Published | VU# | Title |
|---|
2017-12-12 | 2017-12-12 | 2018-04-09 | VU#144389 | 4.2 | TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding |
2017-11-29 | 2017-11-13 | 2017-11-30 | VU#113765 | 4.6 | Apple MacOS High Sierra disabled account authentication bypass |
2017-11-21 | 2017-11-21 | 2017-11-21 | VU#681983 | 1.3 | Install Norton Security for Mac does not verify SSL certificates |
2017-11-17 | 2017-11-16 | 2017-11-20 | VU#817544 | 0 | Windows 8 and later fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard |
2017-11-15 | 2017-11-14 | 2017-11-20 | VU#421280 | 5.5 | Microsoft Office Equation Editor stack buffer overflow |
2017-11-03 | 2017-11-01 | 2017-11-09 | VU#739007 | 6.2 | IEEE P1735 implementations may have weak cryptographic protections |
2017-11-02 | 2017-10-03 | 2017-11-06 | VU#446847 | 5.2 | Savitech USB audio drivers install a new root CA certificate |
2017-10-16 | 2017-10-16 | 2017-11-08 | VU#307015 | 6.9 | Infineon RSA library does not properly generate RSA key pairs |
2017-10-16 | 2017-10-16 | 2017-11-16 | VU#228519 | 5.7 | Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse |
2017-10-12 | 2017-10-12 | 2018-01-22 | VU#590639 | 5.5 | NXP Semiconductors MQX RTOS contains multiple vulnerabilities |
2017-10-02 | 2017-10-02 | 2018-02-02 | VU#973527 | 8.7 | Dnsmasq contains multiple vulnerabilities |
2017-09-13 | 2017-09-12 | 2017-09-16 | VU#101048 | 6.5 | Microsoft .NET framework SOAP Moniker PrintClientProxy remote code execution vulnerability |
2017-09-12 | 2017-09-12 | 2017-11-08 | VU#240311 | 6.2 | Multiple Bluetooth implementation vulnerabilities affect many devices |
2017-09-08 | 2017-09-08 | 2017-10-12 | VU#166743 | 3.8 | Das U-Boot AES-CBC encryption implementation contains multiple vulnerabilities |
2017-09-06 | 2017-09-05 | 2017-09-06 | VU#112992 | 8.3 | Apache Struts 2 framework REST plugin insecurely deserializes untrusted XML data |
2017-08-29 | 2017-08-28 | 2017-08-31 | VU#403768 | 1.3 | Akeo Consulting Rufus fails to update itself securely |
2017-08-03 | 2017-06-13 | 2017-08-09 | VU#824672 | | Microsoft Windows automatically executes code specified in shortcut files |
2017-07-27 | 2017-07-27 | 2017-10-18 | VU#793496 | 3.6 | Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency |
2017-07-25 | 2017-06-26 | 2017-07-25 | VU#838200 | 5.6 | Telerik Web UI contains cryptographic weakness |
2017-07-20 | 2017-07-20 | 2017-10-30 | VU#586501 | 0 | Inmarsat AmosConnect8 Mail Client Vulnerable to SQL Injection and Backdoor Account |
2017-07-18 | 2017-07-18 | 2017-07-26 | VU#547255 | 5.9 | Dahua IP cameras Sonia web interface is vulnerable to stack buffer overflow |
2017-06-19 | 2017-06-19 | 2017-06-28 | VU#489392 | 5.6 | Acronis True Image fails to update itself securely |
2017-06-15 | 2017-06-15 | 2017-06-15 | VU#846320 | 4.9 | Samsung Magician fails to update itself securely |
2017-06-13 | 2017-06-13 | 2017-06-29 | VU#768399 | 5.3 | HPE SiteScope contains multiple vulnerabilities |
2017-06-08 | 2017-06-08 | 2017-06-14 | VU#251927 | 6.7 | CalAmp LMU-3030 devices may not authenticate SMS interface |
2017-06-07 | 2017-06-07 | 2017-07-24 | VU#350135 | 6.7 | Various WiMAX routers contain a authentication bypass vulnerability in custom libmtk httpd plugin |
2017-05-04 | 2017-05-04 | 2017-05-04 | VU#556600 | 4.5 | Space Coast Credit Union SCCU Mobile for Android and iPhone fails to properly validate SSL certificates |
2017-05-04 | 2017-05-04 | 2017-05-10 | VU#276408 | 4.5 | Think Mutual Bank Mobile Banking App for iPhone fails to properly validate SSL certificates |
2017-05-02 | 2017-05-01 | 2017-12-21 | VU#491375 | 5.5 | Intel Active Management Technology (AMT) does not properly enforce access control |
2017-04-25 | 2017-04-24 | 2017-04-25 | VU#219739 | 1.5 | Portrait Displays SDK applications are vulnerable to arbitrary code execution and privilege escalation |
2017-04-17 | 2017-04-14 | 2017-04-27 | VU#676632 | 6.4 | IBM Lotus Domino server mailbox name stack buffer overflow |
2017-04-11 | 2017-04-11 | 2017-04-24 | VU#334207 | | DBPOWER U818A WIFI quadcopter drone allows full filesystem permissions to anonymous FTP |
2017-04-10 | 2017-04-07 | 2017-04-13 | VU#921560 | 6.8 | Microsoft OLE URL Moniker improperly handles remotely-linked HTA data |
2017-04-04 | 2017-04-04 | 2017-04-14 | VU#307983 | 6.3 | Action Message Format (AMF3) Java implementations are vulnerable to insecure deserialization and XML external entities references |
2017-03-31 | 2017-03-31 | 2017-03-31 | VU#507496 | 7.1 | GIGABYTE BRIX UEFI firmware fails to implement write protection and is not cryptographically signed |
2017-03-28 | 2017-03-28 | 2017-04-13 | VU#342303 | 5.3 | Pandora iOS app does not properly validate SSL certificates |
2017-03-21 | 2017-03-15 | 2017-04-21 | VU#600671 | 4.2 | PCAUSA Rawether for Windows local privilege escalation |
2017-03-16 | 2017-03-15 | 2017-03-16 | VU#214283 | 2 | Commvault Edge contains a buffer overflow vulnerability |
2017-03-15 | 2017-03-15 | 2017-03-24 | VU#553503 | 6.7 | D-Link DIR-130 and DIR-330 are vulnerable to authentication bypass and do not protect credentials |
2017-03-14 | 2017-03-06 | 2017-03-14 | VU#834067 | 8.7 | Apache Struts 2 is vulnerable to remote code execution |
2017-03-08 | 2017-03-08 | 2017-03-08 | VU#305448 | 4.9 | D-Link DIR-850L web admin interface contains a stack-based buffer overflow vulnerability |
2017-03-08 | 2017-03-08 | 2017-03-13 | VU#247016 | 4.5 | Flash Seats Mobile App for Android and iOS fails to validate SSL certificates |
2017-03-07 | 2017-03-07 | 2017-03-07 | VU#355151 | 6.4 | ACTi cameras models from the D, B, I, and E series contain multiple security vulnerabilities |
2017-03-07 | 2016-12-17 | 2017-03-07 | VU#608591 | 5.8 | PHP FormMail Generator generates code vulnerable to multiple issues |
2017-03-06 | 2017-03-06 | 2017-03-07 | VU#168699 | 4.6 | dotCMS contains multiple vulnerabilities |
2017-02-28 | 2017-02-28 | 2017-02-28 | VU#742632 | 5.3 | Sage XRT Treasury database fails to properly restrict access to authorized users |
2017-02-15 | 2017-02-15 | 2018-02-27 | VU#614751 | 4.7 | Hughes satellite modems contain multiple vulnerabilities |
2017-02-08 | 2017-01-31 | 2017-02-08 | VU#745607 | 2.5 | Accellion FTP server contains information exposure and cross-site scripting vulnerabilities |
2017-02-02 | 2017-02-01 | 2017-03-17 | VU#867968 | 7 | Microsoft Windows SMB Tree Connect Response denial of service vulnerability |
2017-01-31 | 2017-01-31 | 2017-04-07 | VU#167623 | 6 | SHDesigns Resident Download Manager does not authenticate firmware downloads |
2017-01-27 | 2017-01-23 | 2017-01-27 | VU#909240 | 6.8 | Cisco WebEx web browser extension allows arbitrary code execution |
2017-01-13 | 2017-01-13 | 2017-01-13 | VU#865216 | 4 | CodeLathe FileCloud is vulnerable to cross-site request forgery |
2017-01-10 | 2017-01-10 | 2017-01-11 | VU#767208 | 3.9 | ThreatMetrix SDK for iOS fails to validate SSL certificates |
2017-01-03 | 2017-01-03 | 2017-02-08 | VU#475907 | 1.8 | ShoreTel Mobility Client mobile application does not verify SSL certificates |
| | | |
|---|