 2016-12-07 | VU#768331 | 4.4 | ForeScout CounterACT SecureConnector agent is vulnerable to privilege escalation |
2016-12-06 | 2016-12-06 | 2016-12-08 | VU#548487 | 1.7 | BSD libc contains a buffer overflow vulnerability in link_ntoa() |
2016-12-06 | 2016-12-06 | 2016-12-12 | VU#846103 | 6 | Sungard eTRAKiT3 may be vulnerable to SQL injection |
2016-11-30 | 2016-11-29 | 2016-12-02 | VU#791496 | 6.5 | Mozilla Firefox SVG animation nsSMILTimeContainer use-after-free vulnerability |
2016-11-21 | 2016-11-21 | 2017-11-20 | VU#633847 | 6.1 | NTP.org ntpd contains multiple denial of service vulnerabilities |
2016-11-17 | 2016-11-11 | 2016-11-17 | VU#624539 | 6.3 | Ragentek Android OTA update mechanism vulnerable to MITM attack |
2016-11-16 | 2016-11-15 | 2016-11-16 | VU#346175 | 5.3 | Imagely NextGen Gallery plugin for Wordpress contains a local file inclusion vulnerability |
2016-11-07 | 2016-11-07 | 2017-03-08 | VU#677427 | 6 | D-Link routers HNAP service contains stack-based buffer overflow |
2016-10-25 | 2016-10-25 | 2016-10-25 | VU#974055 | 1.4 | iTrack Easy contains multiple vulnerabilities |
2016-10-25 | 2016-10-25 | 2016-10-25 | VU#402847 | 1.7 | Zizai Tech Nut contains multiple vulnerabilities |
2016-10-25 | 2016-10-25 | 2016-10-27 | VU#617567 | 1.4 | TrackR Bravo contains multiple vulnerabilities |
2016-10-21 | 2016-10-20 | 2016-11-17 | VU#243144 | 5.6 | Linux kernel memory subsystem copy on write mechanism contains a race condition vulnerability |
2016-10-20 | 2016-10-20 | 2016-10-20 | VU#404187 | 4.7 | Synology NAS servers contain insecure default credentials |
2016-10-20 | 2016-10-20 | 2016-10-20 | VU#970379 | 4.7 | Green Packet DX-350 contains insecure default credentials |
2016-10-20 | 2016-10-20 | 2016-10-20 | VU#200907 | 3 | Intellian Satellite TV t-Series and v-Series firmware contains insecure default credentials |
2016-10-20 | 2016-10-20 | 2016-12-13 | VU#326395 | 4.7 | Nuuo NT-4040 firmware contains insecure default credentials |
2016-10-17 | 2016-10-17 | 2016-10-28 | VU#763843 | 6 | ASUS RP-AC52 contains multiple vulnerabilities |
2016-10-11 | 2016-10-10 | 2016-10-14 | VU#396440 | 5.9 | MatrixSSL contains multiple vulnerabilities |
2016-10-04 | 2016-10-04 | 2016-10-11 | VU#884840 | 6.5 | Animas OneTouch Ping insulin pump contains multiple vulnerabilities |
2016-09-30 | 2016-09-30 | 2016-10-10 | VU#338624 | 1.8 | U by BB&T iOS banking application fails to properly validate SSL certificates |
2016-09-28 | 2016-09-28 | 2016-09-28 | VU#706359 | 5.7 | Aternity version 9 vulnerable to cross-site scripting and remote code execution |
2016-09-13 | 2016-09-13 | 2016-09-22 | VU#667480 | 2.3 | AVer Information EH6108H+ hybrid DVR contains multiple vulnerabilities |
2016-09-07 | 2016-09-06 | 2016-09-07 | VU#282991 | 6.4 | DEXIS Imaging Suite 10 contains hard-coded credentials |
2016-09-06 | 2016-09-06 | 2016-09-07 | VU#548399 | 7.1 | Dentsply Sirona CDR DICOM contains multiple hard-coded credentials |
2016-09-06 | 2016-09-06 | 2016-09-13 | VU#619767 | 1.9 | Open Dental uses blank database password by default |
2016-09-06 | 2016-09-06 | 2016-09-09 | VU#724487 | 6 | Fortinet FortiWAN load balancer appliance contains multiple vulnerabilities |
2016-08-26 | 2016-08-23 | 2016-08-26 | VU#305607 | 5.3 | Accellion Kiteworks contains multiple vulnerabilities |
2016-08-16 | 2016-08-16 | 2016-08-16 | VU#294272 | 4.8 | ReadyDesk contains multiple vulnerabilities |
2016-08-15 | 2016-08-15 | 2018-04-04 | VU#905344 | 3.4 | HTTP CONNECT and 407 Proxy Authentication Required messages are not integrity protected |
2016-08-12 | 2016-08-11 | 2016-08-26 | VU#301735 | 2.1 | Zmodo ZP-NE14-S DVR and ZP-IBH-13W cameras contain hard-coded credentials |
2016-08-11 | 2016-08-11 | 2016-08-12 | VU#332115 | 6.3 | D-Link routers contain buffer overflow vulnerability |
2016-08-08 | 2016-08-06 | 2016-08-08 | VU#735416 | 1 | UltraVNC repeater does not restrict IP addresses or ports by default |
2016-08-04 | 2016-08-04 | 2017-07-11 | VU#877625 | 1.7 | Proxy auto-config (PAC) files have access to full HTTPS URLs |
2016-08-04 | 2016-08-04 | 2016-08-05 | VU#856152 | 7 | NUUO and Netgear Network Video Recorder (NVR) products web interfaces contain multiple vulnerabilities |
2016-08-01 | 2016-08-01 | 2016-08-02 | VU#603047 | 6.2 | Crestron AirMedia AM-100 contains multiple vulnerabilities |
2016-08-01 | 2016-08-01 | 2016-08-01 | VU#974424 | 6.2 | Crestron Electronics DM-TXRX-100-STR web interface contains multiple vulnerabilities |
2016-07-29 | 2016-07-29 | 2016-07-29 | VU#217871 | 3.4 | Intel CrossWalk project does not validate SSL certificates after first acceptance |
2016-07-19 | 2016-07-19 | 2016-08-08 | VU#682704 | 2.2 | Misys FusionCapital Opics Plus contains multiple vulnerabilities |
2016-07-19 | 2016-07-18 | 2016-08-26 | VU#790839 | 5.4 | Objective Systems ASN1C generates code that contains a heap overflow vulnerability |
2016-07-18 | 2016-07-18 | 2016-07-19 | VU#797896 | 1.1 | CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables |
2016-07-13 | 2016-07-13 | 2016-07-13 | VU#665280 | 3.5 | Accela Civic Platform Citizen Access portal contains multiple vulnerabilities |
2016-07-12 | 2016-07-12 | 2016-07-12 | VU#123799 | 4.4 | libbpg contains a type confusion vulnerability that leads to out of bounds write |
2016-07-05 | 2016-07-05 | 2016-07-05 | VU#690343 | 3.4 | Acer Portal app for Android does not properly validate SSL certificates |
2016-06-23 | 2016-06-23 | 2016-06-23 | VU#302544 | 3 | Alertus Desktop Notification for OS X sets insecure permissions for configuration and other files |
2016-06-20 | 2016-06-20 | 2016-06-20 | VU#143335 | 4 | mDNSResponder contains multiple memory-based vulnerabilities |
2016-06-15 | 2016-06-14 | 2016-06-16 | VU#748992 | 7.1 | Adobe Flash memory corruption vulnerability |
2016-06-10 | 2016-06-10 | 2016-07-01 | VU#778696 | 5.6 | Netgear D6000 and D3600 contain hard-coded cryptographic keys and are vulnerable to authentication bypass |
2016-06-02 | 2016-06-02 | 2016-06-06 | VU#321640 | 6.4 | NTP.org ntpd is vulnerable to denial of service and other vulnerabilities |
2016-06-01 | 2016-06-01 | 2016-12-21 | VU#754056 | 5.8 | Fonality contains a hard-coded password and embedded SSL private key |
2016-05-26 | 2016-05-26 | 2016-05-26 | VU#482135 | 2 | MEDHOST Perioperative Information Management System contains hard-coded database credentials |
2016-05-19 | 2016-05-11 | 2016-06-14 | VU#204232 | 4.6 | Up.time agent for Linux does not authenticate a user before allowing read access to the file system |
2016-05-17 | 2016-05-17 | 2016-05-17 | VU#586503 | 5.9 | Chef Manage deserializes cookie data insecurely |
2016-05-13 | 2016-05-13 | 2016-05-13 | VU#785823 | 4.9 | Lantronix xPrintServer contains multiple vulnerabilities |
2016-05-04 | 2016-05-03 | 2016-05-04 | VU#250519 | 7.3 | ImageMagick does not properly validate input before processing images using a delegate |
2016-05-04 | 2013-07-10 | 2016-05-04 | VU#369800 | 7.4 | Little CMS 2 DefaultICCintents double-free vulnerability |
2016-05-02 | 2016-05-01 | 2016-05-04 | VU#862384 | 4.6 | libarchive contains a heap-based buffer overflow due to improper input validation |
2016-04-29 | 2016-04-21 | 2016-04-29 | VU#505560 | 4.4 | Accellion File Transfer Appliance (FTA) contains multiple vulnerabilities |
2016-04-27 | 2016-04-26 | 2016-04-28 | VU#718152 | 5.3 | NTP.org ntpd contains multiple vulnerabilities |
2016-04-25 | 2016-04-29 | 2016-05-02 | VU#229047 | 4.8 | Allround Automations PL/SQL Developer v11 performs updates over HTTP |
2016-04-22 | 2016-04-22 | 2016-04-22 | VU#822980 | 7.1 | SysLINK M2M Modular Gateway contains multiple vulnerabilities |
2016-04-22 | 2016-04-18 | 2016-04-22 | VU#267328 | 6.3 | HP Data Protector does not perform authentication and contains an embedded SSL private key |
2016-04-12 | 2016-04-12 | 2016-04-14 | VU#813296 | 6.9 | Microsoft Windows and Samba may allow spoofing of authenticated users ("Badlock") |
2016-04-07 | 2016-04-07 | 2016-04-20 | VU#615456 | 6.7 | Lemur Vehicle Monitors BlueDriver LSB2 does not authenticate users for Bluetooth access |
2016-03-30 | 2016-02-15 | 2016-03-30 | VU#344432 | 2.4 | Patterson Dental Eaglesoft uses a hard-coded database password across installations |
2016-03-28 | 2016-03-28 | 2016-03-28 | VU#732760 | 1.8 | Autodesk Backburner Manager contains a stack-based buffer overflow vulnerability |
2016-03-26 | 2016-03-25 | 2016-03-26 | VU#319816 | 3.8 | npm fails to restrict the actions of malicious npm packages |
2016-03-24 | 2016-03-24 | 2016-03-24 | VU#279472 | 1.4 | Granite Data Services AMF framework fails to properly parse XML input containing a reference to external entities |
2016-03-17 | 2016-03-17 | 2016-04-18 | VU#897144 | 4.4 | Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow |
2016-03-11 | 2016-03-10 | 2016-03-14 | VU#713312 | 2.3 | DTE Energy Insight app vulnerable to information exposure |
2016-03-10 | 2016-03-10 | 2016-03-10 | VU#270232 | 1.5 | Quagga bgpd with BGP peers enabled for VPNv4 contains a buffer overflow vulnerability |
2016-03-01 | 2016-03-01 | 2016-03-14 | VU#583776 | 6.5 | Network traffic encrypted using RSA-based SSL certificates over SSLv2 may be decrypted by the DROWN attack |
2016-02-29 | 2016-02-24 | 2016-03-04 | VU#938151 | 4.6 | Forwarding Loop Attacks in Content Delivery Networks may result in denial of service |
2016-02-29 | 2016-02-25 | 2017-07-18 | VU#419128 | 6.7 | IKE/IKEv2 protocol implementations may allow network amplification attacks |
2016-02-25 | 2016-02-25 | 2016-02-25 | VU#444472 | 5.6 | QNAP Signage Station and iArtist Lite contain multiple vulnerabilities |
2016-02-24 | 2016-02-23 | 2016-03-01 | VU#981271 | 1.9 | Multiple wireless keyboard/mouse devices use an unsafe proprietary wireless protocol |
2016-02-22 | 2016-02-22 | 2016-04-04 | VU#485744 | 5.9 | Flexera Software FlexNet Publisher lmgrd contains a buffer overflow vulnerability |
2016-02-17 | 2016-02-17 | 2016-02-19 | VU#899080 | 6.4 | Zhuhai Raysharp firmware for DVRs from multiple vendors contains hard-coded credentials |
2016-02-17 | 2016-02-17 | 2016-02-17 | VU#923388 | 6.2 | Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password |
2016-02-17 | 2016-02-16 | 2016-03-14 | VU#457759 | 8.1 | glibc vulnerable to stack buffer overflow in DNS resolver |
2016-02-16 | 2016-02-16 | 2016-11-09 | VU#507216 | 5.2 | Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default |
2016-02-11 | 2016-02-11 | 2016-02-16 | VU#327976 | 5.9 | Cisco Adaptive Security Appliance (ASA) IKEv1 and IKEv2 contains a buffer overflow vulnerability |
2016-02-04 | 2016-02-04 | 2016-02-08 | VU#305096 | 1.6 | Comodo Chromodo browser with Ad Sanitizer does not enforce same origin policy and is based on an outdated version of Chromium |
2016-02-03 | 2016-02-03 | 2016-02-04 | VU#777024 | 5.6 | Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities |
2016-02-02 | 2016-02-02 | 2016-02-02 | VU#544527 | 2.1 | OpenELEC and RasPlex have a hard-coded SSH root password |
2016-02-02 | 2016-02-02 | 2016-02-02 | VU#719736 | 4.4 | Fisher-Price Smart Toy platform allows some unauthenticated web API commands |
2016-02-01 | 2016-02-01 | 2016-02-01 | VU#972224 | 1 | Huawei Mobile WiFi E5151 and E5186 routers use insufficiently random values for DNS queries |
2016-01-28 | 2016-01-28 | 2016-01-29 | VU#257823 | 6.9 | OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol |
2016-01-21 | 2016-01-21 | 2016-01-27 | VU#992624 | 5.9 | Harman AMX multimedia devices contain hard-coded credentials |
2016-01-20 | 2016-01-19 | 2016-01-20 | VU#916896 | 5.9 | Oracle Outside In 8.5.2 contains multiple stack buffer overflows |
2016-01-20 | 2016-01-12 | 2016-03-10 | VU#772447 | 2.9 | ffmpeg and Libav cross-domain information disclosure vulnerability |
2016-01-14 | 2016-01-14 | 2016-01-20 | VU#456088 | 2.7 | OpenSSH Client contains a client information leak vulnerability and buffer overflow |
2016-01-12 | 2016-01-11 | 2016-01-25 | VU#913000 | 5 | Samsung SRN-1670D camera contains multiple vulnerabilities |
2016-01-07 | 2015-12-19 | 2016-01-07 | VU#753264 | 5.9 | IPSwitch WhatsUp Gold does not validate commands when deserializing XML objects |
2016-01-05 | 2016-01-05 | 2016-01-05 | VU#418072 | 4.2 | Comcast XFINITY Home Security fails to properly handle wireless communications disruption |
2016-01-04 | 2015-01-04 | 2016-01-04 | VU#820196 | 1.8 | Furuno Voyage Data Recorder (VDR) moduleserv firmware update utility fails to properly sanitize user-provided input |
| | | |
|---|