Published |
VU# |
Title |
|---|
2016-12-13 |
2016-12-12 |
2016-12-19 |
VU#535111 |
4.6 |
McAfee VirusScan Enterprise for Windows scriptproxy COM object memory corruption vulnerability |
2016-12-13 |
2016-12-13 |
2016-12-14 |
VU#779243 |
4.5 |
EpubCheck 4.0.1 contains a XML external entity processing vulnerability |
2016-12-12 |
2016-12-09 |
2016-12-13 |
VU#245327 |
5.5 |
McAfee VirusScan for Linux contains multiple vulnerabilities |
2016-12-09 |
2016-12-07 |
2017-01-03 |
VU#582384 |
7 |
Multiple Netgear routers are vulnerable to arbitrary command injection |
2016-12-08 |
2016-12-05 |
2016-12-08 |
VU#494015 |
7.5 |
PHP FormMail Generator generates code with multiple vulnerabilities |
2016-12-07 |
2016-12-07 |
2016-12-07 |
VU#768331 |
4.4 |
ForeScout CounterACT SecureConnector agent is vulnerable to privilege escalation |
2016-12-06 |
2016-12-06 |
2016-12-08 |
VU#548487 |
1.7 |
BSD libc contains a buffer overflow vulnerability in link_ntoa() |
2016-12-06 |
2016-12-06 |
2016-12-12 |
VU#846103 |
6 |
Sungard eTRAKiT3 may be vulnerable to SQL injection |
2016-11-30 |
2016-11-29 |
2016-12-02 |
VU#791496 |
6.5 |
Mozilla Firefox SVG animation nsSMILTimeContainer use-after-free vulnerability |
2016-11-21 |
2016-11-21 |
2017-11-20 |
VU#633847 |
6.1 |
NTP.org ntpd contains multiple denial of service vulnerabilities |
2016-11-17 |
2016-11-11 |
2016-11-17 |
VU#624539 |
6.3 |
Ragentek Android OTA update mechanism vulnerable to MITM attack |
2016-11-16 |
2016-11-15 |
2016-11-16 |
VU#346175 |
5.3 |
Imagely NextGen Gallery plugin for Wordpress contains a local file inclusion vulnerability |
2016-11-07 |
2016-11-07 |
2017-03-08 |
VU#677427 |
6 |
D-Link routers HNAP service contains stack-based buffer overflow |
2016-10-25 |
2016-10-25 |
2016-10-25 |
VU#974055 |
1.4 |
iTrack Easy contains multiple vulnerabilities |
2016-10-25 |
2016-10-25 |
2016-10-25 |
VU#402847 |
1.7 |
Zizai Tech Nut contains multiple vulnerabilities |
2016-10-25 |
2016-10-25 |
2016-10-27 |
VU#617567 |
1.4 |
TrackR Bravo contains multiple vulnerabilities |
2016-10-21 |
2016-10-20 |
2016-11-17 |
VU#243144 |
5.6 |
Linux kernel memory subsystem copy on write mechanism contains a race condition vulnerability |
2016-10-20 |
2016-10-20 |
2016-10-20 |
VU#404187 |
4.7 |
Synology NAS servers contain insecure default credentials |
2016-10-20 |
2016-10-20 |
2016-10-20 |
VU#970379 |
4.7 |
Green Packet DX-350 contains insecure default credentials |
2016-10-20 |
2016-10-20 |
2016-10-20 |
VU#200907 |
3 |
Intellian Satellite TV t-Series and v-Series firmware contains insecure default credentials |
2016-10-20 |
2016-10-20 |
2016-12-13 |
VU#326395 |
4.7 |
Nuuo NT-4040 firmware contains insecure default credentials |
2016-10-17 |
2016-10-17 |
2016-10-28 |
VU#763843 |
6 |
ASUS RP-AC52 contains multiple vulnerabilities |
2016-10-11 |
2016-10-10 |
2016-10-14 |
VU#396440 |
5.9 |
MatrixSSL contains multiple vulnerabilities |
2016-10-04 |
2016-10-04 |
2016-10-11 |
VU#884840 |
6.5 |
Animas OneTouch Ping insulin pump contains multiple vulnerabilities |
2016-09-30 |
2016-09-30 |
2016-10-10 |
VU#338624 |
1.8 |
U by BB&T iOS banking application fails to properly validate SSL certificates |
2016-09-28 |
2016-09-28 |
2016-09-28 |
VU#706359 |
5.7 |
Aternity version 9 vulnerable to cross-site scripting and remote code execution |
2016-09-13 |
2016-09-13 |
2016-09-22 |
VU#667480 |
2.3 |
AVer Information EH6108H+ hybrid DVR contains multiple vulnerabilities |
2016-09-07 |
2016-09-06 |
2016-09-07 |
VU#282991 |
6.4 |
DEXIS Imaging Suite 10 contains hard-coded credentials |
2016-09-06 |
2016-09-06 |
2016-09-07 |
VU#548399 |
7.1 |
Dentsply Sirona CDR DICOM contains multiple hard-coded credentials |
2016-09-06 |
2016-09-06 |
2016-09-13 |
VU#619767 |
1.9 |
Open Dental uses blank database password by default |
2016-09-06 |
2016-09-06 |
2016-09-09 |
VU#724487 |
6 |
Fortinet FortiWAN load balancer appliance contains multiple vulnerabilities |
2016-08-26 |
2016-08-23 |
2016-08-26 |
VU#305607 |
5.3 |
Accellion Kiteworks contains multiple vulnerabilities |
2016-08-16 |
2016-08-16 |
2016-08-16 |
VU#294272 |
4.8 |
ReadyDesk contains multiple vulnerabilities |
2016-08-15 |
2016-08-15 |
2018-04-04 |
VU#905344 |
3.4 |
HTTP CONNECT and 407 Proxy Authentication Required messages are not integrity protected |
2016-08-12 |
2016-08-11 |
2016-08-26 |
VU#301735 |
2.1 |
Zmodo ZP-NE14-S DVR and ZP-IBH-13W cameras contain hard-coded credentials |
2016-08-11 |
2016-08-11 |
2016-08-12 |
VU#332115 |
6.3 |
D-Link routers contain buffer overflow vulnerability |
2016-08-08 |
2016-08-06 |
2016-08-08 |
VU#735416 |
1 |
UltraVNC repeater does not restrict IP addresses or ports by default |
2016-08-04 |
2016-08-04 |
2017-07-11 |
VU#877625 |
1.7 |
Proxy auto-config (PAC) files have access to full HTTPS URLs |
2016-08-04 |
2016-08-04 |
2016-08-05 |
VU#856152 |
7 |
NUUO and Netgear Network Video Recorder (NVR) products web interfaces contain multiple vulnerabilities |
2016-08-01 |
2016-08-01 |
2016-08-02 |
VU#603047 |
6.2 |
Crestron AirMedia AM-100 contains multiple vulnerabilities |
2016-08-01 |
2016-08-01 |
2016-08-01 |
VU#974424 |
6.2 |
Crestron Electronics DM-TXRX-100-STR web interface contains multiple vulnerabilities |
2016-07-29 |
2016-07-29 |
2016-07-29 |
VU#217871 |
3.4 |
Intel CrossWalk project does not validate SSL certificates after first acceptance |
2016-07-19 |
2016-07-19 |
2016-08-08 |
VU#682704 |
2.2 |
Misys FusionCapital Opics Plus contains multiple vulnerabilities |
2016-07-19 |
2016-07-18 |
2016-08-26 |
VU#790839 |
5.4 |
Objective Systems ASN1C generates code that contains a heap overflow vulnerability |
2016-07-18 |
2016-07-18 |
2016-07-19 |
VU#797896 |
1.1 |
CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables |
2016-07-13 |
2016-07-13 |
2016-07-13 |
VU#665280 |
3.5 |
Accela Civic Platform Citizen Access portal contains multiple vulnerabilities |
2016-07-12 |
2016-07-12 |
2016-07-12 |
VU#123799 |
4.4 |
libbpg contains a type confusion vulnerability that leads to out of bounds write |
2016-07-05 |
2016-07-05 |
2016-07-05 |
VU#690343 |
3.4 |
Acer Portal app for Android does not properly validate SSL certificates |
2016-06-23 |
2016-06-23 |
2016-06-23 |
VU#302544 |
3 |
Alertus Desktop Notification for OS X sets insecure permissions for configuration and other files |
2016-06-20 |
2016-06-20 |
2016-06-20 |
VU#143335 |
4 |
mDNSResponder contains multiple memory-based vulnerabilities |
2016-06-15 |
2016-06-14 |
2016-06-16 |
VU#748992 |
7.1 |
Adobe Flash memory corruption vulnerability |
2016-06-10 |
2016-06-10 |
2016-07-01 |
VU#778696 |
5.6 |
Netgear D6000 and D3600 contain hard-coded cryptographic keys and are vulnerable to authentication bypass |
2016-06-02 |
2016-06-02 |
2016-06-06 |
VU#321640 |
6.4 |
NTP.org ntpd is vulnerable to denial of service and other vulnerabilities |
2016-06-01 |
2016-06-01 |
2016-12-21 |
VU#754056 |
5.8 |
Fonality contains a hard-coded password and embedded SSL private key |
2016-05-26 |
2016-05-26 |
2016-05-26 |
VU#482135 |
2 |
MEDHOST Perioperative Information Management System contains hard-coded database credentials |
2016-05-19 |
2016-05-11 |
2016-06-14 |
VU#204232 |
4.6 |
Up.time agent for Linux does not authenticate a user before allowing read access to the file system |
2016-05-17 |
2016-05-17 |
2016-05-17 |
VU#586503 |
5.9 |
Chef Manage deserializes cookie data insecurely |
2016-05-13 |
2016-05-13 |
2016-05-13 |
VU#785823 |
4.9 |
Lantronix xPrintServer contains multiple vulnerabilities |
2016-05-04 |
2016-05-03 |
2016-05-04 |
VU#250519 |
7.3 |
ImageMagick does not properly validate input before processing images using a delegate |
2016-05-04 |
2013-07-10 |
2016-05-04 |
VU#369800 |
7.4 |
Little CMS 2 DefaultICCintents double-free vulnerability |
2016-05-02 |
2016-05-01 |
2016-05-04 |
VU#862384 |
4.6 |
libarchive contains a heap-based buffer overflow due to improper input validation |
2016-04-29 |
2016-04-21 |
2016-04-29 |
VU#505560 |
4.4 |
Accellion File Transfer Appliance (FTA) contains multiple vulnerabilities |
2016-04-27 |
2016-04-26 |
2016-04-28 |
VU#718152 |
5.3 |
NTP.org ntpd contains multiple vulnerabilities |
2016-04-25 |
2016-04-29 |
2016-05-02 |
VU#229047 |
4.8 |
Allround Automations PL/SQL Developer v11 performs updates over HTTP |
2016-04-22 |
2016-04-22 |
2016-04-22 |
VU#822980 |
7.1 |
SysLINK M2M Modular Gateway contains multiple vulnerabilities |
2016-04-22 |
2016-04-18 |
2016-04-22 |
VU#267328 |
6.3 |
HP Data Protector does not perform authentication and contains an embedded SSL private key |
2016-04-12 |
2016-04-12 |
2016-04-14 |
VU#813296 |
6.9 |
Microsoft Windows and Samba may allow spoofing of authenticated users ("Badlock") |
2016-04-07 |
2016-04-07 |
2016-04-20 |
VU#615456 |
6.7 |
Lemur Vehicle Monitors BlueDriver LSB2 does not authenticate users for Bluetooth access |
2016-03-30 |
2016-02-15 |
2016-03-30 |
VU#344432 |
2.4 |
Patterson Dental Eaglesoft uses a hard-coded database password across installations |
2016-03-28 |
2016-03-28 |
2016-03-28 |
VU#732760 |
1.8 |
Autodesk Backburner Manager contains a stack-based buffer overflow vulnerability |
2016-03-26 |
2016-03-25 |
2016-03-26 |
VU#319816 |
3.8 |
npm fails to restrict the actions of malicious npm packages |
2016-03-24 |
2016-03-24 |
2016-03-24 |
VU#279472 |
1.4 |
Granite Data Services AMF framework fails to properly parse XML input containing a reference to external entities |
2016-03-17 |
2016-03-17 |
2016-04-18 |
VU#897144 |
4.4 |
Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow |
2016-03-11 |
2016-03-10 |
2016-03-14 |
VU#713312 |
2.3 |
DTE Energy Insight app vulnerable to information exposure |
2016-03-10 |
2016-03-10 |
2016-03-10 |
VU#270232 |
1.5 |
Quagga bgpd with BGP peers enabled for VPNv4 contains a buffer overflow vulnerability |
2016-03-01 |
2016-03-01 |
2016-03-14 |
VU#583776 |
6.5 |
Network traffic encrypted using RSA-based SSL certificates over SSLv2 may be decrypted by the DROWN attack |
2016-02-29 |
2016-02-24 |
2016-03-04 |
VU#938151 |
4.6 |
Forwarding Loop Attacks in Content Delivery Networks may result in denial of service |
2016-02-29 |
2016-02-25 |
2017-07-18 |
VU#419128 |
6.7 |
IKE/IKEv2 protocol implementations may allow network amplification attacks |
2016-02-25 |
2016-02-25 |
2016-02-25 |
VU#444472 |
5.6 |
QNAP Signage Station and iArtist Lite contain multiple vulnerabilities |
2016-02-24 |
2016-02-23 |
2016-03-01 |
VU#981271 |
1.9 |
Multiple wireless keyboard/mouse devices use an unsafe proprietary wireless protocol |
2016-02-22 |
2016-02-22 |
2016-04-04 |
VU#485744 |
5.9 |
Flexera Software FlexNet Publisher lmgrd contains a buffer overflow vulnerability |
2016-02-17 |
2016-02-17 |
2016-02-19 |
VU#899080 |
6.4 |
Zhuhai Raysharp firmware for DVRs from multiple vendors contains hard-coded credentials |
2016-02-17 |
2016-02-17 |
2016-02-17 |
VU#923388 |
6.2 |
Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password |
2016-02-17 |
2016-02-16 |
2016-03-14 |
VU#457759 |
8.1 |
glibc vulnerable to stack buffer overflow in DNS resolver |
2016-02-16 |
2016-02-16 |
2016-11-09 |
VU#507216 |
5.2 |
Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default |
2016-02-11 |
2016-02-11 |
2016-02-16 |
VU#327976 |
5.9 |
Cisco Adaptive Security Appliance (ASA) IKEv1 and IKEv2 contains a buffer overflow vulnerability |
2016-02-04 |
2016-02-04 |
2016-02-08 |
VU#305096 |
1.6 |
Comodo Chromodo browser with Ad Sanitizer does not enforce same origin policy and is based on an outdated version of Chromium |
2016-02-03 |
2016-02-03 |
2016-02-04 |
VU#777024 |
5.6 |
Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities |
2016-02-02 |
2016-02-02 |
2016-02-02 |
VU#544527 |
2.1 |
OpenELEC and RasPlex have a hard-coded SSH root password |
2016-02-02 |
2016-02-02 |
2016-02-02 |
VU#719736 |
4.4 |
Fisher-Price Smart Toy platform allows some unauthenticated web API commands |
2016-02-01 |
2016-02-01 |
2016-02-01 |
VU#972224 |
1 |
Huawei Mobile WiFi E5151 and E5186 routers use insufficiently random values for DNS queries |
2016-01-28 |
2016-01-28 |
2016-01-29 |
VU#257823 |
6.9 |
OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol |
2016-01-21 |
2016-01-21 |
2016-01-27 |
VU#992624 |
5.9 |
Harman AMX multimedia devices contain hard-coded credentials |
2016-01-20 |
2016-01-19 |
2016-01-20 |
VU#916896 |
5.9 |
Oracle Outside In 8.5.2 contains multiple stack buffer overflows |
2016-01-20 |
2016-01-12 |
2016-03-10 |
VU#772447 |
2.9 |
ffmpeg and Libav cross-domain information disclosure vulnerability |
2016-01-14 |
2016-01-14 |
2016-01-20 |
VU#456088 |
2.7 |
OpenSSH Client contains a client information leak vulnerability and buffer overflow |
2016-01-12 |
2016-01-11 |
2016-01-25 |
VU#913000 |
5 |
Samsung SRN-1670D camera contains multiple vulnerabilities |
2016-01-07 |
2015-12-19 |
2016-01-07 |
VU#753264 |
5.9 |
IPSwitch WhatsUp Gold does not validate commands when deserializing XML objects |
2016-01-05 |
2016-01-05 |
2016-01-05 |
VU#418072 |
4.2 |
Comcast XFINITY Home Security fails to properly handle wireless communications disruption |
2016-01-04 |
2015-01-04 |
2016-01-04 |
VU#820196 |
1.8 |
Furuno Voyage Data Recorder (VDR) moduleserv firmware update utility fails to properly sanitize user-provided input |
| | | |
|---|