Bugtraq Database 5

Bugtraq Database - Úvod  1  2  3  4  5  6  7  8 Vše

Poslední aktualizace v 05.07.2017 14:41:40

 

Fork CMS 3.8.3 - XSS Vulnerability 2015-02-02
Format Factory v2.95 - Buffer Overflow Vulnerabilities 2012-05-04
FormatFactory 3.9.0 - (.task) Stack Overflow Vulnerability 2016-09-02
FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Web Vulnerability 2016-08-04
FortiClient SSLVPN 5.4 - Credentials Disclosure 
FortiCloud - (Reports Summary) Multiple Persistent Vulnerabilities 2016-08-05
Fortigate UTM WAF Appliance - Cross Site Vulnerabilities 2012-09-17
Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities 2012-09-12
Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities 2012-09-17
FortiManager & FortiAnalyzer 5.x (Appliance Application) - (filename) Persistent Web Vulnerability 2016-04-04
FortiManager (Series) - (Bookmark) Persistent Vulnerability 2016-08-04
FortiManager (Series) - Multiple Web Vulnerabilities 2016-08-02
FortiManager v5.2.2 Multiple XSS Vulnerabilities 2015-09-25
Fortinet FortiMail 400 IBE - Multiple Web Vulnerabilities 2013-01-28
Fortinet FortiManager & FortiAnalyzer - (filename) Persistent Web Vulnerability 2016-08-01
Fortinet FortiWeb Web Application Firewall Policy Bypass 2012-05-03
FortiVoice v5.0 - Filter Bypass & Persistent Validation Vulnerability 2016-08-09
Forum Oxalis 0.1.2 <= SQL Injection Vulnerability 2012-07-03
Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro. 2013-02-19
Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities 2015-01-13
Foxit Reader Insecure Library Loading 2011-07-21
FOXMOLE Advisories (advisories foxmole com) 
FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability 2015-07-17
FrameJammer DOM based XSS 2012-02-27
Free Monthly Websites v2.0 - Multiple Web Vulnerabilities 2013-02-04
Free Web App Security Challenges - Hackademics Project 2012-07-20
Free WMA MP3 Converter - Buffer Overflow Exploit (SEH) 2015-11-17
Freebox OS Web interface 3.0.2 XSS, CSRF 2015-06-01
FreeBSD bsnmpd information disclosure 2016-01-15
FreeBSD ftpd/ProFTPD on FreeBSD Remote Root Exploit 2011-12-01
FreeBSD Security Advisories (security-advisories freebsd org) 
FreeBSD Security Advisory FreeBSD-SA-11:03.bind 2011-09-28
FreeBSD Security Advisory FreeBSD-SA-11:04.compress 2011-09-28
FreeBSD Security Advisory FreeBSD-SA-11:05.unix [REVISED] 2011-10-04
FreeBSD Security Advisory FreeBSD-SA-11:05.unix 2011-09-28
FreeBSD Security Advisory FreeBSD-SA-11:06.bind 2011-12-23
FreeBSD Security Advisory FreeBSD-SA-11:07.chroot 2011-12-23
FreeBSD Security Advisory FreeBSD-SA-11:08.telnetd 2011-12-23
FreeBSD Security Advisory FreeBSD-SA-11:09.pam_ssh 2011-12-23
FreeBSD Security Advisory FreeBSD-SA-11:10.pam 2011-12-23
FreeBSD Security Advisory FreeBSD-SA-12:01.openssl 2012-05-03
FreeBSD Security Advisory FreeBSD-SA-12:01.openssl 2012-05-30
FreeBSD Security Advisory FreeBSD-SA-12:02.crypt 2012-05-30
FreeBSD Security Advisory FreeBSD-SA-12:03.bind 2012-06-12
FreeBSD Security Advisory FreeBSD-SA-12:04.sysret [REVISED] 2012-06-19
FreeBSD Security Advisory FreeBSD-SA-12:04.sysret 2012-06-12
FreeBSD Security Advisory FreeBSD-SA-12:05.bind 2012-08-06
FreeBSD Security Advisory FreeBSD-SA-12:06.bind 2012-11-23
FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd 2012-11-23
FreeBSD Security Advisory FreeBSD-SA-12:08.linux 2012-11-23
FreeBSD Security Advisory FreeBSD-SA-13:01.bind 2013-02-19
FreeBSD Security Advisory FreeBSD-SA-13:02.libc 2013-02-19
FreeBSD Security Advisory FreeBSD-SA-13:03.openssl 2013-04-02
FreeBSD Security Advisory FreeBSD-SA-13:04.bind 2013-04-02
FreeBSD Security Advisory FreeBSD-SA-13:06.mmap [REVISED] 2013-06-21
FreeBSD Security Advisory FreeBSD-SA-13:06.mmap 2013-06-18
FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast [REVISED] 2013-09-10
FreeBSD Security Advisory FreeBSD-SA-13:10.sctp [REVISED] 2013-09-10
FreeBSD Security Advisory FreeBSD-SA-13:11.sendfile 2013-09-10
FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl 2013-09-10
FreeBSD Security Advisory FreeBSD-SA-13:13.nullfs 2013-09-10
FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED] 2013-11-29
FreeBSD Security Advisory FreeBSD-SA-13:14.openssh 2013-11-19
FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd 2014-01-14
FreeBSD Security Advisory FreeBSD-SA-14:02.ntpd 2014-01-14
FreeBSD Security Advisory FreeBSD-SA-14:03.openssl 2014-01-14
FreeBSD Security Advisory FreeBSD-SA-14:04.bind 2014-01-14
FreeBSD Security Advisory FreeBSD-SA-14:14.openssl 2014-06-05
FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 2014-09-09
FreeBSD Security Advisory FreeBSD-SA-14:24.sshd [REVISED] 2014-11-06
FreeBSD Security Advisory FreeBSD-SA-14:25.setlogin 2014-11-05
FreeBSD Security Advisory FreeBSD-SA-14:26.ftp 2014-11-05
FreeBSD Security Advisory FreeBSD-SA-14:31.ntp 2014-12-23
FreeBSD Security Advisory FreeBSD-SA-15:01.openssl 2015-01-14
FreeBSD Security Advisory FreeBSD-SA-15:10.openssl 2015-06-12
FreeBSD Security Advisory FreeBSD-SA-15:12.openssl 2015-07-09
FreeBSD Security Advisory FreeBSD-SA-15:13.tcp 2015-07-22
FreeBSD Security Advisory FreeBSD-SA-15:14.bsdpatch 2015-07-28
FreeBSD Security Advisory FreeBSD-SA-15:15.tcp 2015-07-28
FreeBSD Security Advisory FreeBSD-SA-15:16.openssh [REVISED] 2015-07-30
FreeBSD Security Advisory FreeBSD-SA-15:16.openssh 2015-07-28
FreeBSD Security Advisory FreeBSD-SA-15:17.bind 2015-07-28
FreeBSD Security Advisory FreeBSD-SA-15:20.expat 2015-08-18
FreeBSD Security Advisory FreeBSD-SA-15:23.bind 2015-09-02
FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind [REVISED] 2015-10-02
FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind 2015-09-29
FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED] 2015-11-04
FreeBSD Security Advisory FreeBSD-SA-15:25.ntp 2015-10-26
FreeBSD Security Advisory FreeBSD-SA-15:26.openssl 2015-12-05
FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16
FreeBSD Security Advisory FreeBSD-SA-16:01.sctp 2016-01-14
FreeBSD Security Advisory FreeBSD-SA-16:04.linux 2016-01-14
FreeBSD Security Advisory FreeBSD-SA-16:05.tcp 2016-01-14
FreeBSD Security Advisory FreeBSD-SA-16:07.openssh 2016-01-15
FreeBSD Security Advisory FreeBSD-SA-16:08.bind 2016-01-27
FreeBSD Security Advisory FreeBSD-SA-16:09.ntp 2016-01-27
FreeBSD Security Advisory FreeBSD-SA-16:10.linux 2016-01-27
FreeBSD Security Advisory FreeBSD-SA-16:11.openssl 2016-01-30
FreeBSD Security Advisory FreeBSD-SA-16:14.openssh 2016-03-16
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch 2016-03-16
FreeBSD Security Advisory FreeBSD-SA-16:17.openssl 2016-05-04
FreeBSD Security Advisory FreeBSD-SA-16:18.atkbd 2016-05-17
FreeBSD Security Advisory FreeBSD-SA-16:19.sendmsg 2016-05-17
FreeBSD Security Advisory FreeBSD-SA-16:25.bspatch 2016-07-25
FreeBSD Security Advisory FreeBSD-SA-16:39.ntp 2016-12-22
FreeBSD Security Advisory FreeBSD-SA-17:01.openssh 2017-01-11
FreeDisk v1.01 iOS - Multiple Web Vulnerabilities 2014-08-04
Freelancer calendar <= 1.01 SQL Injection Vulnerability 2011-11-19
Freemake Video Downloader 3.7.1 - Code Execution Vulnerability 2015-10-15
FreePBX (All Versions) RCE 2014-10-01
FreePBX Remote Exploit 2012-02-15
Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities 2012-07-04
FreeWebshop <= 2.2.9 R2 (ajax_save_name.php) Remote Code Execution Vulnerability 2011-11-16
FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability 2015-10-09
From XSLT code execution to Meterpreter shells 2012-07-03
FTGate 2009 Build 6.4.00 CSRF Vulnerabilities 2015-10-02
FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability 2014-03-27
FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability 2013-07-16
FTPShell Client v5.24 Buffer Overflow 2015-12-30
Fulci (prodotto.php?id) Remote SQL injection Vulnerability 2011-09-01
Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials 2013-07-22
Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units 2013-07-14
Full disclosure for SA45649, SQL Injection in LedgerSMB and SQL-Ledger 2011-08-31
Funeral Script PHP - Multiple Web Vulnerabilites 2012-07-11
Funnel Web (directory.php?cid) Remote SQL injection Vulnerability 2011-07-26
Funnel Web (items.php?&cat_id) Remote SQL injection Vulnerability 2011-07-26
Funnel Web (pages.php?page) Remote SQL injection Vulnerability 2011-07-26
Funnel Web (selected_product.php?t) Remote SQL injection Vulnerability 2011-07-26
Fuzzylime v3.03b CMS - CS Cross Scripting Vulnerability 2014-12-16
FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |= 2012-11-20
Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability 2016-12-31
Fwd: [cryptography] Apple Legacy filevault barn door... 2012-05-05
Fwd: [CVE-2015-6940] Pentaho GA PDI & GA BA - Improper authentication allows unauthenticated access to configuration files 2015-09-16
Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4 2013-02-24
Fwd: {Lostmon´s Group} Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability 2011-08-09
Fwd: BT Wifi Extenders - Cross Site Scripting leading to disclosure of PSK 2016-09-22
Fwd: CVE-2015-5256: Apache Cordova vulnerable to improper application of whitelist restrictions 2015-11-20
Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android 2015-11-20
Fwd: RA-Guard: Advice on the implementation (feedback requested) 2012-02-02
Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability 2015-01-22
Fwd: RFC 6274 on Security Assessment of the Internet Protocol Version 4 2011-07-05
Fwd: RUCKUS ADVISORY ID 111113-2: Authenticated persistent cross site scripting vulnerability in guest pass provisioning web interface on ZoneDirector controllers 2013-11-12
Fwd: Timing attack vulnerability in most Zeus server-sides 2015-10-25
Fwd: vulnerability issue for DB2 express 2013-11-12
FYI: We're now paying up to $20,000 for web vulns in our services 2012-04-23
G2webCMS (products.php?cat_id) (member-profile.php?profile) Remote SQL injection Vulnerability 2011-07-27
GDTelcom Speedtest ActiveX Control "FTPDownLoad Class"-ActiveX.dll Remote Denial of Service Vulnerability 2011-11-01
Gergely Eberhardt (gergely eberhardt search-lab hu) 
gerhard klostermeier syss de 
Getdpd BB #4 - (name) Persistent Validation Vulnerability 2016-02-08
Getdpd BB #5 - Persistent Filename Vulnerability 2016-02-08
Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability 2016-02-03
Getdpd Bug Bounty #6 - (Import - FTP) Persistent Vulnerability 2016-02-10
Ggb Guestbook - XSS Vulnerabilities 2012-01-05
giflib: heap overflow in giffix (CVE-2015-7555) 2015-12-21
GIMP FIT File Format DoS 2012-06-29
GIMP Scriptfu Python Remote Command Execution 2012-08-16
glibc catopen() Multiple unbounded stack allocations 2016-01-25
GLSA (Gentoo Linux Security Advisory) publication changes 2012-02-02
Glype proxy cookie jar path traversal allows code execution 2014-09-22
Glype proxy local address filter bypass 2014-09-22
Glype proxy privacy settings can be disabled via CSRF 2014-09-22
Gnome Nautilus [Denial of Service] 2015-12-02
gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk 2012-03-06
GnuPG 1.4.12 and lower - memory access errors and keyring database corruption 2012-12-29
Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001 2013-04-03
Google App Enging SDK Code Execution Vulnerability (CVE 2011-1364) 2011-10-11
Google Compute Engine - Lateral Compromise 2014-05-30
Google Compute Engine Multiple DOS Vulnerabilities 2014-05-30
Google Chrome 19 metro_driver.dll mishandling 2012-07-15
Google Chrome Accessibility blink::Node corruption details 2016-11-29
Google Chrome HTTPS Address Bar Spoofing 2012-01-04
Google Nexus 5X Bootloader Unauthorized Memory Dumping via USB 2016-09-04
Google SEO Pressor Snippet Plugin XSS Vulnerability 2016-04-23
Gopal Systems (products.php?cat_id) Remote SQL injection Vulnerability 2011-07-28
GotRoot Security Challenge 2011-10-20
GreenBrowser iframe content Double Free Vulnerability 2012-01-12
GreHack 2012 - 19th Oct. Grenoble, France - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ] 2012-09-11
GreHack 2012 - 19th Oct. Grenoble, France - Conference + CTF - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ] 2012-09-19
GreHack 2012 - Call For Musicians/Artists/DJs application open till October 5th 2012 (Grenoble, France) 2012-07-19
GreHack 2012 - Call For Papers (Grenoble, France) 2012-05-25
GreHack 2012 - extended deadline CFP 15th August 2012 (Grenoble, France) 2012-07-09
GreHack 2012 - LAST Call For Papers (Grenoble, France) till 15th August 2012 2012-08-13
GreHack 2013 - 15 Nov. Grenoble, France - Conf. Registration OPEN 2013-09-25
GreHack 2013 - 2nd Call For Papers - November 15, Grenoble, France 2013-05-25
GreHack 2013 - CFP ends on June, 30 - Conf: Nov. 15, Grenoble, France 2013-06-22
Group-Office Calendar SQL Injection 2012-09-03
Group-Office Cleartext Credentials Stored in Cookies 2012-08-13
GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities 2012-04-10
Grupo Argentina Web Remote SQL injection Vulnerability 2011-08-18
GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability 2014-09-26
GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities 2012-10-01
GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities 2012-10-08
GTX CMS 2013 Optima - Multiple Web Vulnerabilities 2013-10-29
GuestBook Scripts PHP v1.5 - Multiple Web Vulnerabilites 2012-07-04
Guests can view names and emailadresses of all Liferay users in liferay 6.1 2012-05-13
Guppy CMS v5.01.03 - Client Side Cross Site Scripting Web Vulnerability 2016-08-02
H2HC Brazil (Hackers 2 Hackers Conference) 8th Edition - Call for Papers 2011-07-20
H2HC Brazil 9th Edition - Call for Papers 2012-05-18
Hacking IPv6 Networks (slides) 2011-07-26
Hackito Ergo sum // HES2012 Final CFP // Call for Hackers 2012-02-16
Hackito Ergo Sum 2012 Call For Papers ! (12/13/14 April 2012) 2011-12-03
Hackito Ergo Sum 2012 dates 2011-09-24
Hafez Kamal (aphesz hackinthebox org) 
Hands-on Mobile (Android & iOS) + ARM Exploitation Training at Toorcon 2014-09-27
Happy Birthday FreeBSD! Now you are 20 years old and your security is the same as 20 years ago... :) 2013-06-19
Hard-coded accounts on multiple network cameras 2013-07-11
Hardcoded AES 256 bit key used in Kankun IoT/Smart socket and its mobile App 2015-06-06
Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB 2012-10-11
Hardcoded root password in Zyxel MAX3XX series Wimax CPEs 2016-03-23
Hardcoreview WriteAV Arbitrary Code Execution 2012-10-05
hashdays 2012 - Call for Papers (#days CFP) 2012-06-25
Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-07-24
Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878 2015-07-24
HCA0005 - Liberty Global - Horizon HD STB - predictable WiFi passphrase 2016-01-28
HD Video Player v2.5 iOS - Multiple Web Vulnerabilities 2016-02-12
Heap Memory Corruption in HP Device Access Manager for Protect Tools Information Store 2011-12-02
Hector Marco (hmarco hmarco org) (1 replies)
Heroku API Bug Bounty #1 - Persistent Invitation Vulnerability 2015-01-12
Heroku API Deep Dive Bug Bounty #3 - Persistent UI Vulnerability 2015-01-12
Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability 2015-06-10
Hi Technology & Services CMS - SQL Injection Vulnerabilities 2016-03-31
Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities 2013-10-03
Hiding Backdoors in plain sight, again 2011-07-22
HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability 2015-05-20
Horizontal Privilege Escalation/Code Injection in ownCloudâ??s Windows Client 2016-08-19
Host tracking in IPv6 (SI6 Networks' IPv6 toolkit v1.3.3) 2013-03-11
'Hotel Booking Portal' SQL Injection (CVE-2012-1672) 2012-04-04
How well does Microsoft support (and follow) their mantra "keep your PC updated"? 2012-08-09
HP ArcSight Logger provides incorrect/invalid/incomplete results for queries with boolean operators 2015-07-31
HP Data Protector Arbitrary Remote Command Execution 2013-08-07
HP LaserJet Fax Preview DLL side loading vulnerability 2016-01-23
HP Security Alert (hp-security-alert hp com) 
HP ToComMsg DLL side loading vulnerability 2016-01-23
HP/H3C and Huawei SNMP Weak Access to Critical Data 2012-10-23
HServer webserver - Directory Traversal Vulnerability 2012-01-05
HTB23004: Multiple Vulnerabilities in e107 2011-06-15
HTB23005: Multiple XSS in N-13 News 2011-06-15
HTB23008: Multiple XSS & CSRF (Cross-Site Request Forgery) in miniblog 2011-06-15
HTB23010: Multiple XSS & Local File Inclusion in Free Simple CMS 2011-06-15
HTB23012: Gogago YouTube Video Converter ActiveX Control "Download()" Buffer Overflow Vulnerability 2011-06-15
HTB23015: Easewe FTP ActiveX Control Multiple Insecure Methods 2011-06-22
HTB23016: Kofax e-Transactions Sender Sendbox ActiveX Control Insecure Method 2011-06-22
HTB23017: XSS in FanUpdate 2011-06-22
HTC / Android OBEX FTP Service Directory Traversal Vulnerability 2011-07-20
HTC IQRD Android Permission Leakage (CVE-2012-2217) 2012-04-22
HTML 5 Security Report 2011-12-14
HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability 2014-10-03
HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527) 2012-04-19
HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526) 2012-04-19
Huawei E587 3G Mobile Hotspot Web UI Cross Site Scripting vulnerability 2013-07-15
Huawei eSpace IAD Remote Information Disclosure Vulnerability 2016-07-30
Huawei ISM Professional XSS Vulnerability 2016-07-26
Huawei Wimax routers vulnerable to multiple threats 2015-11-30
hyp3rlinx lycos com 
Chamilo 1.8.8.4 Multiple Vulnerabilities 2012-08-25
Chamilo LMS - Persistent Cross Site Scripting Vulnerability 2016-02-19
Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability 2016-02-19
Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability 2016-03-14
Charybdis: Improper assumptions in the server handshake code may lead to a remote crash 2012-12-31
ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability 2014-09-11
Checkmarx CxQL Sandbox bypass (CVE-2014-8778) 2015-09-03
Checkpoint Abra - Vulnerabilities 2012-07-07
Chezola Systems (display-section.php?id) Remote SQL injection Vulnerability 2011-08-09
ChiefPDF Software v2.x - Buffer Overflow Vulnerability 2015-08-20
ChitaSoft (Web-Application) - SQL Injection Vulnerability 2016-03-14
Chrome for Android - Android APIs exposed to JavaScript 2013-01-07
Chrome for Android - Bypassing SOP for Local Files By Symlinks 2013-01-07
Chrome for Android - Cookie theft from Chrome by malicious Android app 2013-01-07
Chrome for Android - Download Function Information Disclosure 2013-01-07
Chrome for Android - UXSS via com.android.browser.application_id Intent extra 2013-01-07
Chrome Web Solutions (details.php?cat_id) (listing_more.php?id) Remote SQL injection Vulnerability 2011-07-27
ChurchCMS 0.0.1 'admin.php' Multiple SQLi 2012-04-23
I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution 2013-02-09
i.Hex Local Crash Poc 2014-11-05
i.Mage Local Crash Poc 2014-11-05
iAuto Mobile Application 2012 - Multiple Web Vulnerabilities 2012-08-05
iBackup v10.0.0.45 - Privilege Escalation Vulnerability 2014-12-19
IBM developerWorks ncp (Nigel's Capacity Planning) 2.1 Remote Information Disclosure 2012-06-30
IBM Edge Components Caching Proxy XSS Followup 2012-06-30
IBM i Access Buffer Overflow Code DOS CVE-2015-7422 2015-11-18
IBM i Access Buffer Overflow Code Exec CVE-2015-2023 2015-11-18
IBM Lotus iNotes 8.5.x cross-site scripting vulnerabilities 2013-08-28
IBM Maximo: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0914 and -0915) 2014-08-11
IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability 2014-09-08
IBSng all version Cross-Site Scripting Vulnerability 2011-11-01
ICACLS.EXE ignores and destroys SE_DACL_PROTECTED/SE_SACL_PROTECTED 2012-05-13
ICETC2014 - IEEE Extended Submission until Aug. 28, 2014 2014-08-20
Iciniti Store SQL Injection - Security Advisory - SOS-12-003 2012-03-07
iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability 2015-05-18
ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers) 2017-01-12
iCompel Digital Signage risks 2012-11-03
iCube Lab (product_details.php?cat_id) Remote SQL injection Vulnerability 2011-07-27
iDefense Security Advisory 05.03.11: Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability 2011-06-03
iDefense Security Advisory 06.01.11: Cisco AnyConnect VPN Client Arbitrary Program Execution Vulnerability 2011-06-02
iDefense Security Advisory 06.14.11: Adobe Shockwave 3D Asset DEMX Integer Overflow Vulnerability 2011-06-16
iDefense Security Advisory 06.14.11: Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability 2011-06-16
iDefense Security Advisory 06.14.11: Adobe Shockwave Font Asset Heap Overflow Vulnerability 2011-06-16
iDefense Security Advisory 06.14.11: Adobe Shockwave Lingo Script Opcodes Integer Signedness Vulnerability 2011-06-16
iDefense Security Advisory 07.14.11: Citrix Access Gateway ActiveX Stack Buffer Overflow Vulnerability 2011-07-14
iDefense Security Advisory 07.20.11: Apple Safari innerText Use-After-Free Vulnerability 2011-07-20
iDefense Security Advisory 07.20.11: Multiple Vendor WebKit frameset style Heap Corruption Vulnerability 2011-07-20
iDefense Security Advisory 07.20.11: Multiple Vendor WebKit MathML Use-After-Free Vulnerability 2011-07-20
iDefense Security Advisory 07.20.11: Multiple Vendor WebKit SVG animVal Memory Corruption Vulnerability 2011-07-20
iDefense Security Advisory 07.20.11: Safari WebKit TIFF Use-After-Free Vulnerability 2011-07-20
iDefense Security Advisory 08.09.11: Adobe Flash Player ActionScript Display Memory Corruption Vulnerability 2011-08-10
iDefense Security Advisory 08.09.11: Adobe Flash Player Integer Overflow 2011-08-10
iDefense Security Advisory 09.13.11: Adobe Reader and Acrobat JPEG Processing Use After Free Vulnerability 2011-09-13
iDefense Security Advisory 09.13.11: Microsoft Excel Record Integer Signedness Vulnerability 2011-09-13
iDefense Security Advisory 09.13.11: Microsoft Excel Record Memory Corruption Vulnerability 2011-09-13
iDefense Security Advisory 09.26.11: Novell GroupWise iCal Date Invalid Array Indexing Vulnerability 2011-09-28
iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE ByWeekNo Memory Corruption Vulnerability 2011-09-28
iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE Weekday Recurrence Heap Overflow Vulnerability 2011-09-28
iDefense Security Advisory 09.26.11: Novell GroupWise iCal TZNAME Heap Overflow Vulnerability 2011-09-27
iDefense Security Advisory 10.11.11: Microsoft Internet Explorer Object Handling Memory Corruption Vulnerability 2011-10-12
iDefense Security Advisory 10.12.11: Apple Mobile OfficeImport Framework Word Document Parsing Memory Corruption Vulnerability 2011-10-13
iDefense Security Advisory 10.12.11: Apple MobileSafari Attachment Viewing Cross Site Scripting Vulnerability 2011-10-13
ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL 2012-11-29
idev Game Site CMS v1.0 - Multiple Web Vulnerabilites 2012-04-08
iDev Rentals v1.0 - Multiple Web Vulnerabilities 2012-11-14
IDrive Online Backup ActiveX control Insecure Method 2011-07-06
IE11 is not following CORS specification for local files 2016-09-22
iedb team gmail com 
IEEE SocialCom/PASSAT Call For Paper Deadline: June 15, 2011 2011-06-09
IETF I-D: Security and Interoperability Implications of Oversized IPv6 Header Chains 2012-02-17
IFIP NTMS'2012 - Deadline Extended to 12 January 2012 2011-12-18
ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability 2016-02-19
ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability 2016-02-19
i-FTP Buffer Overflow SEH 2014-11-05
Ignore the amount customers confirm is no security vulnerability according to PayPal 2014-07-17
iGuard Biometric Access Control - Multiple Vulnerabilities 2011-11-11
IIS 6.0/7.5 Vulnerabilities [moderate risk] - ISOWAREZ BDAY RELEASE 2012-06-09
IIS Short File/Folder Name Disclosure by using tilde ~ character 2012-07-04
IKEv1 cipher suite configuration mismatch in Siemens SIMATIC CP 343-1 Advanced 2017-01-11
IKEView.exe Fox beta 1 Stack Buffer Overflow 2015-09-12
IKEView.exe R60 Stack Buffer Overflow 2015-09-14
Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities 2012-03-08
imageone Cms Multiple vulnerabilities 2016-01-23
ImgPals Photo Host Version 1.0 Admin Account Disactivation 2012-02-28
Imperva SecureSphere Operations Manager version 9.0.0.5 - Multiple issues 2013-06-01
Implications of IPv6 on network firewalls 2011-11-21
Import Woocommerce XSS Vulnerability 2016-02-24
in_midi multiple vulnerabilities in Winamp 5.61 2011-06-29
inCommand Technologies, Inc. Cross-site Scripting Vulnerability 2011-10-21
Incomplete protection of Oracle Database locked accounts (CVE-2012-0510) 2012-04-19
indiacon (selloffers.php?cid) Remote SQL injection Vulnerability 2011-07-28
Indonesia Web Design (link-directory.php?cid) (link-directory.php?pid) Remote SQL injection Vulnerability 2011-07-26
info thegrideon com 
Infoblox Cross-site scripting vulnerabilities 2016-09-06
Infocus Web Solutions (news_desc.php?id) Remote SQL injection Vulnerability 2011-07-28
Information on recently-fixed Oracle VM VirtualBox vulnerabilities 2014-02-07
Information Security Forecast 2014 2013-11-17
InfoSec Southwest 2012 CFP 2011-12-01
InfoSec Southwest 2012 CFP First-round Speaker Selections 2012-01-03
InfoSec Southwest 2012 Open Registration 2012-01-20
Inout Mobile Webmail APP - Multiple Web Vulnerabilities 2012-08-05
INSECT Pro - Exploit EChat Server <= v2.5 20110812 - Remote Buffer Overflow Exploit 2011-08-12
Insecure application-coupling in Good Authentication Delegation [MZ-15-03] 2015-09-25
Insecure CHIASMUS encryption in GSTOOL 2013-09-11
Insecure management of login credentials in PicsArt Photo Studio for Android [STIC-2014-0426] 2014-11-06
Insecure RSA Encryption in jCryption, PEAR Crypt_RSA and Crypt_RSA2 2011-11-30
Insecure transmission of data in Android applications developed with Adobe AIR [CVE-2016-6936] 2016-09-14
Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP 2016-07-31
Insomnia : ISVA-110822.1 - Pidgin IM Insecure URL Handling Remote Code Execution 2011-08-22
Instagram Photo Upload and Flattr Money Redirection Vulnerability 2013-11-21
InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-22
InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-23
Insufficient certificate validation in EMC Secure Remote Services Virtual Edition 2015-08-17
Integer overflow in foobar2000 1.1.7 2011-07-04
Integer overflow in Sterling Trader 7.0.2 2011-09-28
Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass 
Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass (MS12-037)
Internet Explorer 9 XSS Filter Bypass 2012-10-18
Internet Explorer iframe sandbox local file name disclosure vulnerability 2016-08-09
Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)
Internet Explorer Script Interjection Code Execution (updated) 2012-09-06
Internet Explorer Script Interjection Code Execution 2012-08-16
Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites 2012-10-08
Interspire Shopping Cart v6 - Multiple Web Vulnerabilities 2012-06-14
Intersystems Cache Remote Code Execution (via Default 'Minimal Security' Install) 2013-11-19
Introduction to R-sequence public key cryptography attack 2011-12-11
Intuit Help System Protocol File Retrieval 2012-03-30
Intuit Help System Protocol URL Heap Corruption and Memory Leak 2012-03-30
Intuit QuickBooks 2007 - 2016 Arbitrary Code Execution 2016-05-10
Investors Application - Client Side Cross Site Scripting Vulnerability 2016-02-19
Invitation to Register and Participate in the Entretiens Jacques Cartier (EJC) Colloquium on IT Security, Cyber Forensics and Combating Cybercrime 2011-09-14
InYourLife (dettaglio.php?id) (dettaglio_immobile.php?id) (notizia.php?id) Remote SQL injection Vulnerability 2011-08-16
IObit Protected Folder Authentication Bypass 2012-06-15
iOS: List of available trusted root certificates 2013-09-30
IP.Board 3.4 cross-site scripting in Referer header 2014-07-16
iPic Sharp v1.2.1 Wifi iOS - Persistent Foldername Web Vulnerability 2013-07-24
IpTools - Rcmd Remote Overflow Vulnerability 2012-01-06
IpTools(Tiny TCP/IP server) - WebServer Directory Traversal Vulnerability 2012-01-06
IPv6 Hackers mailing-list 2011-08-09
IPv6 host scanning in IPv6 2012-04-20
IPv6 implications on IPv4 nets: IPv6 RAs, IPv4, and VPN "evasion" 2012-09-04
IPv6 NIDS evasion and IPv6 fragmentation/reassembly improvements 2012-02-20
IPv6 security (slides and training) 2011-11-08
IPv6 security presentation at Hack.lu 2011 2011-09-21
IPv6 security tools released 2012-07-05
IPv6 security: New IETF I-Ds, slideware and videos for recent presentations, trainings, etc... 2012-05-23
IPv6 Toolkit v1.2.3 released! (and upcoming IPv6 security trainings) 2012-09-15
IPv6: How to avoid security issues with VPN leaks on dual-stack networks 2013-01-24
ipv6mon v1.0 released! (IPv6 address monitoring daemon) 2012-09-13
Irfanview Plugins JLS Decompression 2012-06-29
Is Your Online Bank Vulnerable To Currency Rounding Attacks? 2012-01-09
iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability 2014-06-03
iScripts EasyCreate CMS v2.0 - Multiple Web Vulnerabilites 2012-06-14
iScripts Multicart Cms Multiple Vulnerability 2015-12-07
iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities 2014-04-02
iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities 2014-03-28
ITTWeb Remote SQL injection Vulnerability 2011-09-02
iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries 2014-07-07
iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-02-19
iTunes 12.2 and QuickTime 7.7.7 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-07-01
iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability 2014-12-18
iVault Private P&V 1.1 iOS - Path Traversal Vulnerability 2014-04-10
iWifi for Chat v1.1 iOS - Denial of Service Vulnerability 2014-12-16
Jackie Blanco (jackie sdiwc info) 
Jacobo Avariento (spinfoo vuln gmail com) 
JagoanStore CMS Arbitary file upload vulnerability 2011-08-22
Jamie R (jamie riden gmail com) 
January 2016 - Bamboo - Critical Security Advisory 2016-01-22
jara 1.6 sql injection vulnerability 2011-10-22
Jasig CAS server vulnerabilities 2015-09-21
Java HotSpot Cryptographic Provider signature verification vulnerability 2011-06-06
JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability 2016-02-08
Javascript Injection in Microsoft Lync 4.0.7577.0 2011-06-10
JAWS Weak Service Permissions leads to Privilege Escalation 2016-04-08
JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities 2011-08-27
Jcow CMS 4.2 <= | Cross Site Scripting 2011-08-26
Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution 2011-08-26
Jenkins 1.626 - Cross Site Request Forgery / Code Execution 2015-08-28
Jetro Cockpit Secure Browsing vulnerability - Client missing input validation allowing RCE 2014-02-17
JFreeChart - Path Disclosure vulnerability 2011-06-17
Jobs Portal v3.0 NetArtMedia - Multiple Web Vulnerabilites 2012-06-14
JOIDS (Java OpenID Server) multiple vulnerabilities 2014-03-04
Joomla 1.5.x to 3.4.5 Object Injection Exploit (golang) 2015-12-31
Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities 2012-09-18
Joomla com_fireboard - SQL Injection Vulnerability 2012-08-09
Joomla com_package - SQL Injection Vulnerability 2012-08-05
Joomla com_photo - SQL Injection Vulnerability 2012-08-05
joomla com_zimbcomment Components Local File Include vulnerability 2013-09-25
Joomla crypto vulnerability (all versions) 2013-06-20
Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities 2011-06-28
Joomla! 1.7.0 | Multiple Cross Site Scripting (XSS) Vulnerabilities 2011-09-29
Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities 2011-07-22
Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities 2012-04-15
Joomla! redSHOP component v1.2 SQL Injection 2013-08-08
Joomla! VirtueMart component <= 2.0.22a - SQL Injection 2013-08-22
JSN PowerAdmin Joomla! Extension - Remote Command Execution Via CSRF and XSS vulnerabilities 2016-02-24
JSPMySQL Administrador CSRF & XSS Vulnerabilities 2015-09-05
Julien Ahrens (info rcesecurity com) 
Julien Ahrens (julien ahrens rcesecurity com) 
July 2016 - Bamboo Server - Critical Security Advisory 2016-07-26
Juniper Secure Access XSS Vulnerability 2013-07-22
Just4meeting 3.0 - Lisbon/Portugal - 6 to 8 - July 2012-07-04
Justin Bull (me justinbull ca) 
KaiBB 2.0.1 XSS and SQL Injection vulnerabilities 2011-10-09
Kaspersky Password Manager 5.0.0.164 - Software Filter Vulnerability 2012-08-02
Kaspersky PM 5.0.0.164 - Software Filter Vulnerability 2012-08-01
Kaspersky Safe Browser iOS Application - MITM SSL Certificate Vulnerability (CVE-2016-6231) 2016-08-01
KDE Paste Applet 2013-05-28
Kerio Control <= 8.3.1 Boolean-based blind SQL Injection 2014-06-30
Key Systems Electronic Key Lockers command injection and weak authentication vulnerabilities 2012-10-08
KeyPass Password Safe v1.22 - Software Filter Vulnerability 2012-07-17
Kimia Remote SQL injection Vulnerability 2011-08-08
Kingcopes AthCon 2012 Slides & Notes 2012-05-24
KIWICON: THE ANNUCIATION 2012-09-04
KL-001-2014-004 : VMWare vmx86.sys Arbitrary Kernel Read 2014-11-05
KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation 2015-09-01
KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation 2015-09-01
KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password 2015-12-18
KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address 2015-12-18
KL-001-2016-001 : Arris DG1670A Cable Modem Remote Command Execution 2016-02-12
Kleefa v1.7 (IR) - Multiple Web Vulnerabilities 2016-01-27
Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities 2012-02-10
KmPlayer v3.0.0.1440 Local Crash PoC 2012-10-26
KnFTPd v1.0.0 Multiple Command Remote Buffer Overflow 2011-09-02
Knowledge Base EE v4.62.0 - SQL Injection Vulnerability 2012-09-12
Kohana Framework v2.3.3 - Directory Traversal Vulnerability 2013-01-28
Kongreg8 1.7.3 Mutiple XSS 2012-02-25
Kotas, Kevin J (Kevin Kotas ca com) 
Kunena Forum Extension for Joomla Multiple Reflected Cross-Site Scripting Vulnerabilities 2014-07-28
Kunena Forum Extension for Joomla Multiple SQL Injection Vulnerabilities 2014-07-28
LAB GRAPHIC DESIGN (index.php?categoria_id) Remote SQL injection Vulnerability 2011-08-23
lab382 (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-17
LabStoRe <= 1.5.4 Sql Injection Vulnerabilities 2011-11-08
LabWiki <= 1.1 Multiple Vulnerabilities 2011-11-09
LACSEC 2012 Agenda (May 6-11, 2012, Quito, Ecuador) 2012-05-03
LAN Messenger v1.2.28 - Denial of Service Vulnerability 2012-05-01
LAN Scan HD v1.20 iOS - Command Inject Vulnerability 2015-11-17
LanWhoIs.exe 1.0.1.120 Stack Buffer Overflow 2015-10-06
Larry W. Cashdollar (larry0 me com) 
Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) 2014-08-27
Last Day for AppSec USA 2011 CFP! 2011-06-14
Last reminder for ClubHack 2012 : Call for Papers 2012-10-11
Last reminder for Passwords^12 : Call for Presentations 2012-08-12
Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability 2012-03-04
Lava (news_item.php?id) (album.php?id) (basket.php?baction) Remote SQL injection Vulnerability 2011-07-26
Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities 2014-03-27
LEADTOOLS ActiveX control multiple DLL side loading vulnerabilities 2016-01-23
LedgerSMB 1.3.0 released, includes anti-XSRF framework 2011-10-12
Leo Famulari (leo famulari name) 
Lepton CMS Archive Directory Traversal 2016-08-16
Lepton CMS PHP Code Injection 2016-08-16
Liberating IT (picture.php?gid) Remote SQL injection Vulnerability 2011-08-07
libexif project security advisory July 12, 2012 2012-07-12
libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16
libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16
libtiff <= 3.9.5 integer overflow bug 2013-08-24
libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
libtiff: invalid write (CVE-2015-7554) 2015-12-26
Liferay 6.1 can be compromised in its default configuration 2012-04-19
Liferay 6.1 can be compromised without having an account on the portal 2012-05-13
Liferay 6.1 json webservices are subject to cross-site request forgery attacks 2012-05-13
Liferay users can assign themselves to organizations, leading to possible privilege escalation 2012-05-13
LifeSize Room Vulnerabilities 2011-08-28
Lighttpd Proof of Concept code for CVE-2011-4362 2011-12-24
Lime Survey 2-05+ Multiple Vulnerabilities 2014-07-06
Linksys E1200 and E2500 (Missing authorization on parental control) 2016-08-14
Linksys E2500 and E1200 (Unauth Command Injection) 2016-08-14
Linksys X3000 - Multiple Vulnerabilities 2013-06-22
linux privileged and arbitrary chdir() (fixed at 5.4 cifs release) 2012-04-25
LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability 2015-08-28
Listendifferent (prodotto.php?IDprodotto) Remote SQL injection Vulnerability 2011-08-26
LiteSpeed Web Server - Security Advisory - HTTP Header Injection Vulnerability 2016-01-20
Lithium Forum - (previewImages) Persistent Vulnerability 2015-12-22
LiveZilla 5.1.0.0 Reflected XSS in translations 2013-12-08
LiveZilla 5.1.1.0 Stored XSS in operator clients 2013-12-10
Local File Inclusion in PluXml 2012-05-02
Local file inclusion in VtigerCRM 2011-11-09
Local Microsoft Windows 7 / 8 / 10 Buffer Overflow via Third-Party USB-Driver (ser2co64.sys) 2016-02-08
Local RedHat Enterprise Linux DoS â?? RHEL 7.3 Kernel crashes on invalid USB device descriptors (usbvision driver) 2015-10-07
Log2Space Central v 6.2 Multiple XSS Vulnerability 2016-01-27
Logstash vulnerability CVE-2015-5619 2015-08-21
London DEFCON - September 30th 2014 2014-09-30
Looking for security contacts 2013-01-22
Loop (ricetta.php?id) Remote SQL injection Vulnerability 2011-09-02
los818 CMS 2016 Q1 - SQL Injection Web Vulnerability 2016-01-27
Low severity flaw in various applications including KSSL, Rekonq, Arora, Psi IM 2011-10-07
LSE Leading Security Experts GmbH - LSE-2013-06-13 - Avira AntiVir Engine 2013-06-13
LSE Leading Security Experts GmbH - LSE-2014-05-21 - Check_MK - Arbitrary File Disclosure Vulnerability 2014-05-28
LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues 2014-06-03
LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification 2014-08-26
LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection 2015-11-30
LSE Leading Security Experts GmbH - LSE-2016-01-01 - Wordpress ProjectTheme - Multiple Vulnerabilities 2016-03-09
LSE Leading Security Experts GmbH - LSE-2016-02-03 - OXID eShop Path Traversal Vulnerability 2016-05-03
LSE-2012-03-01: PyPAM -- Python bindings for PAM - Double Free Corruption 2012-03-09
Luciano Bello (luciano debian org) 
MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow 2015-10-26
MacOS X 10.11 hardlink bomb cause resource exhaustion (Avast PoC) 2015-10-26
MacOS/iPhone/Apple Watch/Apple TV libc File System Buffer Overflow 2015-12-08
MacOSX/XNU HFS Multiple Vulnerabilities 2014-04-07
Magento 1.9.x Multiple Man-In The Middle 2016-01-25
Magento Bug Bounty #19 - Persistent Filename Vulnerability 2015-09-11
Magento Bug Bounty #22 - (Profile) Persistent Vulnerability 2015-11-17
Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities 2015-11-17
MailPoet Newsletter 2.6.19 - Security Advisory - Reflected XSS 2016-02-02
MaiNick (ricetta.php?id) Remote SQL injection Vulnerability 2011-09-03
Malformed DHCPv6 packets cause RPC to become unresponsive 2011-08-16
Malicious Code Execution in PCI Expansion ROM 2012-07-02
Malware detection evasion in antivirus software 2011-11-05
Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities 2011-06-27
Manage Engine Exchange Reporter v4.1 - Multiple Web Vulnerabilites 2012-11-18
ManageEngine Applications Manager Build No: 12700 Information Disclosure and Un-Authenticated SQL injection. 2016-05-06
ManageEngine Asset Explorer v6.1 - Persistent Vulnerability 2015-06-22
ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Vulnerability 2012-03-19
ManageEngine Eventlog Analyzer Privilege Escalation v10.8 2016-02-10
ManageEngine EventLog Analyzer V:10.0 CSRF Vulnerability 2015-05-19
ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation 2016-01-29
ManageEngine OpStor v7.4 - Multiple Web Vulnerabilities 2012-08-17
ManageEngine Password Manager Pro Multiple Vulnerabilities 2016-04-04
ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities 2012-11-21
ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities 2015-06-19
Manifattura Web (prodotto.php?id) Remote SQL injection Vulnerability 2011-09-02
Mapserver for Windows (MS4W) Remote Code Execution 2012-05-29
MapsUpdateTask Task DLL side loading vulnerability 2016-02-10
marc4dasm - Atmel MARC microprocessor disassembler published 2013-01-30
Marinet Remote SQL injection Vulnerability 2011-08-26
Mark Thomas (markt apache org) 
Marketing & Development (prodotto.php?cat) Remote SQL injection Vulnerability 2011-08-28
Martin Heiland (martin heiland lists open-xchange com) 
Mathematica10.0.0 on Linux /tmp/MathLink vulnerability 2014-08-27
Mathematica8.0.4 on Linux /tmp/MathLink vulnerability 2012-04-14
Mathematica9.0.1 on Linux /tmp/MathLink vulnerability 2013-02-08
Mathopd - Directory Traversal Vulnerability 2012-02-03
Matteo Beccati (matteo beccati com) 
Matterdaddy Market v1.1 - SQL Injection Vulnerabilities 2012-04-10
Matthew1471s ASP BlogX - XSS Vulnerabilities 2012-03-26
matthias deeg syss de 
mavili guestbook - SQL Injection and XSS Vulnerabilities 2012-01-03
Maxim Solodovnik (solomax apache org) 
May 2016 - HipChat Server - Critical Security Advisory 2016-05-13
mbDriveHD v1.0.7 iOS - Multiple Web Vulnerabilities 2014-02-15
McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution Vulnerability 2012-04-30
McAfee Virtual Technician ActiveX Control Insecure Method 2013-03-27
McAfee VirusScan Enterprise security restrictions bypass 2016-03-04
McAfee Web Gateway URL Filtering Bypass 2012-04-16
ME Application Manager 10 - Multiple Web Vulnerabilities 2012-08-01
ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities 2012-04-01
ME Mobile Application Manager v10 - SQL Vulnerabilities 2012-08-01
ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389 2012-01-12
Mediagrafic (prodotto.asp?id) (records.asp?id_p) Remote SQL injection Vulnerability 2011-08-30
Meditate Web Content Editor 'username_input' SQL-Injection vulnerability 2011-12-05
Medium risk security flaws in Konqueror 2012-10-30
Medium severity flaw with Ark 2011-10-07
MEHR Automation System Arbitrary File Download Vulnerability(persian portal) 2014-08-25
mehta himanshu21 gmail com 
Mercurycom MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerability 2012-02-21
Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution 2015-07-08
Merry Christmas from the FreeBSD Security Team 2011-12-23
Metasploit 4.1.0 Web UI stored XSS vulnerability 2011-10-21
Mezzanine CMS 4.1.0 Arbitrary File Upload 2016-02-03
Mezzanine CMS 4.1.0 XSS 2016-02-03
MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities 2012-07-16
Mibew messenger multiple XSS 2012-01-30
Microsoft .NET Framework XSS / Elevation of Privilege CVE-2015-6099 2015-11-11
Microsoft Anti-XSS Library Bypass (MS12-007) 2012-01-19
Microsoft Education - Stored Cross Site Web Vulnerability 2016-08-11
Microsoft Exchange Information Disclosure 2015-09-16
Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability 2016-04-15
Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details 2016-11-01
Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure 2011-07-21
Microsoft MSINFO32.EXE ".NFO" Files XML External Entity 2016-12-04
Microsoft MSRC RSS ASPX - CS Cross Site Web Vulnerability 2013-08-29
Microsoft Office Excel ReadAV Arbitrary Code Execution 2012-10-10
Microsoft PowerPointViewer Code Execution 2016-03-01
Microsoft Remote Desktop Client for Mac Remote Code Execution 2016-12-07
Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability 2013-09-11
Microsoft Windows Media Center "ehshell.exe" XML External Entity 2016-12-04
Microsoft's Binary Planting Clean-Up Mission 2011-09-15
Michael Heydon (michael mheydon net) 
Mike Kienenberger (mkienenb gmail com) 
Mikrotik RouterOS 5.* and 6.* sshd remote preauth heap corruption 2013-09-02
MiniMagic ruby gem remote code execution 2013-03-15
MiniUPnPd Information Disclosure (CVE-2013-2600) 2013-07-12
Misli.com Android App SSL certificate validation weakness 2014-04-24
Missing Function Level Access control Vulnerability in OPutils 2016-02-15
Missing SSL certificate validation in MercadoLibre app for Android [STIC-2014-0211] 2014-11-11
MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526] 2011-07-05
MITKRB5-SA-2011-006 KDC denial of service vulnerabilities [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529] 2011-10-18
MITKRB5-SA-2011-007 KDC null pointer dereference in TGS handling [CVE-2011-1530] 2011-12-06
MITKRB5-SA-2011-008 buffer overflow in telnetd [CVE-2011-4862] 2011-12-26
MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015] 2012-07-31
MITKRB5-SA-2014-001 Buffer overrun in kadmind with LDAP backend 2014-08-09
MitM-vulnerability in Palo Alto Networks GlobalProtect 2012-10-17
MIUI Torch Open Vulnerability 2014-09-17
MIUI Wifi Connection Message Vulnerability 2014-09-17
ML (marialemos72 gmail com) 
Moab Authentication Bypass (insecure message signing) [CVE-2014-5376] 2014-09-29
Moab Authentication Bypass [CVE-2014-5300] 2014-09-29
Moab User Impersonation [CVE-2014-5375] 2014-09-29
MobaXTerm before version 8.5 vulnerability in "jump host" functionality 2016-01-08
Mobile Mp3 Search Engine HTTP Response Splitting 2012-02-22
MobileCartly 1.0 <= Remote Code Execution Vulnerability 2012-08-08
Mobilis MobiConnect 3G ZDServer 1.x - Privilege Escalation Vulnerability 2014-12-25
Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability 2014-12-19
Monkey HTTPD 1.1.1 - Denial of Service Vulnerability 2013-05-28
Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability 2013-09-20
More on IPv6 RA-Guard evasion (IPv6 security) 2011-09-01
Moritz Muehlenhoff (jmm debian org) 
Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability 2014-01-27
Mozilla doesn't care for upstream security fixes, and doesn't bother to send own security fixes upstream 2016-04-28
Mozilla extensions: a security nightmare 2015-08-04
Mozilla Firefox 44.0b2 Cross-site Scripting Vulnerability 2016-01-11
Mozilla Firefox and Microsoft Internet Explorer stall when using workaround from MS06-020 or MS06-069 2013-01-20
MS14-080 CVE-2014-6365 Code 2015-01-14
MS14-080 CVE-2014-6365 Technical Details Without "Nonsense" 2015-01-13
msg patrykbogdan com 
MSIE 9 IEFRAME CMarkup­Pointer::Move­To­Gap use-after-free 2016-12-15
MSIE 9 MSHTML CElement::Has­Flag memory corruption 2016-12-09
MSIE 9 MSHTML CMarkup::ReloadInCompatView use-after-free 2016-12-13
MSIE 9-11 MSHTML PROPERTYDESC::HandleStyleComponentProperty OOB read details 2016-11-09
Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 2012-03-20
Multimedia Creative (prodotto.php?id) Remote SQL injection Vulnerability 2011-08-28
Multiple (persistent) XSS in ProjectSend 2016-03-17
Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] 2015-07-22
Multiple BSD libc/regcomp(3) Multiple Vulnerabilities 2011-11-04
Multiple buffer overflows on Huawei SNMPv3 service 2013-05-06
multiple critical vulnerabilities in sophos products 2012-11-05
Multiple Cross site scripting in wordpress Plugin Image Metadata cruncher 2015-02-15
Multiple Cross-Site Scripting (XSS) in Claroline 2013-11-27
Multiple Cross-Site Scripting (XSS) in glFusion 2013-02-20
Multiple Cross-Site Scripting (XSS) in Kajona 2012-07-11
Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS 2013-05-01
Multiple Cross-Site Scripting vulnerabilities in BLOG:CMS 2011-06-07
Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
Multiple Cross-Site Scripting vulnerabilities in WebCalendar 2011-07-04
Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0 2011-11-09
Multiple Cross-Site-Scripting vulnerabilities in x3cms 2012-01-11
Multiple DoS vulnerabilities in libosip2-4.1.0 2016-09-13
Multiple exposures in Sophos UTM 2016-09-30
Multiple G-WAN vulnerabilities 2011-10-13
Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). 2013-12-02
Multiple issues in OpManager 12100 & 12200 2016-11-20
Multiple NULL Pointer Dereference Vulnerabilities in Corel Quattro Pro X6 2013-03-07
Multiple Reflected XSS in Payment Form for PayPal Pro version 1.0.1 WordPress plugin 2015-10-04
Multiple Reflected XSS in ResAds version 1.0.1 WordPress plugin 2015-10-04
Multiple Reflected XSS vulnerabilities in Oliver (formerly Webshare) v1.3.1 2016-04-19
Multiple Remote Code Execution found in ZHONE 2015-10-12
Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance 2016-08-04
Multiple security vulnerabilities in AShop 2011-11-09
Multiple security vulnerabilities in Tremulous 1.1.0, GPP1, and unofficial MG and TJW engines 2012-02-22
Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21
Multiple SQL injection vulnerabilities in Cardoza Wordpress poll plugin 2013-01-21
Multiple SQL Injection Vulnerabilities in web2Project 2014-06-18
Multiple SQL injections in rivettracker <=1.03 2012-03-07
Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne 2015-07-28
Multiple vulnerabilities found in the Dlink DWR-932B (backdoor, backdoor accounts, weak WPS, RCE ...) 2016-09-28
Multiple Vulnerabilities found in ZHONE 2015-10-12
Multiple vulnerabilities in 11in1 2012-02-15
Multiple vulnerabilities in AContent 2012-10-17
Multiple vulnerabilities in All In One WP Security & Firewall plugin login CAPTCHA 2016-07-31
Multiple vulnerabilities in BabyGekko 2012-11-14
Multiple vulnerabilities in Barco Clickshare 2016-11-14
Multiple vulnerabilities in BMC SERVICE DESK EXPRESS (SDE) Version 10.2.1.95 2013-07-12
Multiple vulnerabilities in Browser CRM 2011-12-14
Multiple vulnerabilities in BugFree 2011-10-12
Multiple Vulnerabilities in Campaign Enterprise <= 11.0.538 2012-10-18
Multiple Vulnerabilities in cPanel 2017-01-11
Multiple Vulnerabilities in CubeCart 2016-03-30
Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B) 2013-02-04
Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A 2013-04-22
Multiple Vulnerabilities in D'Link DIR-635 2013-04-25
Multiple Vulnerabilities in D-Link DSL-320B 2013-05-06
Multiple vulnerabilities in Dolibarr 2011-11-23
Multiple vulnerabilities in dotProject 2012-11-21
Multiple Vulnerabilities in Draytek Vigor 2130 2014-10-06
Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg 2013-02-14
Multiple vulnerabilities in Efront 2011-11-02
Multiple vulnerabilities in epesi BIM 2011-12-21
Multiple Vulnerabilities in Eventum 2014-01-27
Multiple Vulnerabilities in Exponent CMS 2013-05-15
Multiple vulnerabilities in Ezylog photovoltaic management server 2012-09-11
Multiple Vulnerabilities in Gnew 2013-10-02
Multiple vulnerabilities in Help Desk Software 2011-09-21
Multiple vulnerabilities in ImpressCMS 2012-01-04
Multiple Vulnerabilities in ISPConfig 2015-06-10
Multiple vulnerabilities in jCore 2012-10-17
Multiple vulnerabilities in LEPTON 2012-02-15
Multiple Vulnerabilities in LibreOffice 2012-11-05
Multiple Vulnerabilities in Linksys E1500/E2500 2013-02-05
Multiple Vulnerabilities in Linksys WAG200G 2013-02-11
Multiple Vulnerabilities in Linksys WRT160Nv2 2013-02-11
Multiple Vulnerabilities in Linksys WRT54GL 2013-01-18
Multiple vulnerabilities in LogAnalyzer 2012-05-23
Multiple vulnerabilities in MantisBT 2011-09-05
Multiple vulnerabilities in MantisBT 2015-01-28
Multiple vulnerabilities in McAfee ePO 4.6.6 2013-07-12
Multiple Vulnerabilities in MODX Revolution < = MODX 2.2.13-pl 2014-04-19
Multiple Vulnerabilities in my little forum 2015-02-11
Multiple Vulnerabilities in Netgear DGN2200B 2013-02-16
Multiple vulnerabilities in Newscoop 2012-04-18
Multiple vulnerabilities in OBM 2011-12-21
Multiple vulnerabilities in Open Journal Systems (OJS) 2012-03-21
Multiple Vulnerabilities in OpenDocMan 2014-03-05
Multiple vulnerabilities in OpenEMR 2012-02-01
Multiple Vulnerabilities in OpenPLI 2013-02-13
Multiple vulnerabilities in Open-Realty 2011-06-28
Multiple vulnerabilities in OpenX 2012-10-10
Multiple vulnerabilities in OrangeHRM 2011-11-30
Multiple vulnerabilities in OrangeHRM 2012-05-09
Multiple vulnerabilities in OSclass 2012-01-25
Multiple vulnerabilities in OSClass 2012-01-30
Multiple vulnerabilities in osCmax 2012-04-04
Multiple Vulnerabilities in Parallels® Plesk Sitebuilder 2014-07-23
Multiple vulnerabilities in PBBoard 2012-08-08
Multiple Vulnerabilities in phpList 2012-08-08
Multiple vulnerabilities in PHPShop CMS Free 2011-12-20
Multiple vulnerabilities in Piwigo 2012-04-25
Multiple vulnerabilities in Pligg CMS 2012-05-23
Multiple Vulnerabilities in Plone CMS 2016-10-12
Multiple vulnerabilities in postfixadmin 2012-01-30
Multiple vulnerabilities in Pretty Link WordPress Plugin 2011-10-12
Multiple vulnerabilities in Samsung Kies 2012-10-15
Multiple vulnerabilities in several IP camera products 2011-06-08
Multiple vulnerabilities in Sharetronix 2014-05-28
Multiple vulnerabilities in SiT! Support Incident Tracker 2011-09-14
Multiple vulnerabilities in SonicWall 2011-10-04
Multiple vulnerabilities in Subrion CMS 2012-10-17
Multiple vulnerabilities in Template CMS 2012-10-03
Multiple vulnerabilities in Tine 2.0 2011-10-19
Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND 2013-02-14
Multiple vulnerabilities in Traq 2011-09-28
Multiple Vulnerabilities in VideoWhisper Live Streaming Integration WP Plugin 2014-02-27
Multiple vulnerabilities in web@all 2012-06-20
Multiple vulnerabilities in webERP 2011-11-17
Multiple vulnerabilities in Winamp 5.61 2011-06-29
Multiple vulnerabilities in Wordpress plugin SP Projects & Document Manager 2016-03-06
Multiple Vulnerabilities in X2CRM 2013-09-25
Multiple vulnerabilities in ZENphoto 2012-02-08
Multiple vulnerabilities on D-Link Dir-505 devices 2013-09-09
Multiple vulnerabilities on Sitecom N300/N600 devices 2013-08-19
Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
multiple Vulnerability in "WahmShoppes eStore" 2014-06-05
Multiple XSS in Dotclear 2012-02-29
Multiple XSS in eShop for Wordpress 2011-08-10
Multiple XSS in Fork CMS 2012-03-07
Multiple XSS in GBook PHP guestbook 2011-07-27
Multiple XSS in HESK 2011-08-03
Multiple XSS in Chyrp 2012-02-22
Multiple XSS in KnowledgeTree Community Edition 2012-01-11
Multiple XSS in pragmaMx 2012-05-23
Multiple XSS in WP-Stats-Dashboard 2011-08-17
Multiple xss issues in Liferay 2012-05-13
Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress 2012-04-11
Multiple XSS vulnerabilities in CMS Papoo Light Version 2011-09-12
Multiple XSS vulnerabilities in Events Manager WordPress plugin 2013-03-06
Multiple XSS vulnerabilities in FortiSandbox WebUI 2015-08-01
Multiple XSS vulnerabilities in LightNEasy 3.2.4 2011-09-08
Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin 2015-07-22
Multiple XSS Vulnerabilities in Xaraya 2013-06-26
Multiple XSS vulnerabilities in XOOPS 2012-04-18
Murgent CMS - SQL Injection Vulnerability 2015-11-17
Muzedon (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-16
MVSA-11-013 - EllisLab xss_clean Filter Bypass - ExpressionEngine and CodeIgniter 2011-11-28
My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities 2013-10-15
My PDF Creator & DE DM v1.4 iOS - Multiple Vulnerabilities 2014-02-17
My Photo Wifi Share & PS 1.1 iOS - Local Command Injection Vulnerability 2014-03-27
My ROP mitigation 2012-08-02
My.WiFi USB Drive v1.0 iOS - File Include Vulnerability 2015-09-28
Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy 2012-06-21
Mybb 1.6.8 Sql Injection Vulnerabilitiy 2012-06-07
Mybb Ajaxfs Plugin Sql Injection vulnerability 2013-11-20
Mybb Cms (create forum and edit) Cross-Site Script Vulnerability 2016-04-13
Mybb Cms (private.php Page) Denial Of Service Vulnerability 2016-04-14
Mybb Sendthread Page Denial of Service Vulnerability 2014-05-29
myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique 2011-06-15
MYRE Real Estate Mobile 2012|2 - Multiple Vulnerabilities 2012-06-14
MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability 2016-02-10
MySQL 0days followup (CVE-2016-3477) CVSS 8.1 2016-07-26
MySQL zero-day vulnerabilities (July 2016 CPU) 2016-07-22
MySQLDriverCS Cross-Parameter SQL Injection Vulnerability 2011-06-27
n.runs-SA-2011.001 - Citrix XenApp / XenDesktop Stack-Based Buffer Overflow 2011-07-28
n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption 2011-07-28
n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table 2011-12-28
n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS 2012-11-19
n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access 2013-03-15
n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection 2013-03-15
n.runs-SA-2013.003 - Polycom - H.323 CDR Database SQL Injection 2013-03-15
n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability 2013-03-15
Nafis Group (review.php?ID) Remote SQL injection Vulnerability 2011-08-23
Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] 2016-12-15
Nagios NA v2.2.1 XSS 2016-08-09
Nagios Network Analyzer v2.2.1 Multiple CSRF 2016-08-09
Nakid-CMS CSRF, Persistent XSS & LFI 2015-06-11
NASA Orion Mars Program - Bypass, Persistent Issue & Embed Code Execution Vulnerability (Boarding Pass) 2014-12-05
Nativedreams (Fabarth_gallery.php?categoria_id) Remote SQL injection Vulnerability 2011-08-23
nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities 2013-01-28
Necroscan <= v0.9.1 Buffer Overflow 2016-08-26
Negin Group CMS - (v) Multiple Web Vulnerabilities 2016-04-25
NeoBill CMS v0.8 Alpha - Multiple Web Vulnerabilities 2012-09-13
NeoInvoice Blind SQL Injection (CVE-2012-3477) 2012-08-12
Neoscreen v4.5 Authentication bypass 2016-07-24
Neoscreen v4.5 Blind SQL injection 2016-07-24
Neoscreen v4.5 Cross-site scripting 2016-07-24
Neox (categoria.php?id) Remote SQL injection Vulnerability 2011-08-12
Nero MediaHome Multiple Remote DoS Vulnerabilities 2013-01-09
NESSUS ANDROID APP - stores login info in plain text 2012-07-20
NetBSD 5.1 libc/net multiple functions stack buffer overflow 2011-07-01
NetCat CMS v5.0.1 - Multiple Web Vulnerabilities 2012-10-31
NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities 2016-05-03
NetCracker Resource Management 8.0 - SQL Injection Vulnerability 2015-07-22
NetCracker Resource Management 8.0 - XSS Vulnerability 2015-07-22
NETGEAR Exposure of Sensitive Information - Security Advisory - SOS-12-005 2012-05-13
Netgear GS105Ev2 - Multiple Vulnerabilities 2016-01-27
Netgear ProSafe switches: Unauthenticated startup-config disclosure and Denial of Service 2013-08-21
Netgear Prosafe VPN Firewalls - Multiple vulnerabilities 2015-06-25
NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF - SOS-11-011 2011-09-20
NETGEAR Wireless Management System - Authentication Bypass and Privilege Escalation. 2015-09-07
NetGear WNDR Authentication Bypass / Information Disclosure 2015-02-17
NETGEAR WNR1000v3 Password Recovery Vulnerability 2014-01-12
Netjuke 1.0 RC1 - SQL Injection Vulnerabilities 2012-04-12
Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability 2016-01-29
Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability 2016-02-01
netplanet (dettaglio.asp?id) Remote SQL injection Vulnerability 2011-08-16
NetSaro Enterprise Messenger Server Administration Console Source Code Disclosure 2011-08-22
NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability 2011-08-15
NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability 2011-08-15
Netvolution referer header SQL injection vulnerability 2011-10-03
NEW : VMSA-2014-0006 - VMware product updates address OpenSSL security vulnerabilities 2014-06-11
New Blog Post: Attacking the Windows 7/8 Address Space Randomization 2013-01-24
New Era Company CMS - (id) SQL Injection Vulnerability 2016-01-28
New IETF I-D on "Stable Privacy Addresses" 2011-12-15
New IETF I-D: Security Implications of IPv6 on IPv4 networks 2012-04-24
New IETF I-Ds on Fragmentation-related security issues 2011-12-15
New issue of PenTest Magazine is out - 21 pages of free content. 2011-11-30
New online security challenge - GotWurzel 2011-11-07
New open source Security Framework 2011-10-04
New Open Source Web Application Vulnerability Scanner Available 2012-05-16
NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability 2013-11-15
NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation 2013-12-04
NEW VMSA-2013-0015 VMware ESX updates to third party libraries 2013-12-06
NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library 2014-06-25
NEW VMSA-2014-0008 VMware vSphere product updates to third party libraries 2014-09-09
NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities 2014-10-01
NEW VMSA-2014-0013 - VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability 2014-12-09
NEW VMSA-2015-0001 - VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address resolve security issues 2015-01-27
NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability 2015-01-29
NEW VMSA-2015-0005 : VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability 2015-07-10
NEW VMSA-2015-0008 - VMware product updates address information disclosure issue 2015-11-19
NEW VMSA-2016-0004 VMware product updates address a critical security issue in the VMware Client Integration Plugin 2016-04-14
NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities 2014-12-05
News Script PHP v1.2 - Multiple Web Vulnerabilites 2012-06-15
NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability 2013-11-28
NG WifiTransfer Pro 1.1 - File Include Vulnerability 2014-06-03
Nginx (Debian-based distros) - Root Privilege Escalation (CVE-2016-1247) 2016-11-21
nginx fix for malformed HTTP responses from upstream servers 2012-03-15
Nginx ngx_http_close_connection function integer overflow 2013-04-25
NGS000107 Technical Advisory: Oracle Gridengine sgepasswd Buffer Overflow 2012-11-30
NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout 2012-11-30
NGS000194 Technical Advisory: Nagios XI Network Monitor Blind SQL Injection 2012-11-30
NGS000196 Technical Advisory: Nagios XI Network Monitor OS Command Injection 2012-11-30
NGS000241 Technical Advisory: SysAid Helpdesk Pro Blind SQL Injection 2012-11-30
NGS000263 Technical Advisory: Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator 2012-11-30
NGS000266 Technical Advisory: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL 2012-11-30
NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel 2012-11-30
NGS000268 Technical Advisory: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email 2012-11-30
NGS000330 Technical Advisory: Squiz CMS File Path Traversal 2012-11-30
NGS00042 Patch Notification: Solaris USB configuration descriptor kernel stack overflow 2011-07-25
NGS00042 Technical Advisory: Solaris 11 USB hub class descriptor kernel stack overflow (CVE-2011-2295) 2011-11-02
NGS00051 Technical Advisory: Cisco VPN Client Privilege Escalation 2011-06-28
NGS00052 Technical Advisory: Apple Mac OS X Image RAW Multiple Buffer Overflows 2011-06-28
NGS00054 Technical Advisory: : Lumension Device Control (formerly Sanctuary) remote memory corruption 2011-08-24
NGS00057 Technical Advisory: Apple Mac OS X ImageIO Integer Overflow 2011-06-28
NGS00060 Technical Advisory: Blue Coat BCAAA Remote Code Execution Vulnerability 2011-07-05
NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow 2011-06-28
NGS00062 Technical Advisory: Apple OSX / iPhone ImageIO TIFF getBandProcTIFF TileWidth Heap Overflow 2011-10-10
NGS00068 Technical Advisory - LibAVCodec AMV Out of Array Write 2011-08-01
NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux 2011-09-21
NGS00106 Technical Advisory: Increased exploitation of Oracle GlassFish Server Administration Console Remote Authentication Bypass Vulnerability 2012-01-05
NGS00107 Patch Notification: Oracle Grid Engine sgepasswd Buffer Overflow 2012-04-30
NGS00109 Patch Notification: ImpressPages CMS Remote code execution 2011-09-27
NGS00109 Technical Advisory: Remote Code Execution in ImpressPages CMS 2012-01-05
NGS00117 Patch Notification: Symantec PCAnywhere Local Privilege Escalation 2012-01-25
NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation 2012-04-30
NGS00118 Patch Notification: Symantec PCAnywhere Remote Code Execution as SYSTEM 2012-01-25
NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM 2012-04-30
NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution 2012-02-23
NGS00137 Patch Notification: Websense Triton 7.6 - Reflected XSS in report management UI 2011-12-15
NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI 2012-04-30
NGS00138 Patch Notification: Websense Triton 7.6 - Authentication bypass in report management UI 2011-12-15
NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI 2012-04-30
NGS00140 Patch Notification: Websense Triton 7.6 - Unauthenticated remote command execution as SYSTEM 2011-12-15
NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM 2012-04-30
NGS00141 Patch Notification: Websense Triton 7.6 - Stored XSS in report management UI 2011-12-15
NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI 2012-04-30
NGS00144 Patch Notification: FFmpeg Libavcodec buffer overflow remote code execution 2011-11-23
NGS00145 Patch Notification: FFmpeg Libavcodec out of bounds write remote code execution 2011-11-23
NGS00148 Patch Notification: FFmpeg Libavcodec memory corruption remote code execution 2011-11-23
NGS00153 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Reflective XSS allowing an attacker to gain session tokens 2012-03-29
NGS00154 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Session hijacking and bypassing client-side session timeouts 2012-03-29
NGS00155 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Any logged-in user can bypass controls to reset passwords of other administrators 2012-03-29
NGS00156 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Active sesssion tokens of other users are disclosed within the UI 2012-03-29
NGS00157 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Password hashes can be recovered from a system backup and easily cracked 2012-03-29
NGS00158 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Arbitrary file download is possible with a crafted URL when logged in as any user 2012-03-29
NGS00162 Patch Notification: Symantec Message Filter Session Hijacking via session fixation 2012-07-02
NGS00193 Patch Notification: Trend Micro DataArmor and DriveArmor - Restricted Environment breakout, Privilege Escalation and Full Disk Decryption 2012-01-24
NGS00194 Patch Notification: Nagios XI Network Monitor Blind SQL Injection 2012-07-02
NGS00195 Patch Notification: Nagios XI Network Monitor Stored and Reflected XSS 2012-07-02
NGS00196 Patch Notification: Nagios XI Network Monitor OS Command Injection 2012-07-02
NGS00208 Patch Notification: Moodle CMS stored XSS 2012-08-20
NGS00237 Patch Notification: Samba Andx request Remote Code Execution 2012-02-25
NGS00241 Patch Notification: SysAid Helpdesk blind SQL injection 2012-08-20
NGS00242 Patch Notification: SysAid Helpdesk stored XSS 2012-08-20
NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities 2013-04-02
NGS00254 Patch Notification: Apple Mac OS X Lion USB Hub Class Hub Descriptor Arbitrary Code Execution 2012-09-27
NGS00263 Patch Notification: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator 2012-09-18
NGS00265 Patch Notification: Symantec Messaging Gateway - Unauthenticated detailed version disclosure 2012-09-18
NGS00266 Patch Notification: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL 2012-09-18
NGS00267 Patch Notification: Symantec Messaging Gateway SSH with backdoor user account 2012-09-18
NGS00268 Patch Notification: Symantec Messaging Gateway Out-of-band stored XSS - delivered by email 2012-09-18
NGS00288 Patch Notification: Windows Remote Desktop Memory Corruption Leading to RCE on XP SP3 2012-08-17
NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation 2013-02-04
NGS00330 Patch Notification: Squiz CMS Directory Traversal 2012-08-20
NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation 2013-02-04
NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth) 2013-05-02
NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth) 2013-05-02
NGS00422 Patch Notification: Oracle Retail Integration Bus Manager Directory Traversal 2013-05-02
NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection 2013-05-02
NGS00440 Patch Notification: Windows USB RNDIS driver kernel pool overflow 2013-03-18
nickyccwu tencent com 
Nightwatch Cybersecurity Research (research nightwatchcybersecurity com) 
Nike+ Panel & Mobile App - Multiple Web Vulnerabilities 2012-08-17
Nikon CoolPix L Series Fw1.0 - Information Disclosure Issue 2013-07-16
NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
NOPcon 2013 - Call for paper - Istanbul , Turkey 2013-03-18
Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration getSubKeys() Remote SQL Injection Exploit 2011-09-15
NoSuchCon CFP / 15-17 May 2013 / Paris, France 2013-01-21
Notepad++6.9.2 DLL Hijacking Vulnerability 2016-08-08
Notes v4.5 iOS - Arbitrary File Upload Vulnerability 2016-05-10
NotSoSecure CTF (in partnership with Appsec USA) 2013-10-08
Novell GroupWise 2014 WebAccess vulnerable to XSS attacks 2015-07-17
Novell GroupWise Multiple Remote Code Execution Vulnerabilities 2013-04-03
Novell Sentinel Log Manager <=1.2.0.1 Path Traversal 2011-12-18
NPS Datastore server DLL side loading vulnerability 2016-02-10
NSFOCUS SA2011-01 : Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability 2011-06-15
NSOADV-2013-001: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/appliance/) 2013-01-17
NSOADV-2013-002: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/sgms/) 2013-01-17