| Fork CMS 3.8.3 - XSS Vulnerability 2015-02-02 |
| Format Factory v2.95 - Buffer Overflow Vulnerabilities 2012-05-04 |
| FormatFactory 3.9.0 - (.task) Stack Overflow Vulnerability 2016-09-02 |
| FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Web Vulnerability 2016-08-04 |
| FortiClient SSLVPN 5.4 - Credentials Disclosure |
| FortiCloud - (Reports Summary) Multiple Persistent Vulnerabilities 2016-08-05 |
| Fortigate UTM WAF Appliance - Cross Site Vulnerabilities 2012-09-17 |
| Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities 2012-09-12 |
| Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities 2012-09-17 |
| FortiManager & FortiAnalyzer 5.x (Appliance Application) - (filename) Persistent Web Vulnerability 2016-04-04 |
| FortiManager (Series) - (Bookmark) Persistent Vulnerability 2016-08-04 |
| FortiManager (Series) - Multiple Web Vulnerabilities 2016-08-02 |
| FortiManager v5.2.2 Multiple XSS Vulnerabilities 2015-09-25 |
| Fortinet FortiMail 400 IBE - Multiple Web Vulnerabilities 2013-01-28 |
| Fortinet FortiManager & FortiAnalyzer - (filename) Persistent Web Vulnerability 2016-08-01 |
| Fortinet FortiWeb Web Application Firewall Policy Bypass 2012-05-03 |
| FortiVoice v5.0 - Filter Bypass & Persistent Validation Vulnerability 2016-08-09 |
| Forum Oxalis 0.1.2 <= SQL Injection Vulnerability 2012-07-03 |
| Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro. 2013-02-19 |
| Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities 2015-01-13 |
| Foxit Reader Insecure Library Loading 2011-07-21 |
| FOXMOLE Advisories (advisories foxmole com) |
| FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability 2015-07-17 |
| FrameJammer DOM based XSS 2012-02-27 |
| Free Monthly Websites v2.0 - Multiple Web Vulnerabilities 2013-02-04 |
| Free Web App Security Challenges - Hackademics Project 2012-07-20 |
| Free WMA MP3 Converter - Buffer Overflow Exploit (SEH) 2015-11-17 |
| Freebox OS Web interface 3.0.2 XSS, CSRF 2015-06-01 |
| FreeBSD bsnmpd information disclosure 2016-01-15 |
| FreeBSD ftpd/ProFTPD on FreeBSD Remote Root Exploit 2011-12-01 |
| FreeBSD Security Advisories (security-advisories freebsd org) |
| FreeBSD Security Advisory FreeBSD-SA-11:03.bind 2011-09-28 |
| FreeBSD Security Advisory FreeBSD-SA-11:04.compress 2011-09-28 |
| FreeBSD Security Advisory FreeBSD-SA-11:05.unix [REVISED] 2011-10-04 |
| FreeBSD Security Advisory FreeBSD-SA-11:05.unix 2011-09-28 |
| FreeBSD Security Advisory FreeBSD-SA-11:06.bind 2011-12-23 |
| FreeBSD Security Advisory FreeBSD-SA-11:07.chroot 2011-12-23 |
| FreeBSD Security Advisory FreeBSD-SA-11:08.telnetd 2011-12-23 |
| FreeBSD Security Advisory FreeBSD-SA-11:09.pam_ssh 2011-12-23 |
| FreeBSD Security Advisory FreeBSD-SA-11:10.pam 2011-12-23 |
| FreeBSD Security Advisory FreeBSD-SA-12:01.openssl 2012-05-03 |
| FreeBSD Security Advisory FreeBSD-SA-12:01.openssl 2012-05-30 |
| FreeBSD Security Advisory FreeBSD-SA-12:02.crypt 2012-05-30 |
| FreeBSD Security Advisory FreeBSD-SA-12:03.bind 2012-06-12 |
| FreeBSD Security Advisory FreeBSD-SA-12:04.sysret [REVISED] 2012-06-19 |
| FreeBSD Security Advisory FreeBSD-SA-12:04.sysret 2012-06-12 |
| FreeBSD Security Advisory FreeBSD-SA-12:05.bind 2012-08-06 |
| FreeBSD Security Advisory FreeBSD-SA-12:06.bind 2012-11-23 |
| FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd 2012-11-23 |
| FreeBSD Security Advisory FreeBSD-SA-12:08.linux 2012-11-23 |
| FreeBSD Security Advisory FreeBSD-SA-13:01.bind 2013-02-19 |
| FreeBSD Security Advisory FreeBSD-SA-13:02.libc 2013-02-19 |
| FreeBSD Security Advisory FreeBSD-SA-13:03.openssl 2013-04-02 |
| FreeBSD Security Advisory FreeBSD-SA-13:04.bind 2013-04-02 |
| FreeBSD Security Advisory FreeBSD-SA-13:06.mmap [REVISED] 2013-06-21 |
| FreeBSD Security Advisory FreeBSD-SA-13:06.mmap 2013-06-18 |
| FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast [REVISED] 2013-09-10 |
| FreeBSD Security Advisory FreeBSD-SA-13:10.sctp [REVISED] 2013-09-10 |
| FreeBSD Security Advisory FreeBSD-SA-13:11.sendfile 2013-09-10 |
| FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl 2013-09-10 |
| FreeBSD Security Advisory FreeBSD-SA-13:13.nullfs 2013-09-10 |
| FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED] 2013-11-29 |
| FreeBSD Security Advisory FreeBSD-SA-13:14.openssh 2013-11-19 |
| FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd 2014-01-14 |
| FreeBSD Security Advisory FreeBSD-SA-14:02.ntpd 2014-01-14 |
| FreeBSD Security Advisory FreeBSD-SA-14:03.openssl 2014-01-14 |
| FreeBSD Security Advisory FreeBSD-SA-14:04.bind 2014-01-14 |
| FreeBSD Security Advisory FreeBSD-SA-14:14.openssl 2014-06-05 |
| FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 2014-09-09 |
| FreeBSD Security Advisory FreeBSD-SA-14:24.sshd [REVISED] 2014-11-06 |
| FreeBSD Security Advisory FreeBSD-SA-14:25.setlogin 2014-11-05 |
| FreeBSD Security Advisory FreeBSD-SA-14:26.ftp 2014-11-05 |
| FreeBSD Security Advisory FreeBSD-SA-14:31.ntp 2014-12-23 |
| FreeBSD Security Advisory FreeBSD-SA-15:01.openssl 2015-01-14 |
| FreeBSD Security Advisory FreeBSD-SA-15:10.openssl 2015-06-12 |
| FreeBSD Security Advisory FreeBSD-SA-15:12.openssl 2015-07-09 |
| FreeBSD Security Advisory FreeBSD-SA-15:13.tcp 2015-07-22 |
| FreeBSD Security Advisory FreeBSD-SA-15:14.bsdpatch 2015-07-28 |
| FreeBSD Security Advisory FreeBSD-SA-15:15.tcp 2015-07-28 |
| FreeBSD Security Advisory FreeBSD-SA-15:16.openssh [REVISED] 2015-07-30 |
| FreeBSD Security Advisory FreeBSD-SA-15:16.openssh 2015-07-28 |
| FreeBSD Security Advisory FreeBSD-SA-15:17.bind 2015-07-28 |
| FreeBSD Security Advisory FreeBSD-SA-15:20.expat 2015-08-18 |
| FreeBSD Security Advisory FreeBSD-SA-15:23.bind 2015-09-02 |
| FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind [REVISED] 2015-10-02 |
| FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind 2015-09-29 |
| FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED] 2015-11-04 |
| FreeBSD Security Advisory FreeBSD-SA-15:25.ntp 2015-10-26 |
| FreeBSD Security Advisory FreeBSD-SA-15:26.openssl 2015-12-05 |
| FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16 |
| FreeBSD Security Advisory FreeBSD-SA-16:01.sctp 2016-01-14 |
| FreeBSD Security Advisory FreeBSD-SA-16:04.linux 2016-01-14 |
| FreeBSD Security Advisory FreeBSD-SA-16:05.tcp 2016-01-14 |
| FreeBSD Security Advisory FreeBSD-SA-16:07.openssh 2016-01-15 |
| FreeBSD Security Advisory FreeBSD-SA-16:08.bind 2016-01-27 |
| FreeBSD Security Advisory FreeBSD-SA-16:09.ntp 2016-01-27 |
| FreeBSD Security Advisory FreeBSD-SA-16:10.linux 2016-01-27 |
| FreeBSD Security Advisory FreeBSD-SA-16:11.openssl 2016-01-30 |
| FreeBSD Security Advisory FreeBSD-SA-16:14.openssh 2016-03-16 |
| FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch 2016-03-16 |
| FreeBSD Security Advisory FreeBSD-SA-16:17.openssl 2016-05-04 |
| FreeBSD Security Advisory FreeBSD-SA-16:18.atkbd 2016-05-17 |
| FreeBSD Security Advisory FreeBSD-SA-16:19.sendmsg 2016-05-17 |
| FreeBSD Security Advisory FreeBSD-SA-16:25.bspatch 2016-07-25 |
| FreeBSD Security Advisory FreeBSD-SA-16:39.ntp 2016-12-22 |
| FreeBSD Security Advisory FreeBSD-SA-17:01.openssh 2017-01-11 |
| FreeDisk v1.01 iOS - Multiple Web Vulnerabilities 2014-08-04 |
| Freelancer calendar <= 1.01 SQL Injection Vulnerability 2011-11-19 |
| Freemake Video Downloader 3.7.1 - Code Execution Vulnerability 2015-10-15 |
| FreePBX (All Versions) RCE 2014-10-01 |
| FreePBX Remote Exploit 2012-02-15 |
| Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities 2012-07-04 |
| FreeWebshop <= 2.2.9 R2 (ajax_save_name.php) Remote Code Execution Vulnerability 2011-11-16 |
| FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability 2015-10-09 |
| From XSLT code execution to Meterpreter shells 2012-07-03 |
| FTGate 2009 Build 6.4.00 CSRF Vulnerabilities 2015-10-02 |
| FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability 2014-03-27 |
| FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability 2013-07-16 |
| FTPShell Client v5.24 Buffer Overflow 2015-12-30 |
| Fulci (prodotto.php?id) Remote SQL injection Vulnerability 2011-09-01 |
| Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials 2013-07-22 |
| Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units 2013-07-14 |
| Full disclosure for SA45649, SQL Injection in LedgerSMB and SQL-Ledger 2011-08-31 |
| Funeral Script PHP - Multiple Web Vulnerabilites 2012-07-11 |
| Funnel Web (directory.php?cid) Remote SQL injection Vulnerability 2011-07-26 |
| Funnel Web (items.php?&cat_id) Remote SQL injection Vulnerability 2011-07-26 |
| Funnel Web (pages.php?page) Remote SQL injection Vulnerability 2011-07-26 |
| Funnel Web (selected_product.php?t) Remote SQL injection Vulnerability 2011-07-26 |
| Fuzzylime v3.03b CMS - CS Cross Scripting Vulnerability 2014-12-16 |
| FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |= 2012-11-20 |
| Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability 2016-12-31 |
| Fwd: [cryptography] Apple Legacy filevault barn door... 2012-05-05 |
| Fwd: [CVE-2015-6940] Pentaho GA PDI & GA BA - Improper authentication allows unauthenticated access to configuration files 2015-09-16 |
| Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4 2013-02-24 |
| Fwd: {Lostmon´s Group} Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability 2011-08-09 |
| Fwd: BT Wifi Extenders - Cross Site Scripting leading to disclosure of PSK 2016-09-22 |
| Fwd: CVE-2015-5256: Apache Cordova vulnerable to improper application of whitelist restrictions 2015-11-20 |
| Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android 2015-11-20 |
| Fwd: RA-Guard: Advice on the implementation (feedback requested) 2012-02-02 |
| Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability 2015-01-22 |
| Fwd: RFC 6274 on Security Assessment of the Internet Protocol Version 4 2011-07-05 |
| Fwd: RUCKUS ADVISORY ID 111113-2: Authenticated persistent cross site scripting vulnerability in guest pass provisioning web interface on ZoneDirector controllers 2013-11-12 |
| Fwd: Timing attack vulnerability in most Zeus server-sides 2015-10-25 |
| Fwd: vulnerability issue for DB2 express 2013-11-12 |
| FYI: We're now paying up to $20,000 for web vulns in our services 2012-04-23 |
| G2webCMS (products.php?cat_id) (member-profile.php?profile) Remote SQL injection Vulnerability 2011-07-27 |
| GDTelcom Speedtest ActiveX Control "FTPDownLoad Class"-ActiveX.dll Remote Denial of Service Vulnerability 2011-11-01 |
| Gergely Eberhardt (gergely eberhardt search-lab hu) |
| gerhard klostermeier syss de |
| Getdpd BB #4 - (name) Persistent Validation Vulnerability 2016-02-08 |
| Getdpd BB #5 - Persistent Filename Vulnerability 2016-02-08 |
| Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability 2016-02-03 |
| Getdpd Bug Bounty #6 - (Import - FTP) Persistent Vulnerability 2016-02-10 |
| Ggb Guestbook - XSS Vulnerabilities 2012-01-05 |
| giflib: heap overflow in giffix (CVE-2015-7555) 2015-12-21 |
| GIMP FIT File Format DoS 2012-06-29 |
| GIMP Scriptfu Python Remote Command Execution 2012-08-16 |
| glibc catopen() Multiple unbounded stack allocations 2016-01-25 |
| GLSA (Gentoo Linux Security Advisory) publication changes 2012-02-02 |
| Glype proxy cookie jar path traversal allows code execution 2014-09-22 |
| Glype proxy local address filter bypass 2014-09-22 |
| Glype proxy privacy settings can be disabled via CSRF 2014-09-22 |
| Gnome Nautilus [Denial of Service] 2015-12-02 |
| gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk 2012-03-06 |
| GnuPG 1.4.12 and lower - memory access errors and keyring database corruption 2012-12-29 |
| Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001 2013-04-03 |
| Google App Enging SDK Code Execution Vulnerability (CVE 2011-1364) 2011-10-11 |
| Google Compute Engine - Lateral Compromise 2014-05-30 |
| Google Compute Engine Multiple DOS Vulnerabilities 2014-05-30 |
| Google Chrome 19 metro_driver.dll mishandling 2012-07-15 |
| Google Chrome Accessibility blink::Node corruption details 2016-11-29 |
| Google Chrome HTTPS Address Bar Spoofing 2012-01-04 |
| Google Nexus 5X Bootloader Unauthorized Memory Dumping via USB 2016-09-04 |
| Google SEO Pressor Snippet Plugin XSS Vulnerability 2016-04-23 |
| Gopal Systems (products.php?cat_id) Remote SQL injection Vulnerability 2011-07-28 |
| GotRoot Security Challenge 2011-10-20 |
| GreenBrowser iframe content Double Free Vulnerability 2012-01-12 |
| GreHack 2012 - 19th Oct. Grenoble, France - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ] 2012-09-11 |
| GreHack 2012 - 19th Oct. Grenoble, France - Conference + CTF - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ] 2012-09-19 |
| GreHack 2012 - Call For Musicians/Artists/DJs application open till October 5th 2012 (Grenoble, France) 2012-07-19 |
| GreHack 2012 - Call For Papers (Grenoble, France) 2012-05-25 |
| GreHack 2012 - extended deadline CFP 15th August 2012 (Grenoble, France) 2012-07-09 |
| GreHack 2012 - LAST Call For Papers (Grenoble, France) till 15th August 2012 2012-08-13 |
| GreHack 2013 - 15 Nov. Grenoble, France - Conf. Registration OPEN 2013-09-25 |
| GreHack 2013 - 2nd Call For Papers - November 15, Grenoble, France 2013-05-25 |
| GreHack 2013 - CFP ends on June, 30 - Conf: Nov. 15, Grenoble, France 2013-06-22 |
| Group-Office Calendar SQL Injection 2012-09-03 |
| Group-Office Cleartext Credentials Stored in Cookies 2012-08-13 |
| GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities 2012-04-10 |
| Grupo Argentina Web Remote SQL injection Vulnerability 2011-08-18 |
| GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability 2014-09-26 |
| GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities 2012-10-01 |
| GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities 2012-10-08 |
| GTX CMS 2013 Optima - Multiple Web Vulnerabilities 2013-10-29 |
| GuestBook Scripts PHP v1.5 - Multiple Web Vulnerabilites 2012-07-04 |
| Guests can view names and emailadresses of all Liferay users in liferay 6.1 2012-05-13 |
| Guppy CMS v5.01.03 - Client Side Cross Site Scripting Web Vulnerability 2016-08-02 |
| H2HC Brazil (Hackers 2 Hackers Conference) 8th Edition - Call for Papers 2011-07-20 |
| H2HC Brazil 9th Edition - Call for Papers 2012-05-18 |
| Hacking IPv6 Networks (slides) 2011-07-26 |
| Hackito Ergo sum // HES2012 Final CFP // Call for Hackers 2012-02-16 |
| Hackito Ergo Sum 2012 Call For Papers ! (12/13/14 April 2012) 2011-12-03 |
| Hackito Ergo Sum 2012 dates 2011-09-24 |
| Hafez Kamal (aphesz hackinthebox org) |
| Hands-on Mobile (Android & iOS) + ARM Exploitation Training at Toorcon 2014-09-27 |
| Happy Birthday FreeBSD! Now you are 20 years old and your security is the same as 20 years ago... :) 2013-06-19 |
| Hard-coded accounts on multiple network cameras 2013-07-11 |
| Hardcoded AES 256 bit key used in Kankun IoT/Smart socket and its mobile App 2015-06-06 |
| Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB 2012-10-11 |
| Hardcoded root password in Zyxel MAX3XX series Wimax CPEs 2016-03-23 |
| Hardcoreview WriteAV Arbitrary Code Execution 2012-10-05 |
| hashdays 2012 - Call for Papers (#days CFP) 2012-06-25 |
| Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-07-24 |
| Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878 2015-07-24 |
| HCA0005 - Liberty Global - Horizon HD STB - predictable WiFi passphrase 2016-01-28 |
| HD Video Player v2.5 iOS - Multiple Web Vulnerabilities 2016-02-12 |
| Heap Memory Corruption in HP Device Access Manager for Protect Tools Information Store 2011-12-02 |
| Hector Marco (hmarco hmarco org) (1 replies) |
| Heroku API Bug Bounty #1 - Persistent Invitation Vulnerability 2015-01-12 |
| Heroku API Deep Dive Bug Bounty #3 - Persistent UI Vulnerability 2015-01-12 |
| Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability 2015-06-10 |
| Hi Technology & Services CMS - SQL Injection Vulnerabilities 2016-03-31 |
| Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities 2013-10-03 |
| Hiding Backdoors in plain sight, again 2011-07-22 |
| HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability 2015-05-20 |
| Horizontal Privilege Escalation/Code Injection in ownCloudâ??s Windows Client 2016-08-19 |
| Host tracking in IPv6 (SI6 Networks' IPv6 toolkit v1.3.3) 2013-03-11 |
| 'Hotel Booking Portal' SQL Injection (CVE-2012-1672) 2012-04-04 |
| How well does Microsoft support (and follow) their mantra "keep your PC updated"? 2012-08-09 |
| HP ArcSight Logger provides incorrect/invalid/incomplete results for queries with boolean operators 2015-07-31 |
| HP Data Protector Arbitrary Remote Command Execution 2013-08-07 |
| HP LaserJet Fax Preview DLL side loading vulnerability 2016-01-23 |
| HP Security Alert (hp-security-alert hp com) |
| HP ToComMsg DLL side loading vulnerability 2016-01-23 |
| HP/H3C and Huawei SNMP Weak Access to Critical Data 2012-10-23 |
| HServer webserver - Directory Traversal Vulnerability 2012-01-05 |
| HTB23004: Multiple Vulnerabilities in e107 2011-06-15 |
| HTB23005: Multiple XSS in N-13 News 2011-06-15 |
| HTB23008: Multiple XSS & CSRF (Cross-Site Request Forgery) in miniblog 2011-06-15 |
| HTB23010: Multiple XSS & Local File Inclusion in Free Simple CMS 2011-06-15 |
| HTB23012: Gogago YouTube Video Converter ActiveX Control "Download()" Buffer Overflow Vulnerability 2011-06-15 |
| HTB23015: Easewe FTP ActiveX Control Multiple Insecure Methods 2011-06-22 |
| HTB23016: Kofax e-Transactions Sender Sendbox ActiveX Control Insecure Method 2011-06-22 |
| HTB23017: XSS in FanUpdate 2011-06-22 |
| HTC / Android OBEX FTP Service Directory Traversal Vulnerability 2011-07-20 |
| HTC IQRD Android Permission Leakage (CVE-2012-2217) 2012-04-22 |
| HTML 5 Security Report 2011-12-14 |
| HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability 2014-10-03 |
| HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527) 2012-04-19 |
| HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526) 2012-04-19 |
| Huawei E587 3G Mobile Hotspot Web UI Cross Site Scripting vulnerability 2013-07-15 |
| Huawei eSpace IAD Remote Information Disclosure Vulnerability 2016-07-30 |
| Huawei ISM Professional XSS Vulnerability 2016-07-26 |
| Huawei Wimax routers vulnerable to multiple threats 2015-11-30 |
| hyp3rlinx lycos com |
| Chamilo 1.8.8.4 Multiple Vulnerabilities 2012-08-25 |
| Chamilo LMS - Persistent Cross Site Scripting Vulnerability 2016-02-19 |
| Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability 2016-02-19 |
| Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability 2016-03-14 |
| Charybdis: Improper assumptions in the server handshake code may lead to a remote crash 2012-12-31 |
| ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability 2014-09-11 |
| Checkmarx CxQL Sandbox bypass (CVE-2014-8778) 2015-09-03 |
| Checkpoint Abra - Vulnerabilities 2012-07-07 |
| Chezola Systems (display-section.php?id) Remote SQL injection Vulnerability 2011-08-09 |
| ChiefPDF Software v2.x - Buffer Overflow Vulnerability 2015-08-20 |
| ChitaSoft (Web-Application) - SQL Injection Vulnerability 2016-03-14 |
| Chrome for Android - Android APIs exposed to JavaScript 2013-01-07 |
| Chrome for Android - Bypassing SOP for Local Files By Symlinks 2013-01-07 |
| Chrome for Android - Cookie theft from Chrome by malicious Android app 2013-01-07 |
| Chrome for Android - Download Function Information Disclosure 2013-01-07 |
| Chrome for Android - UXSS via com.android.browser.application_id Intent extra 2013-01-07 |
| Chrome Web Solutions (details.php?cat_id) (listing_more.php?id) Remote SQL injection Vulnerability 2011-07-27 |
| ChurchCMS 0.0.1 'admin.php' Multiple SQLi 2012-04-23 |
| I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution 2013-02-09 |
| i.Hex Local Crash Poc 2014-11-05 |
| i.Mage Local Crash Poc 2014-11-05 |
| iAuto Mobile Application 2012 - Multiple Web Vulnerabilities 2012-08-05 |
| iBackup v10.0.0.45 - Privilege Escalation Vulnerability 2014-12-19 |
| IBM developerWorks ncp (Nigel's Capacity Planning) 2.1 Remote Information Disclosure 2012-06-30 |
| IBM Edge Components Caching Proxy XSS Followup 2012-06-30 |
| IBM i Access Buffer Overflow Code DOS CVE-2015-7422 2015-11-18 |
| IBM i Access Buffer Overflow Code Exec CVE-2015-2023 2015-11-18 |
| IBM Lotus iNotes 8.5.x cross-site scripting vulnerabilities 2013-08-28 |
| IBM Maximo: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0914 and -0915) 2014-08-11 |
| IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability 2014-09-08 |
| IBSng all version Cross-Site Scripting Vulnerability 2011-11-01 |
| ICACLS.EXE ignores and destroys SE_DACL_PROTECTED/SE_SACL_PROTECTED 2012-05-13 |
| ICETC2014 - IEEE Extended Submission until Aug. 28, 2014 2014-08-20 |
| Iciniti Store SQL Injection - Security Advisory - SOS-12-003 2012-03-07 |
| iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability 2015-05-18 |
| ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers) 2017-01-12 |
| iCompel Digital Signage risks 2012-11-03 |
| iCube Lab (product_details.php?cat_id) Remote SQL injection Vulnerability 2011-07-27 |
| iDefense Security Advisory 05.03.11: Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability 2011-06-03 |
| iDefense Security Advisory 06.01.11: Cisco AnyConnect VPN Client Arbitrary Program Execution Vulnerability 2011-06-02 |
| iDefense Security Advisory 06.14.11: Adobe Shockwave 3D Asset DEMX Integer Overflow Vulnerability 2011-06-16 |
| iDefense Security Advisory 06.14.11: Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability 2011-06-16 |
| iDefense Security Advisory 06.14.11: Adobe Shockwave Font Asset Heap Overflow Vulnerability 2011-06-16 |
| iDefense Security Advisory 06.14.11: Adobe Shockwave Lingo Script Opcodes Integer Signedness Vulnerability 2011-06-16 |
| iDefense Security Advisory 07.14.11: Citrix Access Gateway ActiveX Stack Buffer Overflow Vulnerability 2011-07-14 |
| iDefense Security Advisory 07.20.11: Apple Safari innerText Use-After-Free Vulnerability 2011-07-20 |
| iDefense Security Advisory 07.20.11: Multiple Vendor WebKit frameset style Heap Corruption Vulnerability 2011-07-20 |
| iDefense Security Advisory 07.20.11: Multiple Vendor WebKit MathML Use-After-Free Vulnerability 2011-07-20 |
| iDefense Security Advisory 07.20.11: Multiple Vendor WebKit SVG animVal Memory Corruption Vulnerability 2011-07-20 |
| iDefense Security Advisory 07.20.11: Safari WebKit TIFF Use-After-Free Vulnerability 2011-07-20 |
| iDefense Security Advisory 08.09.11: Adobe Flash Player ActionScript Display Memory Corruption Vulnerability 2011-08-10 |
| iDefense Security Advisory 08.09.11: Adobe Flash Player Integer Overflow 2011-08-10 |
| iDefense Security Advisory 09.13.11: Adobe Reader and Acrobat JPEG Processing Use After Free Vulnerability 2011-09-13 |
| iDefense Security Advisory 09.13.11: Microsoft Excel Record Integer Signedness Vulnerability 2011-09-13 |
| iDefense Security Advisory 09.13.11: Microsoft Excel Record Memory Corruption Vulnerability 2011-09-13 |
| iDefense Security Advisory 09.26.11: Novell GroupWise iCal Date Invalid Array Indexing Vulnerability 2011-09-28 |
| iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE ByWeekNo Memory Corruption Vulnerability 2011-09-28 |
| iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE Weekday Recurrence Heap Overflow Vulnerability 2011-09-28 |
| iDefense Security Advisory 09.26.11: Novell GroupWise iCal TZNAME Heap Overflow Vulnerability 2011-09-27 |
| iDefense Security Advisory 10.11.11: Microsoft Internet Explorer Object Handling Memory Corruption Vulnerability 2011-10-12 |
| iDefense Security Advisory 10.12.11: Apple Mobile OfficeImport Framework Word Document Parsing Memory Corruption Vulnerability 2011-10-13 |
| iDefense Security Advisory 10.12.11: Apple MobileSafari Attachment Viewing Cross Site Scripting Vulnerability 2011-10-13 |
| ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL 2012-11-29 |
| idev Game Site CMS v1.0 - Multiple Web Vulnerabilites 2012-04-08 |
| iDev Rentals v1.0 - Multiple Web Vulnerabilities 2012-11-14 |
| IDrive Online Backup ActiveX control Insecure Method 2011-07-06 |
| IE11 is not following CORS specification for local files 2016-09-22 |
| iedb team gmail com |
| IEEE SocialCom/PASSAT Call For Paper Deadline: June 15, 2011 2011-06-09 |
| IETF I-D: Security and Interoperability Implications of Oversized IPv6 Header Chains 2012-02-17 |
| IFIP NTMS'2012 - Deadline Extended to 12 January 2012 2011-12-18 |
| ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability 2016-02-19 |
| ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability 2016-02-19 |
| i-FTP Buffer Overflow SEH 2014-11-05 |
| Ignore the amount customers confirm is no security vulnerability according to PayPal 2014-07-17 |
| iGuard Biometric Access Control - Multiple Vulnerabilities 2011-11-11 |
| IIS 6.0/7.5 Vulnerabilities [moderate risk] - ISOWAREZ BDAY RELEASE 2012-06-09 |
| IIS Short File/Folder Name Disclosure by using tilde ~ character 2012-07-04 |
| IKEv1 cipher suite configuration mismatch in Siemens SIMATIC CP 343-1 Advanced 2017-01-11 |
| IKEView.exe Fox beta 1 Stack Buffer Overflow 2015-09-12 |
| IKEView.exe R60 Stack Buffer Overflow 2015-09-14 |
| Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities 2012-03-08 |
| imageone Cms Multiple vulnerabilities 2016-01-23 |
| ImgPals Photo Host Version 1.0 Admin Account Disactivation 2012-02-28 |
| Imperva SecureSphere Operations Manager version 9.0.0.5 - Multiple issues 2013-06-01 |
| Implications of IPv6 on network firewalls 2011-11-21 |
| Import Woocommerce XSS Vulnerability 2016-02-24 |
| in_midi multiple vulnerabilities in Winamp 5.61 2011-06-29 |
| inCommand Technologies, Inc. Cross-site Scripting Vulnerability 2011-10-21 |
| Incomplete protection of Oracle Database locked accounts (CVE-2012-0510) 2012-04-19 |
| indiacon (selloffers.php?cid) Remote SQL injection Vulnerability 2011-07-28 |
| Indonesia Web Design (link-directory.php?cid) (link-directory.php?pid) Remote SQL injection Vulnerability 2011-07-26 |
| info thegrideon com |
| Infoblox Cross-site scripting vulnerabilities 2016-09-06 |
| Infocus Web Solutions (news_desc.php?id) Remote SQL injection Vulnerability 2011-07-28 |
| Information on recently-fixed Oracle VM VirtualBox vulnerabilities 2014-02-07 |
| Information Security Forecast 2014 2013-11-17 |
| InfoSec Southwest 2012 CFP 2011-12-01 |
| InfoSec Southwest 2012 CFP First-round Speaker Selections 2012-01-03 |
| InfoSec Southwest 2012 Open Registration 2012-01-20 |
| Inout Mobile Webmail APP - Multiple Web Vulnerabilities 2012-08-05 |
| INSECT Pro - Exploit EChat Server <= v2.5 20110812 - Remote Buffer Overflow Exploit 2011-08-12 |
| Insecure application-coupling in Good Authentication Delegation [MZ-15-03] 2015-09-25 |
| Insecure CHIASMUS encryption in GSTOOL 2013-09-11 |
| Insecure management of login credentials in PicsArt Photo Studio for Android [STIC-2014-0426] 2014-11-06 |
| Insecure RSA Encryption in jCryption, PEAR Crypt_RSA and Crypt_RSA2 2011-11-30 |
| Insecure transmission of data in Android applications developed with Adobe AIR [CVE-2016-6936] 2016-09-14 |
| Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP 2016-07-31 |
| Insomnia : ISVA-110822.1 - Pidgin IM Insecure URL Handling Remote Code Execution 2011-08-22 |
| Instagram Photo Upload and Flattr Money Redirection Vulnerability 2013-11-21 |
| InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-22 |
| InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-23 |
| Insufficient certificate validation in EMC Secure Remote Services Virtual Edition 2015-08-17 |
| Integer overflow in foobar2000 1.1.7 2011-07-04 |
| Integer overflow in Sterling Trader 7.0.2 2011-09-28 |
| Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass |
| Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass (MS12-037) |
| Internet Explorer 9 XSS Filter Bypass 2012-10-18 |
| Internet Explorer iframe sandbox local file name disclosure vulnerability 2016-08-09 |
| Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064) |
| Internet Explorer Script Interjection Code Execution (updated) 2012-09-06 |
| Internet Explorer Script Interjection Code Execution 2012-08-16 |
| Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites 2012-10-08 |
| Interspire Shopping Cart v6 - Multiple Web Vulnerabilities 2012-06-14 |
| Intersystems Cache Remote Code Execution (via Default 'Minimal Security' Install) 2013-11-19 |
| Introduction to R-sequence public key cryptography attack 2011-12-11 |
| Intuit Help System Protocol File Retrieval 2012-03-30 |
| Intuit Help System Protocol URL Heap Corruption and Memory Leak 2012-03-30 |
| Intuit QuickBooks 2007 - 2016 Arbitrary Code Execution 2016-05-10 |
| Investors Application - Client Side Cross Site Scripting Vulnerability 2016-02-19 |
| Invitation to Register and Participate in the Entretiens Jacques Cartier (EJC) Colloquium on IT Security, Cyber Forensics and Combating Cybercrime 2011-09-14 |
| InYourLife (dettaglio.php?id) (dettaglio_immobile.php?id) (notizia.php?id) Remote SQL injection Vulnerability 2011-08-16 |
| IObit Protected Folder Authentication Bypass 2012-06-15 |
| iOS: List of available trusted root certificates 2013-09-30 |
| IP.Board 3.4 cross-site scripting in Referer header 2014-07-16 |
| iPic Sharp v1.2.1 Wifi iOS - Persistent Foldername Web Vulnerability 2013-07-24 |
| IpTools - Rcmd Remote Overflow Vulnerability 2012-01-06 |
| IpTools(Tiny TCP/IP server) - WebServer Directory Traversal Vulnerability 2012-01-06 |
| IPv6 Hackers mailing-list 2011-08-09 |
| IPv6 host scanning in IPv6 2012-04-20 |
| IPv6 implications on IPv4 nets: IPv6 RAs, IPv4, and VPN "evasion" 2012-09-04 |
| IPv6 NIDS evasion and IPv6 fragmentation/reassembly improvements 2012-02-20 |
| IPv6 security (slides and training) 2011-11-08 |
| IPv6 security presentation at Hack.lu 2011 2011-09-21 |
| IPv6 security tools released 2012-07-05 |
| IPv6 security: New IETF I-Ds, slideware and videos for recent presentations, trainings, etc... 2012-05-23 |
| IPv6 Toolkit v1.2.3 released! (and upcoming IPv6 security trainings) 2012-09-15 |
| IPv6: How to avoid security issues with VPN leaks on dual-stack networks 2013-01-24 |
| ipv6mon v1.0 released! (IPv6 address monitoring daemon) 2012-09-13 |
| Irfanview Plugins JLS Decompression 2012-06-29 |
| Is Your Online Bank Vulnerable To Currency Rounding Attacks? 2012-01-09 |
| iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability 2014-06-03 |
| iScripts EasyCreate CMS v2.0 - Multiple Web Vulnerabilites 2012-06-14 |
| iScripts Multicart Cms Multiple Vulnerability 2015-12-07 |
| iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities 2014-04-02 |
| iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities 2014-03-28 |
| ITTWeb Remote SQL injection Vulnerability 2011-09-02 |
| iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries 2014-07-07 |
| iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-02-19 |
| iTunes 12.2 and QuickTime 7.7.7 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-07-01 |
| iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability 2014-12-18 |
| iVault Private P&V 1.1 iOS - Path Traversal Vulnerability 2014-04-10 |
| iWifi for Chat v1.1 iOS - Denial of Service Vulnerability 2014-12-16 |
| Jackie Blanco (jackie sdiwc info) |
| Jacobo Avariento (spinfoo vuln gmail com) |
| JagoanStore CMS Arbitary file upload vulnerability 2011-08-22 |
| Jamie R (jamie riden gmail com) |
| January 2016 - Bamboo - Critical Security Advisory 2016-01-22 |
| jara 1.6 sql injection vulnerability 2011-10-22 |
| Jasig CAS server vulnerabilities 2015-09-21 |
| Java HotSpot Cryptographic Provider signature verification vulnerability 2011-06-06 |
| JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability 2016-02-08 |
| Javascript Injection in Microsoft Lync 4.0.7577.0 2011-06-10 |
| JAWS Weak Service Permissions leads to Privilege Escalation 2016-04-08 |
| JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities 2011-08-27 |
| Jcow CMS 4.2 <= | Cross Site Scripting 2011-08-26 |
| Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution 2011-08-26 |
| Jenkins 1.626 - Cross Site Request Forgery / Code Execution 2015-08-28 |
| Jetro Cockpit Secure Browsing vulnerability - Client missing input validation allowing RCE 2014-02-17 |
| JFreeChart - Path Disclosure vulnerability 2011-06-17 |
| Jobs Portal v3.0 NetArtMedia - Multiple Web Vulnerabilites 2012-06-14 |
| JOIDS (Java OpenID Server) multiple vulnerabilities 2014-03-04 |
| Joomla 1.5.x to 3.4.5 Object Injection Exploit (golang) 2015-12-31 |
| Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities 2012-09-18 |
| Joomla com_fireboard - SQL Injection Vulnerability 2012-08-09 |
| Joomla com_package - SQL Injection Vulnerability 2012-08-05 |
| Joomla com_photo - SQL Injection Vulnerability 2012-08-05 |
| joomla com_zimbcomment Components Local File Include vulnerability 2013-09-25 |
| Joomla crypto vulnerability (all versions) 2013-06-20 |
| Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities 2011-06-28 |
| Joomla! 1.7.0 | Multiple Cross Site Scripting (XSS) Vulnerabilities 2011-09-29 |
| Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities 2011-07-22 |
| Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities 2012-04-15 |
| Joomla! redSHOP component v1.2 SQL Injection 2013-08-08 |
| Joomla! VirtueMart component <= 2.0.22a - SQL Injection 2013-08-22 |
| JSN PowerAdmin Joomla! Extension - Remote Command Execution Via CSRF and XSS vulnerabilities 2016-02-24 |
| JSPMySQL Administrador CSRF & XSS Vulnerabilities 2015-09-05 |
| Julien Ahrens (info rcesecurity com) |
| Julien Ahrens (julien ahrens rcesecurity com) |
| July 2016 - Bamboo Server - Critical Security Advisory 2016-07-26 |
| Juniper Secure Access XSS Vulnerability 2013-07-22 |
| Just4meeting 3.0 - Lisbon/Portugal - 6 to 8 - July 2012-07-04 |
| Justin Bull (me justinbull ca) |
| KaiBB 2.0.1 XSS and SQL Injection vulnerabilities 2011-10-09 |
| Kaspersky Password Manager 5.0.0.164 - Software Filter Vulnerability 2012-08-02 |
| Kaspersky PM 5.0.0.164 - Software Filter Vulnerability 2012-08-01 |
| Kaspersky Safe Browser iOS Application - MITM SSL Certificate Vulnerability (CVE-2016-6231) 2016-08-01 |
| KDE Paste Applet 2013-05-28 |
| Kerio Control <= 8.3.1 Boolean-based blind SQL Injection 2014-06-30 |
| Key Systems Electronic Key Lockers command injection and weak authentication vulnerabilities 2012-10-08 |
| KeyPass Password Safe v1.22 - Software Filter Vulnerability 2012-07-17 |
| Kimia Remote SQL injection Vulnerability 2011-08-08 |
| Kingcopes AthCon 2012 Slides & Notes 2012-05-24 |
| KIWICON: THE ANNUCIATION 2012-09-04 |
| KL-001-2014-004 : VMWare vmx86.sys Arbitrary Kernel Read 2014-11-05 |
| KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation 2015-09-01 |
| KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation 2015-09-01 |
| KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17 |
| KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password 2015-12-18 |
| KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address 2015-12-18 |
| KL-001-2016-001 : Arris DG1670A Cable Modem Remote Command Execution 2016-02-12 |
| Kleefa v1.7 (IR) - Multiple Web Vulnerabilities 2016-01-27 |
| Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities 2012-02-10 |
| KmPlayer v3.0.0.1440 Local Crash PoC 2012-10-26 |
| KnFTPd v1.0.0 Multiple Command Remote Buffer Overflow 2011-09-02 |
| Knowledge Base EE v4.62.0 - SQL Injection Vulnerability 2012-09-12 |
| Kohana Framework v2.3.3 - Directory Traversal Vulnerability 2013-01-28 |
| Kongreg8 1.7.3 Mutiple XSS 2012-02-25 |
| Kotas, Kevin J (Kevin Kotas ca com) |
| Kunena Forum Extension for Joomla Multiple Reflected Cross-Site Scripting Vulnerabilities 2014-07-28 |
| Kunena Forum Extension for Joomla Multiple SQL Injection Vulnerabilities 2014-07-28 |
| LAB GRAPHIC DESIGN (index.php?categoria_id) Remote SQL injection Vulnerability 2011-08-23 |
| lab382 (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-17 |
| LabStoRe <= 1.5.4 Sql Injection Vulnerabilities 2011-11-08 |
| LabWiki <= 1.1 Multiple Vulnerabilities 2011-11-09 |
| LACSEC 2012 Agenda (May 6-11, 2012, Quito, Ecuador) 2012-05-03 |
| LAN Messenger v1.2.28 - Denial of Service Vulnerability 2012-05-01 |
| LAN Scan HD v1.20 iOS - Command Inject Vulnerability 2015-11-17 |
| LanWhoIs.exe 1.0.1.120 Stack Buffer Overflow 2015-10-06 |
| Larry W. Cashdollar (larry0 me com) |
| Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) 2014-08-27 |
| Last Day for AppSec USA 2011 CFP! 2011-06-14 |
| Last reminder for ClubHack 2012 : Call for Papers 2012-10-11 |
| Last reminder for Passwords^12 : Call for Presentations 2012-08-12 |
| Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability 2012-03-04 |
| Lava (news_item.php?id) (album.php?id) (basket.php?baction) Remote SQL injection Vulnerability 2011-07-26 |
| Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities 2014-03-27 |
| LEADTOOLS ActiveX control multiple DLL side loading vulnerabilities 2016-01-23 |
| LedgerSMB 1.3.0 released, includes anti-XSRF framework 2011-10-12 |
| Leo Famulari (leo famulari name) |
| Lepton CMS Archive Directory Traversal 2016-08-16 |
| Lepton CMS PHP Code Injection 2016-08-16 |
| Liberating IT (picture.php?gid) Remote SQL injection Vulnerability 2011-08-07 |
| libexif project security advisory July 12, 2012 2012-07-12 |
| libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16 |
| libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16 |
| libtiff <= 3.9.5 integer overflow bug 2013-08-24 |
| libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28 |
| libtiff: invalid write (CVE-2015-7554) 2015-12-26 |
| Liferay 6.1 can be compromised in its default configuration 2012-04-19 |
| Liferay 6.1 can be compromised without having an account on the portal 2012-05-13 |
| Liferay 6.1 json webservices are subject to cross-site request forgery attacks 2012-05-13 |
| Liferay users can assign themselves to organizations, leading to possible privilege escalation 2012-05-13 |
| LifeSize Room Vulnerabilities 2011-08-28 |
| Lighttpd Proof of Concept code for CVE-2011-4362 2011-12-24 |
| Lime Survey 2-05+ Multiple Vulnerabilities 2014-07-06 |
| Linksys E1200 and E2500 (Missing authorization on parental control) 2016-08-14 |
| Linksys E2500 and E1200 (Unauth Command Injection) 2016-08-14 |
| Linksys X3000 - Multiple Vulnerabilities 2013-06-22 |
| linux privileged and arbitrary chdir() (fixed at 5.4 cifs release) 2012-04-25 |
| LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability 2015-08-28 |
| Listendifferent (prodotto.php?IDprodotto) Remote SQL injection Vulnerability 2011-08-26 |
| LiteSpeed Web Server - Security Advisory - HTTP Header Injection Vulnerability 2016-01-20 |
| Lithium Forum - (previewImages) Persistent Vulnerability 2015-12-22 |
| LiveZilla 5.1.0.0 Reflected XSS in translations 2013-12-08 |
| LiveZilla 5.1.1.0 Stored XSS in operator clients 2013-12-10 |
| Local File Inclusion in PluXml 2012-05-02 |
| Local file inclusion in VtigerCRM 2011-11-09 |
| Local Microsoft Windows 7 / 8 / 10 Buffer Overflow via Third-Party USB-Driver (ser2co64.sys) 2016-02-08 |
| Local RedHat Enterprise Linux DoS â?? RHEL 7.3 Kernel crashes on invalid USB device descriptors (usbvision driver) 2015-10-07 |
| Log2Space Central v 6.2 Multiple XSS Vulnerability 2016-01-27 |
| Logstash vulnerability CVE-2015-5619 2015-08-21 |
| London DEFCON - September 30th 2014 2014-09-30 |
| Looking for security contacts 2013-01-22 |
| Loop (ricetta.php?id) Remote SQL injection Vulnerability 2011-09-02 |
| los818 CMS 2016 Q1 - SQL Injection Web Vulnerability 2016-01-27 |
| Low severity flaw in various applications including KSSL, Rekonq, Arora, Psi IM 2011-10-07 |
| LSE Leading Security Experts GmbH - LSE-2013-06-13 - Avira AntiVir Engine 2013-06-13 |
| LSE Leading Security Experts GmbH - LSE-2014-05-21 - Check_MK - Arbitrary File Disclosure Vulnerability 2014-05-28 |
| LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues 2014-06-03 |
| LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification 2014-08-26 |
| LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection 2015-11-30 |
| LSE Leading Security Experts GmbH - LSE-2016-01-01 - Wordpress ProjectTheme - Multiple Vulnerabilities 2016-03-09 |
| LSE Leading Security Experts GmbH - LSE-2016-02-03 - OXID eShop Path Traversal Vulnerability 2016-05-03 |
| LSE-2012-03-01: PyPAM -- Python bindings for PAM - Double Free Corruption 2012-03-09 |
| Luciano Bello (luciano debian org) |
| MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow 2015-10-26 |
| MacOS X 10.11 hardlink bomb cause resource exhaustion (Avast PoC) 2015-10-26 |
| MacOS/iPhone/Apple Watch/Apple TV libc File System Buffer Overflow 2015-12-08 |
| MacOSX/XNU HFS Multiple Vulnerabilities 2014-04-07 |
| Magento 1.9.x Multiple Man-In The Middle 2016-01-25 |
| Magento Bug Bounty #19 - Persistent Filename Vulnerability 2015-09-11 |
| Magento Bug Bounty #22 - (Profile) Persistent Vulnerability 2015-11-17 |
| Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities 2015-11-17 |
| MailPoet Newsletter 2.6.19 - Security Advisory - Reflected XSS 2016-02-02 |
| MaiNick (ricetta.php?id) Remote SQL injection Vulnerability 2011-09-03 |
| Malformed DHCPv6 packets cause RPC to become unresponsive 2011-08-16 |
| Malicious Code Execution in PCI Expansion ROM 2012-07-02 |
| Malware detection evasion in antivirus software 2011-11-05 |
| Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities 2011-06-27 |
| Manage Engine Exchange Reporter v4.1 - Multiple Web Vulnerabilites 2012-11-18 |
| ManageEngine Applications Manager Build No: 12700 Information Disclosure and Un-Authenticated SQL injection. 2016-05-06 |
| ManageEngine Asset Explorer v6.1 - Persistent Vulnerability 2015-06-22 |
| ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Vulnerability 2012-03-19 |
| ManageEngine Eventlog Analyzer Privilege Escalation v10.8 2016-02-10 |
| ManageEngine EventLog Analyzer V:10.0 CSRF Vulnerability 2015-05-19 |
| ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation 2016-01-29 |
| ManageEngine OpStor v7.4 - Multiple Web Vulnerabilities 2012-08-17 |
| ManageEngine Password Manager Pro Multiple Vulnerabilities 2016-04-04 |
| ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities 2012-11-21 |
| ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities 2015-06-19 |
| Manifattura Web (prodotto.php?id) Remote SQL injection Vulnerability 2011-09-02 |
| Mapserver for Windows (MS4W) Remote Code Execution 2012-05-29 |
| MapsUpdateTask Task DLL side loading vulnerability 2016-02-10 |
| marc4dasm - Atmel MARC microprocessor disassembler published 2013-01-30 |
| Marinet Remote SQL injection Vulnerability 2011-08-26 |
| Mark Thomas (markt apache org) |
| Marketing & Development (prodotto.php?cat) Remote SQL injection Vulnerability 2011-08-28 |
| Martin Heiland (martin heiland lists open-xchange com) |
| Mathematica10.0.0 on Linux /tmp/MathLink vulnerability 2014-08-27 |
| Mathematica8.0.4 on Linux /tmp/MathLink vulnerability 2012-04-14 |
| Mathematica9.0.1 on Linux /tmp/MathLink vulnerability 2013-02-08 |
| Mathopd - Directory Traversal Vulnerability 2012-02-03 |
| Matteo Beccati (matteo beccati com) |
| Matterdaddy Market v1.1 - SQL Injection Vulnerabilities 2012-04-10 |
| Matthew1471s ASP BlogX - XSS Vulnerabilities 2012-03-26 |
| matthias deeg syss de |
| mavili guestbook - SQL Injection and XSS Vulnerabilities 2012-01-03 |
| Maxim Solodovnik (solomax apache org) |
| May 2016 - HipChat Server - Critical Security Advisory 2016-05-13 |
| mbDriveHD v1.0.7 iOS - Multiple Web Vulnerabilities 2014-02-15 |
| McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution Vulnerability 2012-04-30 |
| McAfee Virtual Technician ActiveX Control Insecure Method 2013-03-27 |
| McAfee VirusScan Enterprise security restrictions bypass 2016-03-04 |
| McAfee Web Gateway URL Filtering Bypass 2012-04-16 |
| ME Application Manager 10 - Multiple Web Vulnerabilities 2012-08-01 |
| ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities 2012-04-01 |
| ME Mobile Application Manager v10 - SQL Vulnerabilities 2012-08-01 |
| ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389 2012-01-12 |
| Mediagrafic (prodotto.asp?id) (records.asp?id_p) Remote SQL injection Vulnerability 2011-08-30 |
| Meditate Web Content Editor 'username_input' SQL-Injection vulnerability 2011-12-05 |
| Medium risk security flaws in Konqueror 2012-10-30 |
| Medium severity flaw with Ark 2011-10-07 |
| MEHR Automation System Arbitrary File Download Vulnerability(persian portal) 2014-08-25 |
| mehta himanshu21 gmail com |
| Mercurycom MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerability 2012-02-21 |
| Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution 2015-07-08 |
| Merry Christmas from the FreeBSD Security Team 2011-12-23 |
| Metasploit 4.1.0 Web UI stored XSS vulnerability 2011-10-21 |
| Mezzanine CMS 4.1.0 Arbitrary File Upload 2016-02-03 |
| Mezzanine CMS 4.1.0 XSS 2016-02-03 |
| MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities 2012-07-16 |
| Mibew messenger multiple XSS 2012-01-30 |
| Microsoft .NET Framework XSS / Elevation of Privilege CVE-2015-6099 2015-11-11 |
| Microsoft Anti-XSS Library Bypass (MS12-007) 2012-01-19 |
| Microsoft Education - Stored Cross Site Web Vulnerability 2016-08-11 |
| Microsoft Exchange Information Disclosure 2015-09-16 |
| Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability 2016-04-15 |
| Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details 2016-11-01 |
| Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure 2011-07-21 |
| Microsoft MSINFO32.EXE ".NFO" Files XML External Entity 2016-12-04 |
| Microsoft MSRC RSS ASPX - CS Cross Site Web Vulnerability 2013-08-29 |
| Microsoft Office Excel ReadAV Arbitrary Code Execution 2012-10-10 |
| Microsoft PowerPointViewer Code Execution 2016-03-01 |
| Microsoft Remote Desktop Client for Mac Remote Code Execution 2016-12-07 |
| Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability 2013-09-11 |
| Microsoft Windows Media Center "ehshell.exe" XML External Entity 2016-12-04 |
| Microsoft's Binary Planting Clean-Up Mission 2011-09-15 |
| Michael Heydon (michael mheydon net) |
| Mike Kienenberger (mkienenb gmail com) |
| Mikrotik RouterOS 5.* and 6.* sshd remote preauth heap corruption 2013-09-02 |
| MiniMagic ruby gem remote code execution 2013-03-15 |
| MiniUPnPd Information Disclosure (CVE-2013-2600) 2013-07-12 |
| Misli.com Android App SSL certificate validation weakness 2014-04-24 |
| Missing Function Level Access control Vulnerability in OPutils 2016-02-15 |
| Missing SSL certificate validation in MercadoLibre app for Android [STIC-2014-0211] 2014-11-11 |
| MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526] 2011-07-05 |
| MITKRB5-SA-2011-006 KDC denial of service vulnerabilities [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529] 2011-10-18 |
| MITKRB5-SA-2011-007 KDC null pointer dereference in TGS handling [CVE-2011-1530] 2011-12-06 |
| MITKRB5-SA-2011-008 buffer overflow in telnetd [CVE-2011-4862] 2011-12-26 |
| MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015] 2012-07-31 |
| MITKRB5-SA-2014-001 Buffer overrun in kadmind with LDAP backend 2014-08-09 |
| MitM-vulnerability in Palo Alto Networks GlobalProtect 2012-10-17 |
| MIUI Torch Open Vulnerability 2014-09-17 |
| MIUI Wifi Connection Message Vulnerability 2014-09-17 |
| ML (marialemos72 gmail com) |
| Moab Authentication Bypass (insecure message signing) [CVE-2014-5376] 2014-09-29 |
| Moab Authentication Bypass [CVE-2014-5300] 2014-09-29 |
| Moab User Impersonation [CVE-2014-5375] 2014-09-29 |
| MobaXTerm before version 8.5 vulnerability in "jump host" functionality 2016-01-08 |
| Mobile Mp3 Search Engine HTTP Response Splitting 2012-02-22 |
| MobileCartly 1.0 <= Remote Code Execution Vulnerability 2012-08-08 |
| Mobilis MobiConnect 3G ZDServer 1.x - Privilege Escalation Vulnerability 2014-12-25 |
| Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability 2014-12-19 |
| Monkey HTTPD 1.1.1 - Denial of Service Vulnerability 2013-05-28 |
| Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability 2013-09-20 |
| More on IPv6 RA-Guard evasion (IPv6 security) 2011-09-01 |
| Moritz Muehlenhoff (jmm debian org) |
| Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability 2014-01-27 |
| Mozilla doesn't care for upstream security fixes, and doesn't bother to send own security fixes upstream 2016-04-28 |
| Mozilla extensions: a security nightmare 2015-08-04 |
| Mozilla Firefox 44.0b2 Cross-site Scripting Vulnerability 2016-01-11 |
| Mozilla Firefox and Microsoft Internet Explorer stall when using workaround from MS06-020 or MS06-069 2013-01-20 |
| MS14-080 CVE-2014-6365 Code 2015-01-14 |
| MS14-080 CVE-2014-6365 Technical Details Without "Nonsense" 2015-01-13 |
| msg patrykbogdan com |
| MSIE 9 IEFRAME CMarkupÂPointer::MoveÂToÂGap use-after-free 2016-12-15 |
| MSIE 9 MSHTML CElement::HasÂFlag memory corruption 2016-12-09 |
| MSIE 9 MSHTML CMarkup::ReloadInCompatView use-after-free 2016-12-13 |
| MSIE 9-11 MSHTML PROPERTYDESC::HandleStyleComponentProperty OOB read details 2016-11-09 |
| Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 2012-03-20 |
| Multimedia Creative (prodotto.php?id) Remote SQL injection Vulnerability 2011-08-28 |
| Multiple (persistent) XSS in ProjectSend 2016-03-17 |
| Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] 2015-07-22 |
| Multiple BSD libc/regcomp(3) Multiple Vulnerabilities 2011-11-04 |
| Multiple buffer overflows on Huawei SNMPv3 service 2013-05-06 |
| multiple critical vulnerabilities in sophos products 2012-11-05 |
| Multiple Cross site scripting in wordpress Plugin Image Metadata cruncher 2015-02-15 |
| Multiple Cross-Site Scripting (XSS) in Claroline 2013-11-27 |
| Multiple Cross-Site Scripting (XSS) in glFusion 2013-02-20 |
| Multiple Cross-Site Scripting (XSS) in Kajona 2012-07-11 |
| Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS 2013-05-01 |
| Multiple Cross-Site Scripting vulnerabilities in BLOG:CMS 2011-06-07 |
| Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09 |
| Multiple Cross-Site Scripting vulnerabilities in WebCalendar 2011-07-04 |
| Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0 2011-11-09 |
| Multiple Cross-Site-Scripting vulnerabilities in x3cms 2012-01-11 |
| Multiple DoS vulnerabilities in libosip2-4.1.0 2016-09-13 |
| Multiple exposures in Sophos UTM 2016-09-30 |
| Multiple G-WAN vulnerabilities 2011-10-13 |
| Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). 2013-12-02 |
| Multiple issues in OpManager 12100 & 12200 2016-11-20 |
| Multiple NULL Pointer Dereference Vulnerabilities in Corel Quattro Pro X6 2013-03-07 |
| Multiple Reflected XSS in Payment Form for PayPal Pro version 1.0.1 WordPress plugin 2015-10-04 |
| Multiple Reflected XSS in ResAds version 1.0.1 WordPress plugin 2015-10-04 |
| Multiple Reflected XSS vulnerabilities in Oliver (formerly Webshare) v1.3.1 2016-04-19 |
| Multiple Remote Code Execution found in ZHONE 2015-10-12 |
| Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance 2016-08-04 |
| Multiple security vulnerabilities in AShop 2011-11-09 |
| Multiple security vulnerabilities in Tremulous 1.1.0, GPP1, and unofficial MG and TJW engines 2012-02-22 |
| Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21 |
| Multiple SQL injection vulnerabilities in Cardoza Wordpress poll plugin 2013-01-21 |
| Multiple SQL Injection Vulnerabilities in web2Project 2014-06-18 |
| Multiple SQL injections in rivettracker <=1.03 2012-03-07 |
| Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne 2015-07-28 |
| Multiple vulnerabilities found in the Dlink DWR-932B (backdoor, backdoor accounts, weak WPS, RCE ...) 2016-09-28 |
| Multiple Vulnerabilities found in ZHONE 2015-10-12 |
| Multiple vulnerabilities in 11in1 2012-02-15 |
| Multiple vulnerabilities in AContent 2012-10-17 |
| Multiple vulnerabilities in All In One WP Security & Firewall plugin login CAPTCHA 2016-07-31 |
| Multiple vulnerabilities in BabyGekko 2012-11-14 |
| Multiple vulnerabilities in Barco Clickshare 2016-11-14 |
| Multiple vulnerabilities in BMC SERVICE DESK EXPRESS (SDE) Version 10.2.1.95 2013-07-12 |
| Multiple vulnerabilities in Browser CRM 2011-12-14 |
| Multiple vulnerabilities in BugFree 2011-10-12 |
| Multiple Vulnerabilities in Campaign Enterprise <= 11.0.538 2012-10-18 |
| Multiple Vulnerabilities in cPanel 2017-01-11 |
| Multiple Vulnerabilities in CubeCart 2016-03-30 |
| Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B) 2013-02-04 |
| Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A 2013-04-22 |
| Multiple Vulnerabilities in D'Link DIR-635 2013-04-25 |
| Multiple Vulnerabilities in D-Link DSL-320B 2013-05-06 |
| Multiple vulnerabilities in Dolibarr 2011-11-23 |
| Multiple vulnerabilities in dotProject 2012-11-21 |
| Multiple Vulnerabilities in Draytek Vigor 2130 2014-10-06 |
| Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg 2013-02-14 |
| Multiple vulnerabilities in Efront 2011-11-02 |
| Multiple vulnerabilities in epesi BIM 2011-12-21 |
| Multiple Vulnerabilities in Eventum 2014-01-27 |
| Multiple Vulnerabilities in Exponent CMS 2013-05-15 |
| Multiple vulnerabilities in Ezylog photovoltaic management server 2012-09-11 |
| Multiple Vulnerabilities in Gnew 2013-10-02 |
| Multiple vulnerabilities in Help Desk Software 2011-09-21 |
| Multiple vulnerabilities in ImpressCMS 2012-01-04 |
| Multiple Vulnerabilities in ISPConfig 2015-06-10 |
| Multiple vulnerabilities in jCore 2012-10-17 |
| Multiple vulnerabilities in LEPTON 2012-02-15 |
| Multiple Vulnerabilities in LibreOffice 2012-11-05 |
| Multiple Vulnerabilities in Linksys E1500/E2500 2013-02-05 |
| Multiple Vulnerabilities in Linksys WAG200G 2013-02-11 |
| Multiple Vulnerabilities in Linksys WRT160Nv2 2013-02-11 |
| Multiple Vulnerabilities in Linksys WRT54GL 2013-01-18 |
| Multiple vulnerabilities in LogAnalyzer 2012-05-23 |
| Multiple vulnerabilities in MantisBT 2011-09-05 |
| Multiple vulnerabilities in MantisBT 2015-01-28 |
| Multiple vulnerabilities in McAfee ePO 4.6.6 2013-07-12 |
| Multiple Vulnerabilities in MODX Revolution < = MODX 2.2.13-pl 2014-04-19 |
| Multiple Vulnerabilities in my little forum 2015-02-11 |
| Multiple Vulnerabilities in Netgear DGN2200B 2013-02-16 |
| Multiple vulnerabilities in Newscoop 2012-04-18 |
| Multiple vulnerabilities in OBM 2011-12-21 |
| Multiple vulnerabilities in Open Journal Systems (OJS) 2012-03-21 |
| Multiple Vulnerabilities in OpenDocMan 2014-03-05 |
| Multiple vulnerabilities in OpenEMR 2012-02-01 |
| Multiple Vulnerabilities in OpenPLI 2013-02-13 |
| Multiple vulnerabilities in Open-Realty 2011-06-28 |
| Multiple vulnerabilities in OpenX 2012-10-10 |
| Multiple vulnerabilities in OrangeHRM 2011-11-30 |
| Multiple vulnerabilities in OrangeHRM 2012-05-09 |
| Multiple vulnerabilities in OSclass 2012-01-25 |
| Multiple vulnerabilities in OSClass 2012-01-30 |
| Multiple vulnerabilities in osCmax 2012-04-04 |
| Multiple Vulnerabilities in Parallels® Plesk Sitebuilder 2014-07-23 |
| Multiple vulnerabilities in PBBoard 2012-08-08 |
| Multiple Vulnerabilities in phpList 2012-08-08 |
| Multiple vulnerabilities in PHPShop CMS Free 2011-12-20 |
| Multiple vulnerabilities in Piwigo 2012-04-25 |
| Multiple vulnerabilities in Pligg CMS 2012-05-23 |
| Multiple Vulnerabilities in Plone CMS 2016-10-12 |
| Multiple vulnerabilities in postfixadmin 2012-01-30 |
| Multiple vulnerabilities in Pretty Link WordPress Plugin 2011-10-12 |
| Multiple vulnerabilities in Samsung Kies 2012-10-15 |
| Multiple vulnerabilities in several IP camera products 2011-06-08 |
| Multiple vulnerabilities in Sharetronix 2014-05-28 |
| Multiple vulnerabilities in SiT! Support Incident Tracker 2011-09-14 |
| Multiple vulnerabilities in SonicWall 2011-10-04 |
| Multiple vulnerabilities in Subrion CMS 2012-10-17 |
| Multiple vulnerabilities in Template CMS 2012-10-03 |
| Multiple vulnerabilities in Tine 2.0 2011-10-19 |
| Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND 2013-02-14 |
| Multiple vulnerabilities in Traq 2011-09-28 |
| Multiple Vulnerabilities in VideoWhisper Live Streaming Integration WP Plugin 2014-02-27 |
| Multiple vulnerabilities in web@all 2012-06-20 |
| Multiple vulnerabilities in webERP 2011-11-17 |
| Multiple vulnerabilities in Winamp 5.61 2011-06-29 |
| Multiple vulnerabilities in Wordpress plugin SP Projects & Document Manager 2016-03-06 |
| Multiple Vulnerabilities in X2CRM 2013-09-25 |
| Multiple vulnerabilities in ZENphoto 2012-02-08 |
| Multiple vulnerabilities on D-Link Dir-505 devices 2013-09-09 |
| Multiple vulnerabilities on Sitecom N300/N600 devices 2013-08-19 |
| Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14 |
| multiple Vulnerability in "WahmShoppes eStore" 2014-06-05 |
| Multiple XSS in Dotclear 2012-02-29 |
| Multiple XSS in eShop for Wordpress 2011-08-10 |
| Multiple XSS in Fork CMS 2012-03-07 |
| Multiple XSS in GBook PHP guestbook 2011-07-27 |
| Multiple XSS in HESK 2011-08-03 |
| Multiple XSS in Chyrp 2012-02-22 |
| Multiple XSS in KnowledgeTree Community Edition 2012-01-11 |
| Multiple XSS in pragmaMx 2012-05-23 |
| Multiple XSS in WP-Stats-Dashboard 2011-08-17 |
| Multiple xss issues in Liferay 2012-05-13 |
| Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress 2012-04-11 |
| Multiple XSS vulnerabilities in CMS Papoo Light Version 2011-09-12 |
| Multiple XSS vulnerabilities in Events Manager WordPress plugin 2013-03-06 |
| Multiple XSS vulnerabilities in FortiSandbox WebUI 2015-08-01 |
| Multiple XSS vulnerabilities in LightNEasy 3.2.4 2011-09-08 |
| Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin 2015-07-22 |
| Multiple XSS Vulnerabilities in Xaraya 2013-06-26 |
| Multiple XSS vulnerabilities in XOOPS 2012-04-18 |
| Murgent CMS - SQL Injection Vulnerability 2015-11-17 |
| Muzedon (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-16 |
| MVSA-11-013 - EllisLab xss_clean Filter Bypass - ExpressionEngine and CodeIgniter 2011-11-28 |
| My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities 2013-10-15 |
| My PDF Creator & DE DM v1.4 iOS - Multiple Vulnerabilities 2014-02-17 |
| My Photo Wifi Share & PS 1.1 iOS - Local Command Injection Vulnerability 2014-03-27 |
| My ROP mitigation 2012-08-02 |
| My.WiFi USB Drive v1.0 iOS - File Include Vulnerability 2015-09-28 |
| Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy 2012-06-21 |
| Mybb 1.6.8 Sql Injection Vulnerabilitiy 2012-06-07 |
| Mybb Ajaxfs Plugin Sql Injection vulnerability 2013-11-20 |
| Mybb Cms (create forum and edit) Cross-Site Script Vulnerability 2016-04-13 |
| Mybb Cms (private.php Page) Denial Of Service Vulnerability 2016-04-14 |
| Mybb Sendthread Page Denial of Service Vulnerability 2014-05-29 |
| myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique 2011-06-15 |
| MYRE Real Estate Mobile 2012|2 - Multiple Vulnerabilities 2012-06-14 |
| MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability 2016-02-10 |
| MySQL 0days followup (CVE-2016-3477) CVSS 8.1 2016-07-26 |
| MySQL zero-day vulnerabilities (July 2016 CPU) 2016-07-22 |
| MySQLDriverCS Cross-Parameter SQL Injection Vulnerability 2011-06-27 |
| n.runs-SA-2011.001 - Citrix XenApp / XenDesktop Stack-Based Buffer Overflow 2011-07-28 |
| n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption 2011-07-28 |
| n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table 2011-12-28 |
| n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS 2012-11-19 |
| n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access 2013-03-15 |
| n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection 2013-03-15 |
| n.runs-SA-2013.003 - Polycom - H.323 CDR Database SQL Injection 2013-03-15 |
| n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability 2013-03-15 |
| Nafis Group (review.php?ID) Remote SQL injection Vulnerability 2011-08-23 |
| Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] 2016-12-15 |
| Nagios NA v2.2.1 XSS 2016-08-09 |
| Nagios Network Analyzer v2.2.1 Multiple CSRF 2016-08-09 |
| Nakid-CMS CSRF, Persistent XSS & LFI 2015-06-11 |
| NASA Orion Mars Program - Bypass, Persistent Issue & Embed Code Execution Vulnerability (Boarding Pass) 2014-12-05 |
| Nativedreams (Fabarth_gallery.php?categoria_id) Remote SQL injection Vulnerability 2011-08-23 |
| nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities 2013-01-28 |
| Necroscan <= v0.9.1 Buffer Overflow 2016-08-26 |
| Negin Group CMS - (v) Multiple Web Vulnerabilities 2016-04-25 |
| NeoBill CMS v0.8 Alpha - Multiple Web Vulnerabilities 2012-09-13 |
| NeoInvoice Blind SQL Injection (CVE-2012-3477) 2012-08-12 |
| Neoscreen v4.5 Authentication bypass 2016-07-24 |
| Neoscreen v4.5 Blind SQL injection 2016-07-24 |
| Neoscreen v4.5 Cross-site scripting 2016-07-24 |
| Neox (categoria.php?id) Remote SQL injection Vulnerability 2011-08-12 |
| Nero MediaHome Multiple Remote DoS Vulnerabilities 2013-01-09 |
| NESSUS ANDROID APP - stores login info in plain text 2012-07-20 |
| NetBSD 5.1 libc/net multiple functions stack buffer overflow 2011-07-01 |
| NetCat CMS v5.0.1 - Multiple Web Vulnerabilities 2012-10-31 |
| NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities 2016-05-03 |
| NetCracker Resource Management 8.0 - SQL Injection Vulnerability 2015-07-22 |
| NetCracker Resource Management 8.0 - XSS Vulnerability 2015-07-22 |
| NETGEAR Exposure of Sensitive Information - Security Advisory - SOS-12-005 2012-05-13 |
| Netgear GS105Ev2 - Multiple Vulnerabilities 2016-01-27 |
| Netgear ProSafe switches: Unauthenticated startup-config disclosure and Denial of Service 2013-08-21 |
| Netgear Prosafe VPN Firewalls - Multiple vulnerabilities 2015-06-25 |
| NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF - SOS-11-011 2011-09-20 |
| NETGEAR Wireless Management System - Authentication Bypass and Privilege Escalation. 2015-09-07 |
| NetGear WNDR Authentication Bypass / Information Disclosure 2015-02-17 |
| NETGEAR WNR1000v3 Password Recovery Vulnerability 2014-01-12 |
| Netjuke 1.0 RC1 - SQL Injection Vulnerabilities 2012-04-12 |
| Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability 2016-01-29 |
| Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability 2016-02-01 |
| netplanet (dettaglio.asp?id) Remote SQL injection Vulnerability 2011-08-16 |
| NetSaro Enterprise Messenger Server Administration Console Source Code Disclosure 2011-08-22 |
| NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability 2011-08-15 |
| NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability 2011-08-15 |
| Netvolution referer header SQL injection vulnerability 2011-10-03 |
| NEW : VMSA-2014-0006 - VMware product updates address OpenSSL security vulnerabilities 2014-06-11 |
| New Blog Post: Attacking the Windows 7/8 Address Space Randomization 2013-01-24 |
| New Era Company CMS - (id) SQL Injection Vulnerability 2016-01-28 |
| New IETF I-D on "Stable Privacy Addresses" 2011-12-15 |
| New IETF I-D: Security Implications of IPv6 on IPv4 networks 2012-04-24 |
| New IETF I-Ds on Fragmentation-related security issues 2011-12-15 |
| New issue of PenTest Magazine is out - 21 pages of free content. 2011-11-30 |
| New online security challenge - GotWurzel 2011-11-07 |
| New open source Security Framework 2011-10-04 |
| New Open Source Web Application Vulnerability Scanner Available 2012-05-16 |
| NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability 2013-11-15 |
| NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation 2013-12-04 |
| NEW VMSA-2013-0015 VMware ESX updates to third party libraries 2013-12-06 |
| NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library 2014-06-25 |
| NEW VMSA-2014-0008 VMware vSphere product updates to third party libraries 2014-09-09 |
| NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities 2014-10-01 |
| NEW VMSA-2014-0013 - VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability 2014-12-09 |
| NEW VMSA-2015-0001 - VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address resolve security issues 2015-01-27 |
| NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability 2015-01-29 |
| NEW VMSA-2015-0005 : VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability 2015-07-10 |
| NEW VMSA-2015-0008 - VMware product updates address information disclosure issue 2015-11-19 |
| NEW VMSA-2016-0004 VMware product updates address a critical security issue in the VMware Client Integration Plugin 2016-04-14 |
| NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities 2014-12-05 |
| News Script PHP v1.2 - Multiple Web Vulnerabilites 2012-06-15 |
| NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability 2013-11-28 |
| NG WifiTransfer Pro 1.1 - File Include Vulnerability 2014-06-03 |
| Nginx (Debian-based distros) - Root Privilege Escalation (CVE-2016-1247) 2016-11-21 |
| nginx fix for malformed HTTP responses from upstream servers 2012-03-15 |
| Nginx ngx_http_close_connection function integer overflow 2013-04-25 |
| NGS000107 Technical Advisory: Oracle Gridengine sgepasswd Buffer Overflow 2012-11-30 |
| NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout 2012-11-30 |
| NGS000194 Technical Advisory: Nagios XI Network Monitor Blind SQL Injection 2012-11-30 |
| NGS000196 Technical Advisory: Nagios XI Network Monitor OS Command Injection 2012-11-30 |
| NGS000241 Technical Advisory: SysAid Helpdesk Pro Blind SQL Injection 2012-11-30 |
| NGS000263 Technical Advisory: Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator 2012-11-30 |
| NGS000266 Technical Advisory: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL 2012-11-30 |
| NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel 2012-11-30 |
| NGS000268 Technical Advisory: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email 2012-11-30 |
| NGS000330 Technical Advisory: Squiz CMS File Path Traversal 2012-11-30 |
| NGS00042 Patch Notification: Solaris USB configuration descriptor kernel stack overflow 2011-07-25 |
| NGS00042 Technical Advisory: Solaris 11 USB hub class descriptor kernel stack overflow (CVE-2011-2295) 2011-11-02 |
| NGS00051 Technical Advisory: Cisco VPN Client Privilege Escalation 2011-06-28 |
| NGS00052 Technical Advisory: Apple Mac OS X Image RAW Multiple Buffer Overflows 2011-06-28 |
| NGS00054 Technical Advisory: : Lumension Device Control (formerly Sanctuary) remote memory corruption 2011-08-24 |
| NGS00057 Technical Advisory: Apple Mac OS X ImageIO Integer Overflow 2011-06-28 |
| NGS00060 Technical Advisory: Blue Coat BCAAA Remote Code Execution Vulnerability 2011-07-05 |
| NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow 2011-06-28 |
| NGS00062 Technical Advisory: Apple OSX / iPhone ImageIO TIFF getBandProcTIFF TileWidth Heap Overflow 2011-10-10 |
| NGS00068 Technical Advisory - LibAVCodec AMV Out of Array Write 2011-08-01 |
| NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux 2011-09-21 |
| NGS00106 Technical Advisory: Increased exploitation of Oracle GlassFish Server Administration Console Remote Authentication Bypass Vulnerability 2012-01-05 |
| NGS00107 Patch Notification: Oracle Grid Engine sgepasswd Buffer Overflow 2012-04-30 |
| NGS00109 Patch Notification: ImpressPages CMS Remote code execution 2011-09-27 |
| NGS00109 Technical Advisory: Remote Code Execution in ImpressPages CMS 2012-01-05 |
| NGS00117 Patch Notification: Symantec PCAnywhere Local Privilege Escalation 2012-01-25 |
| NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation 2012-04-30 |
| NGS00118 Patch Notification: Symantec PCAnywhere Remote Code Execution as SYSTEM 2012-01-25 |
| NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM 2012-04-30 |
| NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution 2012-02-23 |
| NGS00137 Patch Notification: Websense Triton 7.6 - Reflected XSS in report management UI 2011-12-15 |
| NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI 2012-04-30 |
| NGS00138 Patch Notification: Websense Triton 7.6 - Authentication bypass in report management UI 2011-12-15 |
| NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI 2012-04-30 |
| NGS00140 Patch Notification: Websense Triton 7.6 - Unauthenticated remote command execution as SYSTEM 2011-12-15 |
| NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM 2012-04-30 |
| NGS00141 Patch Notification: Websense Triton 7.6 - Stored XSS in report management UI 2011-12-15 |
| NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI 2012-04-30 |
| NGS00144 Patch Notification: FFmpeg Libavcodec buffer overflow remote code execution 2011-11-23 |
| NGS00145 Patch Notification: FFmpeg Libavcodec out of bounds write remote code execution 2011-11-23 |
| NGS00148 Patch Notification: FFmpeg Libavcodec memory corruption remote code execution 2011-11-23 |
| NGS00153 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Reflective XSS allowing an attacker to gain session tokens 2012-03-29 |
| NGS00154 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Session hijacking and bypassing client-side session timeouts 2012-03-29 |
| NGS00155 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Any logged-in user can bypass controls to reset passwords of other administrators 2012-03-29 |
| NGS00156 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Active sesssion tokens of other users are disclosed within the UI 2012-03-29 |
| NGS00157 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Password hashes can be recovered from a system backup and easily cracked 2012-03-29 |
| NGS00158 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Arbitrary file download is possible with a crafted URL when logged in as any user 2012-03-29 |
| NGS00162 Patch Notification: Symantec Message Filter Session Hijacking via session fixation 2012-07-02 |
| NGS00193 Patch Notification: Trend Micro DataArmor and DriveArmor - Restricted Environment breakout, Privilege Escalation and Full Disk Decryption 2012-01-24 |
| NGS00194 Patch Notification: Nagios XI Network Monitor Blind SQL Injection 2012-07-02 |
| NGS00195 Patch Notification: Nagios XI Network Monitor Stored and Reflected XSS 2012-07-02 |
| NGS00196 Patch Notification: Nagios XI Network Monitor OS Command Injection 2012-07-02 |
| NGS00208 Patch Notification: Moodle CMS stored XSS 2012-08-20 |
| NGS00237 Patch Notification: Samba Andx request Remote Code Execution 2012-02-25 |
| NGS00241 Patch Notification: SysAid Helpdesk blind SQL injection 2012-08-20 |
| NGS00242 Patch Notification: SysAid Helpdesk stored XSS 2012-08-20 |
| NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities 2013-04-02 |
| NGS00254 Patch Notification: Apple Mac OS X Lion USB Hub Class Hub Descriptor Arbitrary Code Execution 2012-09-27 |
| NGS00263 Patch Notification: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator 2012-09-18 |
| NGS00265 Patch Notification: Symantec Messaging Gateway - Unauthenticated detailed version disclosure 2012-09-18 |
| NGS00266 Patch Notification: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL 2012-09-18 |
| NGS00267 Patch Notification: Symantec Messaging Gateway SSH with backdoor user account 2012-09-18 |
| NGS00268 Patch Notification: Symantec Messaging Gateway Out-of-band stored XSS - delivered by email 2012-09-18 |
| NGS00288 Patch Notification: Windows Remote Desktop Memory Corruption Leading to RCE on XP SP3 2012-08-17 |
| NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation 2013-02-04 |
| NGS00330 Patch Notification: Squiz CMS Directory Traversal 2012-08-20 |
| NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation 2013-02-04 |
| NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth) 2013-05-02 |
| NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth) 2013-05-02 |
| NGS00422 Patch Notification: Oracle Retail Integration Bus Manager Directory Traversal 2013-05-02 |
| NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection 2013-05-02 |
| NGS00440 Patch Notification: Windows USB RNDIS driver kernel pool overflow 2013-03-18 |
| nickyccwu tencent com |
| Nightwatch Cybersecurity Research (research nightwatchcybersecurity com) |
| Nike+ Panel & Mobile App - Multiple Web Vulnerabilities 2012-08-17 |
| Nikon CoolPix L Series Fw1.0 - Information Disclosure Issue 2013-07-16 |
| NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28 |
| NOPcon 2013 - Call for paper - Istanbul , Turkey 2013-03-18 |
| Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration getSubKeys() Remote SQL Injection Exploit 2011-09-15 |
| NoSuchCon CFP / 15-17 May 2013 / Paris, France 2013-01-21 |
| Notepad++6.9.2 DLL Hijacking Vulnerability 2016-08-08 |
| Notes v4.5 iOS - Arbitrary File Upload Vulnerability 2016-05-10 |
| NotSoSecure CTF (in partnership with Appsec USA) 2013-10-08 |
| Novell GroupWise 2014 WebAccess vulnerable to XSS attacks 2015-07-17 |
| Novell GroupWise Multiple Remote Code Execution Vulnerabilities 2013-04-03 |
| Novell Sentinel Log Manager <=1.2.0.1 Path Traversal 2011-12-18 |
| NPS Datastore server DLL side loading vulnerability 2016-02-10 |
| NSFOCUS SA2011-01 : Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability 2011-06-15 |
| NSOADV-2013-001: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/appliance/) 2013-01-17 |
| NSOADV-2013-002: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/sgms/) 2013-01-17 |