- Databáze Hot News Bugtraq -

Poslední aktualizace v 09.09.2016 20:29:20

 

#CONFidence 2014- Call for Papers, only 0111 days left to become CONFidence ninja 2014-02-08Cisco Security Advisory: Cisco Small Business 220 Series Smart Plus Switches SNMP Unauthorized Access Vulnerability 2016-08-31
%windir%\temp\sso\ssoexec.dll (or: how trustworthy is Microsoft's build process) 2012-03-04Cisco Security Advisory: Cisco Small Business Router Password Disclosure Vulnerability 2014-03-05
(AUSCERT#20131775e) AusCERT 2013 Call For Presentations - closing in 10 days 2013-01-21Cisco Security Advisory: Cisco Small Business SPA3x/5x Series Denial of Service Vulnerability 2016-08-31
(CFP) LACSEC 2012: 7th Network Security Event for Latin America and the Caribbean 2012-01-15Cisco Security Advisory: Cisco Small Business SRP 500 Series Multiple Vulnerabilities 2012-02-23
*.Shell.com Port 443 DROWN decryption attack 2016-04-20Cisco Security Advisory: Cisco Small Business SRP500 Series Command Injection Vulnerability 2011-11-02
*CLOSING IN 5 DAYS * Re: AppSec DC 2012 - Call for Trainers 2011-12-09Cisco Security Advisory: Cisco TelePresence Infrastructure Denial of Service Vulnerability 2013-04-17
.NET Framework 4.6 allows side loading of Windows API Set DLL 2016-04-12Cisco Security Advisory: Cisco TelePresence ISDN Gateway D-Channel Denial of Service Vulnerability 2014-01-22
.NET Framework EncoderParameter integer overflow vulnerability 2012-04-23Cisco Security Advisory: Cisco TelePresence Recording Server Default Credentials for Root Account Vulnerability 2011-07-29
.Net Framework Tilde Character DoS - Sorry, exploit-db link corrected 2012-07-04Cisco Security Advisory: Cisco TelePresence Server Crafted IPv6 Packet Handling Denial of Service Vulnerability 2016-04-06
.Net Framework Tilde Character DoS 2012-07-04Cisco Security Advisory: Cisco TelePresence Server Crafted URL Handling Denial of Service Vulnerability 2016-04-06
/tmp race condition in IBM Installation Manager V1.8.1 install script 2015-11-14Cisco Security Advisory: Cisco TelePresence Server Denial of Service Vulnerability 2015-09-16
[ GLSA 201110-01 ] OpenSSL: Multiple vulnerabilities 2011-10-09Cisco Security Advisory: Cisco TelePresence Server Malformed STUN Packet Processing Denial of Service Vulnerability 2016-04-06
[ GLSA 201110-03 ] 2011-10-10Cisco Security Advisory: Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability 2013-05-15
[ GLSA 201110-04 ] 2011-10-10Cisco Security Advisory: Cisco TelePresence System Integrator C Series and Cisco TelePresence EX Series Device Default Root Account Manufacturing Error 2011-11-09
[ GLSA 201110-05 ] GnuTLS: Multiple vulnerabilities 2011-10-10Cisco Security Advisory: Cisco TelePresence System Software Command Execution Vulnerability 2014-01-22
[ GLSA 201110-06 ] PHP: Multiple vulnerabilities 2011-10-10Cisco Security Advisory: Cisco TelePresence Video Communication Server Session Initiation Protocol Denial of Service Vulnerabilities 2012-02-29
[ GLSA 201110-07 ] vsftpd: Denial of Service 2011-10-10Cisco Security Advisory: Cisco TelePresence Video Communication Server SIP Denial of Service Vulnerability 2014-01-22
[ GLSA 201110-08 ] feh: Multiple vulnerabilities 2011-10-13Cisco Security Advisory: Cisco TelePresence VX Clinical Assistant Administrative Password Reset Vulnerability 2013-11-06
[ GLSA 201110-09 ] Conky: Privilege escalation 2011-10-13Cisco Security Advisory: Cisco TelePresence XML Application Programming Interface Authentication Bypass Vulnerability 2016-05-04
[ GLSA 201110-10 ] Wget: User-assisted file creation or overwrite 2011-10-13Cisco Security Advisory: Cisco UCS Invicta Default SSH Key Vulnerability 2016-04-06
[ GLSA 201110-11 ] Adobe Flash Player: Multiple vulnerabilities 2011-10-13Cisco Security Advisory: Cisco Unified Communications Manager Denial of Service Vulnerabilities 2011-08-24
[ GLSA 201110-12 ] Unbound: Denial of Service 2011-10-15Cisco Security Advisory: Cisco Unified Communications Manager Directory Traversal Vulnerability 2011-10-26
[ GLSA 201110-13 ] Tor: Multiple vulnerabilities 2011-10-18Cisco Security Advisory: Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability 2013-08-21
[ GLSA 201110-14 ] D-Bus: Multiple vulnerabilities 2011-10-21Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Denial of Service Vulnerability 2012-09-26
[ GLSA 201110-15 ] GnuPG: User-assisted execution of arbitrary code 2011-10-22Cisco Security Advisory: Cisco Unified Communications Manager Session Initiation Protocol Memory Leak Vulnerabilities 2011-09-28
[ GLSA 201110-16 ] Cyrus IMAP Server: Multiple vulnerabilities 2011-10-22Cisco Security Advisory: Cisco Unified Communications Manager Skinny Client Control Protocol Vulnerabilities 2012-02-29
[ GLSA 201110-17 ] Avahi: Denial of Service 2011-10-22Cisco Security Advisory: Cisco Unified Computing System E-Series Blade Servers Cisco Integrated Management Controller SSH Denial of Service Vulnerability 2014-09-08
[ GLSA 201110-18 ] rgmanager: Privilege escalation 2011-10-22Cisco Security Advisory: Cisco Unified Computing System Manager and Cisco Firepower 9000 Remote Command Execution Vulnerability 2016-01-20
[ GLSA 201110-19 ] X.Org X Server: Multiple vulnerabilities 2011-10-22Cisco Security Advisory: Cisco Unified Contact Center Express Directory Traversal Vulnerability 2011-10-26
[ GLSA 201110-20 ] Clam AntiVirus: Multiple vulnerabilities 2011-10-23Cisco Security Advisory: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability 2013-01-09
[ GLSA 201110-21 ] Asterisk: Multiple vulnerabilities 2011-10-24Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability 2015-07-22
[ GLSA 201110-22 ] PostgreSQL: Multiple vulnerabilities 2011-10-25Cisco Security Advisory: Cisco Unified Presence and Jabber Extensible Communications Platform Stream Header Denial of Service Vulnerability 2012-09-12
[ GLSA 201110-23 ] Apache mod_authnz_external: SQL injection 2011-10-25Cisco Security Advisory: Cisco Unified Service Monitor and Cisco Unified Operations Manager Remote Code Execution Vulnerabilities 2011-09-14
[ GLSA 201110-24 ] Squid: Multiple vulnerabilities 2011-10-26Cisco Security Advisory: Cisco Videoscape Delivery System Denial of Service Vulnerability 2015-07-15
[ GLSA 201110-25 ] Pure-FTPd: Multiple vulnerabilities 2011-10-26Cisco Security Advisory: Cisco WAAS Mobile Remote Code Execution Vulnerability 2013-11-06
[ GLSA 201110-26 ] libxml2: Multiple vulnerabilities 2011-10-26Cisco Security Advisory: Cisco Web Security Appliance Cache Reply Denial of Service Vulnerability 2015-11-04
[ GLSA 201111-01 ] Chromium, V8: Multiple vulnerabilities 2011-11-01Cisco Security Advisory: Cisco Web Security Appliance Cached Range Request Denial of Service Vulnerability 2016-05-18
[ GLSA 201111-02 ] Oracle JRE/JDK: Multiple vulnerabilities 2011-11-05Cisco Security Advisory: Cisco Web Security Appliance Certificate Generation Command Injection Vulnerability 2015-11-04
[ GLSA 201111-03 ] OpenTTD: Multiple vulnerabilities 2011-11-11Cisco Security Advisory: Cisco Web Security Appliance Connection Denial of Service Vulnerability 2016-05-18
[ GLSA 201111-04 ] phpDocumentor: Function call injection 2011-11-11Cisco Security Advisory: Cisco Web Security Appliance HTTP Length Denial of Service Vulnerability 2016-05-18
[ GLSA 201111-05 ] Chromium, V8: Multiple vulnerabilities 2011-11-19Cisco Security Advisory: Cisco Web Security Appliance HTTP POST Denial of Service Vulnerability 2016-05-18
[ GLSA 201111-06 ] MaraDNS: Arbitrary code execution 2011-11-20Cisco Security Advisory: Cisco Web Security Appliance Range Request Denial of Service Vulnerability 2015-11-04
[ GLSA 201111-07 ] TinTin++: Multiple vulnerabilities 2011-11-20Cisco Security Advisory: Cisco WebEx Meetings Player Arbitrary Code Execution 2016-08-31
[ GLSA 201111-08 ] radvd: Multiple vulnerabilities 2011-11-20Cisco Security Advisory: Cisco Wide Area Application Service CIFS DoS Vulnerability 2016-01-27
[ GLSA 201111-09 ] Perl Safe module: Arbitrary Perl code injection 2011-11-20Cisco Security Advisory: Cisco Wireless LAN Controller Denial of Service Vulnerability 2016-04-20
[ GLSA 201111-10 ] Evince: Multiple vulnerabilities 2011-11-20Cisco Security Advisory: Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability 2016-04-20
[ GLSA 201111-11 ] GNU Tar: User-assisted execution of arbitrary code 2011-11-20Cisco Security Advisory: Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability 2016-04-20
[ GLSA 201201-01 ] phpMyAdmin: Multiple vulnerabilities 2012-01-04Cisco Security Advisory: Cisco Wireless LAN Controller Unauthorized Access Vulnerability 2016-01-13
[ GLSA 201201-02 ] MySQL: Multiple vulnerabilities 2012-01-05Cisco Security Advisory: Cisco Wireless Residential Gateway Remote Code Execution Vulnerability 2014-07-16
[ GLSA 201201-03 ] Chromium, V8: Multiple vulnerabilities 2012-01-08Cisco Security Advisory: Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability 2016-03-09
[ GLSA 201201-04 ] Logsurfer: Arbitrary code execution 2012-01-20Cisco Security Advisory: CiscoWorks Common Services Arbitrary Command Execution Vulnerability 2011-10-19
[ GLSA 201201-12 ] Tor: Multiple vulnerabilities 2012-01-23Cisco Security Advisory: CiscoWorks LAN Management Solution Remote Code Execution Vulnerabilities 2011-09-14
[ GLSA 201201-13 ] MIT Kerberos 5: Multiple vulnerabilities 2012-01-23Cisco Security Advisory: Denial of Service Vulnerabilities in Cisco Intercompany Media Engine 2011-08-24
[ GLSA 201201-14 ] MIT Kerberos 5 Applications: Multiple vulnerabilities 2012-01-23Cisco Security Advisory: Denial of Service Vulnerability in Cisco TelePresence Codecs 2011-08-31
[ GLSA 201201-15 ] ktsuss: Privilege escalation 2012-01-27Cisco Security Advisory: Denial of Service Vulnerability in Cisco Video Surveillance IP Cameras 2011-10-26
[ GLSA 201201-16 ] X.Org X Server/X Keyboard Configuration Database: Screen lock bypass 2012-01-27Cisco Security Advisory: Directory Traversal Vulnerability in Cisco Network Admission Control Manager 2011-10-05
[ GLSA 201201-17 ] Chromium: Multiple vulnerabilities 2012-01-28Cisco Security Advisory: GNU Bash Environmental Variable Command Injection Vulnerability 2014-09-26
[ GLSA 201201-18 ] bip: Multiple vulnerabilities 2012-01-30Cisco Security Advisory: GNU glibc gethostbyname Function Buffer Overflow Vulnerability 2015-01-28
[ GLSA 201201-19 ] Adobe Reader: Multiple vulnerabilities 2012-01-30Cisco Security Advisory: Jabber Extensible Communications Platform and Cisco Unified Presence XML Denial of Service Vulnerability 2011-09-28
[ MDVSA-2011:106 ] subversion 2011-06-04Cisco Security Advisory: Multiple Cisco Products libSRTP Denial of Service Vulnerability 2016-04-20
[ MDVSA-2011:107 ] fetchmail 2011-06-07Cisco Security Advisory: Multiple Default SSH Keys Vulnerabilities in Cisco Virtual WSA, ESA, and SMA 2015-06-25
[ MDVSA-2011:108 ] xerces-j2 2011-06-13Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client 2012-06-20
[ MDVSA-2011:109 ] webmin 2011-06-13Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module 2011-10-05
[ MDVSA-2011:110 ] gimp 2011-06-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module 2012-03-14
[ MDVSA-2011:111 ] mozilla 2011-06-22Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module 2012-10-10
[ MDVSA-2011:112 ] blender 2011-07-18Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2013-10-09
[ MDVSA-2011:114 ] blender 2011-07-18Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2014-04-09
[ MDVSA-2011:115 ] bind 2011-07-20Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2014-10-08
[ MDVSA-2011:116 ] curl 2011-07-22Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2015-02-11
[ MDVSA-2011:117 ] krb5-appl 2011-07-22Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software 2015-07-09
[ MDVSA-2011:118 ] wireshark 2011-07-24Cisco Security Advisory: Multiple Vulnerabilities in Cisco Content Security Management Appliance 2013-06-26
[ MDVSA-2011:119 ] libsndfile 2011-07-25Cisco Security Advisory: Multiple Vulnerabilities in Cisco Email Security Appliance 2013-06-26
[ MDVSA-2011:120 ] freetype2 2011-07-27Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module 2011-10-05
[ MDVSA-2011:121 ] samba 2011-07-27Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module 2012-10-10
[ MDVSA-2011:122 ] clamav 2011-08-13Cisco Security Advisory: Multiple Vulnerabilities in Cisco Firewall Services Module Software 2013-10-09
[ MDVSA-2011:123 ] squirrelmail 2011-08-13Cisco Security Advisory: Multiple Vulnerabilities in Cisco Intrusion Prevention System Software 2013-07-17
[ MDVSA-2011:124 ] phpmyadmin 2011-08-14Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS Software Traffic Optimization Features 2012-03-28
[ MDVSA-2011:125 ] foomatic-filters 2011-08-14Cisco Security Advisory: Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers 2013-10-30
[ MDVSA-2011:126 ] java-1.6.0-openjdk 2011-08-15Cisco Security Advisory: Multiple Vulnerabilities in Cisco NX-OS-Based Product 2013-04-24
[ MDVSA-2011:127 ] mozilla 2011-08-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Collaboration Assurance 2015-09-16
[ MDVSA-2011:128 ] dhcp 2011-08-18Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-09-18
[ MDVSA-2011:129 ] mozilla 2011-09-03Cisco Security Advisory: Multiple Vulnerabilities in Cisco Secure Access Control System 2014-01-15
[ MDVSA-2011:130 ] apache 2011-09-04Cisco Security Advisory: Multiple Vulnerabilities in Cisco Small Business RV Series Routers 2014-11-05
[ MDVSA-2011:130-1 ] apache 2011-09-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Immersive Endpoint Devices 2012-07-11
[ MDVSA-2011:131 ] libxml 2011-09-05Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Manager 2012-07-11
[ MDVSA-2011:131-1 ] libxml 2011-10-09Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Multipoint Switch 2012-07-11
[ MDVSA-2011:132 ] pidgin 2011-09-06Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence Recording Server 2012-07-11
[ MDVSA-2011:132-1 ] pidgin 2011-09-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco TelePresence TC and TE Software 2013-06-19
[ MDVSA-2011:133 ] mozilla 2011-09-07Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Domain Manager 2014-07-09
[ MDVSA-2011:133-1 ] mozilla 2011-09-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager 2013-07-17
[ MDVSA-2011:134 ] rsyslog 2011-09-09Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Communications Manager 2013-08-21
[ MDVSA-2011:134-1 ] rsyslog 2011-09-17Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Computing System 2013-04-24
[ MDVSA-2011:135 ] iproute2 2011-09-23Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified Customer Voice Portal Software 2013-05-08
[ MDVSA-2011:136 ] openssl 2011-09-28Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace Web Conferencing 2012-10-31
[ MDVSA-2011:137 ] openssl 2011-09-28Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unity Connection 2012-02-29
[ MDVSA-2011:138 ] wireshark 2011-09-28Cisco Security Advisory: Multiple Vulnerabilities in Cisco Web Security Appliance 2013-06-26
[ MDVSA-2011:139 ] firefox 2011-10-01Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers 2012-02-29
[ MDVSA-2011:140 ] mozilla-thunderbird 2011-10-01Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers 2013-01-23
[ MDVSA-2011:141 ] firefox 2011-10-01Cisco Security Advisory: Multiple Vulnerabilities in Cisco Wireless LAN Controllers 2014-03-05
[ MDVSA-2011:142 ] mozilla-thunderbird 2011-10-01Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 2015-10-22
[ MDVSA-2011:143 ] rpm 2011-10-05Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products 2014-12-23
[ MDVSA-2011:144 ] apache 2011-10-08Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: May 2016 2016-05-04
[ MDVSA-2011:145 ] libxml2 2011-10-09Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: September 2016 2016-09-27
[ MDVSA-2011:146 ] cups 2011-10-10Cisco Security Advisory: Multiple Vulnerabilities in the Cisco Video Surveillance Manager 2013-07-24
[ MDVSA-2011:147 ] cups 2011-10-10Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players 2013-09-04
[ MDVSA-2011:148 ] samba 2011-10-11Cisco Security Advisory: Multiple Vulnerabilities in the Cisco WebEx Recording Format Player 2012-10-10
[ MDVSA-2011:149 ] cyrus-imapd 2011-10-14Cisco Security Advisory: Open Query Interface in Cisco Unified Communications Manager and Cisco Unified Presence Server 2011-08-24
[ MDVSA-2011:150 ] squid 2011-10-15Cisco Security Advisory: OpenSSL Alternative Chains Certificate Forgery Vulnerability (July 2015) Affecting Cisco Products 2015-07-10
[ MDVSA-2011:151 ] libpng 2011-10-17Cisco Security Advisory: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products 2014-04-09
[ MDVSA-2011:152 ] ncompress 2011-10-17Cisco Security Advisory: Portable SDK for UPnP Devices Contains Buffer Overflow Vulnerabilities 2013-01-29
[ MDVSA-2011:153 ] libxfont 2011-10-17Cisco Security Advisory: Vulnerability in GNU glibc Affecting Cisco Products: February 2016 2016-02-18
[ MDVSA-2011:154 ] systemtap 2011-10-17Cisco Security Advisory: Vulnerability in Java Deserialization Affecting Cisco Products 2015-12-09
[ MDVSA-2011:155 ] systemtap 2011-10-17Cisco Security Advisory:Cisco Application Policy Infrastructure Controller Enterprise Module Remote Code Execution Vulnerability 2016-08-17
[ MDVSA-2011:156 ] tomcat5 2011-10-18Cisco Security Advisory:Cisco Unified Computing System Central Software Arbitrary Command Execution Vulnerability 2016-04-13
[ MDVSA-2011:157 ] freetype2 2011-10-21Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability 2016-03-09
[ MDVSA-2011:158 ] phpmyadmin 2011-10-21Cisco Security Response: Cisco IOS and Cisco IOS XE Type 4 Passwords Issue 2013-03-18
[ MDVSA-2011:159 ] krb5 2011-10-22Cisco Systems Product Security Incident Response Team (psirt cisco com) 
[ MDVSA-2011:160 ] krb5 2011-10-22Cisco TelePresence Multiple Vulnerabilities - SOS-11-010 2011-09-19
[ MDVSA-2011:161 ] postgresql 2011-10-24Cisco Video Surveillance Operations Manager Multiple vulnerabilities 2013-03-13
[ MDVSA-2011:162 ] kdelibs4 2011-11-01Cisco/Linksys E1200 N300 Reflected XSS 2013-04-29
[ MDVSA-2011:163 ] phpldapadmin 2011-11-02Cisco/Linksys HTTP Service Remote DoS (Denial of Service) 2013-04-24
[ MDVSA-2011:164 ] wireshark 2011-11-02Citrix Receiver, XenDesktop "Pass-the-hash" Attack 2011-12-14
[ MDVSA-2011:165 ] php 2011-11-03CitrusDB 2.4.1 - LFI/SQLi Vulnerability 2012-04-07
[ MDVSA-2011:166 ] php 2011-11-03CJWSoft ASPGuest GuestBook 'edit.asp' - SQL Injection Vulnerability 2012-02-23
[ MDVSA-2011:167 ] gimp 2011-11-04Classic Infomedia (Login) - Auth Bypass Web Vulnerability 2016-01-27
[ MDVSA-2011:168 ] apache 2011-11-09Classified Ads Script PHP v1.1 - SQL Injection Vulnerabilities 2012-07-04
[ MDVSA-2011:170 ] java-1.6.0-openjdk 2011-11-11Clean Master v1.0 - Unquoted Path Privilege Escalation 2016-10-05
[ MDVSA-2011:171 ] networkmanager 2011-11-11ClipBucket CMS Xss Vulnerability 2014-06-14
[ MDVSA-2011:172 ] libreoffice 2011-11-12CLscript CMS v3.0 - Multiple Web Vulnerabilities 2012-07-04
[ MDVSA-2011:173 ] openssl0.9.8 2011-11-12ClubHack Magazine's April 2012 Issue is released. 2012-04-17
[ MDVSA-2011:174 ] graphite2 2011-11-14ClubHack2012 CFP Open Now 2012-07-05
[ MDVSA-2011:175 ] poppler 2011-11-15CM-AD-Changer XSS Vulnerability 2016-04-23
[ MDVSA-2011:176 ] bind 2011-11-17CMSimple_XH 1.5.2 Cross-site Scripting vulnerability 2012-03-21
[ MDVSA-2011:176-1 ] bind 2011-11-17CMSQLITE v1.3.2 - Multiple Web Vulnerabiltiies 2012-10-19
[ MDVSA-2011:176-2 ] bind 2011-11-18CmyDocument Content Management Application - XSS Vulnerabilities 2011-11-02
[ MDVSA-2011:177 ] freetype2 2011-11-21CNNVD Gov CN #1 - Filter Bypass & Persistent Web Vulnerability 2014-02-21
[ MDVSA-2011:178 ] glibc 2011-11-25Cobi Tools v1.0.8 iOS - Persistent Web Vulnerability 2017-01-11
[ MDVSA-2011:179 ] glibc 2011-11-25CobraScripts (search_result.php?cid) Remote SQL injection Vulnerability 2011-07-24
[ MDVSA-2011:180 ] php-suhosin 2011-11-28CobraScripts (selloffers.php?cid) Remote SQL injection Vulnerability 2011-07-28
[ MDVSA-2011:181 ] proftpd 2011-12-07CodeIgniter <= 2.1.1 xss_clean() Cross Site Scripting filter bypass 2012-07-20
[ MDVSA-2011:182 ] dhcp 2011-12-08Coherendz (products.php?cat_id) Remote SQL injection Vulnerability 2011-07-28
[ MDVSA-2011:183 ] pidgin 2011-12-11Colasoft Capsa7.2.1 Malformed SNMP Packet Denial of Service 2011-09-14
[ MDVSA-2011:184 ] krb5 2011-12-12CollabNet Subversion Edge missing single login restriction 2015-06-28
[ MDVSA-2011:185 ] libcap 2011-12-12CollabNet Subversion Edge missing XSRF protection 2015-06-28
[ MDVSA-2011:186 ] nfs-utils 2011-12-12CollabNet Subversion Edge weak password policy 2015-06-28
[ MDVSA-2011:187 ] php-pear 2011-12-15CollabNet Subversion Edge weak password storage mechanism 2015-06-28
[ MDVSA-2011:188 ] libxml2 2011-12-15COM+ Services DLL side loading vulnerability 2015-12-12
[ MDVSA-2011:189 ] jasper 2011-12-16Command Injection in cool-video-gallery v1.9 Wordpress plugin 2015-12-07
[ MDVSA-2011:190 ] libarchive 2011-12-18Command injection vulnerability in Synology Photo Station 2015-05-25
[ MDVSA-2011:191 ] libarchive 2011-12-19Commentics 2.0 <= Multiple Vulnerabilities 2012-06-20
[ MDVSA-2011:192 ] mozilla 2011-12-24CommPort 1.01 <= SQL Injection Vulnerability 2012-08-27
[ MDVSA-2011:193 ] squid 2011-12-27Community Server - Reflected Cross-Site Scripting - 2011-08-04
[ MDVSA-2011:194 ] icu 2011-12-27Community Server - Stored Cross-Site Scripting in User's Signature 2011-08-04
[ MDVSA-2011:195 ] krb5-appl 2011-12-28Compal ConnectBox Wireless - Passphrase Settings Filter Bypass Vulnerability 2016-02-03
[ MDVSA-2011:196 ] ipmitool 2011-12-28ComSndFTP Server Remote Format String Overflow Vulnerability 2012-06-07
[ MDVSA-2011:197 ] php 2011-12-30Concrete CMS 5.4.1.1 <= Cross Site Scripting 2011-08-22
[ MDVSA-2011:198 ] phpmyadmin 2012-01-01CONFidence - May, 28-29, Krakow, Poland - a conference adventure that never stops! 2013-05-17
[ MDVSA-2012:001 ] fcgi 2012-01-02CONFidence 2013 - Call for Papers - 28-29.05.2013 Krakow, Poland 2013-02-25
[ MDVSA-2012:002 ] t1lib 2012-01-02Confluence Vulnerabilities 2016-01-04
[ MDVSA-2012:003 ] apache 2012-01-10Construtiva CIS Manager CMS POST SQLi 2014-05-19
[ MDVSA-2012:004 ] t1lib 2012-01-12Contao 2.10.1 Cross-site scripting vulnerability 2011-10-08
[ MDVSA-2012:005 ] libxml2 2012-01-16Contenido v4.9.11 CMS - (Backend) Multiple XSS Vulnerabilities 2016-10-11
[ MDVSA-2012:006 ] openssl 2012-01-16Cookie hijacking: Internet Explorer UXSS (CVE-2015-0072) 2015-02-09
[ MDVSA-2012:007 ] openssl 2012-01-16Copy to WebDAV v1.1 iOS - Multiple Web Vulnerabilities 2013-08-16
[ MDVSA-2012:008 ] perl 2012-01-18CORE Advisories Team (advisories coresecurity com) 
[ MDVSA-2012:009 ] perl 2012-01-18Core FTP LE v2.2 Remote SSH/SFTP Buffer Overflow 2016-11-27
[ MDVSA-2012:010 ] cacti 2012-01-20CORE-2010-1021: IBM WebSphere Application Server Cross-Site Request Forgery 2011-06-15
[ MDVSA-2012:011 ] openssl 2012-01-29CORE-2011-0106: Microsoft Publisher 2007 Pubconv.dll Memory Corruption 2011-10-12
[ MDVSA-2012:012 ] apache 2012-02-02CORE-2011-0203 - MS HyperV Persistent DoS Vulnerability 2011-06-14
[ MDVSA-2012:013 ] mozilla 2012-02-03CORE-2011-0506 - Multiples Vulnerabilities in ManageEngine ServiceDesk Plus 2011-09-14
[ MDVSA-2012:014 ] glpi 2012-02-06CORE-2011-0514: Multiple vulnerabilities in HP Data Protector 2011-06-29
[ MDVSA-2012:015 ] wireshark 2012-02-09CORE-2011-0606: HP Data Protector EXEC_CMD Buffer Overflow Vulnerability 2011-06-29
[ MDVSA-2012:016 ] glpi 2012-02-10CORE-2011-0919: Apple OS X Sandbox Predefined Profiles Bypass 2011-11-10
[ MDVSA-2012:017 ] firefox 2012-02-12CORE-2011-1123 - Windows Kernel ReadLayoutFile Heap Overflow 2012-07-17
[ MDVSA-2012:018 ] mozilla-thunderbird 2012-02-13CORE-2012-0123 - SAP Netweaver Dispatcher Multiple Vulnerabilities 2012-05-08
[ MDVSA-2012:019 ] apr 2012-02-14CORE-2012-0530 - Lattice Diamond Programmer Buffer Overflow 2012-06-21
[ MDVSA-2012:020 ] phpldapadmin 2012-02-15CORE-2012-1128 - SAP Netweaver Message Server Multiple Vulnerabilities 2013-02-15
[ MDVSA-2012:021 ] java-1.6.0-openjdk 2012-02-17CORE-2013-0302 - Zavio IP Cameras multiple vulnerabilities 2013-05-28
[ MDVSA-2012:022 ] libpng 2012-02-22CORE-2013-0318 - TP-Link IP Cameras Multiple Vulnerabilities 2013-05-28
[ MDVSA-2012:022 ] mozilla 2012-02-23CORE-2013-0322 - MayGion IP Cameras multiple vulnerabilities 2013-05-28
[ MDVSA-2012:022-1 ] mozilla 2012-02-28CORE-2013-0430 - Buffer overflow in Ubiquiti airCam RTSP service 2013-06-11
[ MDVSA-2012:023 ] libvpx 2012-02-27CORE-2013-0517 - Xpient Cash Drawer Operation Vulnerability 2013-06-05
[ MDVSA-2012:023 ] libxml2 2012-02-22CORE-2013-0613 - FOSCAM IP-Cameras Improper Access Restrictions 2013-07-23
[ MDVSA-2012:023-1 ] libvpx 2012-02-28CORE-2013-0701 - Artweaver Buffer Overflow Vulnerability 2013-07-22
[ MDVSA-2012:025 ] samba 2012-02-28CORE-2013-0704 - Vivotek IP Cameras RTSP Authentication Bypass 2013-11-05
[ MDVSA-2012:026 ] postgresql 2012-02-29CORE-2013-0705 - XnView Buffer Overflow Vulnerability 2013-07-22
[ MDVSA-2012:027 ] postgresql8.3 2012-02-29CORE-2013-0726 - AVTECH DVR multiple vulnerabilities 2013-08-28
[ MDVSA-2012:028 ] libxslt 2012-03-01CORE-2013-0807 - Divide Error in Windows Kernel 2013-12-11
[ MDVSA-2012:029 ] pidgin 2012-03-16CORE-2013-0808 - EPS Viewer Buffer Overflow Vulnerability 2013-08-28
[ MDVSA-2012:030 ] systemd 2012-03-16CORE-2013-0828 - PDFCool Studio Buffer Overflow Vulnerability 2013-10-01
[ MDVSA-2012:031 ] firefox 2012-03-17CORE-2013-0904 - PinApp Mail-SeCure Access Control Failure 2013-10-01
[ MDVSA-2012:032 ] mozilla 2012-03-20CORE-2013-1107 - IcoFX Buffer Overflow Vulnerability 2013-12-10
[ MDVSA-2012:032-1 ] mozilla 2012-04-17Corel Software DLL Hijacking 2015-01-12
[ MDVSA-2012:033 ] libpng 2012-03-21Corrections about Squid/McAfee URL Filtering Bypass 2012-04-30
[ MDVSA-2012:034 ] libzip 2012-03-23Cosmoshop - XSS on Admin-Login Mask 2015-02-14
[ MDVSA-2012:035 ] file 2012-03-23Crashing Android devices with large Assisted-GPS Data Files [CVE-2016-5348] 2016-10-10
[ MDVSA-2012:036 ] libsoup 2012-03-23Crashing Browsers Remotely via Insecure Search Suggestions 2016-07-26
[ MDVSA-2012:037 ] cyrus-imapd 2012-03-23CreatiWeb Remote SQL injection Vulnerability 2011-08-24
[ MDVSA-2012:038 ] openssl 2012-03-26Critical issues affecting Steam users 2012-10-15
[ MDVSA-2012:039 ] libtasn1 2012-03-27Critical vulnerabilities discovered in Gazelle and TBDEV.net 2013-10-15
[ MDVSA-2012:040 ] gnutls 2012-03-27Cross site request forgery vulnerability in Linksys WAG120N 2015-08-23
[ MDVSA-2012:041 ] expat 2012-03-27Cross Site Scripting Vulnerability In Verint Impact 360 2016-11-08
[ MDVSA-2012:042 ] wireshark 2012-03-28Cross Site Scription Vulnerability in vBulletin 4.1.3, 4.1.4 and 4.1.5 2011-08-02
[ MDVSA-2012:043 ] nginx 2012-03-29Cross-Site Request Forgery (CSRF) in CMS Made Simple 2012-11-07
[ MDVSA-2012:044 ] cvs 2012-03-29Cross-Site Request Forgery (CSRF) in UMI.CMS 2013-05-08
[ MDVSA-2012:045 ] gnutls 2012-03-30Cross-Site Request Forgery (CSRF) Vulnerability in ManageEngine Network 2016-01-29
[ MDVSA-2012:050 ] phpmyadmin 2012-04-03Cross-Site Request Forgery in ALO EasyMail Newsletter WordPress Plugin 2016-08-01
[ MDVSA-2012:051 ] libvorbis 2012-04-03Cross-Site Request Forgery in Cerb 2015-09-02
[ MDVSA-2012:052 ] libvorbis 2012-04-03Cross-Site Request Forgery on Oxwall 2015-10-29
[ MDVSA-2012:053 ] ocsinventory 2012-04-04Cross-Site Request Forgery vulnerability in Add From Server WordPress Plugin 2016-08-08
[ MDVSA-2012:054 ] libtiff 2012-04-05Cross-Site Scripting (XSS) in BackWPup WordPress Plugin 2013-08-21
[ MDVSA-2012:055 ] samba 2012-04-11Cross-Site Scripting (XSS) in Duplicator WordPress Plugin 2013-07-24
[ MDVSA-2012:056 ] rpm 2012-04-12Cross-Site Scripting (XSS) in Feng Office 2013-10-09
[ MDVSA-2012:057 ] freetype2 2012-04-12Cross-Site Scripting (XSS) in Ilch CMS 2014-03-05
[ MDVSA-2012:058 ] curl 2012-04-13Cross-Site Scripting (XSS) in Kayako Fusion 2012-09-05
[ MDVSA-2012:059 ] python-sqlalchemy 2012-04-16Cross-Site Scripting (XSS) in Komento Joomla Extension 2014-01-23
[ MDVSA-2012:060 ] openssl 2012-04-19Cross-Site Scripting (XSS) in Magnolia CMS 2013-07-24
[ MDVSA-2012:061 ] raptor 2012-04-21Cross-Site Scripting (XSS) in Microsoft ReportViewer Controls 2011-08-22
[ MDVSA-2012:062 ] openoffice.org 2012-04-21Cross-Site Scripting (XSS) in Photo Gallery WordPress plugin 2014-10-01
[ MDVSA-2012:063 ] libreoffice 2012-04-21Cross-Site Scripting (XSS) in Pivotx 2012-05-09
[ MDVSA-2012:064 ] openssl0.9.8 2012-04-24Cross-Site Scripting (XSS) in qTranslate WordPress Plugin 2015-07-29
[ MDVSA-2012:065 ] php 2012-04-27Cross-Site Scripting (XSS) in Redaxo 2012-07-25
[ MDVSA-2012:066 ] mozilla 2012-04-27Cross-Site Scripting (XSS) in Tweet Blender Wordpress Plugin 2013-11-15
[ MDVSA-2012:067 ] samba 2012-05-01Cross-Site Scripting (XSS) in Twilight CMS 2013-08-21
[ MDVSA-2012:068-1 ] php 2012-05-10Cross-Site Scripting (XSS) in WikkaWiki 2013-09-11
[ MDVSA-2012:069 ] cifs-utils 2012-05-04Cross-Site Scripting (XSS) Vulnerabilities in Flogr 2012-09-05
[ MDVSA-2012:070 ] samba 2012-05-04Cross-Site Scripting (XSS) Vulnerability in CommentLuv WordPress Plugin 2013-02-06
[ MDVSA-2012:071 ] php 2012-05-10Cross-Site Scripting (XSS) vulnerability in gpEasy 2013-01-23
[ MDVSA-2012:072 ] roundcubemail 2012-05-10Cross-Site Scripting (XSS) vulnerability in Quick.Cms and Quick.Cart 2013-01-09
[ MDVSA-2012:073 ] openssl 2012-05-11Cross-Site Scripting | Zeuscart V4 2015-11-02
[ MDVSA-2012:074 ] ffmpeg 2012-05-14Cross-Site Scripting in Activity Log WordPress Plugin 2016-08-03
[ MDVSA-2012:074-1 ] ffmpeg 2012-08-30Cross-Site Scripting in Calendar WordPress Plugin 2016-11-08
[ MDVSA-2012:075 ] ffmpeg 2012-05-15Cross-Site Scripting in Code Snippets WordPress Plugin 2016-07-24
[ MDVSA-2012:076 ] ffmpeg 2012-05-15Cross-Site Scripting in Contact Bank WordPress Plugin 2016-08-01
[ MDVSA-2012:077 ] imagemagick 2012-05-17Cross-Site Scripting in Contact Form to Email WordPress Plugin 2016-07-24
[ MDVSA-2012:078 ] imagemagick 2012-05-17Cross-Site Scripting in Count per Day WordPress Plugin 2016-08-04
[ MDVSA-2012:079 ] sudo 2012-05-21Cross-site Scripting in EventLog Analyzer 9.0 build #9000 2014-07-22
[ MDVSA-2012:080 ] wireshark 2012-05-23Cross-Site Scripting in FormBuilder WordPress Plugin 2016-08-04
[ MDVSA-2012:081 ] firefox 2012-05-24Cross-Site Scripting in Uji Countdown WordPress Plugin 2016-08-02
[ MDVSA-2012:082 ] pidgin 2012-05-28Cross-Site Scripting in WangGuard WordPress Plugin 2016-08-02
[ MDVSA-2012:083 ] util-linux 2012-05-29Cross-Site Scripting in WordPress Landing Pages Plugin 2016-08-03
[ MDVSA-2012:084 ] ncpfs 2012-05-29Cross-Site Scripting Vuln in Zoho ManageEngine ADSelfServicePlus 2011-11-17
[ MDVSA-2012:085 ] tomcat5 2012-05-30Cross-Site Scripting vulnerability in Booking Calendar WordPress Plugin 2016-08-01
[ MDVSA-2012:086 ] acpid 2012-05-31Cross-Site Scripting vulnerability in Events Made Easy WordPress plugin 2016-08-04
[ MDVSA-2012:087 ] nut 2012-06-05Cross-site scripting vulnerability in Invision Power Board version 3.2.3 2012-03-29
[ MDVSA-2012:088 ] mozilla 2012-06-09Cross-Site Scripting vulnerability in Quotes Collection WordPress Plugin 2016-11-08
[ MDVSA-2012:088-1 ] mozilla 2012-06-23Cross-Site Scripting vulnerability in search function Activity Log WordPress Plugin 2016-08-03
[ MDVSA-2012:089 ] bind 2012-06-10CRUCMS Crucial Networking - SQL Injection Vulnerability 2015-05-18
[ MDVSA-2012:090 ] openoffice.org 2012-06-14Crushftp 7.2.0 - Multiple CSRF & XSS Vulnerabilitiesþ 2015-02-17
[ MDVSA-2012:091 ] libreoffice 2012-06-14Crystal Office Suite v1.43 - Buffer Overflow Vulnerability 2012-04-12
[ MDVSA-2012:091 ] libreoffice 2012-06-15CsForum v0.8 - Cross Site Scripting Vulnerability 2012-04-08
[ MDVSA-2012:092 ] postgresql 2012-06-15CSNC-2012-004 Generic XSS in AdNovum nevisProxy 2012-06-14
[ MDVSA-2012:093 ] php 2012-06-15CSNC-2016-002 - Open Redirect in OpenAM 2016-02-23
[ MDVSA-2012:094 ] clamav 2012-06-18CSRF - MySQL / PHP.INI Hijacking 2016-04-09
[ MDVSA-2012:095 ] java-1.6.0-openjdk 2012-06-18CSRF (Cross-Site Request Forgery) in DClassifieds 2012-01-25
[ MDVSA-2012:096 ] python 2012-06-20CSRF and Remote Code Execution in EGroupware 2014-05-14
[ MDVSA-2012:096-1 ] python 2012-07-02CSRF and XsS In Manage Engine oputils 2016-02-15
[ MDVSA-2012:097 ] python 2012-06-20CSRF Horde Groupware Web mail Edition 2013-11-03
[ MDVSA-2012:098 ] libxml2 2012-06-21CSV Import XSS Vulnerability 2016-02-24
[ MDVSA-2012:099 ] net-snmp 2012-06-21CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability [Updated] 2012-02-19
[ MDVSA-2012:100 ] rsyslog 2012-06-25CubeCart 3.0.20 (3.0.x) and lower | Open URL Redirection Vulnerability 2012-02-10
[ MDVSA-2012:101 ] libtiff 2012-07-04CubeCart 5.x | Cross Site Request Forgery (CSRF) Vulnerability 2013-01-01
[ MDVSA-2012:102 ] krb5 2012-07-06CubeCart 5.x | Multiple Cross Site Scripting Vulnerabilities 2013-01-01
[ MDVSA-2012:103 ] automake 2012-07-12Curl Ruby Gem Remote command execution 2013-03-15
[ MDVSA-2012:104 ] openjpeg 2012-07-12CVE 2016-6803: Apache OpenOffice Unquoted Search Path Vulnerability 2016-11-25
[ MDVSA-2012:105 ] pidgin 2012-07-12CVE for Apple's ECDHE-ECDSA SecureTransport bug? 2015-05-20
[ MDVSA-2012:106 ] libexif 2012-07-13CVE ID Syntax Change - Call for Public Feedback 2013-01-23
[ MDVSA-2012:107 ] exif 2012-07-13CVE ID Syntax Change - Deadline Approaching 2014-09-17
[ MDVSA-2012:108 ] php 2012-07-23CVE ID Syntax Change - Deadline Approaching 2014-09-18
[ MDVSA-2012:109 ] libxslt 2012-07-23CVE-2010-2404 | Persistent Cross Site Scripting Vulnerability in Oracle I-Recruitment - E-Business Suite 2011-07-13
[ MDVSA-2012:110 ] mozilla 2012-07-24CVE-2011-0527: VMware vFabric tc Server password obfuscation bypass 2011-08-11
[ MDVSA-2012:110-1 ] mozilla 2012-07-30CVE-2011-2664 Symlink Following and Second-Order Symlink Vulnerabilities in Multiple Check Point Security Management Products 2011-08-16
[ MDVSA-2012:111 ] krb5 2012-08-01CVE-2011-2730: Spring Framework Information Disclosure 2011-09-09
[ MDVSA-2012:111 ] libgdata 2012-07-25CVE-2011-2731: Spring Security privilege escalation when using RunAsManager 2011-09-09
[ MDVSA-2012:112 ] perl-DBD-Pg 2012-07-26CVE-2011-2732: Spring Security header injection vulnerability 2011-09-09
[ MDVSA-2012:113 ] arpwatch 2012-07-26CVE-2011-2894: Spring Framework and Spring Security serialization-based remoting vulnerabilities 2011-09-09
[ MDVSA-2012:114 ] apache-mod_auth_openid 2012-07-26CVE-2011-3682: 2WIRE-SINGTEL 2701HGV-E/2700HGV-2/2700HG GATEWAY ROUTER MANAGEMENT AND DIAGNOSTIC CONSOLE VULNERABILITY 2011-10-31
[ MDVSA-2012:115 ] dhcp 2012-07-26CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) 2012-03-24
[ MDVSA-2012:116 ] dhcp 2012-07-26CVE-2012-0769, the case of the perfect info leak 2012-04-09
[ MDVSA-2012:117 ] python-pycrypto 2012-07-27CVE-2012-0803: Apache CXF does not validate UsernameToken policies correctly 2012-02-07
[ MDVSA-2012:118 ] apache-mod_security 2012-07-27CVE-2012-1149 OpenOffice.org integer overflow error in vclmi.dll module when allocating memory for an embedded image object 2012-05-16
[ MDVSA-2012:119 ] bind 2012-07-29CVE-2012-1661 - ESRI ArcMap arbitrary code execution via crafted map file. 2012-06-13
[ MDVSA-2012:121 ] libjpeg-turbo 2012-08-01CVE-2012-2149 OpenOffice.org memory overwrite vulnerability 2012-05-16
[ MDVSA-2012:122 ] icedtea-web 2012-08-02CVE-2012-2334 Vulnerabilities related to malformed Powerpoint files in OpenOffice.org 3.3.0 2012-05-16
[ MDVSA-2012:125 ] wireshark 2012-08-06CVE-2012-2380: Apache Roller Cross-Site-Resource-Forgery (XSRF) vulnerability 2012-06-24
[ MDVSA-2012:126 ] libxml2 2012-08-08CVE-2012-2381: Apache Roller Cross-Site-Scripting (XSS) vulnerability 2012-06-24
[ MDVSA-2012:127 ] libtiff 2012-08-08CVE-2012-2665 Manifest-processing errors in Apache OpenOffice 3.4.0 2012-08-27
[ MDVSA-2012:128 ] bash 2012-08-09CVE-2012-3287: md5crypt is no longer considered safe 2012-06-08
[ MDVSA-2012:129 ] busybox 2012-08-10CVE-2012-3819: Stack Overflow in DartWebserver.dll <= 1.9 2012-09-28
[ MDVSA-2012:129-1 ] busybox 2012-08-10CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers 2012-11-19
[ MDVSA-2012:130 ] openldap 2012-08-11CVE-2012-4415: guacamole local root vulnerability 2012-09-24
[ MDVSA-2012:131 ] libotr 2012-08-13CVE-2012-5641 Apache CouchDB Information disclosure via unescaped backslashes in URLs on Windows 2013-01-14
[ MDVSA-2012:132 ] glpi 2012-08-15CVE-2012-5649 Apache CouchDB JSONP arbitrary code execution with Adobe Flash 2013-01-14
[ MDVSA-2012:133 ] usbmuxd 2012-08-16CVE-2012-5650 Apache CouchDB DOM based Cross-Site Scripting via Futon UI 2013-01-14
[ MDVSA-2012:134 ] wireshark 2012-08-16CVE-2012-6297 - Command Injection via CSRF on DD-WRT v24-sp2 2013-07-12
[ MDVSA-2012:136 ] phpmyadmin 2012-08-17CVE-2012-6451 Authentication Bypass in LOREX IP Cameras 2013-02-05
[ MDVSA-2012:137 ] acpid 2012-08-17CVE-2012-6452 Axway Secure Messenger Username Disclosure 2013-01-17
[ MDVSA-2012:138 ] acpid 2012-08-17CVE-2012-6493 - Nexpose Security Console - Cross-Site Request Forgery (CSRF) 2013-01-03
[ MDVSA-2012:139 ] postgresql 2012-08-19CVE-2012-6494 - Nexpose Security Console - Session Hijacking 2013-01-03
[ MDVSA-2012:140 ] mono 2012-08-20CVE-2013-0090: MSIE 9 IEFRAME CView::EnsureSize use-after-free 2016-12-16
[ MDVSA-2012:141 ] openslp 2012-08-21CVE-2013-0162 rubygem-ruby_parser: incorrect temporary file usage / Public Service Announcement 2013-02-22
[ MDVSA-2012:142 ] gimp 2012-08-21CVE-2013-0805 / CSNC-2013-001 2013-01-23
[ MDVSA-2012:143 ] python-django 2012-08-23CVE-2013-1306: MSIE 9 MSHTML CDisp­Node::Insert­Sibling­Node use-after-free details 2016-12-08
[ MDVSA-2012:144 ] tetex 2012-08-28CVE-2013-1402 - DigiLIBE Management Console - Execution After Redirect (EAR) Vulnerability 2013-01-22
[ MDVSA-2012:147 ] mozilla-thunderbird 2012-08-29CVE-2013-2071 Request mix-up if AsyncListener method throws RuntimeException 2013-05-10
[ MDVSA-2012:148 ] ffmpeg 2012-08-30CVE-2013-2210 2013-06-27
[ MDVSA-2012:149 ] fetchmail 2012-09-01CVE-2013-2504 : Matrix42 Service Desk XSS 2013-04-18
[ MDVSA-2012:150 ] java-1.6.0-openjdk 2012-09-10CVE-2013-3143: MSIE 9 IEFRAME CMarkup..Remove­Pointer­Pos use-after-free 2016-12-14
[ MDVSA-2012:151 ] ghostscript 2012-09-12CVE-2013-3496. Local privilege escalation vulnerability in Infotecs products (ViPNet Client\Coordinator, SafeDisk, Personal Firewall) 2013-05-20
[ MDVSA-2012:152 ] bind 2012-09-13CVE-2013-3568 - Linksys CSRF + Root Command Injection 2013-07-12
[ MDVSA-2012:152-1 ] bind 2012-10-02CVE-2013-3662 - Sketchup MAC Pict Material Palette Stack Corruption 2013-05-31
[ MDVSA-2012:153 ] dhcp 2012-09-16CVE-2013-3663 - SketchUp BMP RLE8 Heap Overflow 2013-05-31
[ MDVSA-2012:153-1 ] dhcp 2012-10-02CVE-2013-3664 - Sketchup Multiple Vulnerabilities 2013-05-31
[ MDVSA-2012:154 ] apache 2012-09-28CVE-2013-3724 Monkey HTTPD 1.1.1 - Denial of Service Vulnerability 2013-06-04
[ MDVSA-2012:154-1 ] apache 2012-10-01CVE-2013-3734 - JBoss AS Administration Console - Password Returned in Later Response 2013-06-04
[ MDVSA-2012:155 ] xinetd 2012-09-28CVE-2013-3843 Monkey HTTPD 1.2.0 - Buffer Overflow DoS Vulnerability With Possible Arbitrary Code Execution 2013-06-04
[ MDVSA-2012:155-1 ] xinetd 2012-10-02CVE-2013-4124 samba nttrans dos private exploit 2013-08-21
[ MDVSA-2012:156 ] inn 2012-10-02CVE-2013-4152 XML External Entity (XXE) injection in Spring Framework 2013-08-22
[ MDVSA-2012:157 ] openjpeg 2012-10-03CVE-2013-4200 - Plone URL redirection / Forwarding of cookie data (session hijack) in certain browsers 2014-01-16
[ MDVSA-2012:158 ] gc 2012-10-03CVE-2013-4425: Private key disclosure, Osirix (lite, 64bit and FDA cleader version) (Medical Application) 2013-11-06
[ MDVSA-2012:159 ] freeradius 2012-10-03CVE-2013-4788 - Eglibc PTR MANGLE bug 2013-07-15
[ MDVSA-2012:162 ] bind 2012-10-10CVE-2013-5118 - XSS Good for Enterprise iOS 2013-09-24
[ MDVSA-2012:163 ] firefox 2012-10-11CVE-2013-5210 Adtran Netvanta Remote Code Injection via XSS 2013-09-18
[ MDVSA-2012:164 ] libxslt 2012-10-11CVE-2013-5216 CapaSystems Performance Guard Path Traversal Vulnerability 2013-08-29
[ MDVSA-2012:165 ] graphicsmagick 2012-10-12CVE-2013-5694 Blind SQL Injection in Ops View 2013-10-28
[ MDVSA-2012:166 ] bacula 2012-10-12CVE-2013-6429 Fix for XML External Entity (XXE) injection (CVE-2013-4152) in Spring Framework was incomplete 2014-01-14
[ MDVSA-2012:167 ] firefox 2012-10-13CVE-2013-6430 Possible XSS when using Spring MVC 2014-01-14
[ MDVSA-2012:168 ] hostapd 2012-10-22CVE-2013-6795 Vulnerability in the Rackspace Windows Agent and Updater 2013-11-22
[ MDVSA-2012:169 ] java-1.6.0-openjdk 2012-11-01CVE-2013-6825 DCMTK Root Privilege escalation 2014-06-02
[ MDVSA-2012:170 ] firefox 2012-11-02CVE-2014-0160 mitigation using iptables 2014-04-09
[ MDVSA-2012:171 ] icedtea-web 2012-11-09CVE-2014-0228: Apache Hive Authorization vulnerability 2014-06-12
[ MDVSA-2012:172 ] libproxy 2012-11-19CVE-2014-1215 - Local Code Execution in CoreFTP Core FTP Server 2014-02-18
[ MDVSA-2012:173 ] firefox 2012-11-21CVE-2014-1217 - Unauthenticated access to sensitive information and functionality in Livetecs Timelive 2014-04-23
[ MDVSA-2012:174 ] libtiff 2012-11-22CVE-2014-1226 s3dvt Root shell (still) 2014-06-02
[ MDVSA-2012:175 ] libssh 2012-11-29CVE-2014-1599 - 39 Type-1 XSS in SFR DSL/Fiber Box 2014-03-05
[ MDVSA-2013:001 ] gnupg 2013-01-02CVE-2014-1785: MSIE 11 MSHTML CSpliceTreeEngine::RemoveSplice use-after-free 2016-12-20
[ MDVSA-2013:002 ] firefox 2013-01-09CVE-2014-2025 Remote Code Execution (RCE) in "Intrexx Professional" 2014-12-14
[ MDVSA-2013:003 ] rootcerts 2013-01-09CVE-2014-2026 Reflected Cross-Site Scripting (XSS) in "Intrexx Professional" 2014-12-14
[ MDVSA-2013:004 ] tomcat5 2013-01-10CVE-2014-2042 - Unrestricted file upload in Livetecs Timelive 2014-04-23
[ MDVSA-2013:005 ] perl 2013-01-28CVE-2014-2044 - Remote Code Execution in ownCloud 2014-03-06
[ MDVSA-2013:007 ] mysql 2013-02-05CVE-2014-2232 - "Absolute Path Traversal" (CWE-36) vulnerability in "infoware MapSuite" 2014-06-01
[ MDVSA-2013:008 ] mysql 2013-02-06CVE-2014-2233 - "Server-Side Request Forgery" (CWE-918) vulnerability in "infoware MapSuite" 2014-06-01
[ MDVSA-2013:009 ] libssh 2013-02-09CVE-2014-2383 - Arbitrary file read in dompdf 2014-04-23
[ MDVSA-2013:010 ] java-1.6.0-openjdk 2013-02-11CVE-2014-2385 - Multiple Cross Site Scripting in Sophos Antivirus Configuration Console (Linux) 2014-06-25
[ MDVSA-2013:011 ] samba 2013-02-13CVE-2014-2595 - Authentication Bypass in Barracuda Web Application Firewall 2014-08-04
[ MDVSA-2013:012 ] postgresql 2013-02-15CVE-2014-2597 - Denial of Service in PCNetSoftware RAC Server 2014-04-16
[ MDVSA-2013:013 ] squid 2013-02-20CVE-2014-2735 - WinSCP: missing X.509 validation 2014-04-16
[ MDVSA-2013:018 ] openssl 2013-03-06CVE-2014-2843 - "Reflected Cross-Site Scripting (XSS)" (CWE-79) vulnerability in "infoware MapSuite" 2014-06-01
[ MDVSA-2013:019 ] gnutls 2013-03-07CVE-2014-3074 - Runtime Linker Allows Privilege Escalation Via Arbitrary File Writes in IBM AIX 2014-07-08
[ MDVSA-2013:020 ] wireshark 2013-03-08CVE-2014-3446 - Unauthenticated Blind SQL Injection in BSS Continuity CMS 2014-05-20
[ MDVSA-2013:021 ] java-1.6.0-openjdk 2013-03-08CVE-2014-3447 - Remote Denial Of Service in BSS Continuity CMS 2014-05-20
[ MDVSA-2013:022 ] openssh 2013-03-13CVE-2014-3448 - Remote Code Execution Via Unauthenticated File Upload in BSS Continuity CMS 2014-05-20
[ MDVSA-2013:023 ] coreutils 2013-03-13CVE-2014-3450 - Privilege Escalation in Panda Security 2014-05-20
[ MDVSA-2013:024 ] firefox 2013-03-13CVE-2014-3524: Apache OpenOffice Calc Command Injection Vulnerability 2014-08-21
[ MDVSA-2013:025 ] pidgin 2013-03-14CVE-2014-3575:OpenOffice Targeted Data Exposure Using Crafted OLE Objects 2014-08-21
[ MDVSA-2013:026 ] sudo 2013-03-18CVE-2014-3752 - Arbitrary Code Execution in G Data TotalProtection 2014 2014-06-25
[ MDVSA-2013:027 ] clamav 2013-03-18CVE-2014-3809: Reflected XSS in Alcatel Lucent 1830 PSS-32/16/4 2014-12-01
[ MDVSA-2013:028 ] nagios 2013-03-18CVE-2014-3863 - Stored XSS in JChatSocial 2014-07-07
[ MDVSA-2013:145 ] java-1.6.0-openjdk 2013-04-19CVE-2014-3977 - Privilege Escalation in IBM AIX 2014-06-11
[ MDVSA-2013:146 ] icedtea-web 2013-04-19CVE-2014-4138: MSIE 11 MSHTML CPaste­Command::Convert­Bitmapto­Png heap-based buffer overflow 2016-12-21
[ MDVSA-2013:147 ] libarchive 2013-04-19CVE-2014-4331 OctavoCMS reflected XSS vulnerability 2014-07-09
[ MDVSA-2013:148 ] roundcubemail 2013-04-22CVE-2014-4973 - Privilege Escalation in ESET Windows Products 2014-08-20
[ MDVSA-2013:149 ] roundcubemail 2013-04-22CVE-2014-5035 - Opendaylight Vulnerable to Local and Remote File Inclusion in the Netconf (TCP) Service 2014-08-12
[ MDVSA-2013:150 ] mysql 2013-04-22CVE-2014-5075 MitM Vulnerability in the Smack XMPP Library for Java 2014-08-05
[ MDVSA-2013:152 ] subversion 2013-04-26CVE-2014-5289 - Kolibri WebServer 2.0 Vulnerable to RCE via Overly Long POST Request 2014-08-17
[ MDVSA-2013:153 ] subversion 2013-04-26CVE-2014-5307 - Privilege Escalation in Panda Security Products 2014-08-20
[ MDVSA-2013:154 ] util-linux 2013-04-29CVE-2014-5392 XML eXternal Entity (XXE) in "JobScheduler" 2014-09-07
[ MDVSA-2013:155 ] fuse 2013-04-29CVE-2014-5439 - Root shell on Sniffit [with exploit] 2014-11-26
[ MDVSA-2013:157 ] krb5 2013-04-30CVE-2014-5516 CSRF protection bypass in "KonaKart" Java eCommerce product 2014-09-20
[ MDVSA-2013:158 ] krb5 2013-04-30CVE-2014-6616 Softing FG-100 Webui XSS 2014-11-05
[ MDVSA-2013:159 ] clamav 2013-04-30CVE-2014-6617 Softing FG-100 Backdoor Account 2014-11-05
[ MDVSA-2013:160 ] phpmyadmin 2013-05-03CVE-2014-7137 - Multiple SQL Injections in Dolibarr ERP & CRM 2014-11-19
[ MDVSA-2013:161 ] java-1.7.0-openjdk 2013-05-06CVE-2014-7952, Android ADB backup APK injection vulnerability 2015-07-10
[ MDVSA-2013:162 ] glibc 2013-05-07CVE-2014-8419 - CodeMeter Weak Service Permissions 2014-11-24
[ MDVSA-2013:163 ] glibc 2013-05-07CVE-2014-8487: Kony EMM insecurity Direct Object Reference 2015-02-22
[ MDVSA-2013:164 ] mesa 2013-05-13CVE-2014-8731 - RCE in phpMemcachedAdmin <=1.2.2 2014-11-12
[ MDVSA-2013:165 ] firefox 2013-05-15CVE-2014-8732 2014-11-12
[ MDVSA-2013:166 ] krb5 2013-05-21CVE-2014-8767 tcpdump denial of service in verbose mode using malformed OLSR payload 2014-11-18
[ MDVSA-2013:167 ] openvpn 2013-05-27CVE-2014-8768 tcpdump denial of service in verbose mode using malformed Geonet payload 2014-11-18
[ MDVSA-2013:168 ] python-httplib2 2013-05-27CVE-2014-8769 tcpdump unreliable output using malformed AOVD payload 2014-11-18
[ MDVSA-2013:169 ] socat 2013-05-29CVE-2014-8779: SSH Host keys on Pexip Infinity 2015-01-29
[ MDVSA-2013:170 ] socat 2013-05-29CVE-2014-8870: Arbitrary Redirect in Tapatalk Plugin for WoltLab Burning Board 4.0 2015-01-12
[ MDVSA-2013:171 ] gnutls 2013-05-30CVE-2014-8877 - Code Injection in Wordpress CM Download Manager plugin 2014-11-20
[ MDVSA-2013:172 ] wireshark 2013-06-12CVE-2014-9129: XSS and CSRF in CM Download Manager plugin for WordPress 2014-12-02
[ MDVSA-2013:173 ] subversion 2013-06-13CVE-2014-9215 - SQL Injection in PBBoard CMS 2014-12-04
[ MDVSA-2013:179 ] firefox 2013-06-26CVE-2015-0040: Microsoft Internet Explorer 11 MSHTML CMapElement::Notify use-after-free details 2016-11-14
[ MDVSA-2013:180 ] curl 2013-06-27CVE-2015-0050: Microsoft Internet Explorer 8 MSHTML SRunPointer::SpanQualifier/RunType OOB read details 2016-11-22
[ MDVSA-2013:181 ] mesa 2013-06-27CVE-2015-0061 and CVE-2015-0063 (MS16-009/MS16-011) 2016-02-12
[ MDVSA-2013:182 ] mesa 2013-06-27CVE-2015-0203: Apache Qpid's qpidd can be crashed by authenticated user 2015-01-13
[ MDVSA-2013:183 ] java-1.7.0-openjdk 2013-06-27CVE-2015-0223: anonymous access to qpidd cannot be prevented 2015-01-26
[ MDVSA-2013:184 ] perl-Dancer 2013-06-27CVE-2015-0224: qpidd can be crashed by unauthenticated user 2015-01-26
[ MDVSA-2013:193 ] apache 2013-07-11CVE-2015-0955 - Stored XSS in Adobe Experience Manager (AEM) 2016-02-23
[ MDVSA-2013:194 ] kernel 2013-07-11CVE-2015-1032 Kiwix Cross-Site Scripting Vulnerability 2015-01-18
[ MDVSA-2013:196 ] java-1.6.0-openjdk 2013-07-15CVE-2015-1176-xss-osticket 2015-01-22
[ MDVSA-2013:197 ] mysql 2013-07-23CVE-2015-1177-xss-exponent 2015-01-22
[ MDVSA-2013:198 ] libxml2 2013-07-24CVE-2015-1178-xss-x-cart-ecommerce 2015-01-22
[ MDVSA-2013:211 ] lcms2 2013-08-12CVE-2015-1179-xss-mango-automation-scada 2015-01-22
[ MDVSA-2013:212 ] otrs 2013-08-13CVE-2015-1180-xss-eventsentry 2015-01-22
[ MDVSA-2013:213 ] xymon 2013-08-13CVE-2015-1251: Chrome blink Speech­Recognition­Controller use-after-free details 2016-11-23
[ MDVSA-2013:214 ] python 2013-08-21CVE-2015-1574 - Google Email App 4.2.2 remote denial of service 2015-02-13
[ MDVSA-2013:215 ] cacti 2013-08-22CVE-2015-1593 - Linux ASLR integer overflow: Reducing stack entropy by four 2015-02-14
[ MDVSA-2013:219 ] libtiff 2013-08-23CVE-2015-1600 - Netatmo Weather Station Cleartext Password Leak 2015-02-13
[ MDVSA-2013:220 ] lcms 2013-08-27CVE-2015-1614 csrf/xss in in wordpress Plugin Image Metadata cruncher 2015-02-17
[ MDVSA-2013:221 ] php 2013-08-27CVE-2015-1730: MSIE jscript9 Java­Script­Stack­Walker memory corruption details and PoC 2016-12-06
[ MDVSA-2013:222 ] puppet 2013-08-27CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability) 2015-05-21
[ MDVSA-2013:223 ] asterisk 2013-08-30CVE-2015-2482 MSIE 8 jscript RegExpBase::FBadHeader use-after-free details 2016-11-16
[ MDVSA-2013:224 ] libtiff 2013-09-02CVE-2015-3251: Apache CloudStack VM Credential Exposure 2016-02-05
[ MDVSA-2013:225 ] libdigidoc 2013-09-02CVE-2015-3252: Apache CloudStack VNC authentication issue 2016-02-05
[ MDVSA-2013:226 ] roundcubemail 2013-09-05CVE-2015-3269 Apache Flex BlazeDS Insecure Xml Entity Expansion Vulnerability 2015-08-19
[ MDVSA-2013:227 ] python-setuptools 2013-09-09CVE-2015-3443 XSS in Thycotic Secret Server version 8.6.000000 to 8.8.000004 2015-06-24
[ MDVSA-2013:228 ] cacti 2013-09-10CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
[ MDVSA-2013:229 ] bzr 2013-09-10CVE-2015-4010 - Cross-site Request Forgery & Cross-site Scripting in Encrypted Contact Form Wordpress Plugin v1.0.4 2015-06-06
[ MDVSA-2013:230 ] gdm 2013-09-11CVE-2015-4038 - WordPress WP Membership plugin [Privilege escalation] 2015-06-01
[ MDVSA-2013:231 ] openswan 2013-09-12CVE-2015-4039 - WordPress WP Membership plugin [Stored XSS] 2015-06-01
[ MDVSA-2013:232 ] libmodplug 2013-09-13CVE-2015-4084 - WordPress Free Counter Plugin [Stored XSS] 2015-05-26
[ MDVSA-2013:233 ] python-OpenSSL 2013-09-13CVE-2015-4109 - WordPress Users Ultra Plugin [SQL injection] 2015-06-05
[ MDVSA-2013:234 ] python-django 2013-09-13CVE-2015-4153 - WordPress zM Ajax Login & Register Plugin [Local File Inclusion] 2015-06-04
[ MDVSA-2013:235 ] mediawiki 2013-09-16CVE-2015-4464 Insufficient Authorization Checks Request Handling Remote Authentication Bypass for Kguard Digital Video Recorders 2015-06-24
[ MDVSA-2013:236 ] subversion 2013-09-17CVE-2015-4670 - AjaxControlToolkit File Upload Directory Traversal 2015-07-13
[ MDVSA-2013:238 ] wireshark 2013-09-19CVE-2015-4674 - TimeDoctor autoupdate over plain-HTTP 2015-06-29
[ MDVSA-2013:239 ] wordpress 2013-09-19CVE-2015-5074 - Arbitrary File Upload In X2Engine Inc. X2Engine 2015-09-25
[ MDVSA-2013:240 ] glpi 2013-09-25CVE-2015-5075 - Cross-Site Request Forgery In X2Engine Inc. X2Engine 2015-09-25
[ MDVSA-2013:241 ] perl-Crypt-DSA 2013-09-25CVE-2015-5076 - Vulnerability title: Reflective XSS In X2Engine Inc. X2Engine 2015-09-25
[ MDVSA-2013:242 ] kernel 2013-09-26CVE-2015-5207 - Bypass of Access Restrictions in Apache Cordova iOS 2016-04-27
[ MDVSA-2013:244 ] davfs2 2013-09-30CVE-2015-5208 - Arbitrary plugin execution issue in Apache Cordova iOS 2016-04-27
[ MDVSA-2013:245 ] proftpd 2013-10-03CVE-2015-5255: SSRF vulnerability in Apache Flex BlazeDS 4.7.1 2015-11-23
[ MDVSA-2013:246 ] openjpa 2013-10-07CVE-2015-5344 - Apache Camel medium disclosure vulnerability 2016-01-30
[ MDVSA-2013:247 ] gnupg 2013-10-10CVE-2015-5348 - Apache Camel medium disclosure vulnerability 2015-12-17
[ MDVSA-2013:248 ] xinetd 2013-10-10CVE-2015-5372 SAML SP Authentication Bypass in nevisAuth 2015-09-21
[ MDVSA-2013:249 ] libraw 2013-10-10CVE-2015-5378 2015-11-06
[ MDVSA-2013:262 ] python-pycrypto 2013-10-28CVE-2015-5379: Axigen XSS vulnerability for html attachments 2015-07-21
[ MDVSA-2013:263 ] roundcubemail 2013-10-29CVE-2015-5603: JIRA and the HipChat For JIRA plugin - Velocity Template Injection 2015-09-02
[ MDVSA-2013:264 ] firefox 2013-10-31CVE-2015-5619 2015-11-06
[ MDVSA-2013:265 ] kernel 2013-11-10CVE-2015-5699 - Cumulus Linux's Switch Configuration Tools Backend, clcmd_server, Vulnerable to Local Privilege Escalation 2015-08-18
[ MDVSA-2013:266 ] java-1.6.0-openjdk 2013-11-19CVE-2015-6237 - Tripwire IP360 VnE Remote Administrative API Authentication Bypass/Privilege Acquisition Vulnerability 2015-10-02
[ MDVSA-2013:267 ] java-1.7.0-openjdk 2013-11-19CVE-2015-6357: Cisco FireSIGHT Management Center SSL Validation Vulnerability 2015-11-16
[ MDVSA-2013:268 ] torque 2013-11-19CVE-2015-6535: Stored XSS in YouTube Embed (WordPress plugin) allows admins to compromise super admins 2015-08-26
[ MDVSA-2013:269 ] firefox 2013-11-20CVE-2015-6576: Bamboo - Deserialisation resulting in remote code execution 2015-10-23
[ MDVSA-2013:270 ] nss 2013-11-20CVE-2015-7319 - SQL Injection in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
[ MDVSA-2013:271 ] pmake 2013-11-21CVE-2015-7320 - Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
[ MDVSA-2013:272 ] poppler 2013-11-21CVE-2015-7326 (XXE vulnerability in Milton Webdav) 2015-11-02
[ MDVSA-2013:273 ] libjpeg 2013-11-21CVE-2015-7377: Unauthenticated Reflected XSS in Pie Register WordPress Plugin 2015-10-12
[ MDVSA-2013:274 ] libjpeg 2013-11-21CVE-2015-7521: Apache Hive authorization bug disclosure (update) 2016-02-18
[ MDVSA-2013:275 ] krb5 2013-11-21CVE-2015-7521: Apache Hive authorization bug disclosure 2016-01-28
[ MDVSA-2013:276 ] curl 2013-11-21CVE-2015-7682: Multiple Blind SQL Injections in Pie Register WordPress Plugin 2015-10-12
[ MDVSA-2013:277 ] lighttpd 2013-11-21CVE-2015-7683: Absolute Path Traversal in the Font WordPress Plugin 2015-10-12
[ MDVSA-2013:278 ] samba 2013-11-21CVE-2015-7723 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver 2015-10-29
[ MDVSA-2013:287 ] drupal 2013-11-26CVE-2015-7724 - Privilege Escalation Via Symlink Attacks On POSIX Shared Memory With Insecure Permissions In AMD fglrx-driver 2015-10-29
[ MDVSA-2014:001 ] kernel 2014-01-13CVE-2015-7944, CVE-2015-7945 - Ganeti Security Advisory (DoS, Unauthenticated Info Leak) 2016-01-04
[ MDVSA-2014:002 ] bind 2014-01-16CVE-2015-8131: Kibana CSRF vulnerability 2015-11-18
[ MDVSA-2014:003 ] nrpe 2014-01-16CVE-2015-8396: GDCM buffer overflow in ImageRegionReader::ReadIntoBuffer 2016-01-11
[ MDVSA-2014:004 ] nagios 2014-01-16CVE-2015-8397: GDCM out-of-bounds read in JPEGLSCodec::DecodeExtent 2016-01-11
[ MDVSA-2014:005 ] ejabberd 2014-01-16CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input 2016-02-25
[ MDVSA-2014:006 ] libxslt 2014-01-16CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-01
[ MDVSA-2014:011 ] java-1.7.0-openjdk 2014-01-20CVE-2016-1240 - Tomcat packaging on Debian-based distros - Local Root Privilege Escalation 2016-10-26
[ MDVSA-2014:012 ] nss 2014-01-20CVE-2016-1518: GrandStream Android VoIP Phone / App Provisioning Vulnerability 2016-03-17
[ MDVSA-2014:013 ] libxfont 2014-01-21CVE-2016-1519: GrandStream Android VoIP App TLS MitM Vulnerability 2016-03-17
[ MDVSA-2014:014 ] php 2014-01-21CVE-2016-1520: GrandStream Android VoIP App Update Redirection 2016-03-17
[ MDVSA-2014:015 ] cups 2014-01-22CVE-2016-2166: Apache Qpid Proton python binding silently ignores request for 'amqps' if SSL/TLS not supported 2016-03-23
[ MDVSA-2014:016 ] spice 2014-01-22CVE-2016-2191: optipng: invalid write 2016-04-04
[ MDVSA-2014:017 ] net-snmp 2014-01-22CVE-2016-2385 Kamailio SEAS module heap buffer overflow 2016-03-30
[ MDVSA-2014:020 ] x11-server 2014-01-22CVE-2016-2783 - Avaya VOSS/VSP Release 4.1.0.0 Vulnerable to SPB Traffic traversal 2016-07-27
[ MDVSA-2014:035 ] libpng 2014-02-17CVE-2016-2784: CMS Made Simple < 2.1.3 & < 1.12.2 Web server Cache Poisoning 2016-05-04
[ MDVSA-2014:036 ] varnish 2014-02-17CVE-2016-3074: libgd: signedness vulnerability 2016-04-21
[ MDVSA-2014:038 ] kernel 2014-02-17CVE-2016-3078: php: integer overflow in ZipArchive::getFrom* 2016-04-28
[ MDVSA-2014:039 ] libgadu 2014-02-18CVE-2016-3247 Microsoft Edge CTextExtractor::GetBlockText OOB read details 2016-11-18
[ MDVSA-2014:040 ] puppet 2014-02-18CVE-2016-3672 - Unlimiting the stack not longer disables ASLR 2016-04-06
[ MDVSA-2014:045 ] libtar 2014-02-20CVE-2016-4021: pgpdump 0.29 - Endless loop parsing specially crafted input (SYSS-2016-030) 2016-04-18
[ MDVSA-2014:046 ] phpmyadmin 2014-02-21CVE-2016-4264 Adobe ColdFusion <= 11 XXE Vulnerability 2016-09-07
[ MDVSA-2014:048 ] gnutls 2014-03-10CVE-2016-4338: Zabbix Agent 3.0.1 mysql.size shell command injection 2016-05-03
[ MDVSA-2014:049 ] subversion 2014-03-10CVE-2016-4484: - Cryptsetup Initrd root Shell 2016-11-14
[ MDVSA-2014:050 ] wireshark 2014-03-10CVE-2016-6804 Apache OpenOffice Windows Installer Untrusted Search Path 2016-10-25
[ MDVSA-2014:067 ] openssl 2014-04-09CVE-2016-6809 â?? Arbitrary Code Execution Vulnerability in Apache Tikaâ??s MATLAB Parser 2016-11-10
[ MDVSA-2014:068 ] openssh 2014-04-09CVE-2016-6920 ffmpeg exr file Heap Overflow 2016-09-07
[ MDVSA-2014:069 ] perl-YAML-LibYAML 2014-04-09CVE-2016-8740, Server memory can be exhausted and service denied when HTTP/2 is used 2016-12-05
[ MDVSA-2014:070 ] yaml 2014-04-09CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom 2016-12-16
[ MDVSA-2014:071 ] yaml 2014-04-09CVE-2016-9277: A IDX Out of Bound vulnerability in systemui can make crash and ui restart 2016-11-12
[ MDVSA-2014:072 ] php-ZendFramework 2014-04-09CVE-2017-5350: Unexpected SystemUI FC driven by arbitrary application 2017-01-12
[ MDVSA-2014:073 ] file 2014-04-09CVE-2130-5680, HylaFAX+ heap overflow, unchecked network traffic. 2013-09-30
[ MDVSA-2014:075 ] php 2014-04-10CWM (dettaglio-prodotto.asp?id) Remote SQL injection Vulnerability 2011-08-30
[ MDVSA-2014:076 ] a2ps 2014-04-10CyberArk User Enumeration - Multiple vulnerabilities 2013-08-29
[ MDVSA-2014:078 ] asterisk 2014-04-16CyberCop Scanner Smbgrind v5.5 Buffer Overflow 2016-02-16
[ MDVSA-2014:079 ] json-c 2014-04-17Cyberoam advisory 2012-07-03
[ MDVSA-2014:087 ] php 2014-05-15Cyberoam Central Console v02.03.1 - Multiple Persistent Vulnerabilities 2016-04-25
[ MDVSA-2014:088 ] python-lxml 2014-05-15Cyberoam Central Console v2.00.2 - File Include Vulnerability 2012-02-07
[ MDVSA-2014:089 ] nagios 2014-05-16Cyberoam iview UTM v0.1.2.7 - (Ajax) XSS Web Vulnerability 2016-10-05
[ MDVSA-2014:091 ] cups 2014-05-16Cyberoam Unified Threat Management: Insecure Password Handling 2012-03-21
[ MDVSA-2014:092 ] cups 2014-05-16Cyberoam Unified Threat Management: OS Command Execution 2012-03-21
[ MDVSA-2014:093 ] couchdb 2014-05-16Сross-Site Request Forgery (CSRF) in TestLink 2012-09-05
[ MDVSA-2014:094 ] rxvt-unicode 2014-05-16Сross-Site Request Forgery (CSRF) in XCloner Standalone 2014-04-09
[ MDVSA-2014:095 ] struts 2014-05-16Сross-Site Request Forgery (CSRF) in XCloner Wordpress Plugin 2014-04-02
[ MDVSA-2014:096 ] python-jinja2 2014-05-16DAEMON Tools IOCTL local denial-of-service vulnerability 2011-10-17
[ MDVSA-2014:097 ] libvirt 2014-05-16Dahua DVR Authentication Bypass - CVE-2013-6117 2013-11-13
[ MDVSA-2014:098 ] rawtherapee 2014-05-16Data Center Foz (product_cat.php?CATEGORIA_ID) Remote SQL injection Vulnerability 2011-08-23
[ MDVSA-2014:099 ] dovecot 2014-05-16Data Source: Scopus CMS - SQL Injection Web Vulnerability 2015-02-26
[ MDVSA-2014:100 ] java-1.7.0-openjdk 2014-05-16Dataminas (noticias.php?categoria_id) (galeria.php?galeria_id) Remote SQL injection Vulnerability 2011-08-23
[ MDVSA-2014:101 ] owncloud 2014-05-16DataTables Security Advisory - XSS Vulnerability - CVE-2015-6584 2015-09-10
[ MDVSA-2014:102 ] mariadb 2014-05-16DataWatch Monarch BI v5.1 admin section reflected cross-site scripting 2012-07-30
[ MDVSA-2014:103 ] wordpress 2014-05-16DataWatch Monarch Business Intelligence (BI) v5.1 Admin Section Blind XPath Injection 2012-07-30
[ MDVSA-2014:104 ] egroupware 2014-05-16DataWatch Monarch Business Intelligence (BI) v5.1 admin section stored cross-site scripting 2012-07-30
[ MDVSA-2014:106 ] openssl 2014-06-09DataWatch Monarch Business Intelligence (BI) v5.1 Blind SQL injection 2012-07-30
[ MDVSA-2014:107 ] libtasn1 2014-06-09DataWatch Monarch Business Intelligence (BI) v5.1 client section stored cross-site scripting 2012-07-30
[ MDVSA-2014:108 ] gnutls 2014-06-09Datriks Solutions (prodotto.php?id) (dettaglio_socio.php?id) Remote SQL injection Vulnerability 2011-08-28
[ MDVSA-2014:109 ] gnutls 2014-06-09David Black (dblack atlassian com) 
[ MDVSA-2014:110 ] curl 2014-06-10Dawid Golunski (dawid legalhackers com) 
[ MDVSA-2014:111 ] otrs 2014-06-10DbNinja 3.2.6 Flash XSS Vulnerabilities 2015-05-28
[ MDVSA-2014:112 ] python-django 2014-06-10DC4420 - 2013 CFP 2013-01-16
[ MDVSA-2014:118 ] emacs 2014-06-10DC4420 - London DEFCON - 13 December 2011 2011-12-08
[ MDVSA-2014:119 ] mediawiki 2014-06-10DC4420 - London DEFCON - 24 January 2012 2012-01-20
[ MDVSA-2014:120 ] miniupnpc 2014-06-10DC4420 - London DEFCON - April meet - Tuesday 23rd April 2013 2013-04-18
[ MDVSA-2014:121 ] libgadu 2014-06-10DC4420 - London DEFCON - April meet - Tuesday April 24th 2012 2012-04-20
[ MDVSA-2014:124 ] kernel 2014-06-13DC4420 - London DEFCON - August Meet - Tuesday 27th August 2013 2013-08-26
[ MDVSA-2014:126 ] phpmyadmin 2014-07-08DC4420 - London DEFCON - February meet - Tuesday February 21st 2012 2012-02-20
[ MDVSA-2014:127 ] gnupg 2014-07-09DC4420 - London DEFCON - January 2013 meet. Tuesday 29th January 2013 2013-01-23
[ MDVSA-2014:128 ] iodine 2014-07-09DC4420 - London DEFCON - January meet - Tuesday 28th January 2014 2014-01-27
[ MDVSA-2014:129 ] ffmpeg 2014-07-09DC4420 - London DEFCON - July meet - Tuesday 19th July 2011 2011-07-13
[ MDVSA-2014:130 ] php 2014-07-09DC4420 - London DEFCON - July meet - Tuesday July 17th 2012 2012-07-16
[ MDVSA-2014:131 ] file 2014-07-09DC4420 - London DEFCON - June meet - Lightning Talks!!! - Tuesday 25th June 2013 2013-06-21
[ MDVSA-2014:132 ] libxfont 2014-07-09DC4420 - London DEFCON - June meet - Tuesday 21st June 2011 2011-06-14
[ MDVSA-2014:133 ] gd 2014-07-10DC4420 - London DEFCON - June meet - Tuesday June 19th 2012 2012-06-18
[ MDVSA-2014:134 ] liblzo 2014-07-10DC4420 - London DEFCON - March meet - Tuesday 26th March 2013 2013-03-22
[ MDVSA-2014:135 ] python 2014-07-10DC4420 - London DEFCON - May meet - Tuesday 28th May 2013 2013-05-26
[ MDVSA-2014:138 ] asterisk 2014-07-11DC4420 - London DEFCON - May meet - Tuesday May 22nd 2012 2012-05-21
[ MDVSA-2014:139 ] nss 2014-07-29DC4420 - London DEFCON - November 2011 meet - Tuesday 15th November 2011-11-09
[ MDVSA-2014:140 ] owncloud 2014-07-29DC4420 - London DEFCON - November meet - Tuesday 20th November 2012-11-16
[ MDVSA-2014:141 ] java-1.7.0-openjdk 2014-07-29DC4420 - London DEFCON - October meet - tomorrow, Tuesday 23rd October. 2012-10-22
[ MDVSA-2014:143 ] phpmyadmin 2014-07-30DC4420 - London DEFCON - October meet - Tuesday October 18th 2011 2011-10-14
[ MDVSA-2014:144 ] live 2014-07-30DC4420 (DefCon London) meeting next Tuesday, 26th November 2013 2013-11-21
[ MDVSA-2014:147 ] sendmail 2014-07-31DDIVRT-2011-32 Axway SecureTransport '/icons/' Directory Traversal 2011-08-29
[ MDVSA-2014:148 ] dbus 2014-07-31DDIVRT-2011-33 IBM WebSphere Application Server 'help' Servlet Plug-in Bundle Directory Traversal [CVE-2011-1359] 2011-10-31
[ MDVSA-2014:149 ] php 2014-08-06DDIVRT-2011-34 Metropolis Technologies OfficeWatch Directory Traversal 2011-10-03
[ MDVSA-2014:151 ] cups 2014-08-06DDIVRT-2011-35 Cisco Unified Contact Center Express Directory Traversal [CVE-2011-3315] 2011-10-26
[ MDVSA-2014:152 ] glibc 2014-08-06DDIVRT-2011-36 Cybele Software, Inc. ThinVNC Product Suite Arbitrary File Retrieval 2011-10-03
[ MDVSA-2014:153 ] mediawiki 2014-08-06DDIVRT-2011-37 HP JetDirect Device Page Directory Traversal (CVE-2011-4785) 2012-01-09
[ MDVSA-2014:154 ] readline 2014-08-06DDIVRT-2011-38 KnowledgeTree login.php Blind SQL Injection 2011-12-07
[ MDVSA-2014:157 ] ipython 2014-08-08DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass 2012-01-23
[ MDVSA-2014:158 ] openssl 2014-08-08DDIVRT-2012-40 PacketVideo TwonkyServer and TwonkyMedia Directory Traversal 2012-04-26
[ MDVSA-2014:159 ] wireshark 2014-08-08DDIVRT-2012-41 ACTi Web Configurator cgi-bin Directory Traversal 2012-04-26
[ MDVSA-2014:160 ] gpgme 2014-09-02DDIVRT-2012-42 Novell GroupWise Agents Arbitrary File Retrieval (CVE-2012-0419) 2012-09-21
[ MDVSA-2014:161 ] subversion 2014-09-02DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass 2012-05-29
[ MDVSA-2014:162 ] catfish 2014-09-02DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection 2012-05-16
[ MDVSA-2014:163 ] python-imaging 2014-09-02DDIVRT-2013-50 EverFocus EPARA264-16X1 Directory Traversal 2013-03-15
[ MDVSA-2014:164 ] phpmyadmin 2014-09-02DDIVRT-2013-51 DALIM Dialog Server 'logfile' Local File Inclusion 2013-03-06
[ MDVSA-2014:165 ] krb5 2014-09-02DDIVRT-2013-53 Actuate 'ActuateJavaComponent' Multiple Vulnerabilities 2013-05-09
[ MDVSA-2014:166 ] serf 2014-09-02Debut issue of Web App Pentesting Magazine - Free Download! 2011-11-22
[ MDVSA-2014:167 ] file 2014-09-02dedacom (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-16
[ MDVSA-2014:168 ] libvncserver 2014-09-02DeepSec "Sector v6" - Call for Papers 2012-02-26
[ MDVSA-2014:169 ] bugzilla 2014-09-02DeepSec 2011 Conference - Final Schedule Published 2011-09-29
[ MDVSA-2014:170 ] jakarta-commons-httpclient 2014-09-02DEF CON 20 Capture the Flag Announcement 2012-02-06
[ MDVSA-2014:171 ] dhcpcd 2014-09-02DEFCON London - DC4420 - June CFP - Lightning talks!!! - Tuesday 25th June 2013 2013-06-07
[ MDVSA-2014:172 ] php 2014-09-03Defense in depth -- the Microsoft way (part 11): privilege escalation for dummies 2013-10-01
[ MDVSA-2014:173 ] busybox 2014-09-03Defense in depth -- the Microsoft way (part 15): unquoted arguments in 120 (of 462) command lines 2014-05-28
[ MDVSA-2014:174 ] apache 2014-09-04Defense in depth -- the Microsoft way (part 22): no DEP in Windows' filesystem (and ASLR barely used) 2014-11-27
[ MDVSA-2014:180 ] gnupg 2014-09-22Defense in depth -- the Microsoft way (part 23): two quotes or not to quote... 2014-12-13
[ MDVSA-2014:190 ] bash 2014-09-26Defense in depth -- the Microsoft way (part 26): "Set Program Access and Computer Defaults" hides applications like Outlook 2014-12-30
[ MDVSA-2014:194 ] phpmyadmin 2014-10-03Defense in depth -- the Microsoft way (part 28): yes, we can (create even empty, but properly quoted pathnames) 2015-02-19
[ MDVSA-2014:195 ] libvirt 2014-10-03Defense in depth -- the Microsoft way (part 32): yet another (trivial) UAC bypass resp. privilege escalation 2015-09-04
[ MDVSA-2014:213 ] curl 2014-11-18Defense in depth -- the Microsoft way (part 33): arbitrary code execution (and UAC bypass) via RegEdit.exe 2015-09-08
[ MDVSA-2014:214 ] dbus 2014-11-18Defense in depth -- the Microsoft way (part 35): Windows Explorer ignores "Run as administrator" ... 2015-09-19
[ MDVSA-2014:216 ] php-ZendFramework 2014-11-20Defense in depth -- the Microsoft way (part 38): does Microsoft follow their own security guidance/advisories? 2016-01-15
[ MDVSA-2014:217 ] clamav 2014-11-20Defense in depth -- the Microsoft way (part 39): vulnerabilities, please meet the bar for security servicing 2016-03-15
[ MDVSA-2014:218 ] asterisk 2014-11-21Defense in depth -- the Microsoft way (part 4) 2013-07-22
[ MDVSA-2014:219 ] srtp 2014-11-21Defense in depth -- the Microsoft way (part 41): vulnerable by (poor implementation of bad) design 2016-07-23
[ MDVSA-2014:220 ] qemu 2014-11-21Defense in depth -- the Microsoft way (part 42): Sysinternals utilities load and execute rogue DLLs from %TEMP% 2016-08-11
[ MDVSA-2014:221 ] php-smarty 2014-11-21Defense in depth -- the Microsoft way (part 44): complete failure of Windows Update 2016-10-20
[ MDVSA-2014:222 ] libvirt 2014-11-21Defense in depth -- the Microsoft way (part 45): filesystem redirection fails to redirect the application directory 2016-10-20
[ MDVSA-2014:223 ] wireshark 2014-11-21Defense in depth -- the Microsoft way (part 7): executable files in data directories 2013-08-17
[ MDVSA-2014:224 ] krb5 2014-11-21Defense in depth -- the Microsoft way (part 8): execute everywhere! 2013-08-24
[ MDVSA-2014:227 ] ffmpeg 2014-11-25Defense in depth -- the Microsoft way 2013-05-19
[ MDVSA-2014:229 ] libvncserver 2014-11-26DefenseCode Security Advisory (UPCOMING): Cisco Linksys Remote Preauth 0day Root Exploit 2013-01-10
[ MDVSA-2014:230 ] kernel 2014-11-27DefenseCode Security Advisory: Broadcom UPnP Remote Preauth Root Code Execution Vulnerability 2013-01-31
[ MDVSA-2014:231 ] icecast 2014-11-27DefenseCode Security Advisory: Cisco Linksys Remote Preauth 0day Root Exploit Follow-Up 2013-02-06
[ MDVSA-2014:232 ] glibc 2014-11-27Dell IT Assistant detectIESettingsForITA.ocx ActiveX Control readRegVal() Remote Registry Dump Vulnerability 2011-07-13
[ MDVSA-2014:233 ] wordpress 2014-11-27Dell Kace 1000 SMA 5.4.742 - SQL Injection Vulnerabilities 2013-07-22
[ MDVSA-2014:234 ] libksba 2014-11-28Dell Kace 1000 SMA v5.4.70402 - Persistent Vulnerabilities 2013-07-16
[ MDVSA-2014:235 ] perl-Plack 2014-11-28Dell Netvault Backup Remote Denial of Service 2015-07-30
[ MDVSA-2014:236 ] file 2014-11-28Dell PacketTrap MSP RMM 6.6.x - Multiple Persistent Web Vulnerabilities 2013-07-18
[ MDVSA-2014:237 ] perl-Mojolicious 2014-11-28DELL Scrutinizer v12.0.3 - Persistent Software Vulnerability 2015-12-22
[ MDVSA-2014:238 ] bind 2014-12-13Dell SecureWorks iOS Application - MITM SSL Certificate Vulnerability 2016-02-03
[ MDVSA-2014:239 ] flac 2014-12-14Dell SonicWall EMail Security Appliance Application v7.4.5 - Multiple Vulnerabilities 2014-03-27
[ MDVSA-2014:242 ] yaml 2014-12-14Dell SonicWall NetExtender Unquoted Autorun Privilege Escalation 2015-08-24
[ MDVSA-2014:243 ] phpmyadmin 2014-12-14Dell Webcam Software Bundled ActiveX Control CrazyTalk4Native.dll sprintf Remote Buffer Overflow Vulnerability 2012-03-19
[ MDVSA-2014:244 ] openafs 2014-12-14Dennis E. Hamilton (orcmid apache org) 
[ MDVSA-2014:245 ] mutt 2014-12-14DenyHosts 'regex.py' Remote Denial of Service Vulnerability
[ MDVSA-2014:246 ] openvpn 2014-12-14Department of Transport UK - SQL Injection Vulnerability 2013-08-29
[ MDVSA-2014:247 ] jasper 2014-12-14Detailed examples of two vulnerabilities in whitelisting software: SE46 (Cryptzone) and Application Control (McAfee) 2013-01-10
[ MDVSA-2014:248 ] graphviz 2014-12-14Details for CVE-2014-0220 2014-06-05
[ MDVSA-2014:249 ] qemu 2014-12-14Deutsche Telekom CERT Advisory [DTC-A-20140324-002] update140328 - vulnerabilities in check_mk 2014-03-28
[ MDVSA-2014:250 ] cpio 2014-12-14Deutsche Telekom CERT Advisory [DTC-A-20140820-001] check_mk vulnerabilities 2014-08-20
[ MDVSA-2014:251 ] rpm 2014-12-14Device Inspector v1.5 iOS - Command Inject Vulnerabilities 2015-08-07
[ MDVSA-2014:252 ] nss 2014-12-15Dexanet Remote SQL injection Vulnerability 2011-08-30
[ MDVSA-2014:253 ] apache-mod_wsgi 2014-12-15DIMVA 2013 - Extended deadline for paper submission: February 17, 2013! 2013-02-07
[ MDVSA-2015:001 ] c-icap 2015-01-05Dir2web3 Mutiple Vulnerabilities 2012-08-05
[ MDVSA-2015:002 ] pcre 2015-01-05Directadmin ControlPanel 1.50.0 Version Xss Vulnerability 2016-04-09
[ MDVSA-2015:003 ] ntp 2015-01-05Directadmin ControlPanel 1.50.0 Version Xss Vulnerability 2016-04-10
[ MDVSA-2015:004 ] php 2015-01-05Directadmin ControlPanel 1.50.1 Cross-Site-Scripting Vulnerability 2017-01-10
[ MDVSA-2015:005 ] subversion 2015-01-05Directadmin ControlPanel 1.50.1 denial of service Vulnerability 2017-01-10
[ MDVSA-2015:006 ] mediawiki 2015-01-08DirectAdmin v1.403 - Cross Site Scripting Vulnerability 2012-04-02
[ MDVSA-2015:007 ] unrtf 2015-01-08DirectAdmin v1.403 - Multiple Cross Site Vulnerabilities 2012-04-26
[ MDVSA-2015:008 ] pwgen 2015-01-08Directory Traversal Vulnerability in ColoradoFTP v1.3 Prime Edition (Build 8) 2016-08-11
[ MDVSA-2015:009 ] krb5 2015-01-08dirtycow dirtcow ninja 
[ MDVSA-2015:010 ] file 2015-01-08Disassembling .NET Client Challenge 2011-09-09
[ MDVSA-2015:011 ] nail 2015-01-08Distimo Monitor 6.0 - Multiple Cross Site Vulnerabilities 2012-08-01
[ MDVSA-2015:012 ] jasper 2015-01-08DIY CMS v1.0 Poll - Multiple Web Vulnerabilities 2012-04-26
[ MDVSA-2015:013 ] znc 2015-01-08Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability 2016-04-14
[ MDVSA-2015:014 ] libjpeg 2015-01-08Django CMS v3.2.3 - Filter Bypass & Persistent Vulnerability 2016-04-25
[ MDVSA-2015:015 ] sox 2015-01-08D-Link and TRENDnet 'ncc2' service - multiple vulnerabilities 2015-02-26
[ MDVSA-2015:016 ] unzip 2015-01-08D-Link DAP-1320 Wireless Range Extender Directory Traversal and XSS Vulnerabilities 2014-04-17
[ MDVSA-2015:017 ] libevent 2015-01-08Dlink DGL5500 Un-Authenticated Buffer overflow in HNAP functionality 2015-11-13
[ MDVSA-2015:018 ] asterisk 2015-01-08Dlink DIR-601 Command injection in ping functionality 2015-11-13
[ MDVSA-2015:020 ] libssh 2015-01-12D-Link DIR-601 TFTP Directory Traversal Vulnerability 2012-01-25
[ MDVSA-2015:021 ] curl 2015-01-12Dlink DIR-615 Authenticated Buffer overflow in Ping and Send email functionality 2015-11-13
[ MDVSA-2015:022 ] wireshark 2015-01-12Dlink DIR-645 UPNP Buffer Overflow 2015-11-13
[ MDVSA-2015:023 ] libvirt 2015-01-15Dlink DIR-815 Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
[ MDVSA-2015:024 ] libsndfile 2015-01-15Dlink DIR-817LW Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
[ MDVSA-2015:025 ] mpfr 2015-01-15Dlink DIR-818W Buffer overflows and Command injection in authentication and HNAP functionalities 2015-11-13
[ MDVSA-2015:026 ] untrf 2015-01-15Dlink DIR-825 (vC) Buffer overflows in authentication,HNAP and ping functionalities and also directory traversal issue exists 2015-11-13
[ MDVSA-2015:027 ] kernel 2015-01-16Dlink DIR-866L Buffer overflows in HNAP and send email functionalities 2015-11-13
[ MDVSA-2015:039 ] glibc 2015-02-10Dlink DIR-880L Buffer overflows in authenticatio and HNAP functionalities. 2015-11-13
[ MDVSA-2015:040 ] zarafa 2015-02-10Dlink DIR-890L/R Buffer overflows in authentication and HNAP functionalities. 2015-11-13
[ MDVSA-2015:041 ] cabextract 2015-02-10D-Link DIR-XXX remote root access exploit. 2013-12-02
[ MDVSA-2015:042 ] clamav 2015-02-10D-Link DSP-W110 - multiple vulnerabilities 2015-06-11
[ MDVSA-2015:043 ] otrs 2015-02-10D-Link SecuriCam DCS-5605 Network Surveillance ActiveX Control DcsCliCtrl.dll lstrcpyW Remote Buffer Overflow Vulnerability 2012-03-28
[ MDVSA-2015:044 ] perl-Gtk2 2015-02-12Dlink SSDP command injection using UDP for a lot of Dlink routers including DIR-815, DIR-850L 2015-11-13
[ MDVSA-2015:045 ] e2fsprogs 2015-02-12D-link wireless router DIR-816L Cross-Site Request Forgery (CSRF) vulnerability 2015-11-14
[ MDVSA-2015:046 ] ntp 2015-02-12DLL side loading vulnerability in VMware Host Guest Client Redirector 2016-08-05
[ MDVSA-2015:047 ] elfutils 2015-02-12DNN (DotNetNuke®) ASPSlideshow Module Arbitrary File Download Vulnerability 2014-06-09
[ MDVSA-2015:048 ] postgresql 2015-02-12DNN (DotNetNuke®) CodeEditor Module Arbitrary File Download Vulnerability 2014-06-09
[ MDVSA-2015:049 ] cups 2015-03-02DNN (DotNetNuke®) dnnUI_NewsArticlesSlider Module Arbitrary File Download Vulnerability 2014-06-09
[ MDVSA-2015:052 ] tomcat 2015-03-03DNN (DotNetNuke®) EasyDnnGallery Module Arbitrary File Download Vulnerability 2014-06-09
[ MDVSA-2015:054 ] bind 2015-03-04DNN (DotNetNuke®) eventscalendar Module Arbitrary File Download Vulnerability 2014-06-09
[ MDVSA-2015:055 ] freetype2 2015-03-04DNN (DotNetNuke®) responsivesidebar Module Arbitrary File Download Vulnerability 2014-06-09
[ PayPal ] : 36View yourDNN(DotNetNuke®) Iconbar Control Panel Bad Access Level config 2014-08-25
[ PayPal ] : 39View yourDNN(DotNetNuke®) Ribbon Bar Control Panel Bad Access Level config 2014-08-25
[ PayPal ] : View your recentDNS Poisoning via Port Exhaustion 2011-10-18
[ Paypal ] Your account willdns_dhcp Web Interface SQL Injection 2016-05-14
[ WELLS FARGO ] IMPORTANTDocebo LMS 6.9 - (Moxie) API Calls RST Remote Code Execution Vulnerability 2016-08-02
[#9384-BDA]Docker 1.3.2 - Security Advisory [24 Nov 2014] 2014-11-24
[0day] net2ftp multiple XSS on unauthenticated users 2016-08-05Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities 2016-03-31
[2.0 Update] Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability 2012-08-15Docker UI v0.10.0 - Multiple Persistent Vulnerabilities 2016-03-31
[2.0 Update] Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability 2013-05-08Dogma India dogmaindia CMS - Auth Bypass Vulnerability 2015-08-28
[2.0 Update] Cisco Security Advisory: Multiple Vulnerabilities in Cisco AnyConnect Secure Mobility Client 2012-09-19DokuWiki Ver.2012/01/25 CSRF Add User Exploit 2012-04-17
[AMPLIA-ARA100614] OS X Gatekeeper Bypass Vulnerability 2015-01-28Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities 2012-02-10
[ANN] Apache Struts 2.3.20 GA release available with security fix 2014-12-08Dolibarr CMS v3.2.0 Alpha - SQL Injection Vulnerabilities 2012-02-10
[ANN] MSKB 3004375 available for Windows 2000 and later too (but NOT from Mcirosoft) 2015-02-11Dolphin <= 7.0.7 (member_menu_queries.php) Remote PHP Code Injection 2011-10-18
[ANN] Struts 2.3.14.1 GA (fast track | security) 2013-05-23Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities 2012-02-20
[ANN] Struts 2.3.14.3 GA (fast-track) release available 2013-06-05DomsHttpd 1.0 <= Remote Denial Of Service 2012-07-17
[ANN] Struts 2.3.15.2 GA release available - security fix 2013-09-21DoodleIT (gallery.php?id) (about.php?id) Remote SQL injection Vulnerability 2011-08-13
[ANN] Struts 2.3.16.1 GA release available - security fix 2014-03-06DornCMS Application v1.4 - Multiple Web Vulnerabilities 2013-10-15
[ANN] Struts 2.3.16.2 GA release available - security fix 2014-04-26DornCMS v1.4 - (FileManager) Persistent Cross Site Scripting Vulnerability 2016-07-27
[Annoucement] ClubHack Magazine - Call for Articles 2011-06-13Dorsa Web CMS - Multiple SQL Injection Vulnerabilities 2016-03-31
[Annoucement] ClubHack Magazine - Call for Articles 2011-07-13DoS attacks (ICMPv6-based) resulting from IPv6 EH drops 2014-08-22
[Annoucement] ClubHack Magazine - Call for Articles 2011-08-15DotComEgypt (products.php?cat_id) Remote SQL injection Vulnerability 2011-07-26
[Announce] Apache HTTP Server 2.2.22 Released 2012-01-31dotDefender Firewall CSRF 2016-02-10
[ANNOUNCE] Apache Traffic Server releases for security incident CVE-2012-0256 2012-03-22Dow Group (dynamic.php?id) (sub.php?solutioncat_id) (news_desc.php?id) (product.php?id) Remote SQL injection Vulnerability 2011-07-27
[ANNOUNCE] CVE-2014-3576 - Apache ActiveMQ vulnerabilities 2015-11-06Download Lite v4.3 iOS - Persistent File Web Vulnerability 2013-07-19
[ANNOUNCE][CVE-2016-0779] Apache TomEE 1.7.4 and 7.0.0-M3 releases 2016-03-15Downloads Folder: A Binary Planting Minefield 2012-02-17
[ANNOUNCE][CVE-2016-6802] Apache Shiro 1.3.2 released 2016-09-13dpconsulenze (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-16
[Announcement] ClubHack 2011 Hacking and Security Conference 2011-11-13Dr. Web Control Center Admin UI Remote Script Code Injection 2012-07-30
[Announcement] ClubHack Mag - Call for Articles 2012-01-16DRAM unreliable under specific access patern 2014-12-24
[Announcement] ClubHack Mag - Call for Articles 2012-02-11Dreammail 5 mail client XSS Vulnerability 2016-07-22
[Announcement] ClubHack Mag - Call for Articles 2012-03-16Dropbear SSH server use-after-free vulnerability 2012-02-24
[Announcement] ClubHack Mag Issue 20- September 2011 Released 2011-09-05Dropbox 6.4.14 DLL Hijacking Vulnerability 2016-07-26
[Announcement] ClubHack Mag Issue 21- October 2011 Released 2011-10-10Drupal 7.14 <= Full Path Disclosure Vulnerability (Update) 2012-05-10
[Announcement] ClubHack Mag Issue 22- Nov 2011 Released 2011-11-13Drupal 7.14 <= Full Path Disclosure Vulnerability 2012-05-10
[Announcement] ClubHack Mag Issue 24-Jan 2012 Released 2012-01-13Drupal CKEditor 3.0 - 3.6.2 - Persistent EventHandler XSS 2012-01-18
[Announcement] ClubHack Magazine - Call for Articles 2011-09-12Drupal Node View Permissions module and Flag module Vulnerabilities 2013-08-29
[Announcement] ClubHack Magazine - Call for Articles 2011-10-17DS3 Authentication Server - Multiple Issues 2013-06-01
[Announcement] ClubHACK Magazine Issue 17-June 2011 released 2011-06-09DSECRG-11-023 SAP NetWeaver SLD - Information Disclosure 2011-06-27
[Announcement] ClubHack Magazine Issue 18-July2011 Released 2011-07-12DSS TFTP 1.0 Server - Path Traversal Vulnerability 2015-02-26
[Announcement] ClubHack Magazine Issue 29, June 2012 Released 2012-06-20DUO Security push Timing Attack 2015-06-18
[Announcement] ClubHack Magazine's Aug 2012 Issue Released 2012-08-14Duplicator Wordpress Plugin - Source Code And Database Dump Via CSRF Vulnerability 2016-02-10
[Announcement] ClubHack Magazine's July 2012 Issue Released 2012-07-19DW Question Answer Stored XSS Vulnerability 2016-03-11
[Announcement] ClubHack Magazine's Sept 2012 Issue Out 2012-09-20EarthVPN certificate configuration vulnerabilities 2013-09-17
[Announcement] CHMag - Call for Articles 2012-09-25Easy Blog by JM LLC - Multiple Vulnerabilities 2013-07-24
[Announcement] CHMag's Issue 28, May 2012 Released 2012-05-21Easy file sharing web server - persist XSS in forum msgs 2014-07-25
[Apple] Check your informationEasy FileManager 1.1 iOS - Multiple Web Vulnerabilities 2014-03-27
[BGA - SignalSEC Advisory]:Adobe Shockwave Player Remote Code Execution 2011-06-14Easy FTP Pro v4.2 iOS - Command Inject Vulnerabilities 2014-08-07
[BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE] 2012-10-31Easy Hosting Control Panel (EHCP) - Multiple Vulnerabilities 2016-03-30
[CAL-2011-0052]Adobe Shockwave Player Director File Parsing PAMM memory corruption vulnerability 2011-11-09Easy Social Share Buttons for WordPress XSS Vulnerability 2016-04-23
[CAL-2011-0054]Adobe Shockwave Player Director File Parsing data of rcsl chunk multiple DOS vulnerabilities 2011-11-09EasyContent CMS (participant.php?id) Remote SQL injection Vulnerability 2011-08-05
[CAL-2011-0055]Adobe Shockwave Player Parsing block_cout memory corruption vulnerability 2012-02-15eBank IT Online Banking - Multiple Web Vulnerabilities 2012-01-28
[CAL-2011-0071]Adobe Shockwave Player Parsing cupt atom heap overflow 2012-02-15Ebay Inc (Pages) - Client Side Cross Site Scripting Vulnerabilities 2016-02-08
[CAL-2012-0004] opera array integer overflow 2012-02-02Ebay Inc Magento Bug Bounty #5 - Persistent Validation & Mail Encoding Web Vulnerability 2015-02-17
[CAL-2012-0015] opera website spoof 2012-06-14Ebay Inc Magento ProStore CP #4 - Filter Validation Bypass & Persistent (Payment Information) Vulnerability 2014-08-04
[CAL-2012-0023]Microsoft IE Developer Toolbar Remote Code Execution Vulnerability 2012-06-13Ebay Magento Bug Bounty #10 - Persistent Filename Vulnerability 2015-06-19
[CAL-2012-0026] Microsfot IE Same ID Property Remote Code Execution Vulnerability 2012-06-13Ebay Magento Bug Bounty #12 - Cross Site Request Forgery Web Vulnerability 2015-06-19
[CERT 777024 / CVE-2016-1524/5]: RCE and file download in Netgear NMS300 2016-02-04Ebay Magento Bug Bounty #14 - Persistent Description Vulnerability 2015-07-01
[CFP] Hacktivity 2014 CFP is open 2014-06-16Ebay Magento Bug Bounty #17 - Client Side Cross Site Scripting Web Vulnerability 2015-06-19
[CISTI'2014]: Call for Workshops 2013-10-13Ebay Magento Bug Bounty #2 - Persistent Web Vulnerability 2016-01-27
[CORE-2013-0103] Mac OSX Server DirectoryService buffer overflow 2013-06-04eClinicalWorks (CCMR) - Multiple Vulnerabilities 2016-01-31
[CORE-2013-0805] Aloaha PDF Suite Buffer Overflow Vulnerability 2013-08-28ECommerceMajor SQL Injection Vulnerability 2015-12-13
[CORE-2013-0809] Sophos Web Protection Appliance Multiple Vulnerabilities 2013-09-06Ecwid Ecommerce Shopping Cart WordPress Plugin unauthenticated PHP Object injection vulnerability 2016-08-05
[CORE-2014-0003] - SAP Router Password Timing Attack 2014-04-16Edimax BR-6478AC & Others Multiple Vulnerabilites 2015-12-07
[CORE-2014-0005] - Advantech WebAccess Vulnerabilities 2014-09-02Editel (news-dettaglio.php?id) Remote SQL injection Vulnerability 2011-09-03
[CORE-2014-0006] - Delphi and C++ Builder VCL library Heap Buffer Overflow 2014-09-16Edusson (Robotdon) - Client Side Cross Site Scripting Vulnerability 2016-11-07
[CORE-2014-0008] - Advantech AdamView Buffer Overflow 2014-11-19Edusson (Robotdon) BB - Filter Bypass & Persistent Vulnerability 2016-11-07
[CORE-2014-0009] - Advantech EKI-6340 Command Injection 2014-11-19eFront <= 3.6.10 (build 11944) Multiple Security Vulnerabilities 2011-10-27
[CORE-2014-0010] - Advantech WebAccess Stack-based Buffer Overflow 2014-11-19eFront 3.6.15.6 CMS â?? (Message Attachment) Persistent Cross Site Scripting Vulnerability 2016-02-24
[CORE-2015-0002] - Android WiFi-Direct Denial of Service 2015-01-26eFront Educational v3.6.11 - Multiple Web Vulnerabilities 2012-09-04
[CORE-2015-0010] - Sendio ESP Information Disclosure Vulnerability 2015-05-22eFront Enterprise v3.6.11 - Multiple Web Vulnerabilities 2012-09-04
[CORE-2015-0011] - AirLink101 SkyIPCam1620W OS Command Injection 2015-07-08eFronts Community++ v3.6.10 - Cross Site Vulnerability 2012-02-07
[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities 2015-09-01ECHO Creative Company (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-16
[CORE-2015-0014] - Microsoft Windows Media Center link file incorrectly resolved reference 2015-12-09Echosign Plugin for WordPress XSS Vulnerability 2016-04-23
[CORE-2016-0001] - Intel Driver Update Utility MiTM 2016-01-19Eight Webcom CMS (2016 Q2) - SQL Injection Vulnerability 2016-04-07
[CORE-2016-0002] - Lenovo ShareIT Multiple Vulnerabilities 2016-01-25Eisbär SCADA (All Versions - iOS, Android & W8) - Persistent UI Vulnerability 2015-05-20
[CORE-2016-0003] - Samsung SW Update Tool MiTM 2016-03-09Eissing Stefan (stefan eissing gmail com) 
[CORE-2016-0004] - SAP Download Manager Password Weak Encryption 2016-03-09E-Journal CMS (ID) - Multiple Web Vulnerabilities 2014-12-18
[CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow 2016-03-16Ektron CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-009 2012-09-05
[CORE-2016-0006] - SAP CAR Multiple Vulnerabilities 2016-08-10Ektron CMS 9.10 SP1 - CSRF Vulnerability 2015-05-31
[CORE-2016-0007] - TP-LINK TDDP Multiple Vulnerabilities 2016-11-22Ektron CMS 9.10 SP1 - XSS Vulnerability 2015-05-31
[Corrected] Stored XSS Vulnerability in F5 BIG-IP Application Security Manager 2015-01-13Ektron CMS Take Over - Hijacking Accounts 2014-01-30
[CTF] nullcon HackIM 2014 will start at 24-01-2014, when the clock will strike at 11:59 (+5:30 GMT) 2014-01-24Elasticsearch CVE-2015-5377 2015-07-16
[CVE- Requested][Vembu Storegrid - Multiple Critical Vulnerabilities] 2014-08-04Elasticsearch CVE-2015-5531 2015-07-16
[CVE-2011-2569] Cisco Nexus OS (NX-OS) - Command "injection" / sanitization issues. 2011-10-22Elasticsearch vulnerability CVE-2014-6439 2014-10-02
[CVE-2011-2712] Apache Wicket XSS vulnerability 2011-08-23Elasticsearch vulnerability CVE-2015-1427 2015-02-11
[CVE-2011-3645] Multiple vulnerability in Newgen's Omnidocs 2011-09-26Elasticsearch vulnerability CVE-2015-4165 2015-06-09
[CVE-2012-0047] Apache Wicket XSS vulnerability via pageMapName request parameter 2012-03-22Elasticsearch vulnerability CVE-2015-4165 2015-11-06
[CVE-2012-0694] SugarCRM CE <= 6.3.1 "unserialize()" PHP Code Execution 2012-06-23Elasticsearch vulnerability CVE-2015-5377 2015-11-05
[CVE-2012-0694] SugarCRM CE <= 6.3.1 "unserialize()" PHP Code Execution 2012-06-26Elastix PBX Extensions Enumeration 2011-10-01
[CVE-2012-0911] Tiki Wiki CMS Groupware <= 8.3 "unserialize()" PHP Code Execution 2012-07-04Elcom CMS - Community Manager Insecure File Upload Vulnerability - Security Advisory - SOS-12-008 2012-08-23
[CVE-2012-1002] OpenConf <= 4.11 (author/edit.php) Blind SQL Injection Vulnerability 2012-05-02Elefant CMS v1.3.9 - Persistent Name Update Vulnerability 2014-12-16
[CVE-2012-1089] Apache Wicket serving of hidden files vulnerability 2012-03-22Elevation of Privilege Vulnerability in MediaTek Driver ( CVE-2016-6492) 2016-07-30
[CVE-2012-1574] Apache Hadoop user impersonation vulnerability 2012-04-06Eleytt Research ER-03-2012 2012-03-08
[CVE-2012-1622] Apache OFBiz information disclosure vulnerability 2012-04-15Elgg 1.7.10 <= | Multiple Vulnerabilities 2011-08-18
[CVE-2012-2098] Apache Commons Compress and Apache Ant denial of service vulnerability 2012-05-23Elgg 1.7.9 <= | Multiple Cross Site Scripting Vulnerabilities 2011-07-30
[CVE-2012-2273] Comodo Internet Security <5.10 BSOD (Win7 x64) 2012-04-19Ellucian Banner Student Vulnerability Disclosure 2015-12-02
[CVE-2012-3238] Astaro Security Gateway <= v8.304 Persistent Cross-Site Scripting Vulnerability 2012-06-10elproLOG MONITOR WebAccess 2.1 - Multiple Web Vulnerabilities 2013-10-03
[CVE-2012-3373] Apache Wicket XSS vulnerability via manipulated URL parameter 2012-09-06Embarcadero ER/Studio XE2 Server Portal Tom Sawyer's Default GET Extension Factory ActiveX Control Remote Code Execution 2011-09-07
[CVE-2012-3376] Apache Hadoop HDFS information disclosure vulnerability 2012-07-06EMC Avamar Client for VMware Sensitive Information Disclosure Vulnerability 2012-10-26
[CVE-2012-3870] Openconstructor CMS 3.12.0 'createobject.php', 'name' and 'description' parameters Stored Cross-site Scrpting vulnerabilities 2012-08-04EMC Data Protection Advisor DPA Illuminator EJBInvokerServlet Remote Code Execution 2013-12-10
[CVE-2012-3871] Openconstructor CMS 3.12.0 'data/hybrid/i_hybrid.php', 'header' parameter Stored Cross-site Scripting Vulnerability 2012-08-04EMC Documentum Content Server: arbitrary code execution (incomplete fix in CVE-2015-4532) 2015-08-17
[CVE-2012-3872] Openconstructor CMS 3.12.0 Multiple Reflected Cross-site Scrpting vulnerabilities 2012-08-04EMC M&R (Watch4net) lacks Cross-Site Request Forgery protection 2016-04-27
[CVE-2012-3873] Openconstructor CMS 3.12.0 'id' parameter multiple SQL injection vulnerabilities 2012-08-04EMC Product Security Response Center (Security_Alert emc com) 
[CVE-2012-4501] CloudStack configuration vulnerability 2012-10-10Empirum Password Obfuscation Design Flaw 2013-02-14
[CVE-2012-4750] Ezhometech EzServer 7.0 Remote Heap Corruption Vulnerability 2012-10-13Encore Discovery Solution Multiple Vulnerability Disclosure 2014-08-27
[CVE-2012-5692] Invision Power Board <= 3.3.4 "unserialize()" PHP Code Execution Vulnerability 2012-11-01Endpoint Protector v4.0.4.0 - Multiple Web Vulnerabilities 2012-10-08
[CVE-2012-5777]EmpireCMS Template Parser Remote PHP Code Execution Vulnerability 2012-11-05Enterasys SecureStack Switch v6.x - Multiple Vulnerabilities 2012-03-08
[CVE-2012-5858] [CVE-2012-5859] DoS/Authorization Bypass - Kies Air 2012-11-15ePhone Disk v1.0.2 iOS - Multiple Web Vulnerabilities 2014-03-27
[CVE-2012-6458] Multiple Persistent XSS in silverstripe-ecommerce 2013-07-14ePhoto Transfer v1.2.1 iOS - Multiple Web Vulnerabilities 2013-07-17
[CVE-2013-0523] IBM WebSphere Commerce: Encrypted URL Parameter Vulnerable to Padding Oracle Attacks 2013-06-19EQDKP plus Cross Site Scripting and Bypass file extension 2011-06-17
[CVE-2013-1463]Wordpress wp-table-reloaded‏ plugin XSS in SWF 2013-02-06ERPScan inc (erpscan online gmail com) 
[CVE-2013-1464]Wordpress Audio Player Plugin XSS in SWF‏‏ 2013-02-06ERPSCAN Research Advisory [ERPSCAN-15-017] SAP NetWeaver J2EE DAS service - Unauthorized Access 2015-10-16
[CVE-2013-1636]Wordpress pretty-link plugin XSS in SWF‏ 2013-02-20ERPSCAN Research Advisory [ERPSCAN-15-022] SAP NetWeaver 7.4 - XSS 2015-12-14
[CVE-2013-1814] Apache Rave exposes User over API 2013-03-12Erronous post concerning Backtrack 5 R2 0day 2012-04-12
[CVE-2013-2612] Huawei E587 3G Mobile Hotspot Command Injection 2013-07-15ES Job Search Engine v3.0 - SQL injection vulnerability 2012-09-04
[CVE-2013-2745, CVE-2013-2738, CVE-2013-2739] MiniDLNA v1.0.25 Multiple Vulnerabilities 2013-07-15ES746 DELL Support-Bulletin - EMS Vulnerability Resolved 2014-03-27
[CVE-2013-4484] DoS vulnerability in Varnish HTTP cache 2013-10-30ESA-2011-009 (revised): RSA, The Security Division of EMC, announces new fix for potential security vulnerability in RSA(r) Access Manager Server. 2011-06-06
[CVE-2013-4763|CVE-2013-4764] Vulnerability in built-in system app of Samsung Galaxy S3/S4 2013-07-16ESA-2011-018: Domain administration privilege enforcement bypass in EMC Avamar 2011-09-12
[CVE-2013-6232] Persistent Cross-Site Scripting (XSS) in SpagoBI v4.0 2014-03-01ESA-2011-021: EMC Data Protection Advisor sensitive information disclosure vulnerability 2011-07-26
[CVE-2013-6233] Persistent HTML Script Insertion permits offsite-bound forms in SpagoBI v4.0 2014-03-01ESA-2011-022: EMC Documentum eRoom Indexing Server HummingBird Client Connector Buffer Overflow Vulnerability 2011-07-15
[CVE-2013-6234] XSS File Upload in SpagoBI v4.0 2014-03-01ESA-2011-024: EMC Captiva eInput multiple vulnerabilities 2011-07-26
[CVE-2013-6356] Avira Secure Backup v1.0.0.1 Multiple Registry Key Value Parsing Local Buffer Overflow Vulnerability 2013-11-16ESA-2011-025: Multiple buffer overflow vulnerabilities in EMC AutoStart 2011-08-18
[CVE-2013-6986] Insecure Data Storage in Subway Ordering for California (ZippyYum) 3.4 iOS mobile application 2013-12-10ESA-2011-027: RSA, The Security Division of EMC, releases Security Patch for Adaptive Authentication (On-Premise) 2011-08-16
[CVE-2014-0072] Apache Cordova File-Transfer insecure defaults 2014-03-04ESA-2011-029: Buffer overflow vulnerability in multiple EMC Ionix products 2011-09-14
[CVE-2014-0073] Apache Cordova In-App-Browser privilege escalation 2014-03-04ESA-2011-030: RSA, The Security Division of EMC, announces security fixes for RSA enVision 2011-08-23
[CVE-2014-0232] Apache OFBiz Cross-site scripting (XSS) vulnerability 2014-08-19ESA-2011-032: EMC Documentum eRoom arbitrary file upload vulnerability. 2011-11-02
[CVE-2014-0647] Insecure Data Storage of User Data Elements in Starbucks v2.6.1 iOS mobile application 2014-01-14ESA-2011-035: RSA, The Security Division of EMC, announces the release of Hotfix 6 with security updates for RSA Key Manager Appliance 2.7 Service Pack 1 2011-11-03
[CVE-2014-0683]Router Cisco RV110W - RV215W - CVR100W - Bypass Login Page - Admin Password Disclosure 2014-03-05ESA-2011-036: RSA, The Security Division of EMC, announces the release of a Security Fix for RSA(r) Adaptive Authentication (On-Premise) 2011-12-12
[CVE-2014-0749] TORQUE Buffer Overflow 2014-05-15ESA-2011-039: RSA(r), The Security Division of EMC, announces security fixes and improvements for RSASecurID(r) Software Token 4.1 for Microsoft(r)Windows(r) 2011-12-14
[CVE-2014-1238] Cross Site Scripting(XSS) in q-pulse application 2014-01-14ESA-2012-003: EMC SourceOne Web Search Sensitive Information Disclosure Vulnerability. 2012-01-17
[CVE-2014-1664] GoToMeeting Information Disclosure via Logging Output (Android) 2014-01-24ESA-2012-005: EMC NetWorker buffer overflow vulnerability 2012-01-26
[CVE-2014-2206] GetGo Download Manager HTTP Response Header Buffer Overflow Remote Code Execution 2014-03-02ESA-2012-007: RSA, The Security Division of EMC, announces security fixes for RSA enVision 2012-01-26
[CVE-2014-7216] Yahoo! Messenger emoticons.xml Multiple Key Value Handling Local Buffer Overflow 2015-09-03ESA-2012-009: EMC Documentum Content Server privilege elevation vulnerability 2012-02-01
[CVE-2014-7807] Apache CloudStack unauthenticated LDAP binds 2014-12-08ESA-2012-010: EMC Documentum xPlore information disclosure vulnerability 2012-02-03
[CVE-2014-8338] Cross Site Scripting (XSS) vulnerability in videowhisper 2014-11-06ESA-2012-013: RSA SecurID(r) Software Token Converter buffer overflow vulnerability 2012-03-05
[CVE-2014-8340] phpTrafficA SQL injection 2014-12-09ESA-2012-014: RSA enVision Multiple Vulnerabilities 2012-03-19
[CVE-2015-1393] Photo Gallery (Wordpress Plugin) - SQL Injection in Version 1.2.8 2015-01-28ESA-2012-018: EMC Data Protection Advisor Multiple Vulnerabilities 2012-04-18
[CVE-2015-1394] Photo Gallery (Wordpress Plugin) - Multiple XSS Vulnerabilities Version 1.2.8 2015-01-28ESA-2012-019: EMC Documentum Information Rights Management Multiple Vulnerabilities 2012-05-10
[CVE-2015-1517] Piwigo - SQL Injection in Version 2.7.3 2015-02-18ESA-2012-020: EMC AutoStart Multiple Buffer Overflow Vulnerabilities 2012-05-22
[CVE-2015-1583] ATutor LCMS - CSRF Vulnerability in Version 2.2 2015-02-28ESA-2012-023: RSA Authentication Manager Multiple Vulnerabilities 2012-07-11
[CVE-2015-1585] Fat Free CRM - CSRF Vulnerability in Version 0.13.5 2015-02-14ESA-2012-025: EMC NetWorker Module for Microsoft Applications (NMM) Multiple Vulnerabilities 2012-10-10
[CVE-2015-2102] Clipbucket 2.7 RC3 0.9 - Blind SQL Injection 2015-03-04ESA-2012-026: RSA Access Manager Session Replay Vulnerability 2012-07-02
[CVE-2015-2552] Windows 8+ - Trusted Boot Security Feature Bypass Vulnerability 2015-10-14ESA-2012-027: EMC Celerra/VNX/VNXe Improper Access Control Vulnerability 2012-07-11
[CVE-2015-3188] Apache Storm remote code execution vulnerability 2015-06-20ESA-2012-029: RSA BSAFE(r) SSL-C Multiple Vulnerabilities 2012-09-11
[CVE-2015-3253] Apache Groovy Zero-Day Vulnerability Disclosure 2015-07-16ESA-2012-029: RSA BSAFE® SSL-C Multiple Vulnerabilities 2014-04-03
[CVE-2015-3623] Qlikview blind XXE Security Vulnerability 2015-09-08ESA-2012-031: Iomega StorCenter/EMC Lifeline Remote Access Vulnerability 2012-08-08
[CVE-2015-4108] Wing FTP Server Cross-site Request Forgery vulnerabilities 2015-06-05ESA-2012-032: RSA BSAFE(r) Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks 2012-09-07
[CVE-2015-5956] Typo3 Core sanitizeLocalUrl() Non-Persistent Cross-Site Scripting 2015-09-14ESA-2012-032: RSA BSAFE® Micro Edition Suite Security Update for BEAST (Browser Exploit Against SSL/TLS) attacks 2014-04-11
[CVE-2015-7242] AVM FRITZ!Box: HTML Injection VulnerabiESA-2012-034: EMC Cloud Tiering Appliance (CTA) Authentication Bypass Vulnerability 2012-08-28
[CVE-2015-7242] AVM FRITZ!Box: HTML Injection Vulnerability 2016-01-07ESA-2012-037: RSA(r) Authentication Agent 7.1 for Microsoft Windows(r) and RSA(r) Authentication Client 3.5 Access Control Vulnerability 2012-09-20
[CVE-2015-7670] Multiple SQL Injection in Support Ticket System 1.2 WordPress plugin 2015-10-06ESA-2012-038: EMC NetWorker Format String Vulnerability 2012-08-30
[CVE-2015-7706] SECURE DATA SPACE API Multiple Non-Persistent Cross-Site Scripting Vulnerabilities 2015-12-09ESA-2012-039: EMC ApplicationXtender Arbitrary File Upload Vulnerability 2012-08-23
[CVE-2016-0783] Predictable password reset token 2016-03-25ESA-2012-054: RSA ® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerabilities 2012-11-26
[CVE-2016-0784] Apache OpenMeetings ZIP file path traversal 2016-03-30ESA-2012-055: RSA® Data Protection Manager Multiple Vulnerabilities 2012-11-13
[CVE-2016-1919] Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3 2016-01-16ESA-2012-057: EMC Smarts Network Configuration Manager Multiple Vulnerabilities 2012-11-26
[CVE-2016-1920] VPN Man-in-the-Middle due to shared certificate store on KNOX 1.0 / Android 4.3 2016-01-16ESA-2013-001: EMC NetWorker Buffer Overflow vulnerability 2013-01-07
[CVE-2016-1926] XSS in Greenbone Security Assistant ≥ 6.0.0 and < 6.0.8 2016-01-20ESA-2013-008: EMC AlphaStor Multiple Vulnerabilities 2013-01-18
[CVE-2016-2163] Stored Cross Site Scripting in Event description 2016-03-25ESA-2013-010: EMC AlphaStor Buffer Overflow Vulnerability 2013-01-28
[CVE-2016-2164] Arbitrary file read via SOAP API 2016-03-25ESA-2013-015: RSA Archer® GRC Multiple Vulnerabilities 2013-05-06
[CVE-2016-2345] Solarwinds Dameware Mini Remote Control Remote Code Execution Vulnerability 2016-03-17ESA-2013-016: EMC Smarts Network Configuration Manager 2013-03-26
[CVE-2016-3089] Apache OpenMeetings XSS in SWF panel 2016-08-12ESA-2013-018: EMC Smarts Product - Cross Site Scripting Vulnerability 2013-03-27
[CVE-2016-3996]KNOX clipboard data disclosure KNOX 1.0 - KNOX 2.3 / Android 2016-04-16ESA-2013-021: EMC Documentum Multiple Vulnerabilities 2013-05-09
[CVE-2016-5000] XML External Entity (XXE) Vulnerability in Apache POI's XLSX2CSV Example 2016-07-22ESA-2013-028: EMC NetWorker Elevation of Privilege Vulnerability 2013-05-02
[CVE-2016-5195] "Dirty COW" Linux privilege escalation vulnerability 2016-10-20ESA-2013-029: RSA SecurID Sensitive Information Disclosure Vulnerability 2013-05-16
[CVE-2016-6480] Double-Fetch Vulnerability in Linux-4.5/drivers/scsi/aacraid/commctrl.c 2016-08-01ESA-2013-031: RSA® Authentication Agent Cross-Site Scripting (XSS) Vulnerability 2013-05-10
[CVE-2016-6484] Infoblox Network Automation CRLF Injection/ HTTP splitting 2016-09-06ESA-2013-032 RSA BSAFE® Micro Edition Suite Security Update for SSL/TLS Plaintext Recovery (aka ?Lucky Thirteen?) Vulnerability 2013-06-19
[CVE-2016-6563 / VU#677427]: Dlink DIR routers HNAP Login stack buffer overflow 2016-11-07ESA-2013-034: EMC Avamar Improper Authorization vulnerability 2013-05-02
[CVE-2016-6582] Doorkeeper gem does not revoke tokens & uses wrong auth/auth method 2016-08-18ESA-2013-035: EMC Avamar Client Improper Certificate Validation Vulnerability 2013-05-02
[CVE-2016-6600/1/2/3]: Multiple vulnerabilities (RCE, file download, etc) in WebNMS Framework 5.2 / 5.2 SP1 2016-08-08ESA-2013-037: EMC AlphaStor Buffer Overflow Vulnerability 2013-05-09
[CVE-2016-7098] GNU Wget < 1.18 Access List Bypass / Race Condition 2016-11-24ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities 2013-06-19
[CVE-2016-8736] Apache Openmeetings RMI Registry Java Deserialization RCE 2016-11-13ESA-2013-039: RSA BSAFE® SSL-J Multiple Vulnerabilities 2014-04-03
[CVE-2016-8741] Apache Qpid Broker for Java - Information Leakage 2016-12-28ESA-2013-040: RSA® Authentication Manager 8.0 Multiple Vulnerabilities 2013-05-28
[CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities 2012-09-20ESA-2013-041: EMC VNX and Celerra Control Station Elevation of Privilege Vulnerability 2013-05-16
[CVE-ID REQUEST] vBulletin - Multiple Open Redirects 2011-06-02ESA-2013-045: RSA BSAFE® SSL-C Security Update for SSL/TLS Plaintext Recovery (aka ?Lucky Thirteen?) Vulnerability 2013-06-19
[DC-2012-11-001] DefenseCode ThunderScan PHP Advisory: Wordpress WP e-Commerce Plugin Multiple Security Vulnerabilities 2012-11-12ESA-2013-047: RSA® Authentication Agent for PAM Unlimited Login Attempts Vulnerability 2013-08-20
[DC-2012-11-002] DefenseCode ThunderScan ASP.Net C# Advisory: BugTracker.Net Multiple Security Vulnerabilities 2012-11-26ESA-2013-055: EMC Avamar Multiple Vulnerabilities 2013-07-17
[DCA-2011-0014] - Elxis CMS Cross Site Script 2011-12-05ESA-2013-057: RSA Archer(r) GRC Multiple Vulnerabilities 2013-09-03
[DCA-2011-0015] QuesCom Qportal User - OctoWebSvr/COM - Source Code Disclosure 2011-12-08ESA-2013-060: EMC VPLEX Information Disclosure Vulnerability 2013-09-26
[DCA-2011-0016] - Tufin SecureTrack Cross Site Script 2012-04-04ESA-2013-062: EMC Atmos Unauthenticated Database Access Vulnerability 2013-10-03
[Dear customer] : Hi Your UserESA-2013-070: EMC Documentum Cross Site Scripting Vulnerability. 2013-11-05
[DSB-2011-01] Security Advisory FreeRADIUS 2.1.11 2011-07-25ESA-2013-072: EMC NetWorker Information Disclosure Vulnerability 2013-10-29
[DSECRG-11-030] SAP NetWeaver JavaMailExamples - XSS 2011-11-17ESA-2013-073: EMC Documentum eRoom Multiple Cross Site Scripting Vulnerabilities. 2013-11-05
[DSECRG-11-031] SAP RFC EPS_DELETE_FILE - Authorisation bypass, smbrelay 2011-11-17ESA-2013-074: EMC Unisphere for VMAX Information Disclosure Vulnerability 2013-10-29
[DSECRG-11-032] SAP NetWeaver ipcpricing - information disclose (by ERPScan) 2011-09-16ESA-2013-077: RSA Data Protection Manager Appliance Multiple Vulnerabilities 2013-11-21
[DSECRG-11-032] SAP NetWeaver ipcpricing - information disclose 2011-11-17ESA-2013-078: EMC Document Sciences xPression Multiple Vulnerabilities 2013-11-19
[DSECRG-11-033] SAP Crystal Report Server pubDBLogon - Linked ÕSS vulnerability (by ERPScan) 2011-09-16ESA-2013-080: RSA Security Analytics Multiple Vulnerabilities 2013-12-04
[DSECRG-11-033] SAP Crystal Report Server pubDBLogon - Linked ÕSS vulnerability 2011-11-17ESA-2013-089: EMC Connectrix Manager Converged Network Edition Remote Code Execution Vulnerabilities 2013-12-11
[DSECRG-11-034] SAP NetWeaver J2EE MeSync ? information disclose 2011-11-17ESA-2014-003: RSA® Data Loss Prevention Improper Session Management Vulnerability 2014-04-11
[DSECRG-11-036] SAP NetWaver Virus Scan Interface - multiple XSS 2011-11-17ESA-2014-005: EMC Documentum Foundation Services (DFS) Content Access Vulnerability 2014-02-05
[DSECRG-11-037] SAP BW Doc - Multiple XSS 2011-11-17ESA-2014-012: EMC Documentum TaskSpace Multiple Vulnerabilities 2014-03-05
[DSECRG-11-038] SAP RSTXSCRP report - smb relay vulnerability 2011-11-17ESA-2014-015: RSA® Authentication Manager Cross Frame Scripting Vulnerability 2014-03-26
[DSECRG-11-039] SAP NetWeaver TH_GREP module - Code injection vulnerability (NEW) 2011-11-17ESA-2014-016: EMC VPLEX Multiple Vulnerabilities 2014-03-26
[DSECRG-11-040] SAP NetWeaver SPML - XML CSRF user creation 2011-11-17ESA-2014-019: RSA BSAFE® Micro Edition Suite Certificate Chain Processing Vulnerability 2014-04-11
[DSECRG-11-041] SAP NetWeaver - Authentication bypass (Verb Tampering) 2011-11-17ESA-2014-021: RSA Archer® GRC Multiple Cross-Site Scripting Vulnerabilities 2014-05-23
[ERPSCAN-15-003] SAP NetWeaver Dispatcher Buffer Overflow - RCE, DoS 2015-06-25ESA-2014-024: EMC Documentum Digital Asset Manager Blind DQL Injection Vulnerability 2014-06-04
[ERPSCAN-15-004] SAP NetWeaver Portal XMLValidationComponent - XXE 2015-06-25ESA-2014-026: EMC Documentum Content Server Information Disclosure Vulnerability 2014-04-11
[ERPSCAN-15-005] SAP Mobile Platform - XXE 2015-06-25ESA-2014-028: EMC Cloud Tiering Appliance XML External Entity (XXE) and Information Disclosure Vulnerabilities 2014-04-16
[ERPSCAN-15-006] SAP NetWeaver Portal ReportXmlViewer - XXE 2015-06-25ESA-2014-032: RSA® Adaptive Authentication (Hosted) DOM Cross-Site Scripting Vulnerability 2014-06-02
[ERPSCAN-15-007] SAP Management Console ReadProfile Parameters - Information disclosure 2015-06-25ESA-2014-046: EMC Documentum Content Server Multiple Vulnerabilities 2014-06-30
[ERPSCAN-15-008] SAP Afaria 7 XcListener - DoS in the module XeClient.Dll 2015-06-25ESA-2014-055: EMC Network Configuration Manager (NCM) Report Advisor Session Fixation Vulnerability 2014-08-08
[ERPSCAN-15-009] SAP Afaria 7 XcListener - Missing authorization check 2015-06-25ESA-2014-055: EMC Network Configuration Manager (NCM) Session Fixation Vulnerability 2014-06-30
[ERPSCAN-15-010] SYBASE SQL Anywhere 12 and 16 - DoS 2015-06-25ESA-2014-057: EMC Documentum Foundation Services (DFS) XML External Entity (XXE) Vulnerability 2014-07-07
[ERPSCAN-15-011] SAP Mobile Platform 3.0 - XXE 2015-06-25ESA-2014-059: EMC Documentum Multiple Cross-Site Scripting Vulnerabilities 2014-08-18
[ERPSCAN-15-012] SAP Afaria 7 XComms â?? Buffer Overflow 2015-08-17ESA-2014-060: EMC Documentum eRoom Multiple Cross-Site Scripting Vulnerabilities 2014-06-30
[ERPSCAN-15-013] SAP NetWeaver AS Java CIM UPLOAD â?? XXE 2015-08-17ESA-2014-064: EMC Documentum Content Server Privilege Escalation Vulnerabilities 2014-07-07
[ERPSCAN-15-014] SAP Mobile Platform 3 â?? XXE in Add Repository 2015-09-09ESA-2014-067: EMC Documentum D2 Privilege Escalation Vulnerability 2014-08-18
[ERPSCAN-15-015] SAP NetWeaver AS ABAPâ?? Hardcoded Credentials 2015-09-09ESA-2014-071: RSA Archer® GRC Platform Multiple Vulnerabilities 2014-08-19
[ERPSCAN-15-016] SAP NetWeaver â?? Hardcoded credentials 2015-09-09ESA-2014-073: EMC Documentum Multiple Cross-Site Request Forgery Vulnerabilities 2014-08-18
[ERPSCAN-15-018] SAP NetWeaver 7.4 - XXE 2015-11-23ESA-2014-079: EMC Documentum Content Server Multiple Vulnerabilities 2014-08-18
[ERPSCAN-15-019] SAP Afaria - Stored XSS 2015-11-23ESA-2014-081 RSA® Identity Management and Governance Authentication Bypass Vulnerability 2014-08-26
[ERPSCAN-15-020] SAP Mobile Platform 2.3 - XXE in application import 2015-11-23ESA-2014-091: EMC Documentum Content Server Multiple Privilege Escalation Vulnerabilities 2014-09-15
[ERPSCAN-15-021] SAP NetWeaver 7.4 - SQL Injection vulnerability 2015-12-14ESA-2014-135: RSA® Web Threat Detection SQL Injection Vulnerability 2014-11-05
[ERPSCAN-15-024] SAP HANA hdbindexserver - Memory corruption 2016-01-27ESA-2014-156: EMC Documentum Content Server Insecure Direct Object Reference Vulnerability 2014-12-02
[ERPSCAN-15-025] Oracle E-Business Suite Database user enumeration Vulnerability 2015-10-27ESA-2014-158: RSA BSAFE® Micro Edition Suite and SSL-J Triple Handshake Vulnerability 2014-12-30
[ERPSCAN-15-026] Oracle E-Business Suite - SQL injection Vulnerability 2015-10-27ESA-2014-160: RSA® Adaptive Authentication (On-Premise) Authentication Bypass Vulnerability 2014-12-02
[ERPSCAN-15-027] Oracle E-Business Suite - Cross Site Scripting Vulnerability 2015-10-27ESA-2014-179: EMC Replication Manager and EMC AppSync Unquoted Service Path Enumeration Vulnerability 2014-12-30
[ERPSCAN-15-028] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29ESA-2014-180: EMC Documentum Web Development Kit Multiple Vulnerabilities 2015-01-05
[ERPSCAN-15-029] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29ESA-2015-002: Unisphere Central Security Update for Multiple Vulnerabilities 2015-01-29
[ERPSCAN-15-030] Oracle E-Business Suite - XXE injection Vulnerability 2015-10-29ESA-2015-006: EMC Avamar Missing Certificate Validation Vulnerability 2015-01-30
[ERPSCAN-15-031] SAP MII â?? Encryption Downgrade vulnerability 2016-02-12ESA-2015-043: RSA® Validation Manager Security Update for Multiple Vulnerabilities 2015-06-16
[ERPSCAN-15-032] SAP PCo agent â?? DoS vulnerability 2016-02-12ESA-2015-087 EMC Document Sciences xPression SQL Injection Vulnerability 2015-05-16
[ERPSCAN-16-001] SAP NetWeaver 7.4 - XSS vulnerability 2016-04-15ESA-2015-091: RSA® Web Threat Detection Cross-Site Request Forgery Vulnerability 2015-06-03
[ERPSCAN-16-002] SAP HANA - log injection and no size restriction 2016-04-15ESA-2015-102: EMC Unisphere for VMAX Remote Code Execution Vulnerability 2015-06-25
[ERPSCAN-16-003] SAP NetWeaver 7.4 - cryptographic issues 2016-04-15ESA-2015-106: EMC Unified Infrastructure Manager/Provisioning (UIM/P) Authentication Bypass Vulnerability 2015-06-16
[ERPSCAN-16-004] SAP NetWeaver 7.4 (Pmitest servlet) â?? XSS vulnerability 2016-04-19ESA-2015-108: EMC Documentum D2 Multiple DQL Injection Vulnerabilities 2015-07-01
[ERPSCAN-16-005] SAP HANA hdbxsengine JSON â?? DoS vulnerability 2016-04-19ESA-2015-109: EMC Documentum D2 Cross-Site Scripting 2015-06-23
[ERPSCAN-16-008] SAP NetWeaver AS JAVA - XSS vulnerability in ProxyServer servlet 2016-05-16ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-06-23
[ERPSCAN-16-009] SAP xMII - directory traversal vulnerability 2016-05-16ESA-2015-110: EMC Documentum Thumbnail Server Directory Traversal Vulnerability 2015-09-09
[ERPSCAN-16-010] SAP NetWeaver AS JAVA â?? information disclosure vulnerability 2016-05-19ESA-2015-111: EMC Documentum WebTop Client Products Multiple Vulnerabilities 2015-07-01
[ERPSCAN-16-011] SAP NetWeaver AS JAVA â?? SQL injection vulnerability 2016-05-19ESA-2015-112: EMC Isilon OneFS Command Injection Vulnerability 2015-07-01
[ERPSCAN-16-022] SAP Hybris E-commerce Suite VirtualJDBC â?? Default Credentials 2016-08-16ESA-2015-115: EMC RecoverPoint for Virtual Machines (VMs) Restriction Bypass Vulnerability 2015-07-10
[ERPSCAN-16-023] Potential backdoor via hardcoded system ID 2016-08-16ESA-2015-118: EMC Avamar Directory Traversal Vulnerability 2015-07-22
[ERPSCAN-16-030] SAP NetWeaver - buffer overflow vulnerability 2016-10-17ESA-2015-122: EMC Documentum CenterStage Cross-site Scripting Vulnerability 2015-07-16
[ERPSCAN-16-031] SAP NetWeaver AS ABAP â?? directory traversal using READ DATASET 2016-11-18ESA-2015-123: EMC Documentum WebTop Open Redirect Vulnerability 2015-07-16
[ERPSCAN-16-032] SAP Telnet Console â?? Directory traversal vulnerability 2016-11-18ESA-2015-130: EMC Documentum WebTop and WebTop Clients Cross-Site Request Forgery Vulnerability 2015-08-17
[ERPSCAN-16-034] SAP NetWeaver AS JAVA - XXE vulnerability in BC-BMT-BPM-DSK component 2016-11-21ESA-2015-131: EMC Documentum Content Server Multiple Vulnerabilities 2015-08-17
[ESNC-2013-004] Remote ABAP Code Injection in OpenText/IXOS ECM for SAP NetWeaver 2013-04-24ESA-2015-137: EMC Atmos XML External Entity Injection Vulnerability 2015-09-02
[ESNC-2041217] Critical Security Vulnerability in PwC ACE Software for SAP Security 2016-12-07ESA-2015-140: RSA® Identity Management & Governance Multiple Cross-Site Scripting Vulnerabilities 2015-09-09
[FD] Celoxis <= 9.5 - Cross Site Scripting (XSS) 2015-11-23ESA-2015-142: RSA Archer® GRC Platform Multiple Vulnerabilities 2015-09-23
[FD] CVE-2013-6876 s3dvt Root shell 2014-06-02ESA-2015-144: EMC Documentum Content Server Privilege Escalation Vulnerability 2015-09-03
[FD] Visual Paradigm Server v10.0 - Cross Site Scripting (XSS) 2015-11-27ESA-2015-148: EMC Isilon OneFS Security Privilege Escalation Vulnerability 2015-12-17
[FFRRA-20131213] Crafted ICMP ECHO REQUEST can cause denial of service on Juniper SSG20 2014-01-22ESA-2015-151: RSA® OneStep Path Traversal Vulnerability 2015-09-29
[Foreground Security 2011-001]: Casper Suite (JSS 8.1) Cross-Site Scripting 2011-08-27ESA-2015-152: RSA Web Threat Detection Multiple Vulnerabilities 2015-09-29
[FOREGROUND SECURITY 2011-004] Infoblox NetMRI 6.2.1 Multiple Cross-Site Scripting (XSS) vulnerabilities 2011-11-11ESA-2015-153 EMC SourceOne Email Supervisor Security Update for Multiple Security Vulnerabilities 2015-10-11
[Foreground Security 2013-002]: Corda Path Disclosure and XSS 2013-07-12ESA-2015-163: EMC VPLEX Sensitive Information Exposure Vulnerability 2015-11-17
[FOXMOLE SA 2016-05-02] e107 Content Management System (CMS) - Multiple Issues 2016-11-30ESA-2015-164: EMC Isilon OneFS Privilege Escalation Vulnerability 2015-11-24
[Full-disclosure] "Dell Data Protection | Access" for Windowscontains and installs outdated,superfluous and vulnerable system components and 3rd partycomponents/drivers 2012-09-24ESA-2015-171 EMC NetWorker Denial-of-service Vulnerability 2015-12-03
[HBOS-28734MV]ESA-2015-174: EMC VPLEX Undocumented Account Vulnerability 2015-12-22
[HITB-Announce] #HITB2013KUL Call for Papers 2013-05-01ESA-2015-177: RSA SecurID(r) Web Agent Authentication Bypass Vulnerability 2015-12-21
[HITB-Announce] #HITB2014AMS Call for Papers - FINAL CALL 2014-01-16ESA-2015-179: EMC Secure Remote Services Virtual Edition Path Traversal Vulnerability 2015-12-22
[HITB-Announce] #HITB2014AMS Call for Papers Now Open 2013-11-27ESA-2016-010 EMC Documentum xCP Security Update for Multiple Vulnerabilities 2016-02-09
[HITB-Announce] #HITB2015AMS Call for Papers 1st Round is Closing in 10 Days 2015-01-22ESA-2016-012: EMC Documentum xCP ? User Information Disclosure Vulnerability 2016-03-07
[HITB-Announce] Haxpo CFP 2014-02-20ESA-2016-012: EMC Documentum xCP ? User Information Disclosure Vulnerability 2016-03-14
[HITB-Announce] HITB eZine Issue #006 Released! 2011-06-13ESA-2016-013: RSA BSAFE® Micro Edition Suite, Crypto-C Micro Edition, Crypto-J, SSL-J and SSL-C Lenstra?s Attack Vulnerability 2016-04-11
[HITB-Announce] HITB Magazine Issue 008 (now with print edition!) 2012-04-23ESA-2016-034: EMC Documentum D2 Configuration Object Vulnerability 2016-04-04
[HITB-Announce] HITB Magazine Issue 009 - Call for Submissions 2012-08-09ESA-2016-036: EMC Unisphere for VMAX Virtual Appliance Arbitrary File Upload Vulnerability 2016-04-14
[HITB-Announce] HITB2011AMS Conference Materials & Photos 2011-06-08ESA-2016-039: EMC ViPR SRM Multiple Cross-Site Request Forgery Vulnerabilities 2016-04-19
[HITB-Announce] HITB2017AMS CFP 2016-10-31ESA-2016-041: RSA Data Loss Prevention Multiple Vulnerabilities 2016-05-02
[HITB-Announce] REMINDER: #HITB2013AMS Call for Papers Closes 8th Feb 2013-01-22ESA-2016-051: Patch 14 for RSA® Authentication Manager 8.1 SP1 to Address Multiple Vulnerabilities 2016-05-04
[HITB-Announce] REMINDER: #HITB2014KUL CFP Deadline: 1st August 2014-07-17ESA-2016-065: EMC Avamar Data Store and Avamar Virtual Edition Multiple Vulnerabilities 2016-09-19
[HITB-Announce] REMINDER: HITB2011 - Malaysia Call for Papers Closes on the 15th 2011-07-11ESA-2016-070: RSA® Authentication Manager Prime SelfService Insecure Direct Object Reference Vulnerability 2016-08-08
[HITB-Announce] Reminder: HITB2012AMS Call For Papers Closing Soon 2012-01-26ESA-2016-093: RSA® Adaptive Authentication (On-Premise) Cross-Site Scripting Vulnerability 2016-09-20
[HTTPCS] ClanSphere 'where' Cross Site Scripting Vulnerability 2014-03-07ESA-2016-094: RSA BSAFE® Micro Edition Suite Multiple Vulnerabilities 2016-09-15
[IA30] Photodex ProShow Producer v5.0.3256 Local Buffer Overflow Vulnerability 2012-07-02ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2016-09-19
[IA33] Serva v2.0.0 DNS Server Remote Denial of Service 2013-01-14ESA-2016-096: EMC Celerra, VNX1, VNX2 and VNXe SMB NTLM Authentication Weak Nonce Vulnerability 2017-01-10
[IA34] Serva v2.0.0 HTTP Server GET Remote Denial of Service 2013-01-14ESA-2016-097: RSA Identity Governance and Lifecycle Information Disclosure Vulnerability 2016-09-23
[IA38] NCMedia Sound Editor Pro v7.5.1 MRUList201202.dat File Handling Local Buffer Overflow 2012-09-16ESA-2016-104: EMC ViPR SRM Multiple Vulnerabilities 2016-09-13
[IA46] Photodex ProShow Producer v5.0.3297 ColorPickerProc() Memory Corruption 2013-02-14ESA-2016-108: EMC Documentum D2 Authentication Bypass Vulnerability 2016-09-13
[IA47] Photodex ProShow Producer v5.0.3297 PXT File title Value Handling Buffer Overflow 2013-02-16ESA-2016-111: EMC Avamar Data Store and Avamar Virtual Edition Privilege Escalation Vulnerability 2016-10-20
[IA49] Photodex ProShow Producer v5.0.3310 ScsiAccess Local Privilege Escalation 2013-03-19ESA-2016-127: EMC ViPR SRM Stored Cross-Site Scripting Vulnerability 2016-09-27
[IBliss Security Advisory] Cross-site scripting ( XSS ) in Bradesco gateway wordpress plugin 2013-09-23ESA-2016-157: EMC ScaleIO Multiple Vulnerabilities 2017-01-05
[iBliss Security Advisory] Cross-Site Scripting (XSS) vulnerability in Design-approval-system wordpress plugin 2013-09-12ESNC Security (secure esnc de) 
[IMF 2013] 2nd Call for Papers 2012-09-27Essential PIM 4.22: MANY vulnerabilities in 3rd party libraries 2011-06-17
[IMF 2013] 3rd Call for Papers: Deadline Extended 2012-10-17Etano 1.x <= Multiple Cross Site Scripting Vulnerabilities 2012-03-05
[IMF 2013] Call for Papers 2012-09-05'e-ticketing' SQL Injection (CVE-2012-1673) 2012-04-04
[IMF 2013] Call for Participation 2013-02-04European Security Services GPS v1.0 - Multiple Vulnerabilities 2011-09-28
[IMF 2014] Call for Participation 2014-04-01EUSecWest 2012 - Amsterdam, Sept 19/20 featuring Mobile PWN2OWN - CFP Deadline June 15 2012-06-05
[IMPORTANT] : UPDATE YOUREvasion attacks expoliting file-parsing vulnerabilities in antivirus products 2012-03-19
[IMPORTANT] : YOUR ACCOUNTEvent Calendar PHP 1.2 - Multiple Web Vulnerabilites 2012-07-15
[IMPORTANT] Update your paypalEvent Easy Calendar 1.0.0 WP plugin 2013-09-07
[INTREST SEC] Atlassian Confluence Wiki XSS Vulnerability 2012-09-13Event Script PHP v1.1 CMS - Multiple Web Vulnerabilites 2012-07-04
[ISecAuditors Security Advisories] - Reflected XSS vulnerability in Boxcryptor (www.boxcryptor.com) 2014-02-13Event Viewer Snapin multiple DLL side loading vulnerabilities 2015-12-16
[ISecAuditors Security Advisories] LinkedIn social network is affected by Persistent Cross-Site Scripting vulnerability 2013-11-05Events Made Easy WordPress plugin CSRF + Persistent XSS 2015-10-16
[ISecAuditors Security Advisories] Multiple Reflected Cross-Site Scripting vulnerabilities 2013-09-26Eventy CMS v1.8 Plus - Multiple Web Vulnerablities 2012-11-13
[ISecAuditors Security Advisories] Multiple Reflected XSS vulnerabilities in BoltWire <= v3.5 2013-10-09Evernote for Windows DLL Loading Remote Code Execution Vulnerability 2016-10-14
[ISecAuditors Security Advisories] Multiple Vulnerabilities in Telaen <= 1.3.0 2013-06-03Executable installers are vulnerable^WEVIL (case 10): McAfee Security Scan Plus, WebAdvisor and CloudAV (Beta) 2015-12-14
[ISecAuditors Security Advisories] Multiple Vulnerabilities in Uebimiau <= 2.7.11 2013-10-09Executable installers are vulnerable^WEVIL (case 13): ESET NOD32 antivirus installer allows remote code execution with escalation of privilege 2015-12-21
[ISecAuditors Security Advisories] Multiple XSS vulnerabilities in "Project'Or RIA" 2013-11-05Executable installers are vulnerable^WEVIL (case 14): Rapid7's ScanNowUPnP.exe allows arbitrary (remote) code execution 2015-12-21
[ISecAuditors Security Advisories] Reflected XSS in Asteriskguru Queue Statistics 2013-03-10Executable installers are vulnerable^WEVIL (case 15): F-SecureOnlineScanner.exe allows arbitrary (remote) code execution and escalation of privilege 2015-12-23
[ISecAuditors Security Advisories] SQL Injection vulnerability in "Project'Or RIA" allow arbitrary access to the database and the file system 2013-11-05Executable installers are vulnerable^WEVIL (case 16): Trend Micro's installers allows arbitrary (remote) code execution 2015-12-31
[ISecAuditors Security Advisories] URL Open Redirect in Google generic TLD and ccTLD 2015-10-15Executable installers are vulnerable^WEVIL (case 18): EMSISoft's installers allow arbitrary (remote) code execution and escalation of privilege 2016-01-07
[iTunes] Credit Card -Executable installers are vulnerable^WEVIL (case 19): ZoneAlarm's installers allow arbitrary (remote) code execution and escalation of privilege 2016-01-07
[KIS-2013-01] DataLife Engine 9.7 (preview.php) PHP Code Injection Vulnerability 2013-01-28Executable installers are vulnerable^WEVIL (case 2): NSIS allows remote code execution with escalation of privilege 2015-12-07
[KIS-2013-02] CubeCart <= 5.2.0 (cubecart.class.php) PHP Object Injection Vulnerability 2013-02-06Executable installers are vulnerable^WEVIL (case 20): TrueCrypt's installers allow arbitrary (remote) code execution and escalation of privilege 2016-01-08
[KIS-2013-04] Joomla! <= 3.0.3 (remember.php) PHP Object Injection Vulnerability 2013-04-26Executable installers are vulnerable^WEVIL (case 21): Panda Security's installers allow arbitrary (remote) code execution AND escalation of privilege with PANDAIS16.exe 2016-01-19
[KIS-2013-09] Vanilla Forums <= 2.0.18.5 (class.utilitycontroller.php) PHP Object Injection Vulnerability 2013-10-07Executable installers are vulnerable^WEVIL (case 22): python.org's executable installers allow arbitrary (remote) code execution 2016-01-15
[KIS-2013-10] openSIS <= 5.2 (ajax.php) PHP Code Injection Vulnerability 2013-12-05Executable installers are vulnerable^WEVIL (case 23): WinImage's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege 2016-01-30
[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability 2014-07-14Executable installers are vulnerable^WEVIL (case 25): WinRAR's installer and self-extractors allow arbitrary (remote) code execution and escalation of privilege 2016-02-07
[KIS-2014-13] Tuleap <= 7.6-4 (register.php) PHP Object Injection Vulnerability 2014-11-27Executable installers are vulnerable^WEVIL (case 29): putty-0.66-installer.exe allowa arbitrary (remote) code execution WITH escalation of privilege 2016-03-01
[KIS-2014-14] Osclass <= 3.4.2 (Search::setJsonAlert) SQL Injection Vulnerability 2014-12-31Executable installers are vulnerable^WEVIL (case 3): WiX Toolset's bootstrapper "burn.exe" 2016-01-21
[KIS-2014-15] Osclass <= 3.4.2 (ajax.php) Local File Inclusion Vulnerability 2014-12-31Executable installers are vulnerable^WEVIL (case 30): clamwin-0.99-setup.exe allows arbitrary (remote) code execution WITH escalation of privilege 2016-03-06
[KIS-2014-16] Osclass <= 3.4.2 (contact.php) Unrestricted File Upload Vulnerability 2014-12-31Executable installers are vulnerable^WEVIL (case 31): MalwareBytes' installers allows arbitrary (remote) code execution WITH escalation of privilege 2016-03-06
[KIS-2014-18] Mantis Bug Tracker <= 1.2.17 (ImportXml.php) PHP Code Injection Vulnerability 2014-12-31Executable installers are vulnerable^WEVIL (case 33): GData's installers allow escalation of privilege 2016-04-18
[KIS-2014-19] Symantec Web Gateway <= 5.2.1 (restore.php) OS Command Injection Vulnerability 2014-12-31Executable installers are vulnerable^WEVIL (case 37): eclipse-inst-win*.exe vulnerable to DLL redirection and manifest hijacking 2016-07-23
[KIS-2015-01] Concrete5 <= 5.7.3.1 (sendmail) Remote Code Execution Vulnerability 2015-06-11Executable installers are vulnerable^WEVIL (case 41): EmsiSoft's Emergency Kit allows elevation of privilege for everybody 2016-11-17
[KIS-2015-02] Concrete5 <= 5.7.3.1 Multiple Reflected Cross-Site Scripting Vulnerabilities 2015-06-11Executable installers are vulnerable^WEVIL (case 5): JRSoft InnoSetup 2015-12-07
[KIS-2015-03] Concrete5 <= 5.7.4 (Access.php) SQL Injection Vulnerability 2015-06-11Executable installers are vulnerable^WEVIL (case 6): SumatraPDF-*-installer.exe allows remote code execution with escalation of privilege 2015-12-07
[KIS-2015-04] Magento <= 1.9.2 (catalogProductCreate) Autoloaded File Inclusion Vulnerability 2015-09-11Executable installers are vulnerable^WEVIL (case 7): 7z*.exe allows remote code execution with escalation of privilege 2015-12-08
[KIS-2015-05] ATutor <= 2.2 (Custom Course Icon) Unrestricted File Upload Vulnerability 2015-11-04Executable installers are vulnerable^WEVIL (case 8): vlc-*.exe allows remote code execution with escalation of privilege 2015-12-07
[KIS-2015-06] ATutor <= 2.2 (confirm.php) Session Variable Overloading Vulnerability 2015-11-04Executable installers are vulnerable^WEVIL (case 9): Chrome's setup.exe allows arbitrary code execution and escalation of privilege 2015-12-09
[KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability 2015-11-04Executable installers/self-extractors are vulnerable^WEVIL (case 17): Kaspersky Labs utilities 2016-01-03
[KIS-2015-08] ATutor <= 2.2 (edit_marks.php) PHP Code Injection Vulnerability 2015-11-04Executable uninstallers are vulnerable^WEVIL (case 12): Avira Registry Cleaner allows arbitrary code execution with escalation of privilege 2015-12-18
[KIS-2015-09] Piwik <= 2.14.3 (viewDataTable) Autoloaded File Inclusion Vulnerability 2015-11-04Expedia Product Security Advisory: Cruise Ship Centers Information Disclosure 2015-06-05
[KIS-2015-10] Piwik <= 2.14.3 (DisplayTopKeywords) PHP Object Injection Vulnerability 2015-11-04Exploit - EasyITSP by Lemens Telephone Systems 2.0.2 2012-10-26
[KIS-2016-01] CakePHP <= 3.2.0 "_method" CSRF Protection Bypass Vulnerability 2016-01-15Exploit Code for ipTIME firmwares < 9.58 (root RCE against 127 router models) 2015-07-01
[KIS-2016-02] Magento <= 1.9.2.2 (RSS Feed) Information Disclosure Vulnerability 2016-02-24exploit CVE-2016-2203 2016-04-21
[MajorSecurity-SA-2012-014]Apple Safari on iOS 5.1 - Adressbar spoofing vulnerability 2012-03-20Exploit for Asterisk Security Advisory AST-2011-013 2011-12-22
[MajorSecurity-SA-2013-014] Sony Playstation Vita Browser - firmware 2.05 - Adressbar spoofing 2013-02-05Exploit for stealing backups on WP sites with WP-DB-Backup v2.2.4 plugin 2014-11-22
[MATTA-2011-001] pfSense x509 Insecure Certificate Creation 2011-12-22Exploit Title: Mihalism Multi Host v 5.0 2012-08-25
[MATTA-2011-003] Restorepoint Remote root command execution vulnerability - CVE-2011-4201 CVE-2011-4202 2011-12-12Exploit-DB Captcha Bypass 2016-05-01
[MATTA-2012-001] CVE-2012-1301; 0day; Open Proxy vulnerability in Umbraco 4.7 2012-04-05Exploiting XXE vulnerabilities in AMF libraries 2016-01-11
[MATTA-2012-002] CVE-2012-1493; F5 BIG-IP remote root authentication bypass Vulnerability 2012-06-11Exponent CMS 2.3.9 - Useraccounts Persistent Vulnerability 2016-07-28
[MATTA-2013-004] CVE-2014-1409; MobileIron authentication bypass vulnerability 2014-04-02Extended submission deadline for: The 6th International Conference for Internet Technology and Secured Transactions (ICITST-2011)! 2011-09-04
[Multiple CVE]: RCE, info disclosure, HQL injection and stored XSS in Novell Service Desk 7.1.0 2016-04-10eXtplorer v2.1.9 Archive Path Traversal 2016-05-14
[Notice] : Update Your AccountExtra information for CVE-2014-2513 - EMC Documentum Content Server: arbitrary code execution 2015-07-08
[NOTICE] YOU HAVE TO UPDATEExtra User Details [Privilege Escalation] 2016-02-24
[NTMS 2012] Call for Papers, Istanbul- Turkey, 7 - 10 May 2012 2011-09-12F*EX <= 20100208 Cross Site Scripting Vulnerabilities 2012-02-20
[oCERT 2015-011] PyAMF input sanitization errors (XXE) 2015-12-17F*EX 20111129-2 Cross Site Scripting Vulnerability 2012-02-20
[oCERT 2015-012] Ganeti multiple issues 2015-12-30F5 BIGIP - (OLD!) Persistent XSS in ASM Module 2014-12-02
[oCERT-2011-001] Chyrp input sanitization errors 2011-07-13FAA US Academy (AFS) - Auth Bypass Vulnerability 2012-01-28
[oCERT-2011-002] libavcodec insufficient boundary check 2011-08-10Fabio Rispoli (prodotto.php?id) Remote SQL injection Vulnerability 2011-08-28
[oCERT-2011-003] multiple implementations denial-of-service via hash algorithm collision 2011-12-28Facebook API v2.1 - RFC6749 Open Redirect Vulnerability 2016-10-11
[oCERT-2012-001] multiple implementations denial-of-service via MurmurHash algorithm collision 2012-11-23Facebook BB #18 - IDOR Issue & Privacy Vulnerability 2014-12-19
[oCERT-2014-001] MantisBT input sanitization errors 2014-02-08Facebook Bug Bounty #16 (Studio) - Persistent Vulnerability 2014-12-18
[oCERT-2014-003] LibYAML input sanitization errors 2014-03-26Facebook Bug Bounty #17 - Migrate Privacy Vulnerability 2014-12-25
[oCERT-2014-004] Ansible input sanitization errors 2014-07-22Facebook Bug Bounty #19 - Filter Bypass Web Vulnerability 2015-01-16
[oCERT-2014-005] LPAR2RRD input sanitization errors 2014-07-23Facebook Bug Bounty #23 - Session ID & CSRF Vulnerability 2015-02-11
[oCERT-2014-006] Ganeti insecure archive permission 2014-08-12Facebook Bug Bounty #33 - Bypass ID user to linked Phone Number Vulnerability 2016-08-09
[oCERT-2014-007] libvncserver multiple issues 2014-09-25Facebook critical design flaw 2013-06-19
[oCERT-2014-009] JasPer input sanitization errors 2014-12-04Facebook for Android - Information Diclosure Vulnerability 2013-01-07
[oCERT-2014-012] JasPer input sanitization errors 2014-12-18Facebook Information Disclosure 2013-06-21
[oCERT-2015-001] JasPer input sanitization errors 2015-01-21Facebook Url Redirection Vuln. 2013-07-11
[oCERT-2015-008] FreeRADIUS insufficent CRL application 2015-06-22Facebook Vulnerability Discloses Friends Lists Defined as Private 2013-11-21
[oCERT-2015-009] VLC arbitrary pointer dereference 2015-08-20Fail2ban 0.8.9, Denial of Service (Apache rules only) 2013-06-08
[Onapsis Security Advisories] Multiple Hard-coded Usernames in SAP Components 2014-06-06Family Connections 2.7.2 Multiple XSS 2012-01-15
[Onapsis Security Advisory 2011-014] SAP WebAS Remote Denial of Service 2011-09-15Faraznet Cms Cross-Site Scripting Vulnerability 2016-11-07
[Onapsis Security Advisory 2011-015] SAP WebAS webrfc Cross-Site Scripting 2011-09-15fast and somewhat reliable cache timing 2011-12-03
[Onapsis Security Advisory 2011-016] SAP WebAS Malicious SAP Shortcut Generation 2011-09-15FastPath Webchat | Multiple Cross Site Scripting Vulnerabilities 2012-04-15
[Onapsis Security Advisory 2012-01] Oracle JD Edwards JDENET Arbitrary File Write 2012-02-24FastStone Image Viewer 4.6 <= ReadAVonIP Arbitrary Code Execution 2012-10-05
[Onapsis Security Advisory 2012-02] Oracle JD Edwards Security Kernel Remote Password Disclosure 2012-02-24FCKedtior 2.6.10 Reflected Cross-Site Scripting (XSS) 2014-06-02
[Onapsis Security Advisory 2012-03] Oracle JD Edwards SawKernel Arbitrary File Read 2012-02-24FCS Scanner v1.0 & v1.4 - Command Inject Vulnerability 2015-07-01
[Onapsis Security Advisory 2012-04] Oracle JD Edwards SawKernel GET_INI Information Disclosure 2012-02-24Ferdows CMS Pro <=1.1.0 and Ferdows CMS <=9.0.5 MultipleVulnerabilities 2011-07-11
[Onapsis Security Advisory 2012-05] Oracle JD Edwards JDENET Multiple Information Disclosure 2012-02-24Fernando Gont (fgont si6networks com) 
[Onapsis Security Advisory 2012-06] Oracle JD Edwards JDENET Large Packets Denial of Service 2012-02-24Ferrari - PHP CGI Argument Injection (RCE) Vulnerability 2015-08-07
[Onapsis Security Advisory 2012-07] Oracle JD Edwards SawKernel SET_INI Configuration Modification 2012-02-24fetchmail security announcement fetchmail-SA-2011-01 (CVE-2011-1947) 2011-06-06
[Onapsis Security Advisory 2012-08] Oracle JD Edwards Security Kernel Information Disclosure 2012-02-24file clobbering vulnerability in Solaris update manager & local root with SUNWbindr install. 2012-07-22
[Onapsis Security Advisory 2014-020] SAP SLD Information Tampering 2014-06-06File Hub v1.9.1 iOS - Multiple Web Vulnerabilities 2014-02-15
[Onapsis Security Advisory 2014-021] SAP HANA XS Missing encryption in form-based authentication 2014-07-29File Hub v3.3 iOS (Wifi) - Multiple Web Vulnerabilities 2016-02-01
[Onapsis Security Advisory 2014-022] SAP HANA IU5 SDK Authentication Bypass 2014-07-29File Lite 3.3 & 3.5 PRO iOS - Multiple Web Vulnerabilities 2013-05-12
[Onapsis Security Advisory 2014-023] HTTP verb tampering issue in SAP_JTECHS 2014-07-29File Manager PRO v1.3 iOS - Multiple Web Vulnerabilities 2016-02-03
[Onapsis Security Advisory 2014-024] Hard-coded Username in SAP FI Manager Self-Service 2014-07-29File Pro Mini v5.2 iOS - Multiple Web Vulnerabilities 2015-01-16
[Onapsis Security Advisory 2014-025] Multiple Cross Site Scripting Vulnerabilities in SAP HANA XS Administration Tool 2014-07-29File Sharing Manager v1.0 iOS - Multiple Web Vulnerabilities 2016-02-10
[Onapsis Security Advisory 2014-026] Missing authorization check in function modules of BW-SYS-DB-DB4 2014-07-29FileBound - Privilege Escalation Vulnerability - Security Advisory - SOS-12-010 2012-10-10
[Onapsis Security Advisory 2014-027] SAP HANA Multiple Reflected Cross Site Scripting Vulnerabilities 2014-10-08Files Desk Pro v1.4 iOS - File Include Web Vulnerability 2014-06-03
[Onapsis Security Advisory 2014-028] SAP HANA Web-based Development Workbench Code Injection 2014-10-08Filippo Cavallarin (filippo cavallarin wearesegment com) 
[Onapsis Security Advisory 2014-029] SAP Business Objects Information Disclosure 2014-10-08Fing v3.3.0 iOS - Persistent Mail Encoding Vulnerability 2016-02-29
[Onapsis Security Advisory 2014-030] SAP Business Objects Denial of Service via CORBA 2014-10-08Firefox for Android Profile Directory Derandomization and Data Exfiltration (CVE-2014-1484, CVE-2014-1506, CVE-2014-1515, CVE-2014-1516) 2014-03-26
[Onapsis Security Advisory 2014-031] SAP Business Objects Information Disclosure via CORBA 2014-10-08Firefox security bug (proxy-bypass) in current Tor BBs 2012-05-03
[Onapsis Security Advisory 2014-032] SAP BusinessObjects Persistent Cross Site Scripting 2014-10-08Fireware XTM Web UI - Open Redirect 2016-03-29
[Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check 2014-10-08First-hop security in IPv6 2012-01-14
[Onapsis Security Advisory 2014-034] SAP Business Objects Search Token Privilege Escalation via CORBA 2014-12-16FlashCanvas 1.5 proxy.php XSS Vulnerability 2013-12-11
[Onapsis Security Advisory 2015-006] SAP HANA Information Disclosure via SQL IMPORT FROM statement 2015-05-27FlashPeak SlimBrowser TITLE Denial Of Service Vulnerability 2012-05-16
[Onapsis Security Advisory 2015-007] SAP HANA Log Injection Vulnerability 2015-05-27Flatnux CMS 2011 08.09.2 - Multiple Web Vulnerabilities 2012-04-01
[OVSA20121112] OpenVAS Manager Vulnerable To Command Injection 2012-11-13Flavio Junqueira (fpj apache org) 
[OVSA20131108] OpenVAS Manager And OpenVAS Administrator Vulnerable To Partial Authentication Bypass 2013-11-15Flogr v2.5.6 & v2.3 - Cross Site Script Vulnerabilities 2012-08-09
[PAYPAL ] :YOUR ACCOUNT HASFlorian Weimer (fw deneb enyo de) 
[PayPal Verification] UpdateFlowdock API Bug Bounty #1 - (Description) Persistent Web Vulnerability 2015-09-23
[PAYPAL] : ATTENTION YOURFlowdock API Bug Bounty #3 - (Invite) Persistent Web Vulnerability 2015-09-28
[PAYPAL] : UPDATE YOUR PAYPALFlux Player v3.1.0 iOS - File Include & Arbitrary File Upload Vulnerability 2013-07-17
[PAYPAL] :UPDATE YOUR ACCOUNTFlynax General Classifieds v4.0 CMS - Multiple Vulnerabilities 2012-08-10
[PayPal] your accountfoofus.net security advisory - Lexmark Multifunction Printer Information Leakage 2011-11-07
[PAYPAL]: PLEASE LOG IN TOfoofus.net Security Advisory - Toshiba eStudio Multifunction Printer Authentication Bypass 2011-10-16
[Paypal]: You Need To Confirmfoofus.net security advisory - Toshiba eStudio Multifunction Printer Information Leakage 2011-10-27
[PayPal]:You Account Has BeenFootBall Cms (view_table_lig.php?group) XSS Vulnerability 2011-07-27
[php<=5.4.3] Parsing Bug in PHP PDO prepared statements may lead to access violation 2012-06-10Forescout NAC (Network Access Control) multiple vulnerabilities 2012-11-26
[Positive Research] Intel SMEP overview and partial bypass on Windows 8 (whitepaper) 2012-09-17Foresta Creativa (prodotti.php?idCategoria) Remote SQL injection Vulnerability 2011-08-26
[Positive Research] Intel SMEP Part II: Bypassing Intel SMEP on Windows 8 x64 Using Return-oriented Programming 2012-09-19Fork CMS 3.8.3 - XSS Vulnerability 2015-02-02
[PRE-SA-2011-05] Buffer overflow in tftp-hpa daemon 2011-06-24Format Factory v2.95 - Buffer Overflow Vulnerabilities 2012-05-04
[PRE-SA-2011-06] Linux kernel: ZERO_SIZE_PTR dereference for long symlinks in Be FS 2011-08-19FormatFactory 3.9.0 - (.task) Stack Overflow Vulnerability 2016-09-02
[PRE-SA-2012-01] Denial-of-service vulnerability in java.util.zip 2012-02-16FortiAnalyzer & FortiManager - Client Side Cross Site Scripting Web Vulnerability 2016-08-04
[PRE-SA-2012-02] Incorrect loop construct and numeric overflow in libzip 2012-03-27FortiClient SSLVPN 5.4 - Credentials Disclosure 
[PRE-SA-2012-03] Linux kernel: Buffer overflow in HFS plus filesystem 2012-05-16FortiCloud - (Reports Summary) Multiple Persistent Vulnerabilities 2016-08-05
[PRE-SA-2012-05] Multiple heap-based buffer overflows in LibreOffice / OpenOffice 2012-08-10Fortigate UTM WAF Appliance - Cross Site Vulnerabilities 2012-09-17
[PRE-SA-2012-06] FreeRADIUS: Stack Overflow in TLS-based EAP Methods 2012-09-10Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities 2012-09-12
[PRE-SA-2012-07] hostapd: Missing EAP-TLS message length validation 2012-10-08Fortigate UTM WAF Appliance - Multiple Web Vulnerabilities 2012-09-17
[PSA-2013-0811-1] Oracle Java storeImageArray() Invalid ArrayIndexing 2013-08-12FortiManager & FortiAnalyzer 5.x (Appliance Application) - (filename) Persistent Web Vulnerability 2016-04-04
[PSA-2013-0813-1] Oracle Java IntegerInterleavedRaster.verify()Signed Integer Overflow 2013-08-14FortiManager (Series) - (Bookmark) Persistent Vulnerability 2016-08-04
[PSA-2013-0903-1] Apple Safari Heap Buffer Overflow 2013-09-04FortiManager (Series) - Multiple Web Vulnerabilities 2016-08-02
[PSA-2013-1022-1] Microsoft Silverlight Invalid Typecast / MemoryDisclosure 2013-10-28FortiManager v5.2.2 Multiple XSS Vulnerabilities 2015-09-25
[PT-2011-01] Cross-Site Scripting in Kayako Support Suite 2012-01-11Fortinet FortiMail 400 IBE - Multiple Web Vulnerabilities 2013-01-28
[PT-2011-02] PHP code Injection in Kayako Support Suite 2012-01-11Fortinet FortiManager & FortiAnalyzer - (filename) Persistent Web Vulnerability 2016-08-01
[PT-2011-03] Information disclosure in Kayako Support Suite 2012-01-11Fortinet FortiWeb Web Application Firewall Policy Bypass 2012-05-03
[PT-2011-04] Cross-Site Scripting in Kayako Support Suite 2012-01-11FortiVoice v5.0 - Filter Bypass & Persistent Validation Vulnerability 2016-08-09
[PT-2011-05] Cross-Site Scripting in Koha Library Software 2011-07-26Forum Oxalis 0.1.2 <= SQL Injection Vulnerability 2012-07-03
[PT-2011-08] Multiple vulnerabilities in Dlink DPH 150SE/E/F1 2011-07-26Foswiki Security: Alert CVE-2013-1666 - Remote Code Execution Vulnerability in MAKETEXT macro. 2013-02-19
[PT-2011-14] SQL injection vulnerability in BoonEx Dolphin 2011-10-18Foxit MobilePDF v4.4.0 iOS - Multiple Web Vulnerabilities 2015-01-13
[PT-2011-19] SQL injection vulnerability in Help Request System 2011-09-02Foxit Reader Insecure Library Loading 2011-07-21
[PT-2011-20] Authorization bypass vulnerability in OneOrZero AIMS 2011-10-28FOXMOLE Advisories (advisories foxmole com) 
[PT-2011-21] SQL injection vulnerability in OneOrZero AIMS 2011-10-28FoxyCart Bug Bounty #1 - Filter Bypass & Persistent Vulnerability 2015-07-17
[PT-2011-23] Database information disclosure in GLPI 2011-08-22FrameJammer DOM based XSS 2012-02-27
[PT-2011-25] SQL injection vulnerabilities in Support Incident Tracker 2011-07-26Free Monthly Websites v2.0 - Multiple Web Vulnerabilities 2013-02-04
[PT-2011-29] Arbitrary file reading and arbitrary code execution in Router Manager for D-Link DIR-300 2011-10-28Free Web App Security Challenges - Hackademics Project 2012-07-20
[PT-2011-30] Disclosure of sensitive information in D-Link DIR-300 Router 2011-10-28Free WMA MP3 Converter - Buffer Overflow Exploit (SEH) 2015-11-17
[PT-2011-43] Database information disclosure in Kayako Fusion 2011-12-02Freebox OS Web interface 3.0.2 XSS, CSRF 2015-06-01
[PT-2012-23] SQL Injection in Dr.Web Anti-virus 2012-07-17FreeBSD bsnmpd information disclosure 2016-01-15
[PT-2012-53] Privilege Gaining in DataLife Engine 2013-02-05FreeBSD ftpd/ProFTPD on FreeBSD Remote Root Exploit 2011-12-01
[PT-2013-41] Arbitrary Code Execution in Ajax File and Image Manager 2013-09-19FreeBSD Security Advisories (security-advisories freebsd org) 
[PT-2013-63] Hash Length Extension in HTMLPurifier 2013-12-04FreeBSD Security Advisory FreeBSD-SA-11:03.bind 2011-09-28
[PTResearch] SAP DIAG Decompress plugin for Wireshark 2011-10-14FreeBSD Security Advisory FreeBSD-SA-11:04.compress 2011-09-28
[RCA-201308-01] HMS Testimonials 2.0.10 WP plugin - Multiple vulnerabilities 2013-08-08FreeBSD Security Advisory FreeBSD-SA-11:05.unix [REVISED] 2011-10-04
[RCESEC-2016-007] AppFusions Doxygen for Atlassian Confluence v1.3.0 getTemporaryDirectory() tempId Path Traversal/Remote Code Execution 2016-11-20FreeBSD Security Advisory FreeBSD-SA-11:05.unix 2011-09-28
[RCESEC-2016-008] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Full Path Information Disclosure 2016-11-20FreeBSD Security Advisory FreeBSD-SA-11:06.bind 2011-12-23
[RCESEC-2016-009] AppFusions Doxygen for Atlassian Confluence v1.3.2 renderContent() Persistent Cross-Site Scripting 2016-11-20FreeBSD Security Advisory FreeBSD-SA-11:07.chroot 2011-12-23
[REVIVE-SA-2014-001] Revive Adserver 3.0.5 fixes CSRF vulnerability 2014-05-15FreeBSD Security Advisory FreeBSD-SA-11:08.telnetd 2011-12-23
[REVIVE-SA-2015-001] Revive Adserver - Multiple vulnerabilities 2015-10-07FreeBSD Security Advisory FreeBSD-SA-11:09.pam_ssh 2011-12-23
[REVIVE-SA-2016-002] Revive Adserver - Multiple vulnerabilities 2016-09-28FreeBSD Security Advisory FreeBSD-SA-11:10.pam 2011-12-23
[Rooted CON 2013] CFP starts! 2012-09-05FreeBSD Security Advisory FreeBSD-SA-12:01.openssl 2012-05-03
[RT-SA-2011-005] Owl Intranet Engine: Authentication Bypass 2011-12-15FreeBSD Security Advisory FreeBSD-SA-12:01.openssl 2012-05-30
[RT-SA-2011-006] Owl Intranet Engine: Information Disclosure and Unsalted Password Hashes 2011-12-15FreeBSD Security Advisory FreeBSD-SA-12:02.crypt 2012-05-30
[RT-SA-2012-001] Bugzilla: Cross-Site Scripting in Chart Generator 2012-01-03FreeBSD Security Advisory FreeBSD-SA-12:03.bind 2012-06-12
[RT-SA-2013-001] Advisory: Exim with Dovecot: Typical Misconfiguration Leads to Remote Command Execution 2013-05-13FreeBSD Security Advisory FreeBSD-SA-12:04.sysret [REVISED] 2012-06-19
[RT-SA-2013-002] Endeca Latitude Cross-Site Request Forgery 2014-06-25FreeBSD Security Advisory FreeBSD-SA-12:04.sysret 2012-06-12
[RT-SA-2013-003] Endeca Latitude Cross-Site Scripting 2014-06-25FreeBSD Security Advisory FreeBSD-SA-12:05.bind 2012-08-06
[RT-SA-2014-001] McAfee ePolicy Orchestrator: XML External Entity Expansion in Dashboard 2014-02-25FreeBSD Security Advisory FreeBSD-SA-12:06.bind 2012-11-23
[RT-SA-2014-002] rexx Recruitment: Cross-Site Scripting in User Registration 2014-03-27FreeBSD Security Advisory FreeBSD-SA-12:07.hostapd 2012-11-23
[RT-SA-2014-004] Remote Command Execution in webEdition CMS Installer Script 2014-05-28FreeBSD Security Advisory FreeBSD-SA-12:08.linux 2012-11-23
[RT-SA-2014-005] SQL Injection in webEdition CMS File Browser Installer Script 2014-05-28FreeBSD Security Advisory FreeBSD-SA-13:01.bind 2013-02-19
[RT-SA-2014-006] Directory Traversal in DevExpress ASP.NET File Manager 2014-06-05FreeBSD Security Advisory FreeBSD-SA-13:02.libc 2013-02-19
[RT-SA-2014-007] Remote Code Execution in TYPO3 Extension ke_dompdf 2014-12-01FreeBSD Security Advisory FreeBSD-SA-13:03.openssl 2013-04-02
[RT-SA-2014-009] Information Disclosure in TYPO3 Extension ke_questionnaire 2014-12-01FreeBSD Security Advisory FreeBSD-SA-13:04.bind 2013-04-02
[RT-SA-2014-010] AVM FRITZ!Box Firmware Signature Bypass 2015-01-21FreeBSD Security Advisory FreeBSD-SA-13:06.mmap [REVISED] 2013-06-21
[RT-SA-2014-011] EntryPass N5200 Credentials Disclosure 2014-12-01FreeBSD Security Advisory FreeBSD-SA-13:06.mmap 2013-06-18
[RT-SA-2014-012] Unauthenticated Remote Code Execution in IBM Endpoint Manager Mobile Device Management Components 2014-12-02FreeBSD Security Advisory FreeBSD-SA-13:09.ip_multicast [REVISED] 2013-09-10
[RT-SA-2014-013] Cross-Site Scripting in IBM Endpoint Manager Relay Diagnostics Page 2015-02-10FreeBSD Security Advisory FreeBSD-SA-13:10.sctp [REVISED] 2013-09-10
[RT-SA-2014-014] AVM FRITZ!Box: Arbitrary Code Execution Through Manipulated Firmware Images 2016-01-07FreeBSD Security Advisory FreeBSD-SA-13:11.sendfile 2013-09-10
[RT-SA-2014-015] Cross-site Scripting in Tapatalk Plugin for WoltLab Burning Board 4.0 2015-01-12FreeBSD Security Advisory FreeBSD-SA-13:12.ifioctl 2013-09-10
[RT-SA-2014-016] Directory Traversal and Arbitrary File Disclosure in hybris Commerce Software Suite 2015-02-18FreeBSD Security Advisory FreeBSD-SA-13:13.nullfs 2013-09-10
[RT-SA-2015-001] AVM FRITZ!Box: Remote Code Execution via Buffer Overflow 2016-01-07FreeBSD Security Advisory FreeBSD-SA-13:14.openssh [REVISED] 2013-11-29
[RT-SA-2015-002] SQL Injection in TYPO3 Extension Akronymmanager 2015-06-15FreeBSD Security Advisory FreeBSD-SA-13:14.openssh 2013-11-19
[RT-SA-2015-003] Alcatel-Lucent OmniSwitch Web Interface Weak Session ID 2015-06-10FreeBSD Security Advisory FreeBSD-SA-14:01.bsnmpd 2014-01-14
[RT-SA-2015-004] Alcatel-Lucent OmniSwitch Web Interface Cross-Site Request Forgery 2015-06-10FreeBSD Security Advisory FreeBSD-SA-14:02.ntpd 2014-01-14
[RT-SA-2015-005] o2/Telefonica Germany: ACS Discloses VoIP/SIP Credentials 2016-01-08FreeBSD Security Advisory FreeBSD-SA-14:03.openssl 2014-01-14
[RT-SA-2015-006] Buffalo LinkStation Authentication Bypass 2015-10-08FreeBSD Security Advisory FreeBSD-SA-14:04.bind 2014-01-14
[RT-SA-2015-013] Symfony PHP Framework: Session Fixation In "Remember Me" Login Functionality 2015-12-22FreeBSD Security Advisory FreeBSD-SA-14:14.openssl 2014-06-05
[RT-SA-2016-002] Cross-site Scripting in Securimage 3.6.2 2016-03-22FreeBSD Security Advisory FreeBSD-SA-14:18.openssl 2014-09-09
[RT-SA-2016-003] Less.js: Compilation of Untrusted LESS Files May Lead to Code Execution through the JavaScript Less Compiler 2016-11-30FreeBSD Security Advisory FreeBSD-SA-14:24.sshd [REVISED] 2014-11-06
[S21SEC-047] Fotoware Fotoweb 8.0 Cross Site Scripting 2016-07-29FreeBSD Security Advisory FreeBSD-SA-14:25.setlogin 2014-11-05
[SE-2011-01] Additional materials released for SAT TV research 2012-11-27FreeBSD Security Advisory FreeBSD-SA-14:26.ftp 2014-11-05
[SE-2011-01] PoC code for digital SAT TV research released 2013-03-21FreeBSD Security Advisory FreeBSD-SA-14:31.ntp 2014-12-23
[SE-2011-01] Security of SAT TV set-to-boxes and DVB chipsets (details released) 2012-05-28FreeBSD Security Advisory FreeBSD-SA-15:01.openssl 2015-01-14
[SE-2011-01] Security vulnerabilities in a digital satellite TV platform 2012-01-03FreeBSD Security Advisory FreeBSD-SA-15:10.openssl 2015-06-12
[SE-2012-01] An issue with new Java SE 7 security features 2013-01-27FreeBSD Security Advisory FreeBSD-SA-15:12.openssl 2015-07-09
[SE-2012-01] Broken security fix in IBM Java 7/8 2016-04-04FreeBSD Security Advisory FreeBSD-SA-15:13.tcp 2015-07-22
[SE-2012-01] Critical security issue affecting Java SE 5/6/7 2012-09-25FreeBSD Security Advisory FreeBSD-SA-15:14.bsdpatch 2015-07-28
[SE-2012-01] Details of issues fixed by Feb 2013 Java SE CPU 2013-02-04FreeBSD Security Advisory FreeBSD-SA-15:15.tcp 2015-07-28
[SE-2012-01] 'Fix' for Issue 32 exploited by new Java 0-day code 2013-01-10FreeBSD Security Advisory FreeBSD-SA-15:16.openssh [REVISED] 2015-07-30
[SE-2012-01] information regarding recently discovered Java 7 attack 2012-08-28FreeBSD Security Advisory FreeBSD-SA-15:16.openssh 2015-07-28
[SE-2012-01] New Reflection API affected by a known 10+ years old attack 2013-07-18FreeBSD Security Advisory FreeBSD-SA-15:17.bind 2015-07-28
[SE-2012-01] New security vulnerabilities and broken fixes in IBM Java 2013-05-06FreeBSD Security Advisory FreeBSD-SA-15:20.expat 2015-08-18
[SE-2012-01] Regarding Oracle's Critical Patch Update for Java SE 2012-06-13FreeBSD Security Advisory FreeBSD-SA-15:23.bind 2015-09-02
[SE-2012-01] Security vulnerabilities in IBM Java 2012-09-11FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind [REVISED] 2015-10-02
[SE-2012-01] Security vulnerabilities in Java SE (details released) 2012-11-16FreeBSD Security Advisory FreeBSD-SA-15:24.rpcbind 2015-09-29
[SE-2012-01] Security vulnerabilities in Java SE 2012-04-02FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED] 2015-11-04
[SE-2012-01] Security weakness in Apple QuickTime Java extensions (details released) 2012-06-25FreeBSD Security Advisory FreeBSD-SA-15:25.ntp 2015-10-26
[SE-2012-01] Security weakness in Apple Quicktime Java extensions 2012-04-12FreeBSD Security Advisory FreeBSD-SA-15:26.openssl 2015-12-05
[SE-2012-01] The "allowed behavior" in Java SE 7 (Issue 54) 2013-03-18FreeBSD Security Advisory FreeBSD-SA-15:27.bind 2015-12-16
[SE-2012-01] Yet another broken security fix in IBM Java 7/8 2016-04-12FreeBSD Security Advisory FreeBSD-SA-16:01.sctp 2016-01-14
[SE-2012-01] Yet another Reflection API flaw affecting Oracle's Java SE 2013-04-22FreeBSD Security Advisory FreeBSD-SA-16:04.linux 2016-01-14
[SE-2014-01] Security vulnerabilities in Oracle Database Java VM 2014-06-16FreeBSD Security Advisory FreeBSD-SA-16:05.tcp 2016-01-14
[SE-2014-02] Errata document for Issue 42 (CVE-2015-4871 affecting Java SE 7) 2015-11-30FreeBSD Security Advisory FreeBSD-SA-16:07.openssh 2016-01-15
[SE-2014-02] Google App Engine Java security sandbox bypasses (Issue 42) 2015-10-21FreeBSD Security Advisory FreeBSD-SA-16:08.bind 2016-01-27
[SE-2014-02] Google App Engine Java security sandbox bypasses (status update) 2014-12-16FreeBSD Security Advisory FreeBSD-SA-16:09.ntp 2016-01-27
[SE-2014-02] Unconfirmed / unpatched vulnerabilities in Google App Engine 2015-05-15FreeBSD Security Advisory FreeBSD-SA-16:10.linux 2016-01-27
[SEARCH-LAB advisory] AVTECH IP Camera, NVR, DVR multiple vulnerabilities 2016-10-11FreeBSD Security Advisory FreeBSD-SA-16:11.openssl 2016-01-30
[SEARCH-LAB advisory] More than fifty vulnerabilities in D-Link NAS and NVR devices 2015-05-28FreeBSD Security Advisory FreeBSD-SA-16:14.openssh 2016-03-16
[Security Advisory] Stored Cross Site Scripting in Ektron CMS 8.7 2014-04-16FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch 2016-03-16
[security bulletin] HPSB3C02687 SSRT100377 rev.1 - HP Intelligent Management
Center User Access Manager (UAM) and Endpoint Admission Defense (EAD), Remote Execution of Arbitrary Code 2011-07-01		FreeBSD Security Advisory FreeBSD-SA-16:17.openssl 2016-05-04
[security bulletin] HPSB3C02809 SSRT100377 rev.1 - HP iNode Management Center, Remote Execution of Arbitrary Code 2012-08-29FreeBSD Security Advisory FreeBSD-SA-16:18.atkbd 2016-05-17
[security bulletin] HPSBGN02694 SSRT100586 rev.1 - HP webOS Contacts Application, Remote Execution of Arbitrary Code 2011-08-10FreeBSD Security Advisory FreeBSD-SA-16:19.sendmsg 2016-05-17
[security bulletin] HPSBGN02696 SSRT100590 rev.1 - HP webOS Calendar Application, Remote Execution of Arbitrary Code 2011-08-10FreeBSD Security Advisory FreeBSD-SA-16:25.bspatch 2016-07-25
[security bulletin] HPSBGN02740 SSRT100741 rev.1 - HP Operations Manager,
Operations Agent, Performance Agent, Service Health Reporter, Service Health Optimizer, Performance Manager, Remote Execution of Arbitrary Code 2012-02-02		FreeBSD Security Advisory FreeBSD-SA-16:39.ntp 2016-12-22
[security bulletin] HPSBGN02750 SSRT100795 rev.1 - HP ProtectTools Enterprise Device Access
Manager Running on Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) 2012-07-05		FreeBSD Security Advisory FreeBSD-SA-17:01.openssh 2017-01-11
[security bulletin] HPSBGN02787 SSRT100876 rev.1 - HP AssetManager, Remote Cross Site Scripting (XSS)
and Unauthorized Data Modification 2012-07-12		FreeDisk v1.01 iOS - Multiple Web Vulnerabilities 2014-08-04
[security bulletin] HPSBGN02854 SSRT100881 rev.1 - HP Intelligent Management Center (iMC), iMC TACACS+
Authentication Manager (TAM), and iMC User Access Manager (UAM), Cross Site Scripting (XSS), Remote Code Execution, Remote Disclosure of Information 2013-03-07		Freelancer calendar <= 1.01 SQL Injection Vulnerability 2011-11-19
[security bulletin] HPSBGN02882 rev.1 - HP Database and Middleware Automation (DMA) using SSL, Remote Disclosure of Information 2013-07-16Freemake Video Downloader 3.7.1 - Code Execution Vulnerability 2015-10-15
[security bulletin] HPSBGN02905 rev.1 - HP LoadRunner, Remote Code Execution and Denial of Service (DoS) 2013-07-24FreePBX (All Versions) RCE 2014-10-01
[security bulletin] HPSBGN02905 rev.2 - HP LoadRunner, HP Business Process Monitor, Remote Code Execution and Denial of Service (DoS) 2013-08-21FreePBX Remote Exploit 2012-02-15
[security bulletin] HPSBGN02906 rev.1 - HP Application Lifecycle Management Quality Center (ALM), Remote Cross Site Scripting (XSS) 2013-07-24Freeside SelfService CGI|API 2.3.3 - Multiple Vulnerabilities 2012-07-04
[security bulletin] HPSBGN02923 rev.1 - HP ArcSight Enterprise Security Manager Management Web Interface, Remote Cross Site Scripting (XSS) 2013-09-19FreeWebshop <= 2.2.9 R2 (ajax_save_name.php) Remote Code Execution Vulnerability 2011-11-16
[security bulletin] HPSBGN02925 rev.1 - HP IceWall SSO, IceWall File Manager and IceWall Federation Agent, Multiple Remote Unauthorized Access Vulnerabilities 2013-09-20FreeYouTubeToMP3 Converter 4.0.1 - Buffer Overflow Vulnerability 2015-10-09
[security bulletin] HPSBGN02929 rev.1 - HP Intelligent
Management Center (iMC), HP IMC Branch Intelligent Management System Software Module (BIMS), and Comware Based Switches and Routers, Remote Code Execution, Disclosure of Information 2013-10-08		From XSLT code execution to Meterpreter shells 2012-07-03
[security bulletin] HPSBGN02930 rev.1 -
HP Intelligent Management Center(iMC) and HP IMC Service Operation Management Software Module, Remote Authentication Bypass, Disclosure of Information, Unauthorized Access, SQL Injection 2013-10-08		FTGate 2009 Build 6.4.00 CSRF Vulnerabilities 2015-10-02
[security bulletin] HPSBGN02936 rev.1 - HP and H3C VPN Firewall Module Products, Remote Denial of Service (DoS) 2014-07-25FTP Drive + HTTP 1.0.4 iOS - Code Execution Vulnerability 2014-03-27
[security bulletin] HPSBGN02942 rev.1 - HP Service Manager and ServiceCenter, Remote Code Execution 2013-11-26FTP Sprite v1.2.1 iOS - Persistent Web Vulnerability 2013-07-16
[security bulletin] HPSBGN02970 rev.1 - HP Rapid Deployment Pack (RDP) or HP Insight Control Server Deployment, Multiple Remote Vulnerabilities affecting Confidentiality, Integrity and Availability 2014-03-10FTPShell Client v5.24 Buffer Overflow 2015-12-30
[security bulletin] HPSBGN03007 rev.1 - HP IceWall MCRP and HP IceWall SSO, Remote Denial of Service (DoS) 2014-05-20Fulci (prodotto.php?id) Remote SQL injection Vulnerability 2011-09-01
[security bulletin] HPSBGN03008 rev.1 - HP Software Service Manager, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-17Full Disclosure - WD My Net N600, N750, N900, N900C - Plain Text Disclosure of Admin Credentials 2013-07-22
[security bulletin] HPSBGN03010 rev.1 - HP Software Server Automation, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-17Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units 2013-07-14
[security bulletin] HPSBGN03041 rev.1 - HP IceWall Configuration Manager running Apache Struts, Remote Execution of Arbitrary Code 2014-05-27Full disclosure for SA45649, SQL Injection in LedgerSMB and SQL-Ledger 2011-08-31
[security bulletin] HPSBGN03050 rev.1 - HP IceWall SSO Dfw and HP
IceWall MCRP running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-07-08		Funeral Script PHP - Multiple Web Vulnerabilites 2012-07-11
[security bulletin] HPSBGN03068 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Disclosure of Information 2014-07-15Funnel Web (directory.php?cid) Remote SQL injection Vulnerability 2011-07-26
[security bulletin] HPSBGN03099 rev.1 - HP IceWall SSO Dfw, SSO Agent and MCRP running OpenSSL, Remote Disclosure of Information 2014-09-02Funnel Web (items.php?&cat_id) Remote SQL injection Vulnerability 2011-07-26
[security bulletin] HPSBGN03117 rev.2 - HP Remote Device Access: Virtual Customer Access System (vCAS) running Bash Shell, Remote Code Execution 2014-11-11Funnel Web (pages.php?page) Remote SQL injection Vulnerability 2011-07-26
[security bulletin] HPSBGN03164 rev.1 - HP IceWall SSO Dfw, SSO Certd and MCRP running OpenSSL, Remote Disclosure of Information 2014-11-11Funnel Web (selected_product.php?t) Remote SQL injection Vulnerability 2011-07-26
[security bulletin] HPSBGN03191 rev.1 - HP Remote Device Access: Virtual Customer Access System (vCAS) running lighttpd, Remote Disclosure of Information and other Vulnerabilities 2014-11-11Fuzzylime v3.03b CMS - CS Cross Scripting Vulnerability 2014-12-16
[security bulletin] HPSBGN03192 rev.1 - HP Remote Device Access: Instant Customer Access Server (iCAS) running OpenSSL, Remote Disclosure of Information 2014-11-14FW: =| Security Advisory - TP-LINK TL-WR841N XSS (Cross Site Scripting) |= 2012-11-20
[security bulletin] HPSBGN03201 rev.1 - HP Asset Manager running SSLv3, Remote Disclosure of Information 2014-11-25Fwd: [ANNOUNCE] CVE-2016-6793 Apache Wicket deserialization vulnerability 2016-12-31
[security bulletin] HPSBGN03202 rev.1 - HP CMS: Configuration Manager running OpenSSL, Remote Disclosure of Information 2014-11-26Fwd: [cryptography] Apple Legacy filevault barn door... 2012-05-05
[security bulletin] HPSBGN03203 rev.1 - HP CMS: UCMDB Browser running OpenSSL, Remote Disclosure of Information 2014-11-25Fwd: [CVE-2015-6940] Pentaho GA PDI & GA BA - Improper authentication allows unauthenticated access to configuration files 2015-09-16
[security bulletin] HPSBGN03205 rev.1 - HP Insight Remote Support Clients running SSLv3, Remote Disclosure of Information 2014-12-05Fwd: [SECURITY] CVE-2013-0253 Apache Maven 3.0.4 2013-02-24
[security bulletin] HPSBGN03208 rev.1 - HP Cloud Service Automation running SSLv3, Remote Disclosure of Information 2014-12-09Fwd: {Lostmon´s Group} Internet Explorer 6, 7 and 8 Window.open race condition Vulnerability 2011-08-09
[security bulletin] HPSBGN03209 rev.1 - HP Application Lifecycle Management running SSLv3, Remote Disclosure of Information 2014-11-27Fwd: BT Wifi Extenders - Cross Site Scripting leading to disclosure of PSK 2016-09-22
[security bulletin] HPSBGN03222 rev.1 - HP Enterprise Maps running SSLv3, Remote Disclosure of Information 2014-12-09Fwd: CVE-2015-5256: Apache Cordova vulnerable to improper application of whitelist restrictions 2015-11-20
[security bulletin] HPSBGN03233 rev.1 - HP OneView running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information 2015-01-13Fwd: CVE-2015-5257 - Weak Randomization of BridgeSecret for Apache Cordova Android 2015-11-20
[security bulletin] HPSBGN03251 rev.1 - HP Storage Essentials running SSLv3, Remote Disclosure of Information 2015-02-09Fwd: RA-Guard: Advice on the implementation (feedback requested) 2012-02-02
[security bulletin] HPSBGN03255 rev.1 - HP OpenCall Media Platform (OCMP) running SSLv3, Remote Denial of Service (DoS),Disclosure of Information 2015-02-10Fwd: REWTERZ-20140103 - ManageEngine ServiceDesk Plus User Privileges Management Vulnerability 2015-01-22
[security bulletin] HPSBGN03258 rev.1 - HP Insight Control server deployment Windows Pre-boot Execution Environment, Microsoft Schannel (Winshock) Remote Code Execution 2015-02-13Fwd: RFC 6274 on Security Assessment of the Internet Protocol Version 4 2011-07-05
[security bulletin] HPSBGN03286 rev.1 - HP LoadRunner, Buffer Overflow 2015-05-19Fwd: RUCKUS ADVISORY ID 111113-2: Authenticated persistent cross site scripting vulnerability in guest pass provisioning web interface on ZoneDirector controllers 2013-11-12
[security bulletin] HPSBGN03338 rev.1 - HP Service Manager running RC4, Remote Disclosure of Information 2015-06-17Fwd: Timing attack vulnerability in most Zeus server-sides 2015-10-25
[security bulletin] HPSBGN03343 rev.1 - HP WebInspect, Remote Unauthorized Access 2015-06-04Fwd: vulnerability issue for DB2 express 2013-11-12
[security bulletin] HPSBGN03350 rev.1 - HP SiteScope Using RC4, Remote Disclosure of Information 2015-06-17FYI: We're now paying up to $20,000 for web vulns in our services 2012-04-23
[security bulletin] HPSBGN03351 rev.2 - HP IceWall SSO Dfw, SSO Certd, MCRP, and Federation Agent running OpenSSL, Remote Disclosure of Information 2015-07-10G2webCMS (products.php?cat_id) (member-profile.php?profile) Remote SQL injection Vulnerability 2011-07-27
[security bulletin] HPSBGN03366 rev.1 - HP Business Process Insight with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29GDTelcom Speedtest ActiveX Control "FTPDownLoad Class"-ActiveX.dll Remote Denial of Service Vulnerability 2011-11-01
[security bulletin] HPSBGN03367 rev.1 - HP TransactionVision with RC4 Stream Cipher, Remote Disclosure of Information 2015-07-29Gergely Eberhardt (gergely eberhardt search-lab hu) 
[security bulletin] HPSBGN03371 rev.1 - HP IceWall Products running OpenSSL, Remote Denial of Service (DoS) 2015-07-10gerhard klostermeier syss de 
[security bulletin] HPSBGN03373 rev.1 - HP Release Control running TLS, Remote Disclosure of Information 2015-07-10Getdpd BB #4 - (name) Persistent Validation Vulnerability 2016-02-08
[security bulletin] HPSBGN03373 rev.2 - HP Release Control running TLS, Remote Disclosure of Information 2016-03-14Getdpd BB #5 - Persistent Filename Vulnerability 2016-02-08
[security bulletin] HPSBGN03386 rev.2 -
HP Central View Fraud Risk Management, Revenue Leakage Control, Dealer Performance Audit, Credit Risk Control, Roaming Fraud Control, Subscription Fraud Prevention, Remote Disclosure of Information, Local Disclosure 2015-11-03		Getdpd Bug Bounty #1 - (asm0option0) Persistent Web Vulnerability 2016-02-03
[security bulletin] HPSBGN03387 rev.1 - HP Intelligent Provisioning, Remote Code Execution, Unauthorized Access 2015-08-28Getdpd Bug Bounty #6 - (Import - FTP) Persistent Vulnerability 2016-02-10
[security bulletin] HPSBGN03393 rev.1 - HP Operations Manager i, Remote Code Execution 2015-08-12Ggb Guestbook - XSS Vulnerabilities 2012-01-05
[security bulletin] HPSBGN03393 rev.2 - HP Operations Manager i, Remote Code Execution 2015-09-16giflib: heap overflow in giffix (CVE-2015-7555) 2015-12-21
[security bulletin] HPSBGN03402 rev.2 - HP Performance Manager, Remote Disclosure of Information 2015-08-27GIMP FIT File Format DoS 2012-06-29
[security bulletin] HPSBGN03403 rev.1 - HP Virtualization Performance Viewer, Remote Unauthorized Disclosure of Information 2015-08-31GIMP Scriptfu Python Remote Command Execution 2012-08-16
[security bulletin] HPSBGN03404 rev.1 - HP Service Health Reporter, Remote Unauthorized Modification 2015-08-24glibc catopen() Multiple unbounded stack allocations 2016-01-25
[security bulletin] HPSBGN03405 rev.1 - HP Integration Adaptor, Remote Unauthorized Modification, Disclosure of Information 2015-08-26GLSA (Gentoo Linux Security Advisory) publication changes 2012-02-02
[security bulletin] HPSBGN03407 rev.1 - HP Operations Manager for Windows, Remote Unauthorized Modification, Disclosure of Information 2015-08-28Glype proxy cookie jar path traversal allows code execution 2014-09-22
[security bulletin] HPSBGN03411 rev.1 - HP Operations Agent Virtual Appliance, Remote Unauthorized Disclosure of Information 2015-08-26Glype proxy local address filter bypass 2014-09-22
[security bulletin] HPSBGN03424 rev.1 - HP Cloud Service Automation, Remote Authentication Bypass 2015-10-01Glype proxy privacy settings can be disabled via CSRF 2014-09-22
[security bulletin] HPSBGN03425 rev.1 - HP ArcSight SmartConnectors, Remote Disclosure of Information, Local Escalation of Privilege 2015-11-03Gnome Nautilus [Denial of Service] 2015-12-02
[security bulletin] HPSBGN03426 rev.1 - HP Mobility Software, Remote Execution of Arbitrary Code 2015-11-02gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk 2012-03-06
[security bulletin] HPSBGN03428 rev.1 - HP Asset Manager, Local Disclosure of Sensitive Information 2015-10-23GnuPG 1.4.12 and lower - memory access errors and keyring database corruption 2012-12-29
[security bulletin] HPSBGN03428 rev.3 - HP Asset Manager Web UI Client, Local Disclosure of Sensitive Information 2015-11-13Google AD Sync Tool - Exposure of Sensitive Information Vulnerability - Security Advisory - SOS-13-001 2013-04-03
[security bulletin] HPSBGN03429 rev.1 - HP Arcsight Logger, Remote Disclosure of Information 2015-10-23Google App Enging SDK Code Execution Vulnerability (CVE 2011-1364) 2011-10-11
[security bulletin] HPSBGN03429 rev.2 - HP Arcsight Logger, Remote Disclosure of Information 2015-11-03Google Compute Engine - Lateral Compromise 2014-05-30
[security bulletin] HPSBGN03430 rev.1 - HP ArcSight products, Local Elevation of Privilege 2015-11-03Google Compute Engine Multiple DOS Vulnerabilities 2014-05-30
[security bulletin] HPSBGN03438 rev.1 - HP Support Assistant, Local Authentication Bypass 2016-03-19Google Chrome 19 metro_driver.dll mishandling 2012-07-15
[security bulletin] HPSBGN03442 rev.1 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution 2016-03-02Google Chrome Accessibility blink::Node corruption details 2016-11-29
[security bulletin] HPSBGN03444 rev.2 - HPE Network Automation, Remote Code Execution, Disclosure of Sensitive Information 2016-03-29Google Chrome HTTPS Address Bar Spoofing 2012-01-04
[security bulletin] HPSBGN03504 rev.1 - HP UCMDB, Local Disclosure of Sensitive Information 2015-09-09Google Nexus 5X Bootloader Unauthorized Memory Dumping via USB 2016-09-04
[security bulletin] HPSBGN03507 rev.2 - HP Arcsight Management Center, Arcsight Logger, Remote Cross-Site Scripting (XSS) 2015-11-10Google SEO Pressor Snippet Plugin XSS Vulnerability 2016-04-23
[security bulletin] HPSBGN03515 rev.1 - HP Smart Profile Server Data Analytics Layer (SPS DAL), Remote Cross-Site-Scripting (XSS), Disclosure of Information 2015-10-13Gopal Systems (products.php?cat_id) Remote SQL injection Vulnerability 2011-07-28
[security bulletin] HPSBGN03519 rev.1 - HP Project and Portfolio Management Center, Remote Disclosure of Information 2015-11-04GotRoot Security Challenge 2011-10-20
[security bulletin] HPSBGN03521 rev.1 - HP Operations Orchestration Central, Cross-Site Request Forgery (CSRF) 2015-11-17GreenBrowser iframe content Double Free Vulnerability 2012-01-12
[security bulletin] HPSBGN03521 rev.2 - HP Operations Orchestration Central, Cross-Site Request Forgery (CSRF) 2015-11-18GreHack 2012 - 19th Oct. Grenoble, France - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ] 2012-09-11
[security bulletin] HPSBGN03523 rev.1 - HP Loadrunner Virtual Table Server, Remote Code Execution 2015-11-25GreHack 2012 - 19th Oct. Grenoble, France - Conference + CTF - Call For [ Participation, Student Grants Application, Music Bands/Artists/DJ ] 2012-09-19
[security bulletin] HPSBGN03525 rev.1: HP Performance Center Virtual Table Server, Remote Code Execution 2015-12-03GreHack 2012 - Call For Musicians/Artists/DJs application open till October 5th 2012 (Grenoble, France) 2012-07-19
[security bulletin] HPSBGN03530 rev.1 - HPE UCMDB Browser, Remote Disclosure of Sensitive Information, Local Unauthorized Access 2016-01-06GreHack 2012 - Call For Papers (Grenoble, France) 2012-05-25
[security bulletin] HPSBGN03533 rev.1 - HP Enterprise Cloud Service Automation and Codar, Remote Unauthorized Modification 2016-01-29GreHack 2012 - extended deadline CFP 15th August 2012 (Grenoble, France) 2012-07-09
[security bulletin] HPSBGN03534 rev.1 - HPE Performance Center using Microsoft Report Viewer, Remote Disclosure of Information, Cross-Site Scripting (XSS) 2016-01-19GreHack 2012 - LAST Call For Papers (Grenoble, France) till 15th August 2012 2012-08-13
[security bulletin] HPSBGN03547 rev.1 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code Execution 2016-02-18GreHack 2013 - 15 Nov. Grenoble, France - Conf. Registration OPEN 2013-09-25
[security bulletin] HPSBGN03547 rev.3 - HPE Helion Eucalyptus Node Controller and other Helion Eucalyptus Components using glibc, Remote Arbitrary Code Execution 2016-04-29GreHack 2013 - 2nd Call For Papers - November 15, Grenoble, France 2013-05-25
[security bulletin] HPSBGN03550 rev.2 - HP Operations Manager i and BSM using Apache Flex BlazeDS, Remote Disclosure of Information 2016-03-03GreHack 2013 - CFP ends on June, 30 - Conf: Nov. 15, Grenoble, France 2013-06-22
[security bulletin] HPSBGN03551 rev.1 - HPE Helion Development Platform using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution 2016-03-21Group-Office Calendar SQL Injection 2012-09-03
[security bulletin] HPSBGN03555 rev.1 - HPE Vertica Analytics, Management Console, Remote Disclosure of Sensitive information, Execution of Arbitrary Code with Root Privileges 2016-04-18Group-Office Cleartext Credentials Stored in Cookies 2012-08-13
[security bulletin] HPSBGN03556 rev.1 - ArcSight ESM and ESM Express, Remote Arbitrary File Download, Local Arbitrary Command Execution 2016-03-15GroupWare epesiBIM CRM 1.2.1 - Multiple Web Vulnerabilities 2012-04-10
[security bulletin] HPSBGN03558 rev.1 - ArcSight ESM and ESM Express, Remote Disclosure of Sensitive Information 2016-03-16Grupo Argentina Web Remote SQL injection Vulnerability 2011-08-18
[security bulletin] HPSBGN03560 rev.1 - HP Operations Orchestration using Java Deserialization, Remote Arbitrary Code Execution 2016-03-21GS Foto Uebertraeger v3.0 iOS - File Include Vulnerability 2014-09-26
[security bulletin] HPSBGN03563 rev.1 - HPE IceWall Products using OpenSSL, Remote Denial of Service (DoS), Local Denial of Service (DoS), Disclosure of Information 2016-03-25GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities 2012-10-01
[security bulletin] HPSBGN03564 rev.2 - HPE Release Control using Java Deserialization, Remote Code Execution 2016-08-01GTA UTM Firewall GB 6.0.3 - Multiple Web Vulnerabilities 2012-10-08
[security bulletin] HPSBGN03565 rev.1 - HPE Virtualization Performance Viewer, Local Denial of Service (DoS) 2016-04-02GTX CMS 2013 Optima - Multiple Web Vulnerabilities 2013-10-29
[security bulletin] HPSBGN03567 rev.1 - HP Asset Manager using Java Deserialization, Remote Arbitrary Code Execution 2016-04-01GuestBook Scripts PHP v1.5 - Multiple Web Vulnerabilites 2012-07-04
[security bulletin] HPSBGN03569 rev.1 - HPE OneView for VMware vCenter (OV4VC), Remote Disclosure of Information 2016-04-04Guests can view names and emailadresses of all Liferay users in liferay 6.1 2012-05-13
[security bulletin] HPSBGN03569 rev.2 - HPE OneView for VMware vCenter (OV4VC), Remote Disclosure of Information 2016-04-06Guppy CMS v5.01.03 - Client Side Cross Site Scripting Web Vulnerability 2016-08-02
[security bulletin] HPSBGN03570 rev.1 - HPE Universal CMDB, Remote Information Disclosure, URL Redirection 2016-04-07H2HC Brazil (Hackers 2 Hackers Conference) 8th Edition - Call for Papers 2011-07-20
[security bulletin] HPSBGN03572 rev.1 - HPE Performance Center, Remote User Validation Failure 2016-09-13H2HC Brazil 9th Edition - Call for Papers 2012-05-18
[security bulletin] HPSBGN03580 rev.1 - HP Data Protector, Remote Code Execution, Remote Unauthorized Disclosure of Information 2016-04-22Hacking IPv6 Networks (slides) 2011-07-26
[security bulletin] HPSBGN03582 rev.1 - HPE Helion CloudSystem using glibc, Remote Code Execution, Denial of Service (DoS) 2016-04-25Hackito Ergo sum // HES2012 Final CFP // Call for Hackers 2012-02-16
[security bulletin] HPSBGN03587 rev.1 - HPE Helion OpenStack using OpenSSL and Open vSwitch, Remote Arbitrary Command Execution, Denial of Service (DoS), Disclosure of Information 2016-05-17Hackito Ergo Sum 2012 Call For Papers ! (12/13/14 April 2012) 2011-12-03
[security bulletin] HPSBGN03597 rev.1 - HPE Cloud Optimizer (Virtualization Performance Viewer) using glibc Remote Denial of Service (DoS) 2016-05-12Hackito Ergo Sum 2012 dates 2011-09-24
[security bulletin] HPSBGN03602 rev.1 - HPE RESTful Interface Tool, Local Disclosure of Information 2016-05-18Hafez Kamal (aphesz hackinthebox org) 
[security bulletin] HPSBGN03630 rev.1 - HP Operations Manager for Unix, Solaris, and Linux using Apache Commons Collections (ACC), Remote Code Execution 2016-07-25Hands-on Mobile (Android & iOS) + ARM Exploitation Training at Toorcon 2014-09-27
[security bulletin] HPSBGN03630 rev.2 - HP Operations Manager for Unix, Solaris, and Linux using Apache Commons Collections (ACC), Remote Code Execution 2016-08-12Happy Birthday FreeBSD! Now you are 20 years old and your security is the same as 20 years ago... :) 2013-06-19
[security bulletin] HPSBGN03633 rev.1 - HPE Release Control, Remote Denial of Service (DoS), Disclosure of Information, Unauthorized Access to Files or Server-Side Request Forgery(SSRF) 2016-08-03Hard-coded accounts on multiple network cameras 2013-07-11
[security bulletin] HPSBGN03634 rev.1 - HPE Enterprise Solution Sizers and Storage Sizer running Smart Update, Remote Arbitrary Code Execution 2016-08-15Hardcoded AES 256 bit key used in Kankun IoT/Smart socket and its mobile App 2015-06-06
[security bulletin] HPSBGN03637 rev.1 - HP Operations Manager for Unix, Solaris, and Linux, Remote Cross-Site Scripting (XSS) 2016-08-31Hard-coded credentials and command-injection vulnerabilities on BigPond 3G21WB 2012-10-11
[security bulletin] HPSBGN03638 rev.1 -
HPE Remote Device Access: Virtual Customer Access System (vCAS) using lighttpd and OpenSSH, Unauthorized Modification of Information, Remote Denial of Service (DoS), Remote Disclosure of Information 2016-08-29		Hardcoded root password in Zyxel MAX3XX series Wimax CPEs 2016-03-23
[security bulletin] HPSBGN03643 rev.1 - HPE KeyView using Filter SDK, Remote Code Execution 2016-11-07Hardcoreview WriteAV Arbitrary Code Execution 2012-10-05
[security bulletin] HPSBGN03645 rev.2 - HPE Helion OpenStack Glance, Remote Access Restriction Bypass, Unauthorized Access 2016-09-21hashdays 2012 - Call for Papers (#days CFP) 2012-06-25
[security bulletin] HPSBGN03648 rev.1 - HPE LoadRunner and Performance Center, Remote Denial of Service (DoS) 2016-09-26Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-07-24
[security bulletin] HPSBGN03650 rev.1 - HPE Network Automation Software, Local Arbitrary File Modification 2016-09-29Hawkeye-G v3.0.1.4912 CSRF Vulnerability CVE-2015-2878 2015-07-24
[security bulletin] HPSBGN03656 rev.1 - HPE Network Node Manager i (NNMi) Software using Java Deserialization, Remote Arbitrary Code Execution and Cross-Site Scripting 2016-11-04HCA0005 - Liberty Global - Horizon HD STB - predictable WiFi passphrase 2016-01-28
[security bulletin] HPSBGN03663 rev.1 - HPE ArcSight WINC Connector, Remote Code Execution 2016-10-19HD Video Player v2.5 iOS - Multiple Web Vulnerabilities 2016-02-12
[security bulletin] HPSBGN03669 rev.1 - HPE SiteScope, Local Elevation of Privilege, Remote Denial of Service, Arbitrary Code Execution and Cross-Site Request Forgery 2016-11-14Heap Memory Corruption in HP Device Access Manager for Protect Tools Information Store 2011-12-02
[security bulletin] HPSBGN03670 rev.1 - HPE Business Service Management (BSM) using Java Deserialization, Remote Code Execution 2016-11-08Hector Marco (hmarco hmarco org) (1 replies)
[security bulletin] HPSBGN03676 rev.1 - HPE Helion OpenStack Glance Image Service, Remote Denial of Service (DoS) 2016-11-16Heroku API Bug Bounty #1 - Persistent Invitation Vulnerability 2015-01-12
[security bulletin] HPSBGN03677 rev.1 - HPE Network Automation using RPCServlet and Java Deserialization, Remote Code Execution 2016-11-30Heroku API Deep Dive Bug Bounty #3 - Persistent UI Vulnerability 2015-01-12
[security bulletin] HPSBGN03680 rev.1 - HPE Propel, Local Denial of Service (DoS), Escalation of Privilege 2016-11-30Heroku Bug Bounty #2 - (API) Re Auth Session Bypass Vulnerability 2015-06-10
[security bulletin] HPSBGN03688 rev.1 - HPE Operations Orchestration, Remote Code Execution 2017-01-03Hi Technology & Services CMS - SQL Injection Vulnerabilities 2016-03-31
[security bulletin] HPSBGN03694 rev.1 - HPE SiteScope, Remote Disclosure of Information 2017-01-12Hide Photo+Video Safe v1.6 iOS - Multiple Vulnerabilities 2013-10-03
[security bulletin] HPSBGN3547 rev.1 - HP Device Manager, Remote Read Access to Arbitrary Files 2016-04-01Hiding Backdoors in plain sight, again 2011-07-22
[security bulletin] HPSBHF02699 SSRT100592 rev.1 - HP ProLiant SL Advanced Power Manager (SL-APM), Remote User Validation Failure 2011-08-10HiDisk 2.4 iOS - (currentFolderPath) Persistent Vulnerability 2015-05-20
[security bulletin] HPSBHF02706 SSRT100613 rev.1 - HP Integrated Lights-Out iLO2 and iLO3 running SSL/TLS, Denial of Service (DoS), Unauthorized Modification 2011-11-08Horizontal Privilege Escalation/Code Injection in ownCloudâ??s Windows Client 2016-08-19
[security bulletin] HPSBHF02721 SSRT100605 rev.1 - HP Directories Support for ProLiant Management Processors for Integrated Lights-Out iLO2 and iLO3, Unauthorized Access 2011-11-11Host tracking in IPv6 (SI6 Networks' IPv6 toolkit v1.3.3) 2013-03-11
[security bulletin] HPSBHF02723 SSRT100536 rev.1 - HP Protect Tools Device Access Manager for Windows, Remote Execution of Arbitrary Code, Denial of Service 2011-12-01'Hotel Booking Portal' SQL Injection (CVE-2012-1672) 2012-04-04
[security bulletin] HPSBHF02723 SSRT100536 rev.2 - HP ProtectTools Device Access Manager for Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) 2011-12-07How well does Microsoft support (and follow) their mantra "keep your PC updated"? 2012-08-09
[security bulletin] HPSBHF02804 SSRT100631 rev.1 - HP Integrity Server rx2800 i2, BL860c i2, BL870c i2, BL890c i2, Potential Denial of Service (DoS) 2012-08-13HP ArcSight Logger provides incorrect/invalid/incomplete results for queries with boolean operators 2015-07-31
[security bulletin] HPSBHF02821 SSRT100934 rev.1 - HP Integrated Lights-Out iLO3 and iLO4, Remote Disclosure of Information 2012-11-19HP Data Protector Arbitrary Remote Command Execution 2013-08-07
[security bulletin] HPSBHF02865 SSRT101158 rev.1 - HP ElitePad 900, Secure Boot Configuration Inconsistency 2013-04-23HP LaserJet Fax Preview DLL side loading vulnerability 2016-01-23
[security bulletin] HPSBHF02885 rev.1 - HP Integrated Lights-Out iLO3 and iLO4 using Single-Sign-On (SSO), Remote Unauthorized Access 2013-06-11HP Security Alert (hp-security-alert hp com) 
[security bulletin] HPSBHF02888 rev.2 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution 2013-07-17HP ToComMsg DLL side loading vulnerability 2016-01-23
[security bulletin] HPSBHF02888 rev.3 - HP Network Products including H3C and 3COM Routers and Switches, Remote Information Disclosure and Code Execution 2013-08-28HP/H3C and Huawei SNMP Weak Access to Critical Data 2012-10-23
[security bulletin] HPSBHF02912 rev.1 - HP Networking Products including H3C and 3COM Routers and Switches, OSPF Remote Information Disclosure and Denial of Service 2013-08-08HServer webserver - Directory Traversal Vulnerability 2012-01-05
[security bulletin] HPSBHF02913 rev.1 - HP Intelligent Management Center (iMC) and HP Branch Intelligent Management System (BIMS), Remote Disclosure of Information 2014-07-14HTB23004: Multiple Vulnerabilities in e107 2011-06-15
[security bulletin] HPSBHF02939 rev.1 - HP Integrated Lights-Out 4 (iLO4), Remote Cross Site Scripting (XSS), Unauthorized Disclosure of Information 2013-11-12HTB23005: Multiple XSS in N-13 News 2011-06-15
[security bulletin] HPSBHF02946 rev.2 - HP Servers with NVIDIA GPU Computing Driver, Elevation of Privilege 2014-05-16HTB23008: Multiple XSS & CSRF (Cross-Site Request Forgery) in miniblog 2011-06-15
[security bulletin] HPSBHF02965 rev.1 - HP Security Management System, Remote Execution of Arbitrary Code 2014-03-05HTB23010: Multiple XSS & Local File Inclusion in Free Simple CMS 2011-06-15
[security bulletin] HPSBHF02981 rev.1 - HP Integrated Lights-Out 2, 3, and 4 (iLO2, iLO3, iLO4), IPMI 2.0 RCMP+ Authentication Remote Password Hash Vulnerability (RAKP) 2014-04-03HTB23012: Gogago YouTube Video Converter ActiveX Control "Download()" Buffer Overflow Vulnerability 2011-06-15
[security bulletin] HPSBHF03006 rev.1 - HP Integrated Lights-Out 2 (iLO 2) Denial of Service 2014-04-24HTB23015: Easewe FTP ActiveX Control Multiple Insecure Methods 2011-06-22
[security bulletin] HPSBHF03021 rev.1 - HP Thin Client with ThinPro OS or Smart Zero Core Services, Running OpenSSL, Remote Disclosure of Information 2014-04-24HTB23016: Kofax e-Transactions Sender Sendbox ActiveX Control Insecure Method 2011-06-22
[security bulletin] HPSBHF03052 rev.1 -
HP Intelligent Management Center (iMC), HP Network Products including H3C and
3COM Routers and Switches running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Modification or Disclosur 2014-06-23		HTB23017: XSS in FanUpdate 2011-06-22
[security bulletin] HPSBHF03052 rev.2 - HP Network Products running OpenSSL, Multiple Remote Vulnerabilities 2014-11-21HTC / Android OBEX FTP Service Directory Traversal Vulnerability 2011-07-20
[security bulletin] HPSBHF03084 rev.1 HP PCs with UEFI Firmware, Execution of Arbitrary Code 2014-08-07HTC IQRD Android Permission Leakage (CVE-2012-2217) 2012-04-22
[security bulletin] HPSBHF03088 rev.1 - HP Integrity SD2 CB900s i2 and i4 Servers running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-13HTML 5 Security Report 2011-12-14
[security bulletin] HPSBHF03119 rev.1 - HP DreamColor Display running Bash Shell, Remote Code Execution 2014-10-01HTTP Commander AJS v3.1.9 - Client Side Exception Vulnerability 2014-10-03
[security bulletin] HPSBHF03119 rev.2 - HP DreamColor Professional Display running Bash Shell, Remote Code Execution 2014-10-01HTTP Response Splitting in Oracle Enterprise Manager (pageName parameter) (CVE-2012-0527) 2012-04-19
[security bulletin] HPSBHF03124 rev.1 - HP Thin Clients running Bash, Remote Execution of Code 2014-10-03HTTP Response Splitting in Oracle Enterprise Manager (prevPage parameter) (CVE-2012-0526) 2012-04-19
[security bulletin] HPSBHF03124 rev.2 - HP Thin Clients running Bash Shell, Remote Execution of Code 2014-11-11Huawei E587 3G Mobile Hotspot Web UI Cross Site Scripting vulnerability 2013-07-15
[security bulletin] HPSBHF03340 rev.1 - HP ThinPro Linux and HP Smart Zero Core running HP Easy Setup Wizard, Local Unauthorized Access, Elevation of Privilege 2015-05-28Huawei eSpace IAD Remote Information Disclosure Vulnerability 2016-07-30
[security bulletin] HPSBHF03408 rev.1 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code 2015-08-26Huawei ISM Professional XSS Vulnerability 2016-07-26
[security bulletin] HPSBHF03408 rev.2 - HP PCs with HP lt4112 LTE/HSPA+ Gobi 4G Module, Remote Execution of Arbitrary Code 2015-09-11Huawei Wimax routers vulnerable to multiple threats 2015-11-30
[security bulletin] HPSBHF03419 rev.1 - HP Network Products including H3C routers and switches, Remote Denial of Service (DoS), Unauthorized Access. 2015-12-21hyp3rlinx lycos com 
[security bulletin] HPSBHF03419 rev.3 - HPE Networking Products, Remote Denial of Service (DoS), Unauthorized Access 2016-01-29Chamilo 1.8.8.4 Multiple Vulnerabilities 2012-08-25
[security bulletin] HPSBHF03431 rev.1 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2015-12-12Chamilo LMS - Persistent Cross Site Scripting Vulnerability 2016-02-19
[security bulletin] HPSBHF03431 rev.3 - HPE Network Switches, local Bypass of Security Restrictions, Indirect Vulnerabilities 2016-04-01Chamilo LMS IDOR - (messageId) Delete POST Inject Vulnerability 2016-02-19
[security bulletin] HPSBHF03432 rev.1 - HPE Networking Comware 5, Comware 5 Low Encryption SW, Comware 7, VCX Using NTP, Remote Access Restriction Bypass and Code Execution 2015-12-09Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability 2016-03-14
[security bulletin] HPSBHF03433 SSRT102964 rev.1 - HP-UX Running Mozilla Firefox and Thunderbird, Remote Disclosure of Information 2015-12-09Charybdis: Improper assumptions in the server handshake code may lead to a remote crash 2012-12-31
[security bulletin] HPSBHF03436 rev.1 - HP Thin Client with ThinPro OS, running Linux, Local Elevated Privileges 2016-03-03ChatSecure IM v2.2.4 iOS - Persistent Web Vulnerability 2014-09-11
[security bulletin] HPSBHF03439 rev.1 - HP Commercial PCs with Sure Start, Local Denial of Service 2016-03-03Checkmarx CxQL Sandbox bypass (CVE-2014-8778) 2015-09-03
[security bulletin] HPSBHF03440 rev.1 - HPE iLO 3 using JQuery, Remote Cross-Site Scripting (XSS) 2016-08-12Checkpoint Abra - Vulnerabilities 2012-07-07
[security bulletin] HPSBHF03441 rev.1 - HPE ilO 3 and iLO 4 and iLO 4 mRCA, Remote Multiple Vulnerabilities 2016-08-15Chezola Systems (display-section.php?id) Remote SQL injection Vulnerability 2011-08-09
[security bulletin] HPSBHF03509 rev.1 - HP ThinPro and Smart Zero Core, Remote Denial of Service, Unauthorized Access to Data 2015-09-15ChiefPDF Software v2.x - Buffer Overflow Vulnerability 2015-08-20
[security bulletin] HPSBHF03528 rev.1 - HP Network Products running VCX, Remote Unauthorized Modification 2015-12-16ChitaSoft (Web-Application) - SQL Injection Vulnerability 2016-03-14
[security bulletin] HPSBHF03535 rev.3 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Multiple Remote Vulnerabilities 2016-01-28Chrome for Android - Android APIs exposed to JavaScript 2013-01-07
[security bulletin] HPSBHF03538 rev.1 - HPE iMC Service Health Manager (SHM) and iMC PLAT running Adobe Flash, Remote Code Execution, Denial of Service (DoS) 2016-01-28Chrome for Android - Bypassing SOP for Local Files By Symlinks 2013-01-07
[security bulletin] HPSBHF03544 rev.1 - HPE iMC PLAT and other HP and H3C products using Comware 7 and cURL, Remote Unauthorized Access 2016-02-20Chrome for Android - Cookie theft from Chrome by malicious Android app 2013-01-07
[security bulletin] HPSBHF03545 rev. 1 - HP EliteBook and Zbook Products with Windows NVidia Graphics Driver, Multiple Local Vulnerabilities 2016-03-02Chrome for Android - Download Function Information Disclosure 2013-01-07
[security bulletin] HPSBHF03578 rev.1 - HPE ConvergedSystem for SAP HANA using glibc, Multiple Remote Vulnerabilities 2016-05-18Chrome for Android - UXSS via com.android.browser.application_id Intent extra 2013-01-07
[security bulletin] HPSBHF03579 rev.1 - HPE ConvergedSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities 2016-05-18Chrome Web Solutions (details.php?cat_id) (listing_more.php?id) Remote SQL injection Vulnerability 2011-07-27
[security bulletin] HPSBHF03592 rev.1 - HPE VAN SDN Controller OVA using OpenSSL, Multiple Remote Vulnerabilities 2016-05-11ChurchCMS 0.0.1 'admin.php' Multiple SQLi 2012-04-23
[security bulletin] HPSBHF03594 rev.1 - HPE ConvergedSystem and AppSystem for SAP HANA using OpenSSL, Multiple Remote Vulnerabilities 2016-05-17I Read It Somewhere (IRIS) citations management tool <= v1.3 (post auth) Remote Command Execution 2013-02-09
[security bulletin] HPSBHF03641 rev.1 - HPE Integrated Lights-Out 3 (iLO 3), Remote Disclosure of Information 2016-08-30i.Hex Local Crash Poc 2014-11-05
[security bulletin] HPSBHF03646 rev.1 - HPE Comware 7 (CW7) Network Products running NTP, Multiple Remote Vulnerabilities 2016-09-21i.Mage Local Crash Poc 2014-11-05
[security bulletin] HPSBHF03652 rev.1 - HPE iMC PLAT Network Products running Apache Commons FileUpload, Remote Denial of Service (DoS) 2016-09-26iAuto Mobile Application 2012 - Multiple Web Vulnerabilities 2012-08-05
[security bulletin] HPSBHF03654 rev.1 - HPE iMC PLAT Network Products using SSL/TLS, Multiple Remote Vulnerabilities 2016-09-26iBackup v10.0.0.45 - Privilege Escalation Vulnerability 2014-12-19
[security bulletin] HPSBHF03655 rev.1 - HPE iMC PLAT Network Products running Apache Axis2, Multiple Remote Vulnerabilities 2016-09-26IBM developerWorks ncp (Nigel's Capacity Planning) 2.1 Remote Information Disclosure 2012-06-30
[security bulletin] HPSBHF03674 rev.1 HPE Comware 5 and Comware 7 Network Products using SSL/TLS, Remote Disclosure of Information 2016-12-07IBM Edge Components Caching Proxy XSS Followup 2012-06-30
[security bulletin] HPSBHF03675 rev.1 - HPE Integrated Lights-Out 3 and 4 (iLO 3, iLO 4), Cross-Site Scripting (XSS) 2016-11-20IBM i Access Buffer Overflow Code DOS CVE-2015-7422 2015-11-18
[security bulletin] HPSBHF03682 rev.1 - HPE Comware 7 Network Products using SSL/TLS, Local Gain Privileged Access 2016-11-30IBM i Access Buffer Overflow Code Exec CVE-2015-2023 2015-11-18
[security bulletin] HPSBHF3549 ThinkPwn UEFI BIOS SmmRuntime Escalation of Privilege 2016-10-27IBM Lotus iNotes 8.5.x cross-site scripting vulnerabilities 2013-08-28
[security bulletin] HPSBMA02627 SSRT090246 rev.2 - HP OpenView Performance Insight Server, Remote Execution of Arbitrary Code 2011-06-14IBM Maximo: Cross-site Scripting Vulnerability Addressed in Asset and Service Management (CVE-2014-0914 and -0915) 2014-08-11
[security bulletin] HPSBMA02631 SSRT100324 rev.1 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code 2011-06-08IBM WebSphere Application Server (WAS) Integrated Solutions Console Login Page username Parameter Reflected XSS Security Vulnerability 2014-09-08
[security bulletin] HPSBMA02652 SSRT100432 rev.4 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Information Disclosure 2011-06-03IBSng all version Cross-Site Scripting Vulnerability 2011-11-01
[security bulletin] HPSBMA02659 SSRT100440 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access 2011-11-10ICACLS.EXE ignores and destroys SE_DACL_PROTECTED/SE_SACL_PROTECTED 2012-05-13
[security bulletin] HPSBMA02674 SSRT100487 rev.1 -
HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Re 2011-06-08		ICETC2014 - IEEE Extended Submission until Aug. 28, 2014 2014-08-20
[security bulletin] HPSBMA02674 SSRT100487 rev.2 -
HP Service Manager and HP Service Center, Unauthorized Remote Access, Unsecured Local Access, Remote Disclosure of Privileged Information, HTTP Session Credential Re-use, Cross Site Scripting (XSS) and Re 2011-07-06		Iciniti Store SQL Injection - Security Advisory - SOS-12-003 2012-03-07
[security bulletin] HPSBMU02669 SSRT100346 rev.3 - HP Data Protector Media Management Daemon (mmd), Remote Denial of Service (DoS) 2011-07-28iClassSchedule 1.6 iOS & Android - Persistent UI Vulnerability 2015-05-18
[security bulletin] HPSBMU02686 SSRT100541 rev.3 - HP OpenView Storage Data Protector, Remote Execution of Arbitrary Code 2011-06-29ICMPv6 PTBs and IPv6 frag filtering (particularly at BGP peers) 2017-01-12
[security bulletin] HPSBMU02690 SSRT100569 rev.1 - HP Business Availability Center (BAC) Running on Solaris and Windows, Remote Denial of Service (DoS) 2011-07-08iCompel Digital Signage risks 2012-11-03
[security bulletin] HPSBMU02691 SSRT100483 rev.2 - HP Performance Agent and HP Operations Agent, Remote Arbitrary File Deletion 2011-07-28iCube Lab (product_details.php?cat_id) Remote SQL injection Vulnerability 2011-07-27
[security bulletin] HPSBMU02692 SSRT100581 rev.2 - HP SiteScope, Remote Cross Site Scripting (XSS) and Session Fixation Attack 2011-07-28iDefense Security Advisory 05.03.11: Tom Sawyer GET Extension Factory COM Object Instantiation Memory Corruption Vulnerability 2011-06-03
[security bulletin] HPSBMU02693 SSRT100583 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS) 2011-07-28iDefense Security Advisory 06.01.11: Cisco AnyConnect VPN Client Arbitrary Program Execution Vulnerability 2011-06-02
[security bulletin] HPSBMU02695 SSRT100480 rev.1 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access 2011-08-09iDefense Security Advisory 06.14.11: Adobe Shockwave 3D Asset DEMX Integer Overflow Vulnerability 2011-06-16
[security bulletin] HPSBMU02695 SSRT100480 rev.2 - HP OpenView Performance Insight, Remote HTML Injection, Unauthorized Access, Cross Site Scripting (XSS) 2011-08-15iDefense Security Advisory 06.14.11: Adobe Shockwave Cursor Asset tSAC Chunk Integer Overflow Vulnerability 2011-06-16
[security bulletin] HPSBMU02703 SSRT100242 rev.1 - HP Network Node
Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification 2011-09-13		iDefense Security Advisory 06.14.11: Adobe Shockwave Font Asset Heap Overflow Vulnerability 2011-06-16
[security bulletin] HPSBMU02704 SSRT100619 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Apache, Remote Denial of Service (DoS) 2011-11-03iDefense Security Advisory 06.14.11: Adobe Shockwave Lingo Script Opcodes Integer Signedness Vulnerability 2011-06-16
[security bulletin] HPSBMU02705 SSRT100622 rev.1 - HP Business Service Automation (BSA) Essentials, Remote Execution of Arbitrary Code 2011-09-19iDefense Security Advisory 07.14.11: Citrix Access Gateway ActiveX Stack Buffer Overflow Vulnerability 2011-07-14
[security bulletin] HPSBMU02708 SSRT100633 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) 2011-11-10iDefense Security Advisory 07.20.11: Apple Safari innerText Use-After-Free Vulnerability 2011-07-20
[security bulletin] HPSBMU02710 SSRT100601 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access 2011-10-10iDefense Security Advisory 07.20.11: Multiple Vendor WebKit frameset style Heap Corruption Vulnerability 2011-07-20
[security bulletin] HPSBMU02712 SSRT100649 rev.1 - HP OpenView Network Node Manager (OV NNM), Remote Execution of Arbitrary Code 2011-11-01iDefense Security Advisory 07.20.11: Multiple Vendor WebKit MathML Use-After-Free Vulnerability 2011-07-20
[security bulletin] HPSBMU02714 SSRT100244 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information 2011-10-26iDefense Security Advisory 07.20.11: Multiple Vendor WebKit SVG animVal Memory Corruption Vulnerability 2011-07-20
[security bulletin] HPSBMU02714 SSRT100244 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information 2011-11-10iDefense Security Advisory 07.20.11: Safari WebKit TIFF Use-After-Free Vulnerability 2011-07-20
[security bulletin] HPSBMU02716 SSRT100651 rev.1 - HP Data Protector Notebook Extension, Remote Execution of Arbitrary Code 2011-10-19iDefense Security Advisory 08.09.11: Adobe Flash Player ActionScript Display Memory Corruption Vulnerability 2011-08-10
[security bulletin] HPSBMU02726 SSRT100685 rev.1 - HP Operations Agent and Performance Agent for AIX, HP-UX, Linux, and Solaris, Local Unauthorized Access 2011-11-22iDefense Security Advisory 08.09.11: Adobe Flash Player Integer Overflow 2011-08-10
[security bulletin] HPSBMU02726 SSRT100685 rev.2 - HP Operations Agent and Performance Agent for AIX, HP-UX, Linux, and Solaris, Local Unauthorized Access 2011-12-06iDefense Security Advisory 09.13.11: Adobe Reader and Acrobat JPEG Processing Use After Free Vulnerability 2011-09-13
[security bulletin] HPSBMU02731 SSRT100518 rev.1 - HP Database Archiving Software, Remote Execution of Arbitrary Code 2011-12-27iDefense Security Advisory 09.13.11: Microsoft Excel Record Integer Signedness Vulnerability 2011-09-13
[security bulletin] HPSBMU02736 SSRT100699 rev.1 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information 2012-01-18iDefense Security Advisory 09.13.11: Microsoft Excel Record Memory Corruption Vulnerability 2011-09-13
[security bulletin] HPSBMU02736 SSRT100699 rev.2 - HP Business Availability Center (BAC) and Business Service Management (BSM), Remote Unauthorized Access to Sensitive Information 2012-02-07iDefense Security Advisory 09.26.11: Novell GroupWise iCal Date Invalid Array Indexing Vulnerability 2011-09-28
[security bulletin] HPSBMU02738 SSRT100748 rev.1 - HP Network Automation Running on Linux, Solaris, and Windows, Remote Unauthorized Access 2012-01-30iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE ByWeekNo Memory Corruption Vulnerability 2011-09-28
[security bulletin] HPSBMU02739 SSRT100280 rev.1 - HP Data Protector Media Operations, Remote Execution of Arbitrary Code 2012-02-02iDefense Security Advisory 09.26.11: Novell GroupWise iCal RRULE Weekday Recurrence Heap Overflow Vulnerability 2011-09-28
[security bulletin] HPSBMU02739 SSRT100280 rev.2 - HP Data Protector Storage Media Operations (SMO), Remote Execution of Arbitrary Code 2012-02-24iDefense Security Advisory 09.26.11: Novell GroupWise iCal TZNAME Heap Overflow Vulnerability 2011-09-27
[security bulletin] HPSBMU02742 SSRT100740 rev.1 - HP System Management Homepage (SMH) for Linux and Windows, Remote Unauthorized Disclosure of Information 2012-02-08iDefense Security Advisory 10.11.11: Microsoft Internet Explorer Object Handling Memory Corruption Vulnerability 2011-10-12
[security bulletin] HPSBMU02744 SSRT100776 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information 2012-03-07iDefense Security Advisory 10.12.11: Apple Mobile OfficeImport Framework Word Document Parsing Memory Corruption Vulnerability 2011-10-13
[security bulletin] HPSBMU02744 SSRT100776 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Disclosure of Information 2012-03-28iDefense Security Advisory 10.12.11: Apple MobileSafari Attachment Viewing Cross Site Scripting Vulnerability 2011-10-13
[security bulletin] HPSBMU02746 SSRT100781 rev.1 - HP Data Protector Express, Remote Denial of Service (DoS), Execution of Arbitrary Code 2012-03-13ideo Lead Form Plugin Cross-Site Scripting Vulnerabilities which affects Wordpress URL 2012-11-29
[security bulletin] HPSBMU02747 SSRT100771 rev.1 - HP OpenView Network Node Manager (OV NNM) Running Apache Tomcat, Remote Denial of Service (DoS) 2012-03-28idev Game Site CMS v1.0 - Multiple Web Vulnerabilites 2012-04-08
[security bulletin] HPSBMU02748 SSRT100772 rev.1 -
HP OpenView Network Node Manager (OV NNM) Running Apache HTTP Server, Remote Unauthorized Disclosure of Information, Unauthorized Modification, Denial of Service (DoS) 2012-03-28		iDev Rentals v1.0 - Multiple Web Vulnerabilities 2012-11-14
[security bulletin] HPSBMU02749 SSRT100793 rev.1 - HP Business Availability Center (BAC) Running on Windows, Remote Cross Site Scripting (XSS) 2012-04-04IDrive Online Backup ActiveX control Insecure Method 2011-07-06
[security bulletin] HPSBMU02752 SSRT100802 rev.1 HP Insight Control Software for Linux (IC-Linux), Remote Execution of Arbitrary Code, Denial of Service (DoS) 2012-03-20IE11 is not following CORS specification for local files 2016-09-22
[security bulletin] HPSBMU02753 SSRT100782 rev.1 - HP Business Availability Center (BAC) Running Apache, Remote Execution of Arbitrary Commands, Denial of Service (DoS) 2012-04-03iedb team gmail com 
[security bulletin] HPSBMU02756 SSRT100596 rev.1 - HP Performance Manager Running on HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code, Denial of Service (DoS) 2012-03-28IEEE SocialCom/PASSAT Call For Paper Deadline: June 15, 2011 2011-06-09
[security bulletin] HPSBMU02764 SSRT100827 rev.2 -
HP System Management Homepage (SMH) Running on Linux and Windows, Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS), Execution of Arbitrary Code, Other Vulnerabilities 2012-04-20		IETF I-D: Security and Interoperability Implications of Oversized IPv6 Header Chains 2012-02-17
[security bulletin] HPSBMU02766 SSRT100624 rev.1 - HP Onboard Administrator (OA), Remote Denial of Service (DoS) 2012-04-18IFIP NTMS'2012 - Deadline Extended to 12 January 2012 2011-12-18
[security bulletin] HPSBMU02770 SSRT100848 rev.1 -
HP Insight Management Agents for Windows Server, Remote Cross Site Request Forgery (CSRF), Cross Site Scripting (XSS), URL Redirection, Unauthorized Modification, Denial of Service (DoS) 2012-05-02		ifixit Bug Bounty #5 - Guide Search Persistent Vulnerability 2016-02-19
[security bulletin] HPSBMU02771 SSRT100558 rev.1 - HP SNMP Agents for Linux, Remote Cross Site Scripting (XSS), URL Redirection 2012-05-02ifixit Bug Bounty #6 -(Profile) Persistent Vulnerability 2016-02-19
[security bulletin] HPSBMU02772 SSRT100603 rev.1 - HP System Health Application and Command Line Utilities for Linux, Remote Execution of Arbitrary Code 2012-05-02i-FTP Buffer Overflow SEH 2014-11-05
[security bulletin] HPSBMU02775 SSRT100853 rev.1 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation 2012-05-08Ignore the amount customers confirm is no security vulnerability according to PayPal 2014-07-17
[security bulletin] HPSBMU02775 SSRT100853 rev.2 - HP Performance Insight for Networks Running on HP-UX, Linux, Solaris, and Windows, Remote SQL Injection, Cross Site Scripting (XSS), Privilege Elevation 2012-05-09iGuard Biometric Access Control - Multiple Vulnerabilities 2011-11-11
[security bulletin] HPSBMU02776 SSRT100852 rev.1 - HP Onboard Administrator (OA), Remote Unauthorized Access to Data, Unauthorized Disclosure of Information Denial of Service (DoS) 2012-06-11IIS 6.0/7.5 Vulnerabilities [moderate risk] - ISOWAREZ BDAY RELEASE 2012-06-09
[security bulletin] HPSBMU02781 SSRT100617 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL, Remote Execution of Arbitrary Code, Denial of Service (DoS) 2012-07-02IIS Short File/Folder Name Disclosure by using tilde ~ character 2012-07-04
[security bulletin] HPSBMU02781 SSRT100617 rev.2 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows running PostgreSQL, Remote Execution of Arbitrary Code, Denial of Service (DoS) 2012-08-07IKEv1 cipher suite configuration mismatch in Siemens SIMATIC CP 343-1 Advanced 2017-01-11
[security bulletin] HPSBMU02783 SSRT100806 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) 2012-07-02IKEView.exe Fox beta 1 Stack Buffer Overflow 2015-09-12
[security bulletin] HPSBMU02785 SSRT100526 rev.1 - HP LoadRunner Running on Windows, Remote Execution of Arbitrary Code 2012-05-31IKEView.exe R60 Stack Buffer Overflow 2015-09-14
[security bulletin] HPSBMU02786 SSRT100877 rev.1 -
HP System Management Homepage (SMH) Running on Linux and Windows, Remote Unauthorized Access, Disclosure of Information, Data Modification, Denial of Service (DoS), Execution of Arbitrary Code 2012-06-27		Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities 2012-03-08
[security bulletin] HPSBMU02790 SSRT100872 rev.1 - HP Server Automation, Remote Execution of Arbitrary Code 2012-06-11imageone Cms Multiple vulnerabilities 2016-01-23
[security bulletin] HPSBMU02792 SSRT100820 rev.1 - HP Business Service Management (BSM), Remote Unauthorized Disclosure of Information, Unauthorized Modification, Denial of Service (DoS) 2012-06-19ImgPals Photo Host Version 1.0 Admin Account Disactivation 2012-02-28
[security bulletin] HPSBMU02792 SSRT100820 rev.2 - HP Business Service Management (BSM), Remote Unauthorized Disclosure of Information, Unauthorized Modification, Denial of Service (DoS) 2012-06-26Imperva SecureSphere Operations Manager version 9.0.0.5 - Multiple issues 2013-06-01
[security bulletin] HPSBMU02796 SSRT100594 rev.1 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code 2012-07-09Implications of IPv6 on network firewalls 2011-11-21
[security bulletin] HPSBMU02796 SSRT100594 rev.2 - HP Operations Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code 2012-07-13Import Woocommerce XSS Vulnerability 2016-02-24
[security bulletin] HPSBMU02796 SSRT100594 rev.3 - HP Operations Agent and HP Performance Agent for AIX, HP-UX, Linux, Solaris and Windows, Remote Execution of Arbitrary Code 2012-08-02in_midi multiple vulnerabilities in Winamp 5.61 2011-06-29
[security bulletin] HPSBMU02797 SSRT100867 rev.1 -
HP Network Node Manager i (NNMi) v9.1x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS) 2012-07-17		inCommand Technologies, Inc. Cross-site Scripting Vulnerability 2011-10-21
[security bulletin] HPSBMU02798 SSRT100908 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Cross Site Scripting (XSS) 2012-08-06Incomplete protection of Oracle Database locked accounts (CVE-2012-0510) 2012-04-19
[security bulletin] HPSBMU02799 SSRT100867 rev.1 -
HP Network Node Manager i (NNMi) v9.0x Running JDK for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Information Disclosure, Modification, Denial of Service (DoS) 2012-07-17		indiacon (selloffers.php?cid) Remote SQL injection Vulnerability 2011-07-28
[security bulletin] HPSBMU02800 SSRT100921 rev.1 - HP Service Manager and HP Service Center Server, Remote Denial of Service (DoS) 2012-08-14Indonesia Web Design (link-directory.php?cid) (link-directory.php?pid) Remote SQL injection Vulnerability 2011-07-26
[security bulletin] HPSBMU02801 SSRT100879 rev.1 - HP Fortify Software Security Center, Remote Unauthenticated Disclosure of Information 2012-08-14info thegrideon com 
[security bulletin] HPSBMU02802 SSRT100923 rev.1 - HP Fortify Software Security Center, Remote Disclosure of Privileged Information 2012-08-14Infoblox Cross-site scripting vulnerabilities 2016-09-06
[security bulletin] HPSBMU02803 SSRT100926 rev.1 - HP Service Manager and HP Service Center Web Tier, Remote Cross Site Scripting (XSS) 2012-08-14Infocus Web Solutions (news_desc.php?id) Remote SQL injection Vulnerability 2011-07-28
[security bulletin] HPSBMU02811 SSRT100937 rev.1 - HP Business Availability Center (BAC) Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF), and Web Session Hijacking 2012-09-06Information on recently-fixed Oracle VM VirtualBox vulnerabilities 2014-02-07
[security bulletin] HPSBMU02813 SSRT100712 rev.1 - HP Operations Orchestration, Remote Execution of Arbitrary Code 2012-09-17Information Security Forecast 2014 2013-11-17
[security bulletin] HPSBMU02815 SSRT100715 rev.2 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution 2012-09-19InfoSec Southwest 2012 CFP 2011-12-01
[security bulletin] HPSBMU02815 SSRT100715 rev.3 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution 2012-09-20InfoSec Southwest 2012 CFP First-round Speaker Selections 2012-01-03
[security bulletin] HPSBMU02815 SSRT100715 rev.4 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution 2012-11-02InfoSec Southwest 2012 Open Registration 2012-01-20
[security bulletin] HPSBMU02815 SSRT100715 rev.5 - HP SiteScope SOAP Security Issues, Remote Disclosure of Information, Remote Code Execution 2013-02-14Inout Mobile Webmail APP - Multiple Web Vulnerabilities 2012-08-05
[security bulletin] HPSBMU02817 SSRT100950 rev.1 - HP Network Node Manager i (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Disclosure of Information 2012-10-03INSECT Pro - Exploit EChat Server <= v2.5 20110812 - Remote Buffer Overflow Exploit 2011-08-12
[security bulletin] HPSBMU02827 SSRT100924 rev.1 - HP Performance Insight with Sybase, Remote Denial of Service (DoS) and Loss of Data 2012-11-02Insecure application-coupling in Good Authentication Delegation [MZ-15-03] 2015-09-25
[security bulletin] HPSBMU02830 SSRT100889 rev.2 - HP Data Protector, Local Increase of Privilege 2013-04-25Insecure CHIASMUS encryption in GSTOOL 2013-09-11
[security bulletin] HPSBMU02838 SSRT100789 rev.1 - HP Serviceguard on Linux, Remote Denial of Service (DoS) 2013-01-11Insecure management of login credentials in PicsArt Photo Studio for Android [STIC-2014-0426] 2014-11-06
[security bulletin] HPSBMU02841 SSRT100724 rev.1 - HP Diagnostics Server, Remote Execution of Arbitrary Code 2013-01-22Insecure RSA Encryption in jCryption, PEAR Crypt_RSA and Crypt_RSA2 2011-11-30
[security bulletin] HPSBMU02849 SSRT101124 rev.1 - HP ServiceCenter, Remote Denial of Service (DoS) 2013-03-06Insecure transmission of data in Android applications developed with Adobe AIR [CVE-2016-6936] 2016-09-14
[security bulletin] HPSBMU02870 SSRT101012 rev.2 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access 2013-07-16Insert PHP WordPress Plugin allows authenticated user to execute arbitrary PHP 2016-07-31
[security bulletin] HPSBMU02872 SSRT101185 rev.1 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) 2013-04-30Insomnia : ISVA-110822.1 - Pidgin IM Insecure URL Handling Remote Code Execution 2011-08-22
[security bulletin] HPSBMU02872 SSRT101185 rev.2 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) 2013-09-25Instagram Photo Upload and Flattr Money Redirection Vulnerability 2013-11-21
[security bulletin] HPSBMU02872 SSRT101185 rev.3 - HP Service Manager, Remote Disclosure of Information, Cross Site Scripting(XSS) 2013-10-31InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-22
[security bulletin] HPSBMU02874 SSRT101184 rev.2 - HP Service Manager, Java Runtime Environment (JRE) Security Update 2013-10-31InstantCoder v1.0 iOS - Multiple Web Vulnerabilities 2016-02-23
[security bulletin] HPSBMU02883 SSRT101227 rev.1 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code 2013-06-04Insufficient certificate validation in EMC Secure Remote Services Virtual Edition 2015-08-17
[security bulletin] HPSBMU02884 rev.1 - HP Service Manager and HP ServiceCenter, Cross Site Scripting (XSS) and Disclosure of Information 2013-06-11Integer overflow in foobar2000 1.1.7 2011-07-04
[security bulletin] HPSBMU02895 SSRT101253 rev.3 - HP Data Protector, Remote Increase of Privilege, Denial of Service (DoS), Execution of Arbitrary Code 2014-10-02Integer overflow in Sterling Trader 7.0.2 2011-09-28
[security bulletin] HPSBMU02900 rev.1 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities 2013-07-18Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 4.1.X Bypass 
[security bulletin] HPSBMU02900 rev.3 - HP System Management Homepage (SMH) running on Linux and Windows, Multiple Remote and Local Vulnerabilities 2013-09-18Internet Explorer 8 - Fixed Col Span ID Full ASLR, DEP & EMET 5.1 Bypass (MS12-037)
[security bulletin] HPSBMU02901 rev.1 - HP Business Process Monitor running on Windows, Remote Execution of Arbitrary Code and Disclosure of Information 2013-10-10Internet Explorer 9 XSS Filter Bypass 2012-10-18
[security bulletin] HPSBMU02915 rev.1 - HP Service Manager, Remote Unauthenticated Access and Elevation of Privilege 2013-08-14Internet Explorer iframe sandbox local file name disclosure vulnerability 2016-08-09
[security bulletin] HPSBMU02917 rev.1 - HP System Management Homepage (SMH) running on Linux and Windows, Remote Command Execution and Privilege Escalation 2013-09-18Internet Explorer OLE Pre-IE11 - Automation Array Remote Code Execution / Powershell VirtualAlloc (MS14-064)
[security bulletin] HPSBMU02931 rev.1 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) 2013-10-15Internet Explorer Script Interjection Code Execution (updated) 2012-09-06
[security bulletin] HPSBMU02931 rev.2 - HP Service Manager, Injection of Arbitrary Code, Remote Privilege Elevation, Remote Disclosure of Privileged Information and Cross Site Scripting (XSS) 2013-11-01Internet Explorer Script Interjection Code Execution 2012-08-16
[security bulletin] HPSBMU02932 rev.1 - HP Application LifeCycle Management, ALM client component, Remote Execution of Arbitrary Code 2013-10-31Interspire Email Marketer v6.0.1 - Multiple Vulnerabilites 2012-10-08
[security bulletin] HPSBMU02933 rev.1 - HP SiteScope, issueSiebelCmd SOAP Request, Remote Code Execution 2013-10-31Interspire Shopping Cart v6 - Multiple Web Vulnerabilities 2012-06-14
[security bulletin] HPSBMU02933 rev.2 - HP SiteScope, issueSiebelCmd and loadFileContents SOAP Requests, Remote Code Execution, Arbitrary File download, Denial of Service (DoS) 2014-03-05Intersystems Cache Remote Code Execution (via Default 'Minimal Security' Install) 2013-11-19
[security bulletin] HPSBMU02934 rev.1 - HP Application LifeCycle Management, GossipService SOAP Request, Remote Code Execution 2013-10-31Introduction to R-sequence public key cryptography attack 2011-12-11
[security bulletin] HPSBMU02935 rev.1 - HP LoadRunner Virtual User Generator, Remote Code Execution 2013-10-31Intuit Help System Protocol File Retrieval 2012-03-30
[security bulletin] HPSBMU02935 rev.2 - HP LoadRunner Virtual User Generator, Remote Code Execution, Disclosure of information 2014-04-17Intuit Help System Protocol URL Heap Corruption and Memory Leak 2012-03-30
[security bulletin] HPSBMU02971 rev.1 - HP Application Information Optimizer, Remote Execution of Code, Information Disclosure 2014-02-24Intuit QuickBooks 2007 - 2016 Arbitrary Code Execution 2016-05-10
[security bulletin] HPSBMU02982 rev.1 - HP Database and Middleware Automation, Disclosure of Information 2014-04-17Investors Application - Client Side Cross Site Scripting Vulnerability 2016-02-19
[security bulletin] HPSBMU02987 rev.1 - HP Universal Configuration Management Database Integration Service, Remote Code Execution 2014-04-17Invitation to Register and Participate in the Entretiens Jacques Cartier (EJC) Colloquium on IT Security, Cyber Forensics and Combating Cybercrime 2011-09-14
[security bulletin] HPSBMU02988 rev.1 - HP Universal Configuration Management Database, Disclosure of Information 2014-04-17InYourLife (dettaglio.php?id) (dettaglio_immobile.php?id) (notizia.php?id) Remote SQL injection Vulnerability 2011-08-16
[security bulletin] HPSBMU02994 rev.2 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information 2014-04-19IObit Protected Folder Authentication Bypass 2012-06-15
[security bulletin] HPSBMU02995 rev.1 -
HP Software HP Service Manager, Asset Manager, UCMDB Browser, Executive Scorecard,
Server Automation, Diagnostics, LoadRunner, Performance Center, "HeartBleed" OpenSSL Vulnerability, Remote Disclosure of Information 2014-04-11		iOS: List of available trusted root certificates 2013-09-30
[security bulletin] HPSBMU02995 rev.3 -
HP Software HP Service Manager, Asset Manager,
UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-17		IP.Board 3.4 cross-site scripting in Referer header 2014-07-16
[security bulletin] HPSBMU02995 rev.4 -
HP Software HP Service Manager, Asset Manager,
UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-18		iPic Sharp v1.2.1 Wifi iOS - Persistent Foldername Web Vulnerability 2013-07-24
[security bulletin] HPSBMU02995 rev.5 -
HP Software HP Service Manager, Asset Manager,
UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-04-23		IpTools - Rcmd Remote Overflow Vulnerability 2012-01-06
[security bulletin] HPSBMU02995 rev.7 -
HP Software HP Service Manager, Asset Manager,
UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-05-15		IpTools(Tiny TCP/IP server) - WebServer Directory Traversal Vulnerability 2012-01-06
[security bulletin] HPSBMU02995 rev.8 -
HP Software HP Service Manager, Asset Manager,
UCMDB Browser, UCMDB Configuration Manager, Executive Scorecard, Server Automation, Diagnostics, LoadRunner, and Performance Center, running OpenSSL, Remote Disclosure 2014-05-22		IPv6 Hackers mailing-list 2011-08-09
[security bulletin] HPSBMU02996 rev.1 - HP Network Node Manager I (NNMi) for HP-UX, Linux, Solaris, and Windows, Remote Unauthorized Access, Execution of Arbitrary Code 2014-04-16IPv6 host scanning in IPv6 2012-04-20
[security bulletin] HPSBMU02997 rev.2 - HP Smart Update Manager (SUM) running OpenSSL, Remote Disclosure of Information 2014-04-23IPv6 implications on IPv4 nets: IPv6 RAs, IPv4, and VPN "evasion" 2012-09-04
[security bulletin] HPSBMU02998 rev.2 - HP System Management Homepage (SMH) running OpenSSL on Linux and Windows, Remote Disclosure of Information, Denial of Service (DoS) 2014-04-17IPv6 NIDS evasion and IPv6 fragmentation/reassembly improvements 2012-02-20
[security bulletin] HPSBMU02999 rev.1 - HP Software Autonomy WorkSite Server (On-Premises Software), Running OpenSSL, Remote Disclosure of Information 2014-04-16IPv6 security (slides and training) 2011-11-08
[security bulletin] HPSBMU03012 rev.1 - HP Insight Management VCEM Web Client SDK (VCEMSDK) running OpenSSL, Remote Disclosure of Information 2014-04-18IPv6 security presentation at Hack.lu 2011 2011-09-21
[security bulletin] HPSBMU03013 rev.1 - WMI Mapper for HP Systems Insight Manager running OpenSSL, Remote Disclosure of Information 2014-04-22IPv6 security tools released 2012-07-05
[security bulletin] HPSBMU03017 rev.1 - HP Software Connect-IT running OpenSSL, Remote Disclosure of Information 2014-04-22IPv6 security: New IETF I-Ds, slideware and videos for recent presentations, trainings, etc... 2012-05-23
[security bulletin] HPSBMU03018 rev.1 - HP Software Asset Manager running OpenSSL, Remote Disclosure of Information 2014-04-22IPv6 Toolkit v1.2.3 released! (and upcoming IPv6 security trainings) 2012-09-15
[security bulletin] HPSBMU03019 rev.1 - HP Software UCMDB Browser and Configuration Manager running OpenSSL, Remote Disclosure of Information 2014-04-22IPv6: How to avoid security issues with VPN leaks on dual-stack networks 2013-01-24
[security bulletin] HPSBMU03020 rev.1 - HP Version Control Agent (VCA) and Version Control Repository Manager (VCRM) running OpenSSL on Linux and Windows, Remote Disclosure of Information 2014-04-24ipv6mon v1.0 released! (IPv6 address monitoring daemon) 2012-09-13
[security bulletin] HPSBMU03022 rev.1 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information 2014-04-26Irfanview Plugins JLS Decompression 2012-06-29
[security bulletin] HPSBMU03022 rev.3 - HP Systems Insight Manager (SIM) Bundled Software running OpenSSL, Remote Disclosure of Information 2014-05-19Is Your Online Bank Vulnerable To Currency Rounding Attacks? 2012-01-09
[security bulletin] HPSBMU03024 rev.3 -
HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information 2014-06-09		iScan Online Mobile 2.0.1 iOS - Command Inject Vulnerability 2014-06-03
[security bulletin] HPSBMU03025 rev.2 - HP Diagnostics running OpenSSL, Remote Disclosure of Information 2014-05-22iScripts EasyCreate CMS v2.0 - Multiple Web Vulnerabilites 2012-06-14
[security bulletin] HPSBMU03029 rev.2 - HP Insight Control Server Migration running OpenSSL, Remote Disclosure of Information 2014-06-05iScripts Multicart Cms Multiple Vulnerability 2015-12-07
[security bulletin] HPSBMU03033 rev.3 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information 2014-06-04iShare Your Moving Library 1.0 iOS - Multiple Vulnerabilities 2014-04-02
[security bulletin] HPSBMU03037 rev.2 - HP Multimedia Service Environment (MSE), (HP Network Interactive Voice Response (NIVR)), Remote Disclosure of Information 2014-08-04iStArtApp FileXChange v6.2 iOS - Multiple Web Vulnerabilities 2014-03-28
[security bulletin] HPSBMU03040 rev.1 - HP LoadRunner & HP Performance Center, running OpenSSL, Remote Disclosure of Information 2014-05-14ITTWeb Remote SQL injection Vulnerability 2011-09-02
[security bulletin] HPSBMU03043 rev.1 - HP Smart Update Manager for Windows and Linux, Local Disclosure of Information 2014-12-09iTunes 11.2.2 for Windows: completely outdated and vulnerable 3rd party libraries 2014-07-07
[security bulletin] HPSBMU03045 rev.1 - HP Service Virtualization Running AutoPass License Server, Remote Code Execution 2014-06-10iTunes 12.1.1 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-02-19
[security bulletin] HPSBMU03048 rev.1 - HP Software Executive Scorecard, Remote Execution of Code, Directory Traversal 2014-06-17iTunes 12.2 and QuickTime 7.7.7 for Windows: still outdated and VULNERABLE 3rd party libraries, still UNQUOTED and VULNERABLE pathnames C:\Program Files\... 2015-07-01
[security bulletin] HPSBMU03056 rev.1 -
HP Version Control Repository Manager (HP VCRM) running OpenSSL on
Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-27		iTwitter v0.04 WP Plugin - XSS & CSRF Web Vulnerability 2014-12-18
[security bulletin] HPSBMU03057 rev.1 - HP Version Control Agent (HP VCA) running OpenSSL
on Linux and Windows, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-27		iVault Private P&V 1.1 iOS - Path Traversal Vulnerability 2014-04-10
[security bulletin] HPSBMU03058 rev.1 - HP BladeSystem c-Class Onboard Administrator (OA) running OpenSSL, Remote Disclosure of Information 2014-06-26iWifi for Chat v1.1 iOS - Denial of Service Vulnerability 2014-12-16
[security bulletin] HPSBMU03059 rev.1 - HP SiteScope, Remote Authentication Bypass 2014-07-02Jackie Blanco (jackie sdiwc info) 
[security bulletin] HPSBMU03061 rev.1 - HP Release Control, Disclosure of Privileged Information and Elevation of Privilege 2014-06-27Jacobo Avariento (spinfoo vuln gmail com) 
[security bulletin] HPSBMU03062 rev.1 - HP Insight Control server deployment on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-08-08JagoanStore CMS Arbitary file upload vulnerability 2011-08-22
[security bulletin] HPSBMU03064 rev.1 - HP Universal CMDB, Remote Information Disclosure, Execution of Code 2014-07-02Jamie R (jamie riden gmail com) 
[security bulletin] HPSBMU03071 rev.1 - HP Autonomy IDOL, Running OpenSSL, Remote Unauthorized Access, Disclosure of Information 2014-07-22January 2016 - Bamboo - Critical Security Advisory 2016-01-22
[security bulletin] HPSBMU03072 rev.3 - HP Data Protector, Remote Execution of Arbitrary Code 2014-11-17jara 1.6 sql injection vulnerability 2011-10-22
[security bulletin] HPSBMU03073 rev.1 - HP Network Virtualization, Remote Execution of Code, Disclosure of Information 2014-07-23Jasig CAS server vulnerabilities 2015-09-21
[security bulletin] HPSBMU03075 rev.1 - HP Network Node Manager I (NNMi) for Windows and Linux, Remote Execution of Arbitrary Code 2014-09-09Java HotSpot Cryptographic Provider signature verification vulnerability 2011-06-06
[security bulletin] HPSBMU03076 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-07-23JavaScript Anywhere v3.0.4 iOS - Persistent Vulnerability 2016-02-08
[security bulletin] HPSBMU03076 rev.2 - HP Systems Insight Manager (SIM) on Linux and Windows running OpenSSL, Multiple Vulnerabilities 2014-08-25Javascript Injection in Microsoft Lync 4.0.7577.0 2011-06-10
[security bulletin] HPSBMU03078 rev.1 - HP CloudSystem Foundation and HP CloudSystem Enterprise Software running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-07-29JAWS Weak Service Permissions leads to Privilege Escalation 2016-04-08
[security bulletin] HPSBMU03081 rev.1 - HP Enterprise Maps, Remote Information Disclosure 2014-07-31JCE Joomla Extension <=2.0.10 Multiple Vulnerabilities 2011-08-27
[security bulletin] HPSBMU03083 rev.1 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-04Jcow CMS 4.2 <= | Cross Site Scripting 2011-08-26
[security bulletin] HPSBMU03083 rev.2 - HP BladeSystem c-Class Virtual Connect Firmware running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-03Jcow CMS 4.x:4.2 <= , 5.x:5.2 <= | Arbitrary Code Execution 2011-08-26
[security bulletin] HPSBMU03085 rev.1 - HP Application Lifecycle Management / Quality Center, Elevation of Privilege 2014-08-05Jenkins 1.626 - Cross Site Request Forgery / Code Execution 2015-08-28
[security bulletin] HPSBMU03086 rev.1 - HP Operations Agent running Glance, Local Elevation of Privilege 2014-08-07Jetro Cockpit Secure Browsing vulnerability - Client missing input validation allowing RCE 2014-02-17
[security bulletin] HPSBMU03089 rev.1 - HP Executive Scorecard, Running OpenSSL, Disclosure of Information 2014-08-11JFreeChart - Path Disclosure vulnerability 2011-06-17
[security bulletin] HPSBMU03090 rev.1 - HP SiteScope, running Apache Struts, Remote Execution of Arbitrary Code 2014-08-13Jobs Portal v3.0 NetArtMedia - Multiple Web Vulnerabilites 2012-06-14
[security bulletin] HPSBMU03110 rev.1 - HP Sprinter, Remote Execution of Code 2014-10-08JOIDS (Java OpenID Server) multiple vulnerabilities 2014-03-04
[security bulletin] HPSBMU03118 rev.1 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2014-10-02Joomla 1.5.x to 3.4.5 Object Injection Exploit (golang) 2015-12-31
[security bulletin] HPSBMU03118 rev.3 - HP Systems Insight Manager (SIM) on Linux and Windows, Multiple Remote Vulnerabilities 2015-01-06Joomla 2.5.6 Multiple Cross-site scripting vulnerabilities 2012-09-18
[security bulletin] HPSBMU03127 rev.1 - HP Operations Manager for UNIX, Remote Code Execution 2014-10-08Joomla com_fireboard - SQL Injection Vulnerability 2012-08-09
[security bulletin] HPSBMU03165 rev.1 - HP Propel running Bash Shell, Remote Code Execution 2014-11-11Joomla com_package - SQL Injection Vulnerability 2012-08-05
[security bulletin] HPSBMU03182 rev.1 - HP Server Automation running Bash Shell, Remote Code Execution 2014-11-12Joomla com_photo - SQL Injection Vulnerability 2012-08-05
[security bulletin] HPSBMU03183 rev.2 - HP Server Automation and Server Automation Virtual Appliance, running SSL, Remote Disclosure of Information 2014-11-17joomla com_zimbcomment Components Local File Include vulnerability 2013-09-25
[security bulletin] HPSBMU03184 rev.1 - HP SiteScope running SSL, Remote Disclosure of Information 2014-11-11Joomla crypto vulnerability (all versions) 2013-06-20
[security bulletin] HPSBMU03190 rev.1 - HP Helion Cloud Development Platform Community and Commercial Editions, Remote Unauthenticated Access 2014-11-11Joomla! 1.6.3 and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities 2011-06-28
[security bulletin] HPSBMU03214 rev.1 - HP Systinet running SSLv3, Remote Disclosure of Information 2014-11-25Joomla! 1.7.0 | Multiple Cross Site Scripting (XSS) Vulnerabilities 2011-09-29
[security bulletin] HPSBMU03217 rev.1 - HP Vertica Analytics Platform running Bash Shell, Remote Code Execution 2014-12-16Joomla! 1.7.0-RC and lower | Multiple Cross Site Scripting (XSS) Vulnerabilities 2011-07-22
[security bulletin] HPSBMU03221 rev.1 - HP Connect-IT running SSLv3, Remote Disclosure of Information 2014-12-16Joomla! Plugin - Beatz 1.x <= Multiple Cross Site Scripting Vulnerabilities 2012-04-15
[security bulletin] HPSBMU03230 rev.1 - HP Insight Control server deployment Remote Disclosure of Information 2015-01-13Joomla! redSHOP component v1.2 SQL Injection 2013-08-08
[security bulletin] HPSBMU03236 rev.1 - HP Systems Insight Manager for Windows running Bash Shell, Remote Code Execution 2015-02-02Joomla! VirtueMart component <= 2.0.22a - SQL Injection 2013-08-22
[security bulletin] HPSBMU03239 rev.1 - HP UCMDB, Remote Disclosure of Information 2015-02-02JSN PowerAdmin Joomla! Extension - Remote Command Execution Via CSRF and XSS vulnerabilities 2016-02-24
[security bulletin] HPSBMU03245 rev.1 - HP Insight Control server deployment Linux Preboot Execution Environment running Bash Shell, Multiple Vulnerabilities 2015-02-10JSPMySQL Administrador CSRF & XSS Vulnerabilities 2015-09-05
[security bulletin] HPSBMU03246 rev.1 - HP Insight Control for Linux Central Management Server Pre-boot Execution Environment running Bash Shell, Multiple Vulnerabilities 2015-02-10Julien Ahrens (info rcesecurity com) 
[security bulletin] HPSBMU03339 rev.1 - HP LoadRunner Controller, Local Execution of Arbitrary Code 2015-09-01Julien Ahrens (julien ahrens rcesecurity com) 
[security bulletin] HPSBMU03345 rev.1 - HP Network Node Manager i (NNMi) and Smart Plugins (iSPIs) for HP-UX, Linux, Solaris, and Windows, Remote Disclosure of Information, Unauthorized Modification 2015-08-24July 2016 - Bamboo Server - Critical Security Advisory 2016-07-26
[security bulletin] HPSBMU03356 rev.1 - HP Business Service Automation Essentials (BSAE) running TLS, Remote Disclosure of Information 2015-06-22Juniper Secure Access XSS Vulnerability 2013-07-22
[security bulletin] HPSBMU03377 rev.1 - HP Release Control running RC4, Remote Disclosure of Information 2015-07-20Just4meeting 3.0 - Lisbon/Portugal - 6 to 8 - July 2012-07-04
[security bulletin] HPSBMU03377 rev.2 - HP Release Control running RC4, Remote Disclosure of Information 2016-03-14Justin Bull (me justinbull ca) 
[security bulletin] HPSBMU03380 rev.1 - HP System Management Homepage (SMH) on Linux and Windows, Multiple Vulnerabilities 2015-07-20KaiBB 2.0.1 XSS and SQL Injection vulnerabilities 2011-10-09
[security bulletin] HPSBMU03392 rev.2 - HP ArcSight Logger, Remote Authorization Bypass 2015-09-14Kaspersky Password Manager 5.0.0.164 - Software Filter Vulnerability 2012-08-02
[security bulletin] HPSBMU03396 rev.1 - HP Version Control Repository Manager (VCRM) on Windows and Linux, Multiple Vulnerabilities 2015-08-24Kaspersky PM 5.0.0.164 - Software Filter Vulnerability 2012-08-01
[security bulletin] HPSBMU03397 rev.1 - HP Version Control Agent (VCA) on Windows and Linux, Multiple Vulnerabilities 2015-08-24Kaspersky Safe Browser iOS Application - MITM SSL Certificate Vulnerability (CVE-2016-6231) 2016-08-01
[security bulletin] HPSBMU03401 rev.1 - HP Operations Manager for UNIX and Linux, Remote Unauthorized Modification, Disclosure of Information 2015-08-31KDE Paste Applet 2013-05-28
[security bulletin] HPSBMU03409 rev.1 - HP Matrix Operating Environment, Multiple Vulnerabilities 2015-08-24Kerio Control <= 8.3.1 Boolean-based blind SQL Injection 2014-06-30
[security bulletin] HPSBMU03413 rev.1 - HP Virtual Connect Enterprise Manager SDK, Multiple Vulnerabilities 2015-08-24Key Systems Electronic Key Lockers command injection and weak authentication vulnerabilities 2012-10-08
[security bulletin] HPSBMU03416 rev.1 - HP Data Protector, Remote Disclosure of Information 2015-08-28KeyPass Password Safe v1.22 - Software Filter Vulnerability 2012-07-17
[security bulletin] HPSBMU03518 rev.1 - HP Vertica, Remote Code Execution 2015-11-02Kimia Remote SQL injection Vulnerability 2011-08-08
[security bulletin] HPSBMU03520 rev.1 - HP Insight Control server provisioning, Remote Disclosure of Information 2015-12-09Kingcopes AthCon 2012 Slides & Notes 2012-05-24
[security bulletin] HPSBMU03562 rev.1 - HPE Service Manager using Java Deserialization, Remote Arbitrary Code Execution 2016-03-21KIWICON: THE ANNUCIATION 2012-09-04
[security bulletin] HPSBMU03562 rev.2 - HPE Service Manager using Java Deserialization, Remote Arbitrary Code Execution 2016-03-24KL-001-2014-004 : VMWare vmx86.sys Arbitrary Kernel Read 2014-11-05
[security bulletin] HPSBMU03573 rev.1 - HPE System Management Homepage (SMH), Remote Disclosure of Information 2016-04-22KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation 2015-09-01
[security bulletin] HPSBMU03575 rev.1 - HP Smart Update Manager (SUM), Remote Denial of Service (DoS), Disclosure of Information 2016-04-19KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation 2015-09-01
[security bulletin] HPSBMU03584 rev.1 - HPE Network Node Manager I (NNMi), Multiple Remote Vulnerabilities 2016-05-05KL-001-2015-005 : VBox Satellite Express Arbitrary Write Privilege Escalation 2015-09-17
[security bulletin] HPSBMU03589 rev.1 - HPE Version Control Repository Manager (VCRM), Remote Denial of Service (DoS) 2016-05-12KL-001-2015-007 : Seagate GoFlex Satellite Remote Telnet Default Password 2015-12-18
[security bulletin] HPSBMU03590 rev.1 - HPE Systems Insight Manager (SIM) on Windows and Linux, Multiple Vulnerabilities 2016-05-13KL-001-2015-008 : Dell Pre-Boot Authentication Driver Uncontrolled Write to Arbitrary Address 2015-12-18
[security bulletin] HPSBMU03591 rev.1 - HPE Server Migration Pack, Remote Denial of Service (DoS) 2016-05-12KL-001-2016-001 : Arris DG1670A Cable Modem Remote Command Execution 2016-02-12
[security bulletin] HPSBMU03653 rev.1 - HPE System Management Homepage (SMH), Remote Arbitrary Code Execution, Cross-Site Scripting (XSS), Denial of Service (DoS), Unauthorized Disclosure of Information 2016-10-27Kleefa v1.7 (IR) - Multiple Web Vulnerabilities 2016-01-27
[security bulletin] HPSBMU03684 rev.1 - HPE Version Control Repository Manager (VCRM), Multiple Remote Vulnerabilities 2016-12-16Kloxo LxCenter Server CP v6.1.10 - Multiple Web Vulnerabilities 2012-02-10
[security bulletin] HPSBNS03581 rev.2 - HPE NonStop Servers running Samba (NS-Samba), Multiple Remote Vulnerabilities 2016-05-11KmPlayer v3.0.0.1440 Local Crash PoC 2012-10-26
[security bulletin] HPSBNS03635 rev.1 - HPE NonStop Servers OSS Script Languages running Perl and PHP, Multiple Local and Remote Vulnerabilities 2016-08-20KnFTPd v1.0.0 Multiple Command Remote Buffer Overflow 2011-09-02
[security bulletin] HPSBNS03661 rev.1 - NonStop Backbox, Remote Disclosure of Information 2016-10-13Knowledge Base EE v4.62.0 - SQL Injection Vulnerability 2012-09-12
[security bulletin] HPSBOV02467 SSRT090152 rev.1 - HP TCP/IP Services for OpenVMS Running POP or IMAP, Remote Unauthorized Access 2011-11-04Kohana Framework v2.3.3 - Directory Traversal Vulnerability 2013-01-28
[security bulletin] HPSBOV02470 SSRT080123 rev.1 - HP TCP/IP Services for OpenVMS Running SMTP Server, Remote Denial of Service (DoS) 2011-11-04Kongreg8 1.7.3 Mutiple XSS 2012-02-25
[security bulletin] HPSBOV02470 SSRT080123 rev.2 - HP TCP/IP Services for OpenVMS Running SMTP Server, Remote Denial of Service (DoS) 2011-11-16Kotas, Kevin J (Kevin Kotas ca com) 
[security bulletin] HPSBOV02497 SSRT090245 rev.4 - HP TCP/IP Services for OpenVMS Running NTP, Remote Execution of Arbitrary Code, Denial of Service (DoS) 2011-09-22Kunena Forum Extension for Joomla Multiple Reflected Cross-Site Scripting Vulnerabilities 2014-07-28
[security bulletin] HPSBOV02762 SSRT100825 rev.1 -
HP Secure Web Server (SWS) for OpenVMS running CSWS_JAVA, Remote Denial of Service (DoS), Unauthorized Access, Privilege Escalation, Unauthorized Disclosure of Information, Unauthorized Modification 2012-04-17		Kunena Forum Extension for Joomla Multiple SQL Injection Vulnerabilities 2014-07-28
[security bulletin] HPSBOV02763 SSRT100826 rev.1 -
HP Secure Web Server (SWS) for OpenVMS running PHP, Remote Denial of Service (DoS), Unauthorized Access, Privilege escalation, Unauthorized Disclosure of Information, Unauthorized Modification 2012-04-17		LAB GRAPHIC DESIGN (index.php?categoria_id) Remote SQL injection Vulnerability 2011-08-23
[security bulletin] HPSBOV02765 SSRT100828 rev.1 - HP OpenVMS, local Denial of Service (DoS) 2012-04-17lab382 (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-17
[security bulletin] HPSBOV02774 SSRT100684 rev.1 - HP TCP/IP Services for OpenVMS, BIND 9 Resolver, Remote Denial of Service (DoS) 2012-06-14LabStoRe <= 1.5.4 Sql Injection Vulnerabilities 2011-11-08
[security bulletin] HPSBOV02780 SSRT100766 rev.1 - HP OpenVMS ACMELOGIN, Local Unauthorized 2012-05-17LabWiki <= 1.1 Multiple Vulnerabilities 2011-11-09
[security bulletin] HPSBOV02780 SSRT100766 rev.2 - HP OpenVMS ACMELOGIN, Local Unauthorized Access and Increased Privileges 2012-06-21LACSEC 2012 Agenda (May 6-11, 2012, Quito, Ecuador) 2012-05-03
[security bulletin] HPSBOV02793 SSRT100891 rev.1 - HP OpenVMS running SSL, Remote Denial of Service (DoS), Unauthorized Access 2012-06-21LAN Messenger v1.2.28 - Denial of Service Vulnerability 2012-05-01
[security bulletin] HPSBOV02822 SSRT100966 rev.1 - HP Secure Web Server (SWS) for OpenVMS, Remote Denial of Service (DoS), Unauthorized Access, Disclosure of Information 2012-10-09LAN Scan HD v1.20 iOS - Command Inject Vulnerability 2015-11-17
[security bulletin] HPSBOV02833 SSRT101043 rev.1 - OpenVMS running Java on Integrity Servers, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-01-07LanWhoIs.exe 1.0.1.120 Stack Buffer Overflow 2015-10-06
[security bulletin] HPSBOV02852 SSRT101108 rev.1 - HP SSL for OpenVMS, Remote Denial of Service (DoS), Unauthorized Disclosure of Information, Unauthorized Modification 2013-03-26Larry W. Cashdollar (larry0 me com) 
[security bulletin] HPSBOV03047 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS), Code Execution, Unauthorized Access, Disclosure of Information 2014-06-18Last CFP: ICETC2014 - IEEE - Poland (Deadline: Aug. 30) 2014-08-27
[security bulletin] HPSBOV03099 rev.1 - HP OpenVMS running OpenSSL, Remote Denial of Service (DoS) or Disclosure of Information 2014-09-12Last Day for AppSec USA 2011 CFP! 2011-06-14
[security bulletin] HPSBOV03225 rev.1 - HP OpenVMS running POP, Remote Denial of Service (DoS) 2014-12-16Last reminder for ClubHack 2012 : Call for Papers 2012-10-11
[security bulletin] HPSBOV03226 rev.1 - HP TCP/IP Services for OpenVMS, BIND 9 Resolver, Multiple Remote Vulnerabilities 2014-12-16Last reminder for Passwords^12 : Call for Presentations 2012-08-12
[security bulletin] HPSBOV03226 rev.2 - HP TCP/IP Services for OpenVMS, BIND 9 Server Resolver, Multiple Remote Vulnerabilities 2015-01-30Lastguru ASP GuestBook 'View.asp' - SQL Injection Vulnerability 2012-03-04
[security bulletin] HPSBOV03227 rev.1 - HP SSL for OpenVMS, Remote Disclosure of Information, Denial of Service (DoS) and Other Vulnerabilities 2015-01-10Lava (news_item.php?id) (album.php?id) (basket.php?baction) Remote SQL injection Vulnerability 2011-07-26
[security bulletin] HPSBOV03228 rev.1 - HP OpenVMS running Bash Shell, Remote Code Execution 2015-01-12Lazybone Studios WiFi Music 1.0 iOS - Multiple Vulnerabilities 2014-03-27
[security bulletin] HPSBOV03503 rev.1 - HP OpenVMS CSWS_JAVA running Tomcat, Multiple Remote Vulnerabilities 2015-10-15LEADTOOLS ActiveX control multiple DLL side loading vulnerabilities 2016-01-23
[security bulletin] HPSBOV03505 rev.1 - TCP/IP Services for OpenVMS running NTP, Remote Code Execution, Denial of Service (DoS) 2015-09-09LedgerSMB 1.3.0 released, includes anti-XSRF framework 2011-10-12
[security bulletin] HPSBOV03506 rev.1 - TCP/IP Services for OpenVMS running BIND, Remote Denial of Service (DoS) 2015-09-08Leo Famulari (leo famulari name) 
[security bulletin] HPSBPI02698 SSRT100404 rev.1 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code 2011-08-08Lepton CMS Archive Directory Traversal 2016-08-16
[security bulletin] HPSBPI02698 SSRT100404 rev.2 - HP Easy Printer Care Software Running on Windows, Remote Execution of Arbitrary Code 2012-01-12Lepton CMS PHP Code Injection 2016-08-16
[security bulletin] HPSBPI02711 SSRT100647 rev.1 - HP MFP Digital Sending Software Running on Windows, Local Information Disclosure 2011-10-20Liberating IT (picture.php?gid) Remote SQL injection Vulnerability 2011-08-07
[security bulletin] HPSBPI02728 SSRT100692 rev.1 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default 2011-12-01libexif project security advisory July 12, 2012 2012-07-12
[security bulletin] HPSBPI02728 SSRT100692 rev.2 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default 2011-12-27libnsbmp: heap overflow (CVE-2015-7508) and out-of-bounds read (CVE-2015-7507) 2015-12-16
[security bulletin] HPSBPI02728 SSRT100692 rev.3 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default 2012-01-09libnsgif: stack overflow (CVE-2015-7505) and out-of-bounds read (CVE-2015-7506) 2015-12-16
[security bulletin] HPSBPI02728 SSRT100692 rev.4 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default 2012-02-17libtiff <= 3.9.5 integer overflow bug 2013-08-24
[security bulletin] HPSBPI02728 SSRT100692 rev.5 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default 2012-03-19libtiff bmp file Heap Overflow (CVE-2015-8668) 2015-12-28
[security bulletin] HPSBPI02728 SSRT100692 rev.6 - Certain HP Printers and HP Digital Senders, Remote Firmware Update Enabled by Default 2012-04-26libtiff: invalid write (CVE-2015-7554) 2015-12-26
[security bulletin] HPSBPI02732 SSRT100435 rev.1 - HP Managed Printing Administration, Remote Execution of Arbitrary Code and Other Vulnerabilities 2011-12-27Liferay 6.1 can be compromised in its default configuration 2012-04-19
[security bulletin] HPSBPI02733 SSRT100646 rev.1 - Certain HP LaserJet Printers, Remote Unauthorized Access to Files 2012-01-09Liferay 6.1 can be compromised without having an account on the portal 2012-05-13
[security bulletin] HPSBPI02794 SSRT100542 rev.1 - Certain HP Photosmart Printers, Remote Denial of Service (DoS) 2012-06-28Liferay 6.1 json webservices are subject to cross-site request forgery attacks 2012-05-13
[security bulletin] HPSBPI02851 SSRT101078 rev.1 - Certain HP LaserJet Pro Printers, Unauthorized Access to Data 2013-03-07Liferay users can assign themselves to organizations, leading to possible privilege escalation 2012-05-13
[security bulletin] HPSBPI02869 SSRT100936 rev.2 - HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized Access to Files 2013-05-29LifeSize Room Vulnerabilities 2011-08-28
[security bulletin] HPSBPI02892 rev.1 - Certain HP FutureSmart MFP, Weak PDF Encryption, Local Disclosure of Information 2013-10-03Lighttpd Proof of Concept code for CVE-2011-4362 2011-12-24
[security bulletin] HPSBPI02945 rev.1 - HP Officejet Pro 8500 (A909) All-in-One Printer, Cross-Site Scripting (XSS) 2013-12-10Lime Survey 2-05+ Multiple Vulnerabilities 2014-07-06
[security bulletin] HPSBPI03014 rev.1 - HP LaserJet Pro MFP Printers, HP Color LaserJet Pro MFP Printers, Remote Disclosure of Information 2014-04-24Linksys E1200 and E2500 (Missing authorization on parental control) 2016-08-14
[security bulletin] HPSBPI03107 rev.1 - Certain HP LaserJet Printers, MFPs and Certain HP OfficeJet Enterprise Printers using OpenSSL, Remote Unauthorized Access 2014-09-22Linksys E2500 and E1200 (Unauth Command Injection) 2016-08-14
[security bulletin] HPSBPI03322 rev.1 - HP Access Control Software, Local Unauthorized Access 2015-05-19Linksys X3000 - Multiple Vulnerabilities 2013-06-22
[security bulletin] HPSBPI03546 rev.1 - HP LaserJet Printers and MFPs, HP OfficeJet Enterprise Printers, Remote Disclosure of Information 2016-03-03linux privileged and arbitrary chdir() (fixed at 5.4 cifs release) 2012-04-25
[security bulletin] HPSBPV02754 SSRT100803 rev.1 - HP ProCurve 5400 zl Switch, Compact flash card virus 2012-04-10LinuxOptic CMS 2009 - Auth Bypass Session Vulnerability 2015-08-28
[security bulletin] HPSBPV02754 SSRT100803 rev.2 - HP ProCurve 5400 zl Switch, Compact flash card contains trojan malware 2012-04-26Listendifferent (prodotto.php?IDprodotto) Remote SQL injection Vulnerability 2011-08-26
[security bulletin] HPSBPV02855 SSRT100512 rev.1 - HP ProCurve 1700-8(J9079A) and 1700-24(J9080A) Switches, Cross Site Request Forgery (CSRF) 2013-03-25LiteSpeed Web Server - Security Advisory - HTTP Header Injection Vulnerability 2016-01-20
[security bulletin] HPSBPV02891 rev.1 - HP ProCurve Switches, Remote Unauthorized Information Disclosure 2013-07-15Lithium Forum - (previewImages) Persistent Vulnerability 2015-12-22
[security bulletin] HPSBPV02918 rev.1 - HP ProCurve Manager (PCM), HP PCM+ and HP Identity Driven Manager (IDM), SQL Injection, Remote Code Execution, Session Reuse 2013-09-10LiveZilla 5.1.0.0 Reflected XSS in translations 2013-12-08
[security bulletin] HPSBPV03516 rev.1 - HP VAN SDN Controller, Multiple Vulnerabilities 2015-10-01LiveZilla 5.1.1.0 Stored XSS in operator clients 2013-12-10
[security bulletin] HPSBPV03516 rev.2 - HP VAN SDN Controller, Multiple Vulnerabilities 2016-10-11Local File Inclusion in PluXml 2012-05-02
[security bulletin] HPSBST02722 SSRT100279 rev.1 - HP StorageWorks P4000 Virtual SAN Appliance, Execution of Arbitrary Code 2011-11-11Local file inclusion in VtigerCRM 2011-11-09
[security bulletin] HPSBST02735 SSRT100516 rev.1 - HP StorageWorks Modular Smart Array P2000 G3, Remote Execution of Arbitrary Code 2012-01-13Local Microsoft Windows 7 / 8 / 10 Buffer Overflow via Third-Party USB-Driver (ser2co64.sys) 2016-02-08
[security bulletin] HPSBST02818 SSRT100960 rev.1 - HP IBRIX X9000 Storage, Remote Disclosure of Information 2012-10-01Local RedHat Enterprise Linux DoS â?? RHEL 7.3 Kernel crashes on invalid USB device descriptors (usbvision driver) 2015-10-07
[security bulletin] HPSBST02839 SSRT101077 rev.1 - HP XP P9000 Command View Advanced Edition, Remote Denial of Service (DoS) 2013-01-30Log2Space Central v 6.2 Multiple XSS Vulnerability 2016-01-27
[security bulletin] HPSBST02846 SSRT100798 rev.1 - HP LeftHand Virtual SAN Appliance hydra, Remote Execution of Arbitrary Code 2013-02-05Logstash vulnerability CVE-2015-5619 2015-08-21
[security bulletin] HPSBST02848 SSRT101112 rev.1 - HP XP P9000 Command View Advanced Edition Suite Products, Remote Disclosure of Information 2013-03-27London DEFCON - September 30th 2014 2014-09-30
[security bulletin] HPSBST02890 rev.1 - HP StoreOnce D2D Backup System, Unauthorized Remote Access and Modification 2013-06-26Looking for security contacts 2013-01-22
[security bulletin] HPSBST02890 rev.3 - HP StoreOnce D2D Backup System, Remote Unauthorized Access, Modification, and Escalation of Privilege 2013-07-12Loop (ricetta.php?id) Remote SQL injection Vulnerability 2011-09-02
[security bulletin] HPSBST02896 rev.2 - HP StoreVirtual Storage, Remote Unauthorized Access 2013-07-18los818 CMS 2016 Q1 - SQL Injection Web Vulnerability 2016-01-27
[security bulletin] HPSBST02897 rev.1 - HP StoreOnce D2D Backup System, Remote Denial of Service (DoS) 2013-08-22Low severity flaw in various applications including KSSL, Rekonq, Arora, Psi IM 2011-10-07
[security bulletin] HPSBST02919 rev.1 - HP XP P9000 Command View Advanced Edition Suite Software, Remote Cross Site Scripting (XSS) 2013-09-20LSE Leading Security Experts GmbH - LSE-2013-06-13 - Avira AntiVir Engine 2013-06-13
[security bulletin] HPSBST02937 rev.1 - HP StoreVirtual 4000 and StoreVirtual VSA Software dbd_manager, Remote Execution of Arbitrary Code 2014-02-24LSE Leading Security Experts GmbH - LSE-2014-05-21 - Check_MK - Arbitrary File Disclosure Vulnerability 2014-05-28
[security bulletin] HPSBST02968 rev.2 - HP StoreOnce, Remote Unauthorized Access 2014-03-27LSE Leading Security Experts GmbH - LSE-2014-05-22 - F*EX - Multiple Issues 2014-06-03
[security bulletin] HPSBST03000 rev.4 - HP StoreEver ESL G3 Tape Library and Enterprise Library LTO-6 Tape Drives running OpenSSL, Remote Disclosure of Information 2014-06-30LSE Leading Security Experts GmbH - LSE-2014-07-13 - Granding Grand MA 300 - Weak Pin Verification 2014-08-26
[security bulletin] HPSBST03001 rev.1 - HP XP P9500 Disk Array running OpenSSL, Remote Disclosure of Information 2014-04-15LSE Leading Security Experts GmbH - LSE-2015-10-14 - HumHub SQL-Injection 2015-11-30
[security bulletin] HPSBST03016 rev.4 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL, Remote Disclosure of Information 2014-06-12LSE Leading Security Experts GmbH - LSE-2016-01-01 - Wordpress ProjectTheme - Multiple Vulnerabilities 2016-03-09
[security bulletin] HPSBST03098 rev.1 - HP StoreEver MSL6480 Tape Library running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-08-21LSE Leading Security Experts GmbH - LSE-2016-02-03 - OXID eShop Path Traversal Vulnerability 2016-05-03
[security bulletin] HPSBST03106 rev.1 - HP P2000 G3 MSA Array System running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-09-08LSE-2012-03-01: PyPAM -- Python bindings for PAM - Double Free Corruption 2012-03-09
[security bulletin] HPSBST03106 rev.2 - HP P2000 G3 MSA Array System, HP MSA 2040/1040 Storage running OpenSSL, Remote Unauthorized Access or Disclosure of Information 2014-12-09Luciano Bello (luciano debian org) 
[security bulletin] HPSBST03148 rev.1 - HP StoreOnce Gen 2 Backup Systems running Bash Shell, Remote Code Execution 2014-11-25MacOS X 10.11 FTS Deep structure of the file system Buffer Overflow 2015-10-26
[security bulletin] HPSBST03154 rev.1 - HP StoreFabric C-series MDS switches and HP C-series Nexus 5K switches running Bash Shell, Remote Code Execution 2014-11-11MacOS X 10.11 hardlink bomb cause resource exhaustion (Avast PoC) 2015-10-26
[security bulletin] HPSBST03155 rev.1 - HP StoreFabric H-series switches running Bash Shell, Remote Code Execution 2014-11-11MacOS/iPhone/Apple Watch/Apple TV libc File System Buffer Overflow 2015-12-08
[security bulletin] HPSBST03181 rev.1 - HP StoreEver ESL G3 Tape Library running Bash Shell, Remote Code Execution 2014-11-11MacOSX/XNU HFS Multiple Vulnerabilities 2014-04-07
[security bulletin] HPSBST03265 rev.1 - HP VMA SAN Gateway running Bash Shell and OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, and Disclosure of Information 2015-03-03Magento 1.9.x Multiple Man-In The Middle 2016-01-25
[security bulletin] HPSBST03418 rev.1 - HP P6000 Command View Software, Remote Disclosure of Information 2015-09-17Magento Bug Bounty #19 - Persistent Filename Vulnerability 2015-09-11
[security bulletin] HPSBST03418 rev.2 - HP P6000 Command View Software, Remote Disclosure of Information 2015-10-02Magento Bug Bounty #22 - (Profile) Persistent Vulnerability 2015-11-17
[security bulletin] HPSBST03502 rev.1 - HP 3PAR Service Processor (SP) SPOCC, Remote Disclosure of Information 2015-09-30Magento Bug Bounty #24 - Multiple CSRF Web Vulnerabilities 2015-11-17
[security bulletin] HPSBST03517 rev.1 -
HP StoreOnce Backup systems, Remote Execution of Arbitrary Code with Privilege Elevation, Cross-Site Request Forgery (CSRF), Cross-Site Scripting (XSS) 2015-12-14		MailPoet Newsletter 2.6.19 - Security Advisory - Reflected XSS 2016-02-02
[security bulletin] HPSBST03568 rev.1 -
HP XP7 Command View Advanced Edition Suite including Device Manager and Hitachi Automation Director (HAD), Remote Server-Side Request Forgery (SSRF) 2016-04-06		MaiNick (ricetta.php?id) Remote SQL injection Vulnerability 2011-09-03
[security bulletin] HPSBST03576 rev.2 -
HP P9000, XP7 Command View Advanced Edition (CVAE) Suite including Device Manager and Tiered Storage Manager using Java Deserialization, Remote Arbitrary Code Execution 2016-04-18		Malformed DHCPv6 packets cause RPC to become unresponsive 2011-08-16
[security bulletin] HPSBST03586 rev.1 - HPE 3PAR OS, Remote Unauthorized Modification 2016-05-11Malicious Code Execution in PCI Expansion ROM 2012-07-02
[security bulletin] HPSBST03598 rev.1 - HPE 3PAR OS using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution 2016-05-11Malware detection evasion in antivirus software 2011-11-05
[security bulletin] HPSBST03599 rev.1 - HPE 3PAR OS running OpenSSH, Remote Denial of Service (DoS), Access Restriction Bypass 2016-05-11Mambo CMS 4.6.x (4.6.5) | Multiple Cross Site Scripting Vulnerabilities 2011-06-27
[security bulletin] HPSBST03629 rev.1 - HP StoreFabric B-series Switches, Remote Disclosure of Privileged Information 2016-08-15Manage Engine Exchange Reporter v4.1 - Multiple Web Vulnerabilites 2012-11-18
[security bulletin] HPSBST03640 rev.1 - HP XP7 Command View Advance Edition Suite (CVAE) using Replication Manager (RepMgr) and Device Manager (DevMgr), Local Access Restriction Bypass 2016-09-13ManageEngine Applications Manager Build No: 12700 Information Disclosure and Un-Authenticated SQL injection. 2016-05-06
[security bulletin] HPSBST03671 rev.1 - HPE StoreEver MSL6480 Tape Library, Remote Unauthorized Disclosure of Information 2016-11-15ManageEngine Asset Explorer v6.1 - Persistent Vulnerability 2015-06-22
[security bulletin] HPSBUX02657 SSRT100460 rev.1 - CIFS Server (Samba), Remote Execution of Arbitrary Code, Denial of Service (DoS) 2011-06-16ManageEngine DeviceExpert 5.6 Java Server ScheduleResultViewer servlet Unauthenticated Remote Directory Traversal Vulnerability 2012-03-19
[security bulletin] HPSBUX02688 SSRT100513 rev.1 - HP-UX Dynamic Loader, Local Privilege Escalation, Denial of Service (DoS) 2011-07-05ManageEngine Eventlog Analyzer Privilege Escalation v10.8 2016-02-10
[security bulletin] HPSBUX02689 SSRT100494 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) 2011-07-08ManageEngine EventLog Analyzer V:10.0 CSRF Vulnerability 2015-05-19
[security bulletin] HPSBUX02689 SSRT100494 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) 2011-07-28ManageEngine Eventlog Analyzer v4-v10 Privilege Esacalation 2016-01-29
[security bulletin] HPSBUX02697 SSRT100591 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2011-12-19ManageEngine OpStor v7.4 - Multiple Web Vulnerabilities 2012-08-17
[security bulletin] HPSBUX02697 SSRT100591 rev.2 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2012-01-30ManageEngine Password Manager Pro Multiple Vulnerabilities 2016-04-04
[security bulletin] HPSBUX02700 SSRT100506 rev.1 - HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code 2011-08-31ManageEngine ServiceDesk 8.0 - Multiple Vulnerabilities 2012-11-21
[security bulletin] HPSBUX02700 SSRT100506 rev.2 - HP-UX running VEA, Remote Denial of Service (DoS), Execution of Arbitrary Code 2011-10-24ManageEngine SupportCenter Plus 7.90 - Multiple Vulnerabilities 2015-06-19
[security bulletin] HPSBUX02702 SSRT100606 rev.1 - HP-UX Apache Web Server, Remote Denial of Service (DoS) 2011-09-08Manifattura Web (prodotto.php?id) Remote SQL injection Vulnerability 2011-09-02
[security bulletin] HPSBUX02702 SSRT100606 rev.2 - HP-UX Apache Web Server, Remote Denial of Service (DoS) 2011-09-08Mapserver for Windows (MS4W) Remote Code Execution 2012-05-29
[security bulletin] HPSBUX02702 SSRT100606 rev.4 - HP-UX Apache Web Server, Remote Denial of Service (DoS) 2011-09-26MapsUpdateTask Task DLL side loading vulnerability 2016-02-10
[security bulletin] HPSBUX02702 SSRT100606 rev.5 - HP-UX Apache Web Server, Remote Denial of Service (DoS) 2011-10-28marc4dasm - Atmel MARC microprocessor disassembler published 2013-01-30
[security bulletin] HPSBUX02707 SSRT100626 rev.1 - HP-UX Apache Web Server, Remote Denial of Service (DoS) 2011-09-28Marinet Remote SQL injection Vulnerability 2011-08-26
[security bulletin] HPSBUX02707 SSRT100626 rev.2 - HP-UX Apache Web Server, Remote Denial of Service (DoS) 2011-10-28Mark Thomas (markt apache org) 
[security bulletin] HPSBUX02715 SSRT100623 rev.2 - HP-UX Containers (SRP), Local Unauthorized Access and Increased Privileges 2011-10-27Marketing & Development (prodotto.php?cat) Remote SQL injection Vulnerability 2011-08-28
[security bulletin] HPSBUX02719 SSRT100658 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2011-10-27Martin Heiland (martin heiland lists open-xchange com) 
[security bulletin] HPSBUX02719 SSRT100658 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS) 2011-12-16Mathematica10.0.0 on Linux /tmp/MathLink vulnerability 2014-08-27
[security bulletin] HPSBUX02719 SSRT100658 rev.4 - HP-UX Running BIND, Remote Denial of Service (DoS) 2012-01-25Mathematica8.0.4 on Linux /tmp/MathLink vulnerability 2012-04-14
[security bulletin] HPSBUX02724 SSRT100650 rev.2 - HP-UX Running System Administration Manager (SAM), Local Increase in Privilege 2011-11-23Mathematica9.0.1 on Linux /tmp/MathLink vulnerability 2013-02-08
[security bulletin] HPSBUX02724 SSRT100650 rev.3 - HP-UX Running System Administration Manager (SAM), Local Increase in Privilege 2012-01-30Mathopd - Directory Traversal Vulnerability 2012-02-03
[security bulletin] HPSBUX02725 SSRT100627 rev.1 -
HP-UX Apache Running Tomcat Servlet Engine, Remote Information Disclosure, Authentication Bypass, Cross-Site Scripting (XSS), Unauthorized Access, Denial of Service (DoS) 2011-11-23		Matteo Beccati (matteo beccati com) 
[security bulletin] HPSBUX02729 SSRT100687 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2011-12-02Matterdaddy Market v1.1 - SQL Injection Vulnerabilities 2012-04-10
[security bulletin] HPSBUX02729 SSRT100687 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS) 2011-12-16Matthew1471s ASP BlogX - XSS Vulnerabilities 2012-03-26
[security bulletin] HPSBUX02729 SSRT100687 rev.3 - HP-UX Running BIND, Remote Denial of Service (DoS) 2012-01-25matthias deeg syss de 
[security bulletin] HPSBUX02730 SSRT100710 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2012-01-25mavili guestbook - SQL Injection and XSS Vulnerabilities 2012-01-03
[security bulletin] HPSBUX02734 SSRT100729 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access 2012-01-25Maxim Solodovnik (solomax apache org) 
[security bulletin] HPSBUX02737 SSRT100747 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) 2012-01-30May 2016 - HipChat Server - Critical Security Advisory 2016-05-13
[security bulletin] HPSBUX02737 SSRT100747 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) 2012-02-24mbDriveHD v1.0.7 iOS - Multiple Web Vulnerabilities 2014-02-15
[security bulletin] HPSBUX02741 SSRT100728 rev.1 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass 2012-02-07McAfee Virtual Technician 6.3.0.1911 MVT.MVTControl.6300 ActiveX Control GetObject() Security Bypass Remote Code Execution Vulnerability 2012-04-30
[security bulletin] HPSBUX02741 SSRT100728 rev.2 - HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass 2012-03-06McAfee Virtual Technician ActiveX Control Insecure Method 2013-03-27
[security bulletin] HPSBUX02755 SSRT100667 rev.1 - HP-UX WBEM, Remote Unauthorized Access to Diagnostic Data 2012-03-28McAfee VirusScan Enterprise security restrictions bypass 2016-03-04
[security bulletin] HPSBUX02757 SSRT100779 rev.2 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2012-04-05McAfee Web Gateway URL Filtering Bypass 2012-04-16
[security bulletin] HPSBUX02758 SSRT100774 rev.1 - HP-UX running DCE, Remote Denial of Service (DoS) 2012-04-05ME Application Manager 10 - Multiple Web Vulnerabilities 2012-08-01
[security bulletin] HPSBUX02760 SSRT100805 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2012-04-05ME Firewall Analyzer v7.2 - Cross Site Vulnerabilities 2012-04-01
[security bulletin] HPSBUX02761 SSRT100823 rev.1 - HP-UX Running Apache, Remote Denial of Service (DoS), Local Increase of Privilege 2012-04-20ME Mobile Application Manager v10 - SQL Vulnerabilities 2012-08-01
[security bulletin] HPSBUX02768 SSRT100664 rev.1 - CIFS Server (Samba), Remote Cross Site Request Forgery (CSRF), Denial of Service (DoS) 2012-04-23ME020567: MailEnable webmail cross-site scripting vulnerability CVE-2012-0389 2012-01-12
[security bulletin] HPSBUX02777 SSRT100854 rev.1 - HP-UX Running Java JRE and JDK, Remote Denial 2012-05-17Mediagrafic (prodotto.asp?id) (records.asp?id_p) Remote SQL injection Vulnerability 2011-08-30
[security bulletin] HPSBUX02782 SSRT100844 rev.1 - HP-UX Running OpenSSL, Remote Denial of 2012-05-17Meditate Web Content Editor 'username_input' SQL-Injection vulnerability 2011-12-05
[security bulletin] HPSBUX02784 SSRT100871 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2012-05-31Medium risk security flaws in Konqueror 2012-10-30
[security bulletin] HPSBUX02789 SSRT100824 rev.1 - HP-UX CIFS Server (Samba), Remote Execution of Arbitrary Code, Elevation of Privileges 2012-06-19Medium severity flaw with Ark 2011-10-07
[security bulletin] HPSBUX02789 SSRT100824 rev.3 - HP-UX CIFS Server (Samba), Remote Execution of Arbitrary Code, Elevation of Privileges 2012-07-25MEHR Automation System Arbitrary File Download Vulnerability(persian portal) 2014-08-25
[security bulletin] HPSBUX02791 SSRT100856 rev.1 - HP-UX Apache Web Server running PHP, Remote Execution of Arbitrary Code, Privilege Elevation, Denial of Service (DoS) 2012-06-19mehta himanshu21 gmail com 
[security bulletin] HPSBUX02791 SSRT100856 rev.2 - HP-UX Apache Web Server running PHP, Remote Execution of Arbitrary Code, Privilege Elevation, Denial of Service (DoS) 2012-08-22Mercurycom MR804 Router - Multiple HTTP Header Fields Denial Of Service Vulnerability 2012-02-21
[security bulletin] HPSBUX02795 SSRT100878 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2012-07-03Merethis Centreon - Unauthenticated blind SQLi and Authenticated Remote Command Execution 2015-07-08
[security bulletin] HPSBUX02795 SSRT100878 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS) 2012-07-25Merry Christmas from the FreeBSD Security Team 2011-12-23
[security bulletin] HPSBUX02805 SSRT100919 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2012-08-14Metasploit 4.1.0 Web UI stored XSS vulnerability 2011-10-21
[security bulletin] HPSBUX02805 SSRT100919 rev.3 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2012-08-28Mezzanine CMS 4.1.0 Arbitrary File Upload 2016-02-03
[security bulletin] HPSBUX02806 SSRT100789 rev.1 - HP Serviceguard, Remote Denial of Service (DoS) 2012-08-17Mezzanine CMS 4.1.0 XSS 2016-02-03
[security bulletin] HPSBUX02806 SSRT100789 rev.2 - HP Serviceguard, Remote Denial of Service (DoS) 2012-08-23MGB OpenSource Guestbook 0.6.9.1 Multiple security vulnerabilities 2012-07-16
[security bulletin] HPSBUX02814 SSRT100930 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) 2012-10-01Mibew messenger multiple XSS 2012-01-30
[security bulletin] HPSBUX02824 SSRT100970 rev.1 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities 2012-10-22Microsoft .NET Framework XSS / Elevation of Privilege CVE-2015-6099 2015-11-11
[security bulletin] HPSBUX02824 SSRT100970 rev.2 - HP-UX Running Java, Remote Execution of Arbitrary Code, and Other Vulnerabilities 2012-11-02Microsoft Anti-XSS Library Bypass (MS12-007) 2012-01-19
[security bulletin] HPSBUX02825 SSRT100974 rev.1 - HP-UX Running Java, Remote Indirect Vulnerabilities 2012-10-29Microsoft Education - Stored Cross Site Web Vulnerability 2016-08-11
[security bulletin] HPSBUX02829 SSRT100883 rev.1 - HP-UX Running X Font Server (xfs) Software, Local Denial of Service (DoS), Unauthorized Access 2013-01-07Microsoft Exchange Information Disclosure 2015-09-16
[security bulletin] HPSBUX02856 SSRT101104 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Unauthorized Disclosure 2013-03-21Microsoft Internet Explorer 11 MSHTML.DLL Remote Binary Planting Vulnerability 2016-04-15
[security bulletin] HPSBUX02857 SSRT101103 rev.1 - HP-UX Running Java, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-03-26Microsoft Internet Explorer 9 MSHTML CAttrArray use-after-free details 2016-11-01
[security bulletin] HPSBUX02859 SSRT101144 rev.3 - HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code 2013-05-15Microsoft Internet Explorer 'toStaticHTML' HTML Sanitizing Information Disclosure 2011-07-21
[security bulletin] HPSBUX02860 SSRT101146 rev.1 -
HP-UX Apache Running Tomcat Servlet Engine, Remote Denial of Service (DoS), Access Restriction Bypass, Unauthorized Modification and Other Vulnerabilities 2013-04-01		Microsoft MSINFO32.EXE ".NFO" Files XML External Entity 2016-12-04
[security bulletin] HPSBUX02876 SSRT101148 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2013-05-08Microsoft MSRC RSS ASPX - CS Cross Site Web Vulnerability 2013-08-29
[security bulletin] HPSBUX02876 SSRT101148 rev.2 - HP-UX Running BIND, Remote Denial of Service (DoS) 2013-06-20Microsoft Office Excel ReadAV Arbitrary Code Execution 2012-10-10
[security bulletin] HPSBUX02881 SSRT101189 rev.1 - HP-UX Directory Server, Remote Disclosure of Information 2013-05-24Microsoft PowerPointViewer Code Execution 2016-03-01
[security bulletin] HPSBUX02886 rev.1 - HP-UX Running HP Secure Shell, Remote Denial of Service (DoS) 2013-06-27Microsoft Remote Desktop Client for Mac Remote Code Execution 2016-12-07
[security bulletin] HPSBUX02922 SSRT101305 rev.1 -
HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-08-20		Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Web Vulnerability 2013-09-11
[security bulletin] HPSBUX02927 SSRT101288 rev.1 - HP-UX Apache Web Server, Remote Execution of Arbitrary Code, Denial of Service (DoS) 2013-09-18Microsoft Windows Media Center "ehshell.exe" XML External Entity 2016-12-04
[security bulletin] HPSBUX02928 SSRT101274 rev.1 - HP-UX running perl, Remote Denial of Service (DoS) 2013-09-11Microsoft's Binary Planting Clean-Up Mission 2011-09-15
[security bulletin] HPSBUX02943 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10Michael Heydon (michael mheydon net) 
[security bulletin] HPSBUX02944 rev.1 - HP-UX Running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-12-10Mike Kienenberger (mkienenb gmail com) 
[security bulletin] HPSBUX02960 SSRT101419 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS) 2014-01-13Mikrotik RouterOS 5.* and 6.* sshd remote preauth heap corruption 2013-09-02
[security bulletin] HPSBUX02960 SSRT101419 rev.3 - HP-UX Running NTP, Remote Denial of Service (DoS) 2014-05-23MiniMagic ruby gem remote code execution 2013-03-15
[security bulletin] HPSBUX02961 SSRT101420 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2014-01-17MiniUPnPd Information Disclosure (CVE-2013-2600) 2013-07-12
[security bulletin] HPSBUX02963 SSRT101297 rev.1 - HP-UX m4(1), Local Unauthorized Access 2014-03-07Misli.com Android App SSL certificate validation weakness 2014-04-24
[security bulletin] HPSBUX02973 SSRT101455 rev.1 - HP-UX Running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-03-04Missing Function Level Access control Vulnerability in OPutils 2016-02-15
[security bulletin] HPSBUX03046 SSRT101590 rev.1 -
HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-06-13		Missing SSL certificate validation in MercadoLibre app for Android [STIC-2014-0211] 2014-11-11
[security bulletin] HPSBUX03046 SSRT101590 rev.2 -
HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access 2014-06-17		MITKRB5-SA-2011-005 FTP daemon fails to set effective group ID [CVE-2011-1526] 2011-07-05
[security bulletin] HPSBUX03087 SSRT101413 rev.1 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-08-07MITKRB5-SA-2011-006 KDC denial of service vulnerabilities [CVE-2011-1527 CVE-2011-1528 CVE-2011-1529] 2011-10-18
[security bulletin] HPSBUX03087 SSRT101413 rev.2 - HP-UX CIFS Server (Samba), Remote Denial of Service (DoS), Execution of Arbitrary Code, Unauthorized Access 2014-11-21MITKRB5-SA-2011-007 KDC null pointer dereference in TGS handling [CVE-2011-1530] 2011-12-06
[security bulletin] HPSBUX03092 SSRT101668 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-08-19MITKRB5-SA-2011-008 buffer overflow in telnetd [CVE-2011-4862] 2011-12-26
[security bulletin] HPSBUX03095 SSRT101674 rev.1 - HP-UX running OpenSSL, Multiple Vulnerabilities 2014-08-19MITKRB5-SA-2012-001: KDC heap corruption and crash [CVE-2012-1014 CVE-2012-1015] 2012-07-31
[security bulletin] HPSBUX03162 SSRT101767 rev.3 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Unauthorized Access, Man-in-the-Middle (MitM) Attack 2014-12-11MITKRB5-SA-2014-001 Buffer overrun in kadmind with LDAP backend 2014-08-09
[security bulletin] HPSBUX03162 SSRT101885 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites 2015-02-25MitM-vulnerability in Palo Alto Networks GlobalProtect 2012-10-17
[security bulletin] HPSBUX03166 SSRT101489 rev.1 - HP-UX running PAM libpam_updbe, Remote Authentication Bypass 2014-11-25MIUI Torch Open Vulnerability 2014-09-17
[security bulletin] HPSBUX03188 SSRT101487 rev.1 - HP-UX running HP Secure Shell, Remote Denial of Service (DoS) and other Vulnerabilities 2014-11-11MIUI Wifi Connection Message Vulnerability 2014-09-17
[security bulletin] HPSBUX03218 SSRT101770 rev.1 - HP-UX running Java7, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2014-12-05ML (marialemos72 gmail com) 
[security bulletin] HPSBUX03235 SSRT101750 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-01-20Moab Authentication Bypass (insecure message signing) [CVE-2014-5376] 2014-09-29
[security bulletin] HPSBUX03244 SSRT101885 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilites 2015-02-26Moab Authentication Bypass [CVE-2014-5300] 2014-09-29
[security bulletin] HPSBUX03273 SSRT101951 rev.1 - HP-UX running Java6, Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2015-02-26Moab User Impersonation [CVE-2014-5375] 2014-09-29
[security bulletin] HPSBUX03333 SSRT102029 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS), or Other Vulnerabilities 2015-05-20MobaXTerm before version 8.5 vulnerability in "jump host" functionality 2016-01-08
[security bulletin] HPSBUX03334 SSRT102000 rev.1 - HP-UX Running OpenSSL, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-05-20Mobile Mp3 Search Engine HTTP Response Splitting 2012-02-22
[security bulletin] HPSBUX03337 SSRT102066 rev.1 -
HP-UX Apache Web Server Suite running Apache Web Server, Tomcat v6.x, or PHP v5.4.x, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-06-11		MobileCartly 1.0 <= Remote Code Execution Vulnerability 2012-08-08
[security bulletin] HPSBUX03341 SSRT102068 rev.1 - HP-UX Apache Tomcat v7.x, Remote Denial of Service (DoS) and Other Vulnerabilities 2015-06-09Mobilis MobiConnect 3G ZDServer 1.x - Privilege Escalation Vulnerability 2014-12-25
[security bulletin] HPSBUX03359 SSRT102094 rev.2 - HP-UX pppoec, local elevation of privilege 2015-10-05Mobilis MobiConnect 3G ZDServer v1.0.1.2 - Privilege Escalation Vulnerability 2014-12-19
[security bulletin] HPSBUX03359 SSRT102094 rev.3 - HP-UX pppoec, local elevation of privilege 2016-01-13Monkey HTTPD 1.1.1 - Denial of Service Vulnerability 2013-05-28
[security bulletin] HPSBUX03363 rev.1 - HP-UX Apache Web Server running OpenSSL, Remote Disclosure of Information 2015-07-08Monstra CMS v1.2.0 - Blind SQL Injection Vulnerability 2013-09-20
[security bulletin] HPSBUX03369 SSRT102037 rev.1 - HP-UX execve(2), Local Elevation of Privilege 2015-08-20More on IPv6 RA-Guard evasion (IPv6 security) 2011-09-01
[security bulletin] HPSBUX03379 SSRT101976 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-07-20Moritz Muehlenhoff (jmm debian org) 
[security bulletin] HPSBUX03388 SSRT102180 rev.1 - HP-UX running OpenSSL, Remote Disclosure of Information 2015-08-05Mozilla Bug Bounty #5 - WireTap Remote Web Vulnerability 2014-01-27
[security bulletin] HPSBUX03400 SSRT102211 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-19Mozilla doesn't care for upstream security fixes, and doesn't bother to send own security fixes upstream 2016-04-28
[security bulletin] HPSBUX03410 SSRT102175 rev.1 - HP-UX Running BIND, Remote Denial of Service (DoS) 2015-08-21Mozilla extensions: a security nightmare 2015-08-04
[security bulletin] HPSBUX03435 SSRT102977 rev.1 - HP-UX Web Server Suite running Apache, Remote Denial of Service (DoS) 2016-01-07Mozilla Firefox 44.0b2 Cross-site Scripting Vulnerability 2016-01-11
[security bulletin] HPSBUX03437 SSRT110025 rev.1 - HP-UX IPFilter, Remote Denial of Service (DoS) 2016-02-17Mozilla Firefox and Microsoft Internet Explorer stall when using workaround from MS06-020 or MS06-069 2013-01-20
[security bulletin] HPSBUX03512 SSRT102254 rev.1 - HP-UX Web Server Suite running Apache,
Remote Denial of Service (DoS) and Other Vulnerabilities 2015-10-15		MS14-080 CVE-2014-6365 Code 2015-01-14
[security bulletin] HPSBUX03522 SSRT102942 rev.1 - HP-UX BIND running named, Remote Denial of Service (DoS) 2015-11-19MS14-080 CVE-2014-6365 Technical Details Without "Nonsense" 2015-01-13
[security bulletin] HPSBUX03529 SSRT102967 rev.1 - HP-UX BIND service running named, Remote Denial of Service (DoS) 2015-12-16msg patrykbogdan com 
[security bulletin] HPSBUX03552 SSRT102983 rev.1 - HP-UX BIND running Named, Remote Denial of Service (DoS) 2016-02-29MSIE 9 IEFRAME CMarkup­Pointer::Move­To­Gap use-after-free 2016-12-15
[security bulletin] HPSBUX03561 rev.1 - HPE HP-UX using Apache Tomcat, Remote
Access Restriction Bypass, Arbitrary Code Execution, Execution of Arbitrary Code With Privilege Elevation, Unauthorized Read Access to Files 2016-04-01		MSIE 9 MSHTML CElement::Has­Flag memory corruption 2016-12-09
[security bulletin] HPSBUX03574 rev.1 -
HPE HP-UX CIFS-Server (Samba), Remote Access Restriction Bypass, Authentication bypass, Denial of Service (DoS), Unauthorized Access to Files, Access Restriction Bypass, Unauthorized Information Disclosure 2016-05-10		MSIE 9 MSHTML CMarkup::ReloadInCompatView use-after-free 2016-12-13
[security bulletin] HPSBUX03577 SSRT102172 rev.1 - HP-UX VxFS, Local Unauthorized Access to Files 2016-05-09MSIE 9-11 MSHTML PROPERTYDESC::HandleStyleComponentProperty OOB read details 2016-11-09
[security bulletin] HPSBUX03583 SSRT110084 rev.1 - HP-UX BIND Service running Named, Remote Denial of Service (DoS) 2016-04-28Mu Dynamics, Inc. Security Advisories MU-201202-01 and MU-201202-02 for GnuTLS and Libtasn1 2012-03-20
[security bulletin] HPSBUX03596 rev.1 - HPE HP-UX running CIFS Server (Samba), Remote Access Restriction Bypass, Unauthorized Access 2016-05-10Multimedia Creative (prodotto.php?id) Remote SQL injection Vulnerability 2011-08-28
[security bulletin] HPSBUX03632 SSRT110194 rev.1 - HP-UX Mail Server running Sendmail, Local Unauthorized Disclosure of Information 2016-08-01Multiple (persistent) XSS in ProjectSend 2016-03-17
[security bulletin] HPSBUX03664 SSRT110248 rev.1 - HP-UX BIND Service running named, Remote Denial of Service (DoS) 2016-11-02Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02] 2015-07-22
[security bulletin] HPSBUX03665 rev.2 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS) and URL Redirection 2016-11-14Multiple BSD libc/regcomp(3) Multiple Vulnerabilities 2011-11-04
[security bulletin] HPSBUX03665 rev.3 - HP-UX Tomcat-based Servlet Engine, Remote Denial of Service (DoS), URL Redirection 2016-11-30Multiple buffer overflows on Huawei SNMPv3 service 2013-05-06
[SECURITY] [DSA 2200-1] nss security update 2011-08-31multiple critical vulnerabilities in sophos products 2012-11-05
[SECURITY] [DSA 2252-1] dovecot security update 2011-06-02Multiple Cross site scripting in wordpress Plugin Image Metadata cruncher 2015-02-15
[SECURITY] [DSA 2253-1] fontforge security update 2011-06-03Multiple Cross-Site Scripting (XSS) in Claroline 2013-11-27
[SECURITY] [DSA 2254-1] oprofile security update 2011-06-04Multiple Cross-Site Scripting (XSS) in glFusion 2013-02-20
[SECURITY] [DSA 2254-2] oprofile security update 2011-07-16Multiple Cross-Site Scripting (XSS) in Kajona 2012-07-11
[SECURITY] [DSA 2255-1] libxml2 security update 2011-06-06Multiple Cross-Site Scripting (XSS) vulnerabilities in GetSimple CMS 2013-05-01
[SECURITY] [DSA 2256-1] tiff security update 2011-06-09Multiple Cross-Site Scripting vulnerabilities in BLOG:CMS 2011-06-07
[SECURITY] [DSA 2257-1] vlc security update 2011-06-10Multiple Cross-Site Scripting vulnerabilities in Synology Download Station 2015-09-09
[SECURITY] [DSA 2258-1] kolab-cyrus-imapd security update 2011-06-11Multiple Cross-Site Scripting vulnerabilities in WebCalendar 2011-07-04
[SECURITY] [DSA 2259-1] fex security update 2011-06-12Multiple Cross-Site-Scripting vulnerabilities in Dolibarr 3.1.0 2011-11-09
[SECURITY] [DSA 2259-1] rails security update 2011-06-14Multiple Cross-Site-Scripting vulnerabilities in x3cms 2012-01-11
[SECURITY] [DSA 2261-1] redmine security update 2011-06-15Multiple DoS vulnerabilities in libosip2-4.1.0 2016-09-13
[SECURITY] [DSA 2262-1] moodle security update 2011-06-15Multiple exposures in Sophos UTM 2016-09-30
[SECURITY] [DSA 2262-2] php5 update 2011-07-01Multiple G-WAN vulnerabilities 2011-10-13
[SECURITY] [DSA 2263-1] movabletype-opensource security update 2011-06-16Multiple issues in OpenSSL - BN (multiprecision integer arithmetics). 2013-12-02
[SECURITY] [DSA 2263-2] movabletype-opensource security update 2011-12-30Multiple issues in OpManager 12100 & 12200 2016-11-20
[SECURITY] [DSA 2264-1] linux-2.6 security update 2011-06-19Multiple NULL Pointer Dereference Vulnerabilities in Corel Quattro Pro X6 2013-03-07
[SECURITY] [DSA 2265-1] perl security update 2011-06-20Multiple Reflected XSS in Payment Form for PayPal Pro version 1.0.1 WordPress plugin 2015-10-04
[SECURITY] [DSA 2266-1] php5 security update 2011-06-29Multiple Reflected XSS in ResAds version 1.0.1 WordPress plugin 2015-10-04
[SECURITY] [DSA 2267-1] perl security update 2011-07-01Multiple Reflected XSS vulnerabilities in Oliver (formerly Webshare) v1.3.1 2016-04-19
[SECURITY] [DSA 2268-1] iceweasel security update 2011-07-01Multiple Remote Code Execution found in ZHONE 2015-10-12
[SECURITY] [DSA 2269-1] iceape security update 2011-07-01Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance 2016-08-04
[SECURITY] [DSA 2270-1] qemu-kvm security update 2011-07-01Multiple security vulnerabilities in AShop 2011-11-09
[SECURITY] [DSA 2271-1] curl security update 2011-07-02Multiple security vulnerabilities in Tremulous 1.1.0, GPP1, and unofficial MG and TJW engines 2012-02-22
[SECURITY] [DSA 2272-1] bind9 security update 2011-07-05Multiple SQL Injection in SP Client Document Manager plugin 2014-11-21
[SECURITY] [DSA 2273-1] icedove security update 2011-07-06Multiple SQL injection vulnerabilities in Cardoza Wordpress poll plugin 2013-01-21
[SECURITY] [DSA 2274-1] wireshark security update 2011-07-07Multiple SQL Injection Vulnerabilities in web2Project 2014-06-18
[SECURITY] [DSA 2275-1] openoffice.org security update 2011-07-07Multiple SQL injections in rivettracker <=1.03 2012-03-07
[SECURITY] [DSA 2276-1] asterisk security update 2011-07-10Multiple unresolved vulnerabilities in Basware Banking/Maksuliikenne 2015-07-28
[SECURITY] [DSA 2276-2] asterisk regression update 2011-07-11Multiple vulnerabilities found in the Dlink DWR-932B (backdoor, backdoor accounts, weak WPS, RCE ...) 2016-09-28
[SECURITY] [DSA 2277-1] xml-security-c security update 2011-07-10Multiple Vulnerabilities found in ZHONE 2015-10-12
[SECURITY] [DSA 2278-1] horde3 security update 2011-07-16Multiple vulnerabilities in 11in1 2012-02-15
[SECURITY] [DSA 2279-1] libapache2-mod-authnz-external security update 2011-07-19Multiple vulnerabilities in AContent 2012-10-17
[SECURITY] [DSA 2280-1] libvirt security update 2011-07-19Multiple vulnerabilities in All In One WP Security & Firewall plugin login CAPTCHA 2016-07-31
[SECURITY] [DSA 2281-1] opie security update 2011-07-21Multiple vulnerabilities in BabyGekko 2012-11-14
[SECURITY] [DSA 2282-1] qemu-kvm security update 2011-07-25Multiple vulnerabilities in Barco Clickshare 2016-11-14
[SECURITY] [DSA 2283-1] krb5-appl security update 2011-07-25Multiple vulnerabilities in BMC SERVICE DESK EXPRESS (SDE) Version 10.2.1.95 2013-07-12
[SECURITY] [DSA 2284-1] opensaml2 security update 2011-07-25Multiple vulnerabilities in Browser CRM 2011-12-14
[SECURITY] [DSA 2285-1] mapserver security update 2011-07-25Multiple vulnerabilities in BugFree 2011-10-12
[SECURITY] [DSA 2286-1] phpmyadmin security update 2011-07-26Multiple Vulnerabilities in Campaign Enterprise <= 11.0.538 2012-10-18
[SECURITY] [DSA 2287-1] libpng security update 2011-07-28Multiple Vulnerabilities in cPanel 2017-01-11
[SECURITY] [DSA 2288-1] libsndfile security update 2011-07-28Multiple Vulnerabilities in CubeCart 2016-03-30
[SECURITY] [DSA 2289-1] typo3-src security update 2011-08-07Multiple Vulnerabilities in D'Link DIR-600 and DIR-300 (rev B) 2013-02-04
[SECURITY] [DSA 2290-1] samba security update 2011-08-07Multiple Vulnerabilities in D'Link DIR-615 - Hardware revision D3 / DIR-300 - Hardware revision A 2013-04-22
[SECURITY] [DSA 2291-1] squirrelmail security update 2011-08-08Multiple Vulnerabilities in D'Link DIR-635 2013-04-25
[SECURITY] [DSA 2292-1] ISC DHCP security update 2011-08-11Multiple Vulnerabilities in D-Link DSL-320B 2013-05-06
[SECURITY] [DSA 2293-1] libxfont security update 2011-08-12Multiple vulnerabilities in Dolibarr 2011-11-23
[SECURITY] [DSA 2294-1] freetype security update 2011-08-14Multiple vulnerabilities in dotProject 2012-11-21
[SECURITY] [DSA 2295-1] iceape security update 2011-08-17Multiple Vulnerabilities in Draytek Vigor 2130 2014-10-06
[SECURITY] [DSA 2296-1] iceweasel security update 2011-08-17Multiple Vulnerabilities in Edimax EW-7206-APg and EW-7209APg 2013-02-14
[SECURITY] [DSA 2297-1] icedove security update 2011-08-21Multiple vulnerabilities in Efront 2011-11-02
[SECURITY] [DSA 2298-1] apache2 security update 2011-08-29Multiple vulnerabilities in epesi BIM 2011-12-21
[SECURITY] [DSA 2298-2] apache2 regression fix 2011-09-05Multiple Vulnerabilities in Eventum 2014-01-27
[SECURITY] [DSA 2299-1] ca-certificates security update 2011-08-31Multiple Vulnerabilities in Exponent CMS 2013-05-15
[SECURITY] [DSA 2300-2] nss security update 2011-09-05Multiple vulnerabilities in Ezylog photovoltaic management server 2012-09-11
[SECURITY] [DSA 2301-1] rails security update 2011-09-05Multiple Vulnerabilities in Gnew 2013-10-02
[SECURITY] [DSA 2301-2] rails regression 2012-01-23Multiple vulnerabilities in Help Desk Software 2011-09-21
[SECURITY] [DSA 2302-1] bcfg2 security update 2011-09-07Multiple vulnerabilities in ImpressCMS 2012-01-04
[SECURITY] [DSA 2303-1] linux-2.6 security update 2011-09-08Multiple Vulnerabilities in ISPConfig 2015-06-10
[SECURITY] [DSA 2303-2] New linux-2.6 packages fix regression 2011-09-11Multiple vulnerabilities in jCore 2012-10-17
[SECURITY] [DSA 2304-1] squid3 security update 2011-09-11Multiple vulnerabilities in LEPTON 2012-02-15
[SECURITY] [DSA 2305-1] vsftpd security update 2011-09-19Multiple Vulnerabilities in LibreOffice 2012-11-05
[SECURITY] [DSA 2306-1] ffmpeg security update 2011-09-11Multiple Vulnerabilities in Linksys E1500/E2500 2013-02-05
[SECURITY] [DSA 2307-1] chromium-browser security update 2011-09-11Multiple Vulnerabilities in Linksys WAG200G 2013-02-11
[SECURITY] [DSA 2308-1] mantis security update 2011-09-12Multiple Vulnerabilities in Linksys WRT160Nv2 2013-02-11
[SECURITY] [DSA 2309-1] openssl security update 2011-09-13Multiple Vulnerabilities in Linksys WRT54GL 2013-01-18
[SECURITY] [DSA 2310-1] linux-2.6 security update 2011-09-22Multiple vulnerabilities in LogAnalyzer 2012-05-23
[SECURITY] [DSA 2311-1] openjdk-6 security update 2011-09-27Multiple vulnerabilities in MantisBT 2011-09-05
[SECURITY] [DSA 2312-1] iceape security update 2011-09-29Multiple vulnerabilities in MantisBT 2015-01-28
[SECURITY] [DSA 2313-1] iceweasel security update 2011-09-29Multiple vulnerabilities in McAfee ePO 4.6.6 2013-07-12
[SECURITY] [DSA 2314-1] puppet security update 2011-10-03Multiple Vulnerabilities in MODX Revolution < = MODX 2.2.13-pl 2014-04-19
[SECURITY] [DSA 2315-1] openoffice.org security update 2011-10-05Multiple Vulnerabilities in my little forum 2015-02-11
[SECURITY] [DSA 2316-1] quagga security update 2011-10-05Multiple Vulnerabilities in Netgear DGN2200B 2013-02-16
[SECURITY] [DSA 2317-1] icedove security update 2011-10-05Multiple vulnerabilities in Newscoop 2012-04-18
[SECURITY] [DSA 2318-1] cyrus-imapd-2.2 security update 2011-10-06Multiple vulnerabilities in OBM 2011-12-21
[SECURITY] [DSA 2319-1] policykit-1 security update 2011-10-08Multiple vulnerabilities in Open Journal Systems (OJS) 2012-03-21
[SECURITY] [DSA 2320-1] dokuwiki regression fix 2011-10-08Multiple Vulnerabilities in OpenDocMan 2014-03-05
[SECURITY] [DSA 2321-1] moin security update 2011-10-10Multiple vulnerabilities in OpenEMR 2012-02-01
[SECURITY] [DSA 2322-1] bugzilla security update 2011-10-10Multiple Vulnerabilities in OpenPLI 2013-02-13
[SECURITY] [DSA 2323-1] radvd security update 2011-10-28Multiple vulnerabilities in Open-Realty 2011-06-28
[SECURITY] [DSA 2324-1] wireshark security update 2011-10-20Multiple vulnerabilities in OpenX 2012-10-10
[SECURITY] [DSA 2325-1] kfreebsd-8 security update 2011-10-23Multiple vulnerabilities in OrangeHRM 2011-11-30
[SECURITY] [DSA 2326-1] pam security update 2011-10-24Multiple vulnerabilities in OrangeHRM 2012-05-09
[SECURITY] [DSA 2327-1] libfcgi-perl security-update 2011-10-24Multiple vulnerabilities in OSclass 2012-01-25
[SECURITY] [DSA 2328-1] freetype security update 2011-10-24Multiple vulnerabilities in OSClass 2012-01-30
[SECURITY] [DSA 2329-1] torque security update 2011-10-27Multiple vulnerabilities in osCmax 2012-04-04
[SECURITY] [DSA 2330-1] simplesamlphp security update 2011-10-27Multiple Vulnerabilities in Parallels® Plesk Sitebuilder 2014-07-23
[SECURITY] [DSA 2331-1] tor security update 2011-10-28Multiple vulnerabilities in PBBoard 2012-08-08
[SECURITY] [DSA 2332-1] python-django security update 2011-10-29Multiple Vulnerabilities in phpList 2012-08-08
[SECURITY] [DSA 2333-1] phpldapadmin security update 2011-10-30Multiple vulnerabilities in PHPShop CMS Free 2011-12-20
[SECURITY] [DSA 2334-1] mahara security update 2011-11-04Multiple vulnerabilities in Piwigo 2012-04-25
[SECURITY] [DSA 2335-1] man2html security update 2011-11-05Multiple vulnerabilities in Pligg CMS 2012-05-23
[SECURITY] [DSA 2336-1] ffmpeg security update 2011-11-07Multiple Vulnerabilities in Plone CMS 2016-10-12
[SECURITY] [DSA 2337-1] xen security update 2011-11-06Multiple vulnerabilities in postfixadmin 2012-01-30
[SECURITY] [DSA 2338-1] moodle security update 2011-11-07Multiple vulnerabilities in Pretty Link WordPress Plugin 2011-10-12
[SECURITY] [DSA 2339-1] nss security update 2011-11-07Multiple vulnerabilities in Samsung Kies 2012-10-15
[SECURITY] [DSA 2340-1] postgresql security update 2011-11-07Multiple vulnerabilities in several IP camera products 2011-06-08
[SECURITY] [DSA 2341-1] iceweasel security update 2011-11-09Multiple vulnerabilities in Sharetronix 2014-05-28
[SECURITY] [DSA 2342-1] iceape security update 2011-11-09Multiple vulnerabilities in SiT! Support Incident Tracker 2011-09-14
[SECURITY] [DSA 2343-1] openssl security update 2011-11-09Multiple vulnerabilities in SonicWall 2011-10-04
[SECURITY] [DSA 2344-1] python-django-piston security update 2011-11-11Multiple vulnerabilities in Subrion CMS 2012-10-17
[SECURITY] [DSA 2346-1] proftpd-dfsg security update 2011-11-15Multiple vulnerabilities in Template CMS 2012-10-03
[SECURITY] [DSA 2346-2] proftpd-dfsg regression fix 2011-11-16Multiple vulnerabilities in Tine 2.0 2011-10-19
[SECURITY] [DSA 2347-1] bind9 security update 2011-11-16Multiple Vulnerabilities in TP-Link TL-WA701N / TL-WA701ND 2013-02-14
[SECURITY] [DSA 2348-1] systemtap security update 2011-11-20Multiple vulnerabilities in Traq 2011-09-28
[SECURITY] [DSA 2349-1] spip security update 2011-11-19Multiple Vulnerabilities in VideoWhisper Live Streaming Integration WP Plugin 2014-02-27
[SECURITY] [DSA 2350-1] freetype security update 2011-11-20Multiple vulnerabilities in web@all 2012-06-20
[SECURITY] [DSA 2351-1] wireshark security update 2011-11-21Multiple vulnerabilities in webERP 2011-11-17
[SECURITY] [DSA 2352-1] puppet security update 2011-11-22Multiple vulnerabilities in Winamp 5.61 2011-06-29
[SECURITY] [DSA 2353-1] ldns security update 2011-11-24Multiple vulnerabilities in Wordpress plugin SP Projects & Document Manager 2016-03-06
[SECURITY] [DSA 2354-1] cups security update 2011-11-30Multiple Vulnerabilities in X2CRM 2013-09-25
[SECURITY] [DSA 2355-1] clearsilver security update 2011-11-30Multiple vulnerabilities in ZENphoto 2012-02-08
[SECURITY] [DSA 2356-1] openjdk-6 security update 2011-12-01Multiple vulnerabilities on D-Link Dir-505 devices 2013-09-09
[SECURITY] [DSA 2358-1] openjdk-6 security update 2011-12-05Multiple vulnerabilities on Sitecom N300/N600 devices 2013-08-19
[SECURITY] [DSA 2359-1] mojarra security update 2011-12-06Multiple Vulnerabilities with Aztech Modem Routers 2014-09-14
[SECURITY] [DSA 2360-1] Two month advance notification for upcoming end-of-life for Debian oldstable 2011-12-06multiple Vulnerability in "WahmShoppes eStore" 2014-06-05
[SECURITY] [DSA 2361-1] chasen security update 2011-12-07Multiple XSS in Dotclear 2012-02-29
[SECURITY] [DSA 2362-1] acpid security update 2011-12-10Multiple XSS in eShop for Wordpress 2011-08-10
[SECURITY] [DSA 2363-1] tor security update 2011-12-16Multiple XSS in Fork CMS 2012-03-07
[SECURITY] [DSA 2364-1] xorg security update 2011-12-18Multiple XSS in GBook PHP guestbook 2011-07-27
[SECURITY] [DSA 2365-1] dtc security update 2011-12-18Multiple XSS in HESK 2011-08-03
[SECURITY] [DSA 2366-1] mediawiki security update 2011-12-19Multiple XSS in Chyrp 2012-02-22
[SECURITY] [DSA 2367-1] asterisk security update 2011-12-19Multiple XSS in KnowledgeTree Community Edition 2012-01-11
[SECURITY] [DSA 2368-1] lighttpd security update 2011-12-21Multiple XSS in pragmaMx 2012-05-23
[SECURITY] [DSA 2369-1] libsoup2.4 security update 2011-12-21Multiple XSS in WP-Stats-Dashboard 2011-08-17
[SECURITY] [DSA 2370-1] unbound security update 2011-12-22Multiple xss issues in Liferay 2012-05-13
[SECURITY] [DSA 2372-1] heimdal security update 2011-12-25Multiple XSS vulnerabilities in All-in-One Event Calendar Plugin for WordPress 2012-04-11
[SECURITY] [DSA 2373-1] inetutils security update 2011-12-25Multiple XSS vulnerabilities in CMS Papoo Light Version 2011-09-12
[SECURITY] [DSA 2374-1] openswan security update 2011-12-26Multiple XSS vulnerabilities in Events Manager WordPress plugin 2013-03-06
[SECURITY] [DSA 2375-1] krb5. krb5-appl security update 2011-12-26Multiple XSS vulnerabilities in FortiSandbox WebUI 2015-08-01
[SECURITY] [DSA 2376-1] ipmitool security update 2011-12-30Multiple XSS vulnerabilities in LightNEasy 3.2.4 2011-09-08
[SECURITY] [DSA 2376-2] ipmitool security update 2011-12-31Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin 2015-07-22
[SECURITY] [DSA 2377-1] cyrus-imapd-2.2 security update 2012-01-01Multiple XSS Vulnerabilities in Xaraya 2013-06-26
[SECURITY] [DSA 2378-1] ffmpeg security update 2012-01-03Multiple XSS vulnerabilities in XOOPS 2012-04-18
[SECURITY] [DSA 2379-1] krb5 security update 2012-01-04Murgent CMS - SQL Injection Vulnerability 2015-11-17
[SECURITY] [DSA 2380-1] foomatic-filters security update 2012-01-04Muzedon (dettaglio.php?id) Remote SQL injection Vulnerability 2011-08-16
[SECURITY] [DSA 2381-] lighttpd security update 2011-12-21MVSA-11-013 - EllisLab xss_clean Filter Bypass - ExpressionEngine and CodeIgniter 2011-11-28
[SECURITY] [DSA 2381-1] squid3 security update 2012-01-06My File Explorer v1.3.1 iOS - Multiple Web Vulnerabilities 2013-10-15
[SECURITY] [DSA 2382-1] ecryptfs-utils security update 2012-01-07My PDF Creator & DE DM v1.4 iOS - Multiple Vulnerabilities 2014-02-17
[SECURITY] [DSA 2383-1] super security update 2012-01-08My Photo Wifi Share & PS 1.1 iOS - Local Command Injection Vulnerability 2014-03-27
[SECURITY] [DSA 2384-1] cacti security update 2012-01-09My ROP mitigation 2012-08-02
[SECURITY] [DSA 2384-2] cacti regression 2012-02-04My.WiFi USB Drive v1.0 iOS - File Include Vulnerability 2015-09-28
[SECURITY] [DSA 2385-1] pdns security update 2012-01-10Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy 2012-06-21
[SECURITY] [DSA 2386-1] openttd security update 2012-01-11Mybb 1.6.8 Sql Injection Vulnerabilitiy 2012-06-07
[SECURITY] [DSA 2387-1] simplesamlphp security update 2012-01-11Mybb Ajaxfs Plugin Sql Injection vulnerability 2013-11-20
[SECURITY] [DSA 2388-1] t1lib security update 2012-01-15Mybb Cms (create forum and edit) Cross-Site Script Vulnerability 2016-04-13
[SECURITY] [DSA 2389-1] linux-2.6 security update 2012-01-16Mybb Cms (private.php Page) Denial Of Service Vulnerability 2016-04-14
[SECURITY] [DSA 2390-1] openssl security update 2012-01-15Mybb Sendthread Page Denial of Service Vulnerability 2014-05-29
[SECURITY] [DSA 2391-1] phpmyadmin security update 2012-01-22myBloggie 2.1.6 SQL-Injection, Advanced INSERT INTO Injection technique 2011-06-15
[SECURITY] [DSA 2392-1] openssl security update 2012-01-23MYRE Real Estate Mobile 2012|2 - Multiple Vulnerabilities 2012-06-14
[SECURITY] [DSA 2394-1] libxml2 security update 2012-01-26MyScript Memo v3.0 iOS - (Mail) Persistent Vulnerability 2016-02-10
[SECURITY] [DSA 2395-1] wireshark security update 2012-01-27MySQL 0days followup (CVE-2016-3477) CVSS 8.1 2016-07-26
[SECURITY] [DSA 2396-1] qemu-kvm security update 2012-01-27MySQL zero-day vulnerabilities (July 2016 CPU) 2016-07-22
[SECURITY] [DSA 2397-1] icu security update 2012-01-29MySQLDriverCS Cross-Parameter SQL Injection Vulnerability 2011-06-27
[SECURITY] [DSA 2398-1] curl security update 2012-01-30n.runs-SA-2011.001 - Citrix XenApp / XenDesktop Stack-Based Buffer Overflow 2011-07-28
[SECURITY] [DSA 2399-1] php5 security update 2012-01-31n.runs-SA-2011.002 - Citrix XenApp / XenDesktop XML Service Heap Corruption 2011-07-28
[SECURITY] [DSA 2399-2] php5 regression fix 2012-01-31n.runs-SA-2011.004 - web programming languages and platforms - DoS through hash table 2011-12-28
[SECURITY] [DSA 2400-1] iceweasel security update 2012-02-02n.runs-SA-2012.004 - SPLUNK Unauthenticated remote DoS 2012-11-19
[SECURITY] [DSA 2401-1] tomcat6 security update 2012-02-02n.runs-SA-2013.001 - Polycom - Command Shell Grants System-Level Access 2013-03-15
[SECURITY] [DSA 2402-1] iceape security update 2012-02-02n.runs-SA-2013.002 - Polycom - Firmware Update Command Injection 2013-03-15
[SECURITY] [DSA 2403-1] php5 security update 2012-02-02n.runs-SA-2013.003 - Polycom - H.323 CDR Database SQL Injection 2013-03-15
[SECURITY] [DSA 2403-2] php5 security update 2012-02-06n.runs-SA-2013.004 - Polycom - H.323 Format String Vulnerability 2013-03-15
[SECURITY] [DSA 2404-1] xen-qemu-dm-4.0 security update 2012-02-05Nafis Group (review.php?ID) Remote SQL injection Vulnerability 2011-08-23
[SECURITY] [DSA 2405-1] apache2 security update 2012-02-06Nagios Core < 4.2.2 Curl Command Injection leading to Remote Code Execution [CVE-2016-9565] 2016-12-15
[SECURITY] [DSA 2407-1] cvs security update 2012-02-09Nagios NA v2.2.1 XSS 2016-08-09
[SECURITY] [DSA 2408-1] php5 security update 2012-02-13Nagios Network Analyzer v2.2.1 Multiple CSRF 2016-08-09
[SECURITY] [DSA 2409-1] devscripts security update 2012-02-15Nakid-CMS CSRF, Persistent XSS & LFI 2015-06-11
[SECURITY] [DSA 2410-1] libpng security update 2012-02-15NASA Orion Mars Program - Bypass, Persistent Issue & Embed Code Execution Vulnerability (Boarding Pass) 2014-12-05
[SECURITY] [DSA 2411-1] mumble security update 2012-02-19Nativedreams (Fabarth_gallery.php?categoria_id) Remote SQL injection Vulnerability 2011-08-23
[SECURITY] [DSA 2412-1] libvorbis security update 2012-02-19nCircle PureCloud Vulnerability Scanner - Multiple Web Vulnerabilities 2013-01-28
[SECURITY] [DSA 2413-1] libarchive security update 2012-02-20Necroscan <= v0.9.1 Buffer Overflow 2016-08-26
[SECURITY] [DSA 2414-1] fex security update 2012-02-21Negin Group CMS - (v) Multiple Web Vulnerabilities 2016-04-25
[SECURITY] [DSA 2414-2] fex regression 2012-02-25NeoBill CMS v0.8 Alpha - Multiple Web Vulnerabilities 2012-09-13
[SECURITY] [DSA 2415-1] libmodplug security update 2012-02-21NeoInvoice Blind SQL Injection (CVE-2012-3477) 2012-08-12
[SECURITY] [DSA 2416-1] notmuch security update 2012-02-23Neoscreen v4.5 Authentication bypass 2016-07-24
[SECURITY] [DSA 2417-1] libxml2 security update 2012-02-22Neoscreen v4.5 Blind SQL injection 2016-07-24
[SECURITY] [DSA 2418-1] postgresql-8.4 security update 2012-02-27Neoscreen v4.5 Cross-site scripting 2016-07-24
[SECURITY] [DSA 2419-1] puppet security update 2012-02-27Neox (categoria.php?id) Remote SQL injection Vulnerability 2011-08-12
[SECURITY] [DSA 2420-1] openjdk-6 security update 2012-02-28Nero MediaHome Multiple Remote DoS Vulnerabilities 2013-01-09
[SECURITY] [DSA 2421-1] moodle security update 2012-02-29NESSUS ANDROID APP - stores login info in plain text 2012-07-20
[SECURITY] [DSA 2422-1] file security update 2012-02-29NetBSD 5.1 libc/net multiple functions stack buffer overflow 2011-07-01
[SECURITY] [DSA 2422-2] file regression fix 2012-05-09NetCat CMS v5.0.1 - Multiple Web Vulnerabilities 2012-10-31
[SECURITY] [DSA 2423-1] movabletype-opensource security update 2012-03-02NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities 2016-05-03
[SECURITY] [DSA 2424-1] libxml-atom-perl security update 2012-03-04NetCracker Resource Management 8.0 - SQL Injection Vulnerability 2015-07-22
[SECURITY] [DSA 2425-1] plib security update 2012-03-04NetCracker Resource Management 8.0 - XSS Vulnerability 2015-07-22
[SECURITY] [DSA 2426-1] gimp security update 2012-03-06NETGEAR Exposure of Sensitive Information - Security Advisory - SOS-12-005 2012-05-13
[SECURITY] [DSA 2427-1] imagemagick security update 2012-03-06Netgear GS105Ev2 - Multiple Vulnerabilities 2016-01-27
[SECURITY] [DSA 2428-1] freetype security update 2012-03-08Netgear ProSafe switches: Unauthenticated startup-config disclosure and Denial of Service 2013-08-21
[SECURITY] [DSA 2429-1] mysql-5.1 security update 2012-03-07Netgear Prosafe VPN Firewalls - Multiple vulnerabilities 2015-06-25
[SECURITY] [DSA 2430-1] python-pam security update 2012-03-10NETGEAR Wireless Cable Modem Gateway Auth Bypass and CSRF - SOS-11-011 2011-09-20
[SECURITY] [DSA 2431-1] libdbd-pg-perl security update 2012-03-11NETGEAR Wireless Management System - Authentication Bypass and Privilege Escalation. 2015-09-07
[SECURITY] [DSA 2432-1] libyaml-libyaml-perl security update 2012-03-12NetGear WNDR Authentication Bypass / Information Disclosure 2015-02-17
[SECURITY] [DSA 2433-1] iceweasel security update 2012-03-15NETGEAR WNR1000v3 Password Recovery Vulnerability 2014-01-12
[SECURITY] [DSA 2434-1] nginx security update 2012-03-19Netjuke 1.0 RC1 - SQL Injection Vulnerabilities 2012-04-12
[SECURITY] [DSA 2435-1] gnash security update 2012-03-19Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability 2016-01-29
[SECURITY] [DSA 2436-1] libapache2-mod-fcgid security update 2012-03-19Netlife Photosuite Pro - Client Side Cross Site Scripting Vulnerability 2016-02-01
[SECURITY] [DSA 2437-1] icedove security update 2012-03-21netplanet (dettaglio.asp?id) Remote SQL injection Vulnerability 2011-08-16
[SECURITY] [DSA 2438-1] raptor security update 2012-03-22NetSaro Enterprise Messenger Server Administration Console Source Code Disclosure 2011-08-22
[SECURITY] [DSA 2439-1] libpng security update 2012-03-22NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability 2011-08-15
[SECURITY] [DSA 2440-1] libtasn1-3 security update 2012-03-24NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability 2011-08-15
[SECURITY] [DSA 2441-1] gnutls26 security update 2012-03-25Netvolution referer header SQL injection vulnerability 2011-10-03
[SECURITY] [DSA 2442-1] openarena security update 2012-03-26NEW : VMSA-2014-0006 - VMware product updates address OpenSSL security vulnerabilities 2014-06-11
[SECURITY] [DSA 2443-1] linux-2.6 security update 2012-03-27New Blog Post: Attacking the Windows 7/8 Address Space Randomization 2013-01-24
[SECURITY] [DSA 2444-1] tryton-server security update 2012-03-29New Era Company CMS - (id) SQL Injection Vulnerability 2016-01-28
[SECURITY] [DSA 2446-1] libpng security update 2012-04-04New IETF I-D on "Stable Privacy Addresses" 2011-12-15
[SECURITY] [DSA 2447-1] tiff security update 2012-04-04New IETF I-D: Security Implications of IPv6 on IPv4 networks 2012-04-24
[SECURITY] [DSA 2448-1] inspircd security update 2012-04-10New IETF I-Ds on Fragmentation-related security issues 2011-12-15
[SECURITY] [DSA 2449-1] sqlalchemy security update 2012-04-12New issue of PenTest Magazine is out - 21 pages of free content. 2011-11-30
[SECURITY] [DSA 2450-1] samba security update 2012-04-12New online security challenge - GotWurzel 2011-11-07
[SECURITY] [DSA 2451-1] puppet security update 2012-04-13New open source Security Framework 2011-10-04
[SECURITY] [DSA 2452-1] apache2 security update 2012-04-15New Open Source Web Application Vulnerability Scanner Available 2012-05-16
[SECURITY] [DSA 2453-1] gajim security update 2012-04-16NEW VMSA-2013-0013 VMware Workstation host privilege escalation vulnerability 2013-11-15
[SECURITY] [DSA 2453-2] gajim regression 2012-04-19NEW VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation 2013-12-04
[SECURITY] [DSA 2454-1] openssl security update 2012-04-19NEW VMSA-2013-0015 VMware ESX updates to third party libraries 2013-12-06
[SECURITY] [DSA 2454-2] openssl incomplete fix 2012-04-25NEW VMSA-2014-0007 - VMware product updates address security vulnerabilities in Apache Struts library 2014-06-25
[SECURITY] [DSA 2455-1] typo3-src security update 2012-04-20NEW VMSA-2014-0008 VMware vSphere product updates to third party libraries 2014-09-09
[SECURITY] [DSA 2456-1] dropbear security update 2012-04-24NEW VMSA-2014-0010 - VMware product updates address critical Bash security vulnerabilities 2014-10-01
[SECURITY] [DSA 2457-1] iceweasel security update 2012-04-24NEW VMSA-2014-0013 - VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability 2014-12-09
[SECURITY] [DSA 2457-2] New icedove/iceweasel packages fix regression 2012-05-13NEW VMSA-2015-0001 - VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address resolve security issues 2015-01-27
[SECURITY] [DSA 2459-1] quagga security update 2012-04-26NEW VMSA-2015-0002 VMware vSphere Data Protection product update addresses a certificate validation vulnerability 2015-01-29
[SECURITY] [DSA 2459-2] quagga security update 2012-05-04NEW VMSA-2015-0005 : VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability 2015-07-10
[SECURITY] [DSA 2460-1] asterisk security update 2012-04-25NEW VMSA-2015-0008 - VMware product updates address information disclosure issue 2015-11-19
[SECURITY] [DSA 2461-1] spip security update 2012-04-26NEW VMSA-2016-0004 VMware product updates address a critical security issue in the VMware Client Integration Plugin 2016-04-14
[SECURITY] [DSA 2462-1] imagemagick security update 2012-04-29NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities 2014-12-05
[SECURITY] [DSA 2462-2] imagemagick regression update 2012-05-03News Script PHP v1.2 - Multiple Web Vulnerabilites 2012-06-15
[SECURITY] [DSA 2463-1] samba security update 2012-05-02NewsAktuell PressePortal DE - Remote SQL Injection Web Vulnerability 2013-11-28
[SECURITY] [DSA 2464-1] icedove security update 2012-05-03NG WifiTransfer Pro 1.1 - File Include Vulnerability 2014-06-03
[SECURITY] [DSA 2464-2] icedove regression update 2012-05-08Nginx (Debian-based distros) - Root Privilege Escalation (CVE-2016-1247) 2016-11-21
[SECURITY] [DSA 2465-1] php5 security update 2012-05-09nginx fix for malformed HTTP responses from upstream servers 2012-03-15
[SECURITY] [DSA 2466-1] rails security update 2012-05-09Nginx ngx_http_close_connection function integer overflow 2013-04-25
[SECURITY] [DSA 2467-1] mahara security update 2012-05-09NGS000107 Technical Advisory: Oracle Gridengine sgepasswd Buffer Overflow 2012-11-30
[SECURITY] [DSA 2468-1] libjakarta-poi-java security update 2012-05-09NGS000193 Technical Advisory: DataArmor Full Disk Encryption Restricted Environment breakout 2012-11-30
[SECURITY] [DSA 2469-1] linux-2.6 security update 2012-05-10NGS000194 Technical Advisory: Nagios XI Network Monitor Blind SQL Injection 2012-11-30
[SECURITY] [DSA 2472-1] gridengine security update 2012-05-16NGS000196 Technical Advisory: Nagios XI Network Monitor OS Command Injection 2012-11-30
[SECURITY] [DSA 2473-1] openoffice.org security update 2012-05-16NGS000241 Technical Advisory: SysAid Helpdesk Pro Blind SQL Injection 2012-11-30
[SECURITY] [DSA 2474-1] ikiwiki security update 2012-05-17NGS000263 Technical Advisory: Symantec Messaging Gateway Easy CSRF to add a backdoor-administrator 2012-11-30
[SECURITY] [DSA 2475-1] openssl security update 2012-05-17NGS000266 Technical Advisory: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL 2012-11-30
[SECURITY] [DSA 2476-1] pidgin-otr security update 2012-05-19NGS000267 Technical Advisory: Symantec Messaging Gateway SSH with backdoor user account plus privilege escalation to root due to very old Kernel 2012-11-30
[SECURITY] [DSA 2477-1] sympa security update 2012-05-20NGS000268 Technical Advisory: Symantec Messaging Gateway - Out-of-band stored-XSS delivered by email 2012-11-30
[SECURITY] [DSA 2478-1] sudo security update 2012-05-23NGS000330 Technical Advisory: Squiz CMS File Path Traversal 2012-11-30
[SECURITY] [DSA 2479-1] libxml2 security update 2012-05-23NGS00042 Patch Notification: Solaris USB configuration descriptor kernel stack overflow 2011-07-25
[SECURITY] [DSA 2480-1] request-tracker3.8 security update 2012-05-24NGS00042 Technical Advisory: Solaris 11 USB hub class descriptor kernel stack overflow (CVE-2011-2295) 2011-11-02
[SECURITY] [DSA 2480-2] request-tracker3.8 regression update 2012-05-29NGS00051 Technical Advisory: Cisco VPN Client Privilege Escalation 2011-06-28
[SECURITY] [DSA 2480-3] request-tracker3.8 regression update 2012-06-07NGS00052 Technical Advisory: Apple Mac OS X Image RAW Multiple Buffer Overflows 2011-06-28
[SECURITY] [DSA 2481-1] arpwatch security update 2012-06-02NGS00054 Technical Advisory: : Lumension Device Control (formerly Sanctuary) remote memory corruption 2011-08-24
[SECURITY] [DSA 2482-1] arpwatch security update 2012-06-02NGS00057 Technical Advisory: Apple Mac OS X ImageIO Integer Overflow 2011-06-28
[SECURITY] [DSA 2482-1] libgdata security update 2012-06-02NGS00060 Technical Advisory: Blue Coat BCAAA Remote Code Execution Vulnerability 2011-07-05
[SECURITY] [DSA 2483-1] strongswan security update 2012-05-31NGS00062 Patch Notification: Apple Mac OS X ImageIO TIFF Heap Overflow 2011-06-28
[SECURITY] [DSA 2484-1] nut security update 2012-06-02NGS00062 Technical Advisory: Apple OSX / iPhone ImageIO TIFF getBandProcTIFF TileWidth Heap Overflow 2011-10-10
[SECURITY] [DSA 2485-1] imp4 security update 2012-06-03NGS00068 Technical Advisory - LibAVCodec AMV Out of Array Write 2011-08-01
[SECURITY] [DSA 2486-1] bind9 security update 2012-06-05NGS00099 Patch Notification: Vulnerable SUID script in (nomachine) NX Server for Linux 2011-09-21
[SECURITY] [DSA 2487-1] openoffice.org security update 2012-06-07NGS00106 Technical Advisory: Increased exploitation of Oracle GlassFish Server Administration Console Remote Authentication Bypass Vulnerability 2012-01-05
[SECURITY] [DSA 2488-1] iceweasel security update 2012-06-07NGS00107 Patch Notification: Oracle Grid Engine sgepasswd Buffer Overflow 2012-04-30
[SECURITY] [DSA 2489-1] iceape security update 2012-06-07NGS00109 Patch Notification: ImpressPages CMS Remote code execution 2011-09-27
[SECURITY] [DSA 2490-1] nss security update 2012-06-07NGS00109 Technical Advisory: Remote Code Execution in ImpressPages CMS 2012-01-05
[SECURITY] [DSA 2491-1] postgresql-8.4 security update 2012-06-09NGS00117 Patch Notification: Symantec PCAnywhere Local Privilege Escalation 2012-01-25
[SECURITY] [DSA 2492-1] php5 security update 2012-06-10NGS00117 Technical Advisory: Symantec pcAnywhere insecure file permissions local privilege escalation 2012-04-30
[SECURITY] [DSA 2493-1] asterisk security update 2012-06-12NGS00118 Patch Notification: Symantec PCAnywhere Remote Code Execution as SYSTEM 2012-01-25
[SECURITY] [DSA 2494-1] ffmpeg security update 2012-06-14NGS00118 Technical Advisory: Symantec pcAnywhere Remote Code Execution as SYSTEM 2012-04-30
[SECURITY] [DSA 2495-1] openconnect security update 2012-06-16NGS00120 Patch Notification: BlackBerry PlayBook Samba Remote Code Execution 2012-02-23
[SECURITY] [DSA 2496-1] mysql-5.1 security update 2012-06-18NGS00137 Patch Notification: Websense Triton 7.6 - Reflected XSS in report management UI 2011-12-15
[SECURITY] [DSA 2497-1] quagga security update 2012-06-20NGS00137 Technical Advisory: Websense Triton 7.6 - reflected XSS in report management UI 2012-04-30
[SECURITY] [DSA 2498-1] dhcpcd security update 2012-06-24NGS00138 Patch Notification: Websense Triton 7.6 - Authentication bypass in report management UI 2011-12-15
[SECURITY] [DSA 2499-1] icedove security update 2012-06-24NGS00138 Technical Advisory: Websense Triton 7.6 - authentication bypass in report management UI 2012-04-30
[SECURITY] [DSA 2500-1] mantis security update 2012-06-24NGS00140 Patch Notification: Websense Triton 7.6 - Unauthenticated remote command execution as SYSTEM 2011-12-15
[SECURITY] [DSA 2501-1] xen security update 2012-06-24NGS00140 Technical Advisory: Websense Triton 7.6 - unauthenticated remote command execution as SYSTEM 2012-04-30
[SECURITY] [DSA 2502-1] python-crypto security update 2012-06-24NGS00141 Patch Notification: Websense Triton 7.6 - Stored XSS in report management UI 2011-12-15
[SECURITY] [DSA 2503-1] bcfg2 security update 2012-06-28NGS00141 Technical Advisory: Websense Triton 7.6 stored XSS in report management UI 2012-04-30
[SECURITY] [DSA 2504-1] libspring-2.5-java security update 2012-06-28NGS00144 Patch Notification: FFmpeg Libavcodec buffer overflow remote code execution 2011-11-23
[SECURITY] [DSA 2505-1] zendframework security update 2012-06-29NGS00145 Patch Notification: FFmpeg Libavcodec out of bounds write remote code execution 2011-11-23
[SECURITY] [DSA 2506-1] libapache-mod-security security update 2012-07-02NGS00148 Patch Notification: FFmpeg Libavcodec memory corruption remote code execution 2011-11-23
[SECURITY] [DSA 2507-1] openjdk-6 security update 2012-07-04NGS00153 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Reflective XSS allowing an attacker to gain session tokens 2012-03-29
[SECURITY] [DSA 2508-1] kfreebsd-8 security update 2012-07-22NGS00154 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Session hijacking and bypassing client-side session timeouts 2012-03-29
[SECURITY] [DSA 2509-1] pidgin security update 2012-07-08NGS00155 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Any logged-in user can bypass controls to reset passwords of other administrators 2012-03-29
[SECURITY] [DSA 2510-1] extplorer security update 2012-07-12NGS00156 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Active sesssion tokens of other users are disclosed within the UI 2012-03-29
[SECURITY] [DSA 2511-1] puppet security update 2012-07-12NGS00157 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Password hashes can be recovered from a system backup and easily cracked 2012-03-29
[SECURITY] [DSA 2512-1] mono security update 2012-07-12NGS00158 Patch Notification: McAfee Email and Web Security Appliance v5.6 - Arbitrary file download is possible with a crafted URL when logged in as any user 2012-03-29
[SECURITY] [DSA 2514-1] iceweasel security update 2012-07-17NGS00162 Patch Notification: Symantec Message Filter Session Hijacking via session fixation 2012-07-02
[SECURITY] [DSA 2515-1] nsd3 security update 2012-07-19NGS00193 Patch Notification: Trend Micro DataArmor and DriveArmor - Restricted Environment breakout, Privilege Escalation and Full Disk Decryption 2012-01-24
[SECURITY] [DSA 2516-1] isc-dhcp security update 2012-07-26NGS00194 Patch Notification: Nagios XI Network Monitor Blind SQL Injection 2012-07-02
[SECURITY] [DSA 2517-1] bind9 security update 2012-07-30NGS00195 Patch Notification: Nagios XI Network Monitor Stored and Reflected XSS 2012-07-02
[SECURITY] [DSA 2518-1] krb5 security update 2012-07-31NGS00196 Patch Notification: Nagios XI Network Monitor OS Command Injection 2012-07-02
[SECURITY] [DSA 2519-1] isc-dhcp security update 2012-08-01NGS00208 Patch Notification: Moodle CMS stored XSS 2012-08-20
[SECURITY] [DSA 2519-2] isc-dhcp regression 2012-08-04NGS00237 Patch Notification: Samba Andx request Remote Code Execution 2012-02-25
[SECURITY] [DSA 2522-1] fckeditor security update 2012-08-06NGS00241 Patch Notification: SysAid Helpdesk blind SQL injection 2012-08-20
[SECURITY] [DSA 2523-1] globus-gridftp-server security update 2012-08-06NGS00242 Patch Notification: SysAid Helpdesk stored XSS 2012-08-20
[SECURITY] [DSA 2524-1] openttd security update 2012-08-06NGS00248 Patch Notification: Virtual Access Monitor Multiple SQL Injection Vulnerabilities 2013-04-02
[SECURITY] [DSA 2525-1] expat security update 2012-08-06NGS00254 Patch Notification: Apple Mac OS X Lion USB Hub Class Hub Descriptor Arbitrary Code Execution 2012-09-27
[SECURITY] [DSA 2526-1] libotr security update 2012-08-12NGS00263 Patch Notification: Symantec Messaging Gateway - Easy CSRF to add a backdoor-administrator 2012-09-18
[SECURITY] [DSA 2527-1] php5 security update 2012-08-13NGS00265 Patch Notification: Symantec Messaging Gateway - Unauthenticated detailed version disclosure 2012-09-18
[SECURITY] [DSA 2528-1] icedove security update 2012-08-14NGS00266 Patch Notification: Symantec Messaging Gateway Arbitrary file download is possible with a crafted URL 2012-09-18
[SECURITY] [DSA 2530-1] rssh security update 2012-08-15NGS00267 Patch Notification: Symantec Messaging Gateway SSH with backdoor user account 2012-09-18
[SECURITY] [DSA 2533-1] pcp security update 2012-08-23NGS00268 Patch Notification: Symantec Messaging Gateway Out-of-band stored XSS - delivered by email 2012-09-18
[SECURITY] [DSA 2535-1] rtfm security update 2012-08-29NGS00288 Patch Notification: Windows Remote Desktop Memory Corruption Leading to RCE on XP SP3 2012-08-17
[SECURITY] [DSA 2536-1] otrs2 security update 2012-08-30NGS00315 Patch Notification: Symantec Enterprise Security Management Agent Privilege Escalation 2013-02-04
[SECURITY] [DSA 2537-1] typo3-src security update 2012-08-30NGS00330 Patch Notification: Squiz CMS Directory Traversal 2012-08-20
[SECURITY] [DSA 2538-1] moin security update 2012-09-05NGS00336 Patch Notification: Symantec Network Access Control Privilege Escalation 2013-02-04
[SECURITY] [DSA 2539-1] zabbix security update 2012-09-06NGS00415 Patch Notification: Oracle 11g TNS listener remote Null Pointer Dereference (pre-auth) 2013-05-02
[SECURITY] [DSA 2541-1] beaker security update 2012-09-07NGS00416 Patch Notification: Oracle 11g TNS listener remote Invalid Pointer Read (pre-auth) 2013-05-02
[SECURITY] [DSA 2542-1] qemu-kvm security update 2012-09-08NGS00422 Patch Notification: Oracle Retail Integration Bus Manager Directory Traversal 2013-05-02
[SECURITY] [DSA 2543-1] xen-qemu-dm-4.0 security update 2012-09-08NGS00423 Patch Notification: Oracle Retail Invoice Manager SQL Injection 2013-05-02
[SECURITY] [DSA 2544-1] xen security update 2012-09-08NGS00440 Patch Notification: Windows USB RNDIS driver kernel pool overflow 2013-03-18
[SECURITY] [DSA 2545-1] qemu security update 2012-09-08nickyccwu tencent com 
[SECURITY] [DSA 2546-1] freeradius security update 2012-09-11Nightwatch Cybersecurity Research (research nightwatchcybersecurity com) 
[SECURITY] [DSA 2547-1] bind9 security update 2012-09-12Nike+ Panel & Mobile App - Multiple Web Vulnerabilities 2012-08-17
[SECURITY] [DSA 2548-1] iceape security update 2012-04-24Nikon CoolPix L Series Fw1.0 - Information Disclosure Issue 2013-07-16
[SECURITY] [DSA 2548-1] tor security update 2012-09-13NodeBB v0.8.2 - Client Side Cross Site Web Vulnerability 2015-09-28
[SECURITY] [DSA 2550-1] asterisk security update 2012-09-18NOPcon 2013 - Call for paper - Istanbul , Turkey 2013-03-18
[SECURITY] [DSA 2550-2] asterisk regression update 2012-09-26Nortel Contact Recording Centralized Archive 6.5.1 EyrAPIConfiguration getSubKeys() Remote SQL Injection Exploit 2011-09-15
[SECURITY] [DSA 2551-1] isc-dhcp security update 2012-09-23NoSuchCon CFP / 15-17 May 2013 / Paris, France 2013-01-21
[SECURITY] [DSA 2552-1] tiff security update 2012-09-26Notepad++6.9.2 DLL Hijacking Vulnerability 2016-08-08
[SECURITY] [DSA 2554-1] iceape security update 2012-09-26Notes v4.5 iOS - Arbitrary File Upload Vulnerability 2016-05-10
[SECURITY] [DSA 2556-1] icedove security update 2012-10-07NotSoSecure CTF (in partnership with Appsec USA) 2013-10-08
[SECURITY] [DSA 2558-1] bacula security update 2012-10-08Novell GroupWise 2014 WebAccess vulnerable to XSS attacks 2015-07-17
[SECURITY] [DSA 2559-1] libexif security update 2012-10-17Novell GroupWise Multiple Remote Code Execution Vulnerabilities 2013-04-03
[SECURITY] [DSA 2562-1] cups-pk-helper security update 2012-10-23Novell Sentinel Log Manager <=1.2.0.1 Path Traversal 2011-12-18
[SECURITY] [DSA 2563-1] viewvc security update 2012-10-23NPS Datastore server DLL side loading vulnerability 2016-02-10
[SECURITY] [DSA 2564-1] tinyproxy security update 2012-10-23NSFOCUS SA2011-01 : Microsoft Internet Explorer Link Property Processing Memory Corruption Vulnerability 2011-06-15
[SECURITY] [DSA 2569-1] icedove security update 2012-10-29NSOADV-2013-001: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/appliance/) 2013-01-17
[SECURITY] [DSA 2570-1] openoffice.org security update 2012-10-31NSOADV-2013-002: DELL SonicWALL GMS/Viewpoint/Analyzer Authentication Bypass (/sgms/) 2013-01-17
[SECURITY] [DSA 2571-1] libproxy security update 2012-11-04ntopng 1.2.0 XSS injection using monitored network traffic 2014-08-25
[SECURITY] [DSA 2572-1] iceape security update 2012-11-04Nuance PowerPDF Advanced Metadata Information Disclosure Vulnerability (low|local) 2015-08-13
[SECURITY] [DSA 2573-1] radsecproxy security update 2012-11-10Nuke Evolution 2.0.9d - Multiple Client Side Cross Site Scripting Vulnerabilities 2016-08-09
[SECURITY] [DSA 2574-1] typo3-src security update 2012-11-15Nuked Klan SP CMS v4.5 - SQL injection Vulnerability 2012-06-14
[SECURITY] [DSA 2575-1] tiff security update 2012-11-18nullcon CTF HackIM is on 2012-09-07
[SECURITY] [DSA 2576-1] trousers security update 2012-11-23nullcon Delhi 2012 Final call for Paper/Events (extended to 10th July) and First round of speakers 2012-06-15
[SECURITY] [DSA 2578-1] rssh security update 2012-11-27nullcon Goa V First Speaker list and CFP closes soon 2013-10-30
[SECURITY] [DSA 2579-1] apache2 security update 2012-11-30nullcon International security conference Delhi 2012 Highlights 2012-08-07
[SECURITY] [DSA 2593-1] moin security update 2012-12-29Nusiorung CMS 2016 - (Login) Auth Bypass Vulnerability 2016-07-27
[SECURITY] [DSA 2594-1] virtualbox-ose security update 2012-12-30NX Web Companion Spoofing Arbitrary Code Execution Vulnerability 2012-01-25
[SECURITY] [DSA 2595-1] ghostscript security update 2012-12-30NXFilter v3.0.3 CSRF 2015-11-06
[SECURITY] [DSA 2596-1] mediawiki-extensions security update 2012-12-30NXFilter v3.0.3 Persistent / Reflected XSS 2015-11-06
[SECURITY] [DSA 2598-1] weechat security update 2013-01-05OCIPasswordChange API leaks information of password hash (CVE-2012-0511) 2012-04-19
[SECURITY] [DSA 2599-1] nss security update 2013-01-06ocPoral CMS 8.x | Cross Site Request Forgery (CSRF) Vulnerability 2012-08-19
[SECURITY] [DSA 2600-1] cups security update 2013-01-06ocPoral CMS 8.x | Session Hijacking Vulnerability 2012-08-19
[SECURITY] [DSA 2602-1] zendframework security update 2013-01-08ocPortal 7.1.5 <= | Open URL Redirection Vulnerability 2012-07-28
[SECURITY] [DSA 2603-1] emacs23 security update 2013-01-09OCS Inventory NG 2.0.1 Persistent XSS (CVE-2011-4024) 2011-10-20
[SECURITY] [DSA 2604-1] rails security update 2013-01-09October 2016 - Crowd - Critical Security Advisory 2016-10-31
[SECURITY] [DSA 2605-2] asterisk regression update 2013-01-19Off-by-one in Sybase Advantage Server 10.0.0.3 2011-06-27
[SECURITY] [DSA 2606-1] proftpd-dfsg security update 2013-01-13Office 365 - Account Hijacking Cookie Re-Use Flaw, extended 2014-02-27
[SECURITY] [DSA 2607-1] qemu-kvm security update 2013-01-15Office arbitrary ClickOnce application execution vulnerability 2012-01-12
[SECURITY] [DSA 2608-1] qemu security update 2013-01-15Olat CMS 7.8.0.1 - Persistent Calender Web Vulnerability 2013-10-29
[SECURITY] [DSA 2609-1] rails security update 2013-01-16Old Habits Die Hard: Cross-Zone Scripting in Dropbox & Google Drive Mobile Apps 2012-10-19
[SECURITY] [DSA 2610-1] ganglia security update 2013-01-21Oleksandr Rudyy (orudyy gmail com) 
[SECURITY] [DSA 2611-1] movabletype-opensource security update 2013-01-22Olive File Manager v1.0.1 iOS - Multiple Vulnerabilities 2013-07-16
[SECURITY] [DSA 2612-1] ircd-ratbox security update 2013-01-24OliveOffice Mobile Suite 2.0.3 iOS - File Include Vulnerability 2013-10-15
[SECURITY] [DSA 2612-2] ircd-ratbox update 2013-02-10Olonet (prodotto.php?idproduct) Remote SQL injection Vulnerability 2011-09-01
[SECURITY] [DSA 2613-1] rails security update 2013-01-30Omnistar Document Manager v8.0 - Multiple Vulnerabilities 2012-10-10
[SECURITY] [DSA 2616-1] nagios3 security update 2013-02-03Omnistar Mailer v7.2 - Multiple Web Vulnerabilities 2012-10-03
[SECURITY] [DSA 2618-1] ircd-hybrid security update 2013-02-07OMNITEC (prodotto.php?id_prodotto) Remote SQL injection Vulnerability 2011-08-26
[SECURITY] [DSA 2619-1] xen-qemu-dm-4.0 security update 2013-02-10One week left! CFP for ZeroNights Conference in Moscow 19-20 November 2012 2012-10-03
[SECURITY] [DSA 2621-1] openssl security update 2013-02-13online newspaper university"newsdesc.php" SQL Injection Vulnerabilities 2012-04-11
[SECURITY] [DSA 2622-1] polarssl security update 2013-02-13Online OWASP Security Challenges 2014-01-15
[SECURITY] [DSA 2623-1] openconnect security update 2013-02-14Only 7 Days Left: SANS AppSec 2012 CFP 2012-01-24
[SECURITY] [DSA 2624-1] ffmpeg security update 2013-02-16OnxShop CMS v1.5.0 - Multiple Web Vulnerabilities 2012-02-10
[SECURITY] [DSA 2625-1] wireshark security update 2013-02-16op5 v7.1.9 Remote Command Execution 2016-04-06
[SECURITY] [DSA 2626-1] lighttpd security update 2013-02-17Open Audit SQL Injection Vulnerability 2016-01-02
[SECURITY] [DSA 2627-1] nginx security update 2013-02-17Open redirect on Google.com 2016-04-12
[SECURITY] [DSA 2628-1] nss-pam-ldapd security update 2013-02-18Open Redirection Vulnerability in Orchard 1.3.9 2012-01-04
[SECURITY] [DSA 2628-2] nss-pam-ldapd update 2013-06-18Open Security (open opensecurity ca) 
[SECURITY] [DSA 2630-1] postgresql-8.4 security update 2013-02-20OpenBravo Hibernate HQL Injection 2016-01-11
[SECURITY] [DSA 2640-1] zoneminder security update 2013-03-14OpenBSD package 'net-snmp' information disclosure 2015-11-12
[SECURITY] [DSA 2641-1] perl security update 2013-03-09OpenCart 1.5.6.4 Directory Traversal Vulnerability 2014-05-29
[SECURITY] [DSA 2641-2] libapache2-mod-perl2 update related to DSA 2641-1 2013-03-20OpenCart 2.0.3.1 Cross Site Scripting Vulnerability (product_id - GET) 2016-08-13
[SECURITY] [DSA 2642-1] sudo security update 2013-03-09OpenCart json_decode function Remote PHP Code Execution 2016-04-09
[SECURITY] [DSA 2644-1] wireshark security update 2013-03-14Opencart Multiple Vulnerabilities 2013-12-06
[SECURITY] [DSA 2645-1] inetutils security update 2013-03-14openEngine 2.0 'id' Blind SQL Injection vulnerability 2011-09-27
[SECURITY] [DSA 2647-1] firebird2.1 security update 2013-03-15openEngine 2.0 'key' Blind SQL Injection vulnerability 2011-10-09
[SECURITY] [DSA 2648-1] firebird2.5 security update 2013-03-15OpenFabrics ibutils 1.5.7 /tmp clobbering vulnerability 2013-03-10
[SECURITY] [DSA 2650-2] libvirt regression update 2013-03-17Openfire 3.10.2 CSRF Vulnerabilities 2015-09-15
[SECURITY] [DSA 2651-1] smokeping security update 2013-03-20OpenKM 5.1.7 OS Command Execution (XSRF based) 2012-01-03
[SECURITY] [DSA 2652-1] libxml2 security update 2013-03-26OpenKM 5.1.7 Privilege Escalation 2012-01-03
[SECURITY] [DSA 2653-1] icinga security update 2013-03-26OpenLimit Reader for Windows contains completely outdated, superfluous and VULNERABLE system components 2012-06-25
[SECURITY] [DSA 2655-1] rails security update 2013-03-28Open-Realty CMS 2.5.8 (2.x.x) <= "select_users_template" Local File Inclusion Vulnerability 2012-03-05
[SECURITY] [DSA 2660-1] curl security update 2013-04-20Open-Realty CMS 2.5.8 (2.x.x) <= Cross Site Request Forgery (CSRF) Vulnerability 2012-11-16
[SECURITY] [DSA 2661-1] xorg-server security update 2013-04-17OpenSSL 1.0.1 Buffer Overflow Vulnerability 2012-05-31
[SECURITY] [DSA 2662-1] xen security update 2013-04-18OpenSSL,OpenSSH ecdsa authentication code inconsistent return values.. no vulnerability? 2013-09-13
[SECURITY] [DSA 2663-1] tinc security update 2013-04-22OpenTSDB RCE 2016-04-21
[SECURITY] [DSA 2664-1] stunnel4 security update 2013-05-02openvas 2.x race condition 2011-09-04
[SECURITY] [DSA 2665-1] strongswan security update 2013-04-30Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities 2015-07-22
[SECURITY] [DSA 2666-1] xen security update 2013-05-12OpenXchange | Information Disclosure 2016-01-30
[SECURITY] [DSA 2667-1] mysql-5.5 security update 2013-05-12Open-Xchange Security Advisory 2013-03-13 2013-03-13
[SECURITY] [DSA 2669-1] linux security update 2013-05-16Open-Xchange Security Advisory 2013-06-03 2013-06-03
[SECURITY] [DSA 2670-1] wordpress security update 2012-05-11Open-Xchange Security Advisory 2013-08-16 2013-08-16
[SECURITY] [DSA 2673-1] libdmx security update 2013-05-23Open-Xchange Security Advisory 2013-09-10 2013-09-10
[SECURITY] [DSA 2674-1] libxv security update 2013-05-23Open-Xchange Security Advisory 2013-09-30 2013-09-30
[SECURITY] [DSA 2675-1] libxvmc security update 2013-05-23Open-Xchange Security Advisory 2013-11-06 2013-11-06
[SECURITY] [DSA 2675-2] libxvmc regression update 2013-05-24Open-Xchange Security Advisory 2014-01-17 2014-01-17
[SECURITY] [DSA 2676-1] libxfixes security update 2013-05-23Open-Xchange Security Advisory 2014-09-15 2014-09-15
[SECURITY] [DSA 2677-1] libxrender security update 2013-05-23Open-Xchange Security Advisory 2014-11-07 2014-11-07
[SECURITY] [DSA 2678-1] mesa security update 2013-05-23Open-Xchange Security Advisory 2015-01-05 2015-01-05
[SECURITY] [DSA 2679-1] xserver-xorg-video-openchrome security update 2013-05-23Open-Xchange Security Advisory 2015-02-12 2015-02-12
[SECURITY] [DSA 2680-1] libxt security update 2013-05-23Open-Xchange Security Advisory 2015-09-23 2015-09-23
[SECURITY] [DSA 2681-1] libxcursor security update 2013-05-23Open-Xchange Security Advisory 2015-11-17 2015-11-17
[SECURITY] [DSA 2682-1] libxext security update 2013-05-23Open-Xchange Security Advisory 2016-03-02 2016-03-02
[SECURITY] [DSA 2683-1] libxi security update 2013-05-23Open-Xchange Security Advisory 2016-04-02 2016-04-02
[SECURITY] [DSA 2684-1] libxrandr security update 2013-05-23Open-Xchange Security Advisory 2016-09-13 (2) 2016-09-13
[SECURITY] [DSA 2685-1] libxp security update 2013-05-23Open-Xchange Security Advisory 2016-09-13 2016-09-13
[SECURITY] [DSA 2686-1] libxcb security update 2013-05-23Opial CMS v2.0 - Multiple Web Vulnerabilities 2012-04-29
[SECURITY] [DSA 2687-1] libfs security update 2013-05-23Oracle Business Transaction Management Server FlashTunnelService Remote File Deletion 2012-08-07
[SECURITY] [DSA 2688-1] libxres security update 2013-05-23Oracle Business Transaction Management Server FlashTunnelService WriteToFile Message Remote Code Execution 2012-08-07
[SECURITY] [DSA 2689-1] libxtst security update 2013-05-23Oracle Corporation MyOracle - Persistent Vulnerability 2014-09-18
[SECURITY] [DSA 2690-1] libxxf86dga security update 2013-05-23Oracle Corporation MyOracle - Persistent Vulnerability 2014-09-26
[SECURITY] [DSA 2691-1] libxinerama security update 2013-05-23Oracle DataDirect Multiple Native Wire Protocol ODBC Drivers HOST Attribute Stack Based Buffer Overflow Vulnerability 2011-10-19
[SECURITY] [DSA 2692-1] libxxf86vm security update 2013-05-23Oracle DataDirect ODBC Drivers HOST Attribute arsqls24.dll Stack Based Buffer Overflow PoC (*.oce) 2011-10-30
[SECURITY] [DSA 2698-1] tiff security update 2013-06-18Oracle Discoverer Viewer BI - Open Redirect Vulnerability 2016-04-27
[SECURITY] [DSA 2699-1] iceweasel security update 2013-06-02Oracle E-Business Suite Servlet URL Redirection Vulnerability 2015-07-17
[SECURITY] [DSA 2700-1] wireshark security update 2013-06-02Oracle Enterprise Manager vulnerable to Session fixation (CVE-2012-0528) 2012-04-19
[SECURITY] [DSA 2701-1] krb5 security update 2013-06-02Oracle Exadata Infiniband Switch default logins and world readable shadow file 2012-03-14
[SECURITY] [DSA 2702-1] telepathy-gabble security update 2013-06-03Oracle Exadata leaf switch logins 2012-11-29
[SECURITY] [DSA 2703-1] subversion security update 2013-06-09Oracle HtmlConverter.exe Buffer Overflow 2016-01-21
[SECURITY] [DSA 2705-1] pymongo security update 2013-06-10Oracle Hyperion Financial Management TList6 ActiveX Control Remote Code Execution Vulnerability 2011-11-01
[SECURITY] [DSA 2706-1] chromium-browser security update 2013-06-10Oracle Hyperion password disclosure... 2015-09-04
[SECURITY] [DSA 2707-1] dbus security update 2013-06-13Oracle Netbeans IDE v8.1 Import Directory Traversal 2016-10-21
[SECURITY] [DSA 2710-1] xml-security-c security update 2013-06-18Oracle Sun GlassFish Enterprise Server Stored XSS Vulnerability - Security Advisory - SOS-11-009 2011-07-20
[SECURITY] [DSA 2711-1] haproxy security update 2013-06-19Oracle TNS Poison vulnerability is actually a 0day with no patch available 2012-04-26
[SECURITY] [DSA 2712-1] otrs2 security update 2013-06-19OrangeHRM 2.7.1 Vacancy Name Persistent XSS 2013-01-10
[SECURITY] [DSA 2715-1] puppet security update 2013-06-26Orbit Downloader versions causing massive SYN flooding. Cyberoam cautions! 2013-07-23
[SECURITY] [DSA 2716-1] iceweasel security update 2013-06-26OrderSys <= 1.6.4 Sql Injection Vulnerabilities 2011-11-08
[SECURITY] [DSA 2719-1] poppler security update 2013-07-11ORGIN STUDIOS Cms Multiple Vulnerability 2015-12-11
[SECURITY] [DSA 2722-1] openjdk-7 security update 2013-07-15OS Command Injection in CosCms 2013-03-06
[SECURITY] [DSA 2723-1] php5 security update 2013-07-17OS Command Injection Infoblox Network Automation 2014-07-09
[SECURITY] [DSA 2725-1] tomcat6 security update 2013-07-18OSClass directory traversal (leads to arbitrary file upload) 2012-03-07
[SECURITY] [DSA 2736-1] putty security update 2013-08-11osCmax Shop CMS v2.5.1 - Multiple Web Vulnerabilities 2012-04-08
[SECURITY] [DSA 2737-1] swift security update 2013-08-12osCSS2 "_ID" parameter Local file inclusion 2011-11-08
[SECURITY] [DSA 2738-1] ruby1.9.1 security update 2013-08-18OSEC-2013-01: nagios metacharacter filtering omission 2013-02-21
[SECURITY] [DSA 2739-1] cacti security update 2013-08-21OSI Security: Elitecore Cyberoam UTM - Authenticated Cross-Site Scripting Vulnerability 2011-07-20
[SECURITY] [DSA 2740-1] python-django security update 2013-08-23OSI Security: CheckPoint Firewall VPN - Information Disclosure 2012-03-12
[SECURITY] [DSA 2741-1] chromium-browser security update 2013-08-25OSI Security: Squiz Matrix - User Account Enumeration 2011-12-12
[SECURITY] [DSA 2742-1] php5 security update 2013-08-26OSQA CMS v3b - Multiple Persistent Vulnerabilities 2012-02-27
[SECURITY] [DSA 2743-1] kfreebsd-9 security update 2013-08-27OS-S 2016-05 Linux aiptek Nullpointer Dereference CVE-2015-7515 2016-03-09
[SECURITY] [DSA 2744-1] tiff security update 2013-08-27OS-S 2016-06 Linux cdc_acm Nullpointer Dereference 2016-03-09
[SECURITY] [DSA 2745-1] linux security update 2013-08-29OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference 2016-03-09
[SECURITY] [DSA 2746-1] icedove security update 2013-08-29OS-S 2016-08 Linux mct_u232 Nullpointer Dereference 2016-03-09
[SECURITY] [DSA 2749-1] asterisk security update 2013-09-02OS-S 2016-09 Linux visor clie_5_attach Nullpointer Dereference CVE-2015-7566 2016-03-09
[SECURITY] [DSA 2750-1] imagemagick security update 2013-09-03OS-S 2016-10 Linux visor (treo_attach) Nullpointer Dereference CVE-2016-2782 2016-03-09
[SECURITY] [DSA 2751-1] libmodplug security update 2013-09-04OS-S 2016-11 Linux wacom multiple Nullpointer Dereferences 2016-03-09
[SECURITY] [DSA 2752-1] phpbb3 security update 2013-09-07OS-S 2016-12 Linux digi_acceleport Nullpointer Dereference 2016-03-09
[SECURITY] [DSA 2753-1] mediawiki security update 2013-09-13OS-S 2016-23 - Local DoS: Linux Kernel EXT4 Error Handling (EXT4 calling panic()) 2016-10-31
[SECURITY] [DSA 2754-1] exactimage security update 2013-09-10OS-S Security Advisory 2016-19: Epson WorkForce multi-function printers do not use signed firmware images and allow unauthorized malicious firmware-updates (CVSS 10) 2016-09-24
[SECURITY] [DSA 2755-1] python-django security update 2013-09-11OSS-2016-01: Insufficient integrity checks in Uhlmann & Zacher Clex prime locking systems using 125 kHz EM4450 transponders 2016-01-01
[SECURITY] [DSA 2756-1] wireshark security update 2013-09-13OSS-2016-02: Weak authentication in NXP Hitag S transponder allows an attacker to read, write and clone any tag 2016-01-01
[SECURITY] [DSA 2758-1] python-django security update 2013-09-17OSS-2016-03: Insufficient Integrity Protection in Winkhaus Bluesmart locking systems using Hitag S 2016-01-01
[SECURITY] [DSA 2759-1] iceweasel security update 2013-09-18oss-2016-16: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd-usb-audio driver) 2016-03-10
[SECURITY] [DSA 2760-1] chrony security update 2013-09-18oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) 2016-03-10
[SECURITY] [DSA 2761-1] puppet security update 2013-09-19oss-2016-18: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) 2016-03-10
[SECURITY] [DSA 2762-1] icedove security update 2013-09-23OSSIM 4.0.2 open-source SIEM solution does not verify .deb signatures 2012-11-20
[SECURITY] [DSA 2763-1] pyopenssl security update 2013-09-24OUTDATED, UNSUPPORTED and VULNERABLE 3rd party components installed with Exact Audio Copy 2013-08-08
[SECURITY] [DSA 2764-1] libvirt security update 2013-09-25Outlook.com for Android fails to validate server certificates 2014-08-17
[SECURITY] [DSA 2765-1] davfs2 security update 2013-09-26OWASP 2012 Online Competition with Hacking-Lab 2012-04-29
[SECURITY] [DSA 2765-2] davfs regression update 2014-07-16OWASP Academy Portal - FREE OWASP TOP 10 security challenges with Hacking-Lab 2011-11-21
[SECURITY] [DSA 2766-1] linux-2.6 security update 2013-09-27OWASP AppSec Research EU CFP/CFT 2012-03-28
[SECURITY] [DSA 2770-1] torque security update 2013-10-09OWASP AppSec USA 2011 - Two Weeks Away 2011-09-07
[SECURITY] [DSA 2771-1] nas security update 2013-10-09OWASP AppSec USA 2011 Pre-conference Challenge #3 - July 2011-07-25
[SECURITY] [DSA 2772-1] typo3-src security update 2013-10-10OWASP AppSec USA 2011 Video & Slides Posted 2012-02-11
[SECURITY] [DSA 2773-1] gnupg security update 2013-10-10OWASP ESAPI Security Advisory: MAC Bypass in ESAPI Symmetric Encryption 2013-09-15
[SECURITY] [DSA 2774-1] gnupg security update 2013-10-10OWASP ZAP 1.4.0 released 2012-04-08
[SECURITY] [DSA 2775-1] ejabberd security update 2013-10-10OWASP ZAP 2.3.0 2014-04-10
[SECURITY] [DSA 2776-1] drupal6 security update 2013-10-11OWASP Zed Attack Proxy 2.0.0 2013-01-30
[SECURITY] [DSA 2777-1] systemd security update 2013-10-11OWASP Zed Attack Proxy 2.2.0 2013-09-11
[SECURITY] [DSA 2778-1] libapache2-mod-fcgid security update 2013-10-11OWASP Zed Attack Proxy version 1.3.0 2011-06-06
[SECURITY] [DSA 2779-1] libxml2 security update 2013-10-13ownCloud Unencrypted Private Key Exposure 2014-08-04
[SECURITY] [DSA 2788-1] iceweasel security update 2013-10-31OWTF 1.0 "Lionheart" released! 2014-10-06
[SECURITY] [DSA 2789-1] strongswan security update 2013-11-01Oxide M0N0X1D3 HTTP Server Directory Traversal Vulnerability 2011-11-29
[SECURITY] [DSA 2790-1] nss security update 2013-11-02OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities 2012-02-20
[SECURITY] [DSA 2791-1] tryton-client security update 2013-11-04Oxwall Forum v1.8.1 - Persistent Cross Site Scripting Vulnerability 2016-02-22
[SECURITY] [DSA 2792-1] wireshark security update 2013-11-04p0f3 release candidate 2012-01-10
[SECURITY] [DSA 2793-1] libav security update 2013-11-09PacSec CFP note, deadline Aug 3; conf Nov 9/10 Tokyo 2011-07-29
[SECURITY] [DSA 2794-1] spip security update 2013-11-10Paliz CMS Full Path Disclosure Vulnerability 2012-08-25
[SECURITY] [DSA 2795-2] lighttpd regression update 2013-11-17Paltalk Messenger ActiveX Control Multiple Insecure Methods 2011-07-13
[SECURITY] [DSA 2797-1] chromium-browser security update 2013-11-17Panda SM Manager iOS Application - MITM SSL Certificate Vulnerability 2016-03-03
[SECURITY] [DSA 2797-1] icedove security update 2013-11-13Pandora FMS v4.0.1 - Local File Include Vulnerability + VD Session 2012-02-17
[SECURITY] [DSA 2798-1] curl security update 2013-11-17Pandora FMS v5.1 SP1 - Persistent SNMP Editor Vulnerability 2015-01-16
[SECURITY] [DSA 2798-2] curl security update 2013-11-20Pandora FMS v5.1 SP1 - SQL Injection Web Vulnerability 2015-02-11
[SECURITY] [DSA 2801-1] libhttp-body-perl security update 2013-11-21Passwords^12 : Call for Presentations 2012-04-15
[SECURITY] [DSA 2802-1] nginx security update 2013-11-21Passwords^14 Norway - CFP 2014-09-15
[SECURITY] [DSA 2804-1] drupal7 security update 2013-11-26Path disclosure in SPIP 2011-10-26
[SECURITY] [DSA 2805-1] sup-mail security update 2013-11-27Path Traversal in AWS XMS 2013-03-27
[SECURITY] [DSA 2806-1] nbd security update 2013-11-29Path Traversal in BlackCat CMS 2015-07-01
[SECURITY] [DSA 2807-1] links2 security update 2013-11-30Path Traversal in webEdition 2014-09-17
[SECURITY] [DSA 2808-1] openjpeg security update 2013-12-03Path Traversal via CSRF in bitrix.xscan Bitrix Module 2015-12-09
[SECURITY] [DSA 2808-2] openjpeg regression update 2014-04-22Path traversal vulnerability in WordPress Core Ajax handlers 2016-08-20
[SECURITY] [DSA 2811-1] chromium-browser security update 2013-12-08Patron Info System - SQL Injection Vulnerability 2016-03-31
[SECURITY] [DSA 2812-1] samba security update 2013-12-09PayPal Bug Bounty #110 - Auth Bypass (Session) Vulnerability 2013-08-23
[SECURITY] [DSA 2813-1] gimp security update 2013-12-09PayPal Bug Bounty #119 - Stored Cross Site Scripting Vulnerability 2015-08-28
[SECURITY] [DSA 2814-1] varnish security update 2013-12-09Paypal Bug Bounty #14 - Persistent Payment Mail Encoding Vulnerability 2013-11-20
[SECURITY] [DSA 2815-1] munin security update 2013-12-09Paypal Inc - Open Redirect Web Vulnerability 2015-09-15
[SECURITY] [DSA 2842-1] libspring-java security update 2014-01-13PayPal Inc - Security Approval & 2FA Session Auth Bypass (API) Vulnerability 2015-09-11
[SECURITY] [DSA 2843-1] graphviz security update 2014-01-13PayPal Inc BB #127 - 2FA Bypass Vulnerability 2016-08-15
[SECURITY] [DSA 2844-1] djvulibre security update 2014-01-15Paypal Inc Bug Bounty #105 MOS - Multiple Persistent Print Layout Vulnerabilities 2013-10-15
[SECURITY] [DSA 2847-1] drupal7 security update 2014-01-20Paypal Inc Bug Bounty #109 MOS - Bypass & Persistent Vulnerability 2014-05-14
[SECURITY] [DSA 2851-1] drupal6 security update 2014-02-02Paypal Inc Bug Bounty #109 Multi Shipping Application API - Filter Bypass & Persistent Vulnerability 2014-07-07
[SECURITY] [DSA 2852-1] libgadu security update 2014-02-06PayPal Inc Bug Bounty #117 - Session Fixation Vulnerability 2015-10-15
[SECURITY] [DSA 2857-1] libspring-java security update 2014-02-08PayPal Inc Bug Bounty #119 - URL Redirect Web Vulnerability 2015-10-09
[SECURITY] [DSA 2861-1] file security update 2014-02-16Paypal Inc Bug Bounty #16 - Persistent Mail Encoding Vulnerability 2014-09-26
[SECURITY] [DSA 2862-1] chromium-browser security update 2014-02-16Paypal Inc Bug Bounty #30 - Filter Bypass & Persistent Vulnerabilities 2014-10-06
[SECURITY] [DSA 2863-1] libtar security update 2014-02-18Paypal Inc Bug Bounty #32 - Multiple Persistent Vulnerabilities 2014-09-26
[SECURITY] [DSA 2868-1] php5 security update 2014-03-02Paypal Inc Bug Bounty #36 - SecurityKey Card Serialnumber Module Vulnerability 2014-06-18
[SECURITY] [DSA 2869-1] gnutls26 security update 2014-03-03PayPal Inc Bug Bounty #42 - Persistent POST Inject Vulnerability 2013-11-19
[SECURITY] [DSA 2871-1] wireshark security update 2014-03-10Paypal Inc Bug Bounty #47 ALYZ - Persistent Search Vulnerability 2013-11-19
[SECURITY] [DSA 2872-1] udisks security update 2014-03-10PayPal Inc Bug Bounty #53 - Multiple Persistent Vulnerabilities 2014-10-06
[SECURITY] [DSA 2884-1] libyaml security update 2014-03-26PayPal Inc Bug Bounty #65 China - Redirect Web Vulnerability 2013-11-19
[SECURITY] [DSA 2885-1] libyaml-libyaml-perl security update 2014-03-26PayPal Inc Bug Bounty #74 - Persistent Core Backend Vulnerability 2014-07-07
[SECURITY] [DSA 2886-1] libxalan2-java security update 2014-03-26Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Vulnerability 2013-10-03
[SECURITY] [DSA 2887-1] ruby-actionmailer-3.2 security update 2014-03-27Paypal Inc Bug Bounty #99 - Filter Bypass & Persistent Web Vulnerability 2013-09-20
[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update 2014-03-27PayPal Inc Bug Bounty Issue #70 France - Persistent (Escape Shopping) Mail Vulnerability 2014-10-03
[SECURITY] [DSA 2889-1] postfixadmin security update 2014-03-28PayPal's "invalid" aksession Padding Oracle Flaw 2013-09-03
[SECURITY] [DSA 2891-1] mediawiki security update 2014-03-30PBBoard v2.1.4 CMS - Multiple Web Vulnerabilities 2012-07-15
[SECURITY] [DSA 2891-2] mediawiki regression update 2014-03-31Pc Web Agency (prodotto.php?id) Remote SQL injection Vulnerability 2011-08-30
[SECURITY] [DSA 2894-1] openssh security update 2014-04-05PCVmedia (free_gallery.php?cat_id) Remote SQL injection Vulnerability 2011-08-12
[SECURITY] [DSA 2895-1] prosody security update 2014-04-05PcwRunAs Password Obfuscation Design Flaw 2012-03-26
[SECURITY] [DSA 2895-2] prosody regression update 2014-04-20PDF Album v1.7 iOS - File Include Web Vulnerability 2014-04-14
[SECURITY] [DSA 2898-1] imagemagick security update 2014-04-09PDF Shaper v3.5 - (MSF) Remote Buffer Overflow Vulnerability 2015-08-20
[SECURITY] [DSA 2899-1] openafs security update 2014-04-09PDFill Insecure Library Loading 2011-06-09
[SECURITY] [DSA 2900-1] jbigkit security update 2014-04-10pdirl PHP Directory Listing 1.0.4 - Cross Site Scripting Web Vulnerabilities 2013-11-01
[SECURITY] [DSA 2901-2] wordpress regression update 2014-04-18Pearson eSIS Enterprise Student Information System SQL Injection 2014-04-06
[SECURITY] [DSA 2901-3] wordpress regression update 2014-04-21Pearson eSIS Enterprise Student Information System Stored XSS 2014-04-06
[SECURITY] [DSA 2903-1] strongswan security update 2014-04-14Pedro Ribeiro (pedrib gmail com) 
[SECURITY] [DSA 2904-1] virtualbox security update 2014-04-15Pedro Santos (pedrosans gmail com) 
[SECURITY] [DSA 2905-1] chromium-browser security update 2014-04-16Perfect PDF products distributed with vulnerable MSVC++ libraries 2011-06-19
[SECURITY] [DSA 2907-1] Announcement of long term support for Debian oldstable 2014-04-16Perli v2.6 iOS - Filter Bypass & Persistent Vulnerability 2016-04-07
[SECURITY] [DSA 2908-1] openssl security update 2014-04-17Permutation Oriented Programming 2011-07-21
[SECURITY] [DSA 2909-1] qemu security update 2014-04-18Persian-woocommerce-sms XSS Vulnerability 2016-04-23
[SECURITY] [DSA 2910-1] qemu-kvm security update 2014-04-18Persistent Cross-Site Scripting in Magic Fields 1 WordPress Plugin 2016-08-15
[SECURITY] [DSA 2911-1] icedove security update 2014-04-22Persistent Cross-Site Scripting in Magic Fields 2 WordPress Plugin 2016-08-15
[SECURITY] [DSA 2915-1] dpkg security update 2014-04-28Persistent Cross-Site Scripting in WassUp Real Time Analytics WordPress Plugin 2016-11-08
[SECURITY] [DSA 2916-1] libmms security update 2014-04-28Persistent XSS in Abus Security Center - CVSS 8.0 2016-09-29
[SECURITY] [DSA 2917-1] super security update 2014-04-28Persistent XSS in Media File Renamer V1.7.0 wordpress plugin 2014-02-26
[SECURITY] [DSA 2928-1] linux-2.6 security update 2014-05-14PG Dating Pro v1.0 CMS - Multiple Web Vulnerabilities 2012-10-30
[SECURITY] [DSA 2929-1] ruby-actionpack-3.2 security update 2014-05-16ph5gruppo (prodotto.php?id) Remote SQL injection Vulnerability 2011-09-02
[SECURITY] [DSA 2930-1] chromium-browser security update 2014-05-17phion netfence / Barracuda NG Firewall: Remote Command Execution with root Privileges 2011-06-11
[SECURITY] [DSA 2931-1] openssl security update 2014-05-18Phonalisa v5.0 VoiP - Multiple Web Vulnerabilities 2012-07-11
[SECURITY] [DSA 2932-1] qemu security update 2014-05-19PhonerLite 2.14 SIP Soft Phone - SIP Digest Leak Information Disclosure (CVE-2014-2560) 2014-03-31
[SECURITY] [DSA 2934-1] python-django security update 2014-05-19Phorum 5.2.18 Cross-site scripting vulnerability 2011-10-03
[SECURITY] [DSA 2936-1] torque security update 2014-05-23Photo Org WonderApplications v8.3 iOS - File Include Vulnerability 2014-07-07
[SECURITY] [DSA 2937-1] mod-wsgi security update 2014-05-27Photo Server 2.0 iOS - Multiple Critical Vulnerabilities 2013-07-22
[SECURITY] [DSA 2938-1] Availability of LTS support for Debian 6.0 / squeeze 2014-05-27Photo Transfer Upload v1.0 iOS - Multiple Vulnerabilities 2013-08-16
[SECURITY] [DSA 2939-1] chromium-browser security update 2014-05-31Photo Transfer Wifi 1.4.4 iOS - Multiple Web Vulnerabilities 2013-12-02
[SECURITY] [DSA 2940-1] libstruts1.2-java security update 2014-08-21Photo Video Album Transfer 1.0 iOS - Multiple Vulnerabilities 2013-12-11
[SECURITY] [DSA 2941-1] lxml security update 2014-06-01Photorange v1.0 iOS - File Include Web Vulnerability 2014-09-11
[SECURITY] [DSA 2942-1] typo3-src security update 2014-06-01Photos in Wifi v1.0.1 iOS - Arbitrary File Upload Vulnerability 2015-09-28
[SECURITY] [DSA 2943-1] php5 security update 2014-06-01PhotoSync 1.1.3 Android - Command Inject Vulnerability 2015-01-22
[SECURITY] [DSA 2944-1] gnutls26 security update 2014-06-01PhotoSync v1.1.3 Android - Command Inject Vulnerability 2015-01-21
[SECURITY] [DSA 2946-1] python-gnupg security update 2014-06-04PhotoSync v2.2 iOS - Command Inject Web Vulnerability 2014-08-06
[SECURITY] [DSA 2947-1] libav security update 2014-06-04PhotoSync v2.2 iOS - Command Inject Web Vulnerability 2014-09-11
[SECURITY] [DSA 2948-1] python-bottle security update 2014-06-04PhotoSync Wifi & Bluetooth v1.0 - File Include Vulnerability 2014-08-06
[SECURITY] [DSA 2949-1] linux security update 2014-06-05PhotoWIFI Lite v1.0 iOS - Multiple Web Vulnerabilities 2014-03-31
[SECURITY] [DSA 2950-1] openssl security update 2014-06-05PHP 5.2.x Remote Code Execution Vulnerability 2012-02-17
[SECURITY] [DSA 2950-2] openssl update 2014-06-16PHP 5.3.6 multiple null pointer dereference 2011-08-19
[SECURITY] [DSA 2959-1] chromium-browser security update 2014-06-14PHP 5.3.6 ZipArchive invalid use glob(3) 2011-08-19
[SECURITY] [DSA 2960-1] icedove security update 2014-06-16PHP 5.3.8 Multiple vulnerabilities 2012-01-14
[SECURITY] [DSA 2961-1] php5 security update 2014-06-16PHP 5.4/5.3 deprecated eregi() memory_limit bypass 2012-03-30
[SECURITY] [DSA 2962-1] nspr security update 2014-06-17PHP Address Book SQL Injection Vulnerability 2015-11-14
[SECURITY] [DSA 2963-1] lucene-solr security updateVulnerability Lab (research vulnerability-lab com) PHP Booking Calendar 10e XSS 2011-12-18
[SECURITY] [DSA 2964-1] iodine security update 2014-06-21PHP CGI Argument Injection Remote Exploit V0.3 - PHP Version 2012-05-20
[SECURITY] [DSA 2965-1] tiff security update 2014-06-22PHP Code Injection in FUDforum 2013-04-03
[SECURITY] [DSA 2966-1] samba security update 2014-06-23PHP File Inclusion in bitrix.mpbuilder Bitrix Module 2015-12-09
[SECURITY] [DSA 2967-1] gnupg security update 2014-06-25PHP Gift Registry 1.5.5 SQL Injection 2012-02-24
[SECURITY] [DSA 2968-1] gnupg2 security update 2014-06-27'PHP Grade Book' Unauthenticated SQL Database Export (CVE-2012-1670) 2012-03-22
[SECURITY] [DSA 2969-1] libemail-address-perl security update 2014-06-27PHP Inventory 1.3.1 Remote (Auth Bypass) SQL Injection Vulnerability 2011-11-30
[SECURITY] [DSA 2970-1] cacti security update 2014-06-29PHP Jobsite v1.36 - Cross Site Scripting Vulnerabilities 2012-07-12
[SECURITY] [DSA 2972-1] linux security update 2014-07-06PHP LiteSpeed SAPI out of boundaries read due to missing input validation 2016-01-25
[SECURITY] [DSA 2973-1] vlc security update 2014-07-07PHP LiteSpeed SAPI secret key improper disposal 2016-01-25
[SECURITY] [DSA 2975-1] phpmyadmin security update 2014-07-09PHP Server Monitor 3.1.1 CSRF 2015-10-30
[SECURITY] [DSA 2976-1] eglibc security update 2014-07-10PHP Server Monitor 3.1.1 Privilege Escalation 2015-10-30
[SECURITY] [DSA 2983-1] drupal7 security update 2014-07-20PHP Ticket System Beta 1 'p' SQL Injection 2012-04-24
[SECURITY] [DSA 2984-1] acpi-support security update 2014-07-22PHP Volunteer Management (get_messages.php) SQL Injection Vulnerabilities 2012-04-28
[SECURITY] [DSA 2984-2] acpi-support regression update 2014-08-11PHP Volunteer Management 'id' 1.0.2 Multiple Vulnerabilities 2012-04-26
[SECURITY] [DSA 2985-1] mysql-5.5 security update 2014-07-22phpback v1.1 XSS vulnerability 2015-12-15
[SECURITY] [DSA 2987-2] openjdk-7 regression update 2014-08-31PHPBack v1.3.0 SQL Injection 2016-04-20
[SECURITY] [DSA 2989-1] apache2 security update 2014-07-24PHP-Barcode 0.3pl1 Remote Code Execution 2011-07-25
[SECURITY] [DSA 2991-1] modsecurity-apache security update 2014-07-27phpBB AJAX Chat/Shoutbox MOD CSRF Vulnerability 2011-07-25
[SECURITY] [DSA 2992-1] linux security update 2014-07-29phpCollab v2.5 CMS - SQL Injection Vulnerability 2016-08-08
[SECURITY] [DSA 2994-1] nss security update 2014-07-31phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability 2015-07-29
[SECURITY] [DSA 2995-1] lzo2 security update 2014-08-03phpFileManager 0.9.8 Remote Command Execution 2015-07-31
[SECURITY] [DSA 2996-1] icedove security update 2014-08-03PHPfileNavigator v2.3.3 CSRF Add Arbitrary Users 2015-08-12
[SECURITY] [DSA 2997-1] reportbug security update 2014-08-05PHPFox v3.6.0 (build3) Multiple SQL Injection vulnerabilities 2013-08-07
[SECURITY] [DSA 2998-1] openssl security update 2014-08-06PHP-FPM fpm_log.c memory leak and buffer overflow 2016-01-25
[SECURITY] [DSA 2999-1] drupal7 security update 2014-08-09PHP-Fusion 7.02.05 SQL Injection 2013-02-16
[SECURITY] [DSA 3000-1] krb5 security update 2014-08-09PHPHolidays CMS v3.00.50 - Cross Site Scripting Web Vulnerability 2016-09-08
[SECURITY] [DSA 3001-1] wordpress security update 2014-08-09phpipam-1.1.010 XSS Vulnerability 2015-08-12
[SECURITY] [DSA 3002-1] wireshark security update 2014-08-10phpLDAPadmin <= 1.2.1.1 (query_engine) Remote PHP Code Injection Exploit 2011-10-23
[SECURITY] [DSA 3003-1] libav security update 2014-08-10phpList Improper Access Control and Information Leakage vulnerabilities 2011-08-15
[SECURITY] [DSA 3004-1] kde4libs security update 2014-08-10PHPLIST v3.0.6 & v3.0.10 - SQL Injection Vulnerability 2014-12-25
[SECURITY] [DSA 3005-1] gpgme1.0 security update 2014-08-14PHPMailer < 5.2.18 Remote Code Execution [updated advisory] [CVE-2016-10033] 2016-12-27
[SECURITY] [DSA 3006-1] xen security update 2014-08-18PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch) 2016-12-28
[SECURITY] [DSA 3007-1] cacti security update 2014-08-20'phpMoneyBooks' Local File Inclusion (CVE-2012-1669) 2012-03-22
[SECURITY] [DSA 3008-1] php5 security update 2014-08-21phpMyAdmin 3.x Conditional Session Manipulation 2011-07-24
[SECURITY] [DSA 3009-1] python-imaging security update 2014-08-21phpMyAdmin 3.x Multiple Remote Code Executions 2011-07-07
[SECURITY] [DSA 3010-1] python-django security update 2014-08-22phpMyAdmin 3.x preg_replace RCE POC 2011-07-08
[SECURITY] [DSA 3011-1] mediawiki security update 2014-08-23phpMyAdmin 4.4.6 Man-In-the-Middle API Github 2015-05-14
[SECURITY] [DSA 3012-1] eglibc security update 2014-08-27phpMyBackupPro v.2.5 Arbitrary File Upload 2016-02-16
[SECURITY] [DSA 3013-1] s3ql security update 2014-08-27phpMyBackupPro v.2.5 Remote Command Execution / CSRF 2016-02-16
[SECURITY] [DSA 3014-1] squid3 security update 2014-08-28phpMyBackupPro v.2.5 XSS 2016-02-16
[SECURITY] [DSA 3017-1] php-cas security update 2014-09-02phpMyBible 0.5.1 Mutiple XSS 2012-04-22
[SECURITY] [DSA 3018-1] iceweasel security update 2014-09-03PHPNuke Module's Name Download SQL Injection Vulnerabilities 2012-04-05
[SECURITY] [DSA 3020-1] acpi-support security update 2014-09-10'phpPaleo' Local File Inclusion (CVE-2012-1671) 2012-04-04
[SECURITY] [DSA 3021-1] file security update 2014-09-09PHP-SCMS 1.6.8 "lang" parameter XSS vulnerability 2011-12-14
[SECURITY] [DSA 3021-2] file regression update 2014-09-10phpSQLiteCMS CSRF, Unrestricted File Type Upload, Privilege Escalation & XSS CSRF, Unrestricted File Type Upload, Privilege Escalation & XSS 2015-07-13
[SECURITY] [DSA 3022-1] curl security update 2014-09-10phptax 0.8 <= Remote Code Execution Vulnerability 2012-10-02
[SECURITY] [DSA 3025-2] apt regression update 2014-09-18phpVideoPro Multiple XSS vulnerabilities 2012-01-15
[SECURITY] [DSA 3026-1] dbus security update 2014-09-16phpWebSite (publisher) Remote SQL injection Vulnerability 2011-08-27
[SECURITY] [DSA 3028-1] icedove security update 2014-09-17phpWebSite (userpage) Cross Site Scripting Vulnerabilities 2011-08-16
[SECURITY] [DSA 3029-1] nginx security update 2014-09-20PIAF H.M.S - SQL Injection 2012-10-28
[SECURITY] [DSA 3030-1] mantis security update 2014-09-20Picosmos Shows v1.6.0 - Stack Buffer Overflow Vulnerability 2016-09-08
[SECURITY] [DSA 3035-1] bash security update 2014-09-25pidgin OTR information leakage 2012-02-25
[SECURITY] [DSA 3036-1] mediawiki security update 2014-09-26Pierre Kim (pierre kim sec gmail com) 
[SECURITY] [DSA 3039-1] chromium-browser security update 2014-09-28Pimcore v3.0 & v2.3.0 CMS - SQL Injection Vulnerability 2014-12-25
[SECURITY] [DSA 3040-1] rsyslog security update 2014-09-30pineapp mailsecure remote no authenticated privilege escalation & remote execution code 2013-11-19
[SECURITY] [DSA 3041-1] xen security update 2014-10-01Pinterest Bug Bounty #1 - Persistent contact_name Vulnerability 2015-07-01
[SECURITY] [DSA 3042-1] exuberant-ctags security update 2014-10-04Pitrinec MacroToolworks 7.5 - Buffer Overflow Vulnerability 2012-03-08
[SECURITY] [DSA 3044-1] qemu-kvm security update 2014-10-04PlotLineControl ActiveX Control "LinePutPoint" Integer Overflow 2011-10-30
[SECURITY] [DSA 3045-1] qemu security update 2014-10-04plow 0.0.5 <= Buffer Overflow Vulnerability 2012-07-03
[SECURITY] [DSA 3046-1] mediawiki security update 2014-10-05PMCMA: Post Memory Corruption Memory Analysis 2011-09-02
[SECURITY] [DSA 3047-1] rsyslog security update 2014-10-08PmWiki <= 2.2.34 (pagelist) Remote PHP Code Injection Vulnerability 2011-11-23
[SECURITY] [DSA 3048-1] apt security update 2014-10-08POC2011 Call for Paper 2011-07-11
[SECURITY] [DSA 3050-3] iceweasel security update 2014-11-12POC2012 Call for Paper 2012-07-20
[SECURITY] [DSA 3065-1] libxml-security-java security update 2014-11-06POC2013 Call for Paper 2013-08-27
[SECURITY] [DSA 3066-1] qemu security update 2014-11-06Poor security in SOHO routers, again. Changing configuration parameters with a click. 2015-08-17
[SECURITY] [DSA 3067-1] qemu-kvm security update 2014-11-06POP Peeper 4.0.1 - Persistent Code Execution Vulnerability 2015-12-22
[SECURITY] [DSA 3068-1] konversation security update 2014-11-07PopScript Multiple Vulnerabilities 2011-06-05
[SECURITY] [DSA 3070-1] kfreebsd-9 security update 2014-11-07Port Scan v2.0 iOS - Command Inject Vulnerability 2015-11-17
[SECURITY] [DSA 3071-1] nss security update 2014-11-11Possible vulnerability in F5 BIG-IP LTM - Improper input validation of the HTTP version number of the HTTP reqest allows any payload size and conent to pass through 2016-01-07
[SECURITY] [DSA 3072-1] file security update 2014-11-12post-XSS landscape 2011-12-20
[SECURITY] [DSA 3073-1] libgcrypt11 security update 2014-11-16Potential vulnerabilites in PayPal Beacons 2015-10-08
[SECURITY] [DSA 3074-1] php5 security update 2014-11-18PR11-07 Multiple peristent XSS, XSS, XSRF, offsite redirection and information disclosure flaws within CheckPoint/Sofaware firewalls 2012-11-02
[SECURITY] [DSA 3074-2] php5 regression update 2014-11-19Prado TJavaScript::encode() script injection vulnerability 2012-03-22
[SECURITY] [DSA 3075-1] drupal7 security update 2014-11-20Pranian Group e107 Cross Site Scripting Vulnerabilities 2011-09-04
[SECURITY] [DSA 3076-1] wireshark security update 2014-11-25Precision (products.php?cat_id) Remote SQL injection Vulnerability 2011-07-26
[SECURITY] [DSA 3077-1] openjdk-6 security update 2014-11-26PressePortal NewsAktuell (DPA) - Multiple Vulnerabilities 2016-02-08
[SECURITY] [DSA 3078-1] libksba security update 2014-11-27PrestaShop <= 1.5.1 Persistent XSS 2012-10-30
[SECURITY] [DSA 3079-1] ppp security update 2014-11-29Prey Anti-Theft for Android missing SSL certificate validation [STIC-2014-0731] 2014-11-12
[SECURITY] [DSA 3080-1] openjdk-7 security update 2014-11-29Prezi Bug Bounty #5 - Client Side Cross Site Scripting & Open Redirect Vulnerability 2016-02-19
[SECURITY] [DSA 3081-1] libvncserver security update 2014-11-29Prima posizione (tutti_prodotti.php?id_categoria) Remote SQL injection Vulnerability 2011-08-18
[SECURITY] [DSA 3084-1] openvpn security update 2014-12-01Print n Share v5.5 iOS - Multiple Web Vulnerabilities 2013-12-09
[SECURITY] [DSA 3085-1] wordpress security update 2014-12-03Pritlog v0.821 CMS - Multiple Web Vulnerabilities 2012-04-30
[SECURITY] [DSA 3086-1] tcpdump security update 2014-12-03Privacy Pro v1.2 HZ iOS - File Include Web Vulnerability 2014-06-03
[SECURITY] [DSA 3087-1] qemu security update 2014-12-04Private Photo+Video v1.1 Pro iOS - Persistent Vulnerability 2014-04-03
[SECURITY] [DSA 3088-1] qemu-kvm security update 2014-12-04PrivaWall Antivirus Office XML Format Evasion/Bypass Vulnerability 2012-03-13
[SECURITY] [DSA 3089-1] jasper security update 2014-12-04Privilege escalation through RPC commands in EMC Documentum Content Server (incomplete fix in CVE-2015-4532) 2015-08-19
[SECURITY] [DSA 3090-1] iceweasel security update 2014-12-04Privilege escalation Vulnerability in ManageEngine Network Configuration Management 2016-02-09
[SECURITY] [DSA 3091-1] getmail4 security update 2014-12-07Privilege escalation Vulnerability in ManageEngine oputils 2016-02-15
[SECURITY] [DSA 3092-1] icedove security update 2014-12-07Privilege Escalation Vulnerability in Microsoft Windows 2012-10-09
[SECURITY] [DSA 3096-1] pdns-recursor security update 2014-12-11Privoxy Proxy Authentication Credential Exposure - CVE-2013-2503 2013-03-11
[SECURITY] [DSA 3097-1] unbound security update 2014-12-10Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-08-05
[SECURITY] [DSA 3098-1] graphviz security update 2014-12-11Proftpd 1.3.5a LATEST (0-day) Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
[SECURITY] [DSA 3099-1] dbus security update 2014-12-11Proftpd 1.3.5a LATEST 0day (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation Audit Report. 2015-11-29
[SECURITY] [DSA 3100-1] mediawiki security update 2014-12-13Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-29
[SECURITY] [DSA 3101-1] c-icap security update 2014-12-13Proftpd 1.3.5a LATEST 0day Follow-up report (Part 2), Patch released!! 29/11/2015 --- Advanced Information Security Corporation 2015-11-30
[SECURITY] [DSA 3102-1] libyaml security update 2014-12-13ProFTPd mod_sftp/mod_sftp_pam invalid pool allocation in kbdint authentication 2013-09-11
[SECURITY] [DSA 3103-1] libyaml-libyaml-perl security update 2014-12-13Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-22
[SECURITY] [DSA 3104-1] bsd-mailx security update 2014-12-16Proftpd v1.3.5a ZERODAY - Heap Overflows due to zero length mallocs. Advanced Information Security Corporation 2015-11-23
[SECURITY] [DSA 3105-1] heirloom-mailx security update 2014-12-16Proftpd v1.3.5a ZERODAY - Malloc issues Advanced Information Security Corporation 2015-11-22
[SECURITY] [DSA 3110-1] mediawiki security update 2014-12-23Proftpd ZERODAY - Malloc issues Advanced Information Security Corporation 2015-11-22
[SECURITY] [DSA 3112-1] sox security update 2014-12-23ProjectSend multiple vulnerabilities 2016-01-29
[SECURITY] [DSA 3113-1] unzip security update 2014-12-28PSFTP v.1.8 Build 921 - Null Pointer (DoS) Vulnerability 2012-04-23
[SECURITY] [DSA 3114-1] mime-support security update 2014-12-29PunBB 1.3.6 bug 2011-09-25
[SECURITY] [DSA 3115-1] pyyaml security update 2014-12-29Puppet Dashboard insecure by default 2012-02-15
[SECURITY] [DSA 3116-1] polarssl security update 2014-12-30Puppet Enterprise Web Interface Authentication Redirect 2016-10-21
[SECURITY] [DSA 3117-1] php5 security update 2014-12-31Puppet Enterprise Web Interface Authentication Redirect 2016-10-22
[SECURITY] [DSA 3118-1] strongswan security update 2015-01-05Puppet Enterprise Web Interface User Enumeration 2016-10-21
[SECURITY] [DSA 3119-1] libevent security update 2015-01-06Putty Cleartext Password Storage 2016-11-20
[SECURITY] [DSA 3120-1] mantis security update 2015-01-06pwgen CVE-2013-4440 Insecure Password Generation Weakness
[SECURITY] [DSA 3121-1] file security update 2015-01-08pwgen CVE-2013-4442 Insecure Password Generation Weakness
[SECURITY] [DSA 3123-2] binutils-mingw-w64 security update 2015-01-13pwgen: non-uniform distribution of passwords 2012-01-17
[SECURITY] [DSA 3124-1] otrs2 security update 2015-01-10Python v2.7 v1.5.4 iOS - Filter Bypass & Persistent Vulnerability 2016-03-31
[SECURITY] [DSA 3125-1] openssl security update 2015-01-11QNAP crypto keys logged on unencrypted disk partition in world accessible files 2015-08-07
[SECURITY] [DSA 3126-1] php5 security update 2015-01-12QNAP Turbo NAS Multiple Path Injection 2012-09-04
[SECURITY] [DSA 3127-1] iceweasel security update 2015-01-14QNAP Turbo NAS Multiple Vulnerabilities - Security Advisory 2012-06-17
[SECURITY] [DSA 3128-1] linux security update 2015-01-15QOLQA (categoria.php?id) Remote SQL injection Vulnerability 2011-08-12
[SECURITY] [DSA 3129-1] rpm security update 2015-01-15Qualys Security Advisory - CVE-2015-3245 userhelper - CVE-2015-3246 libuser 2015-07-23
[SECURITY] [DSA 3133-1] privoxy security update 2015-01-20Qualys Security Advisory - LibreSSL (CVE-2015-5333 and CVE-2015-5334) 2015-10-16
[SECURITY] [DSA 3134-1] sympa security update 2015-01-20Qualys Security Advisory - OpenSMTPD Audit Report 2015-10-02
[SECURITY] [DSA 3140-1] xen security update 2015-01-27Quest InTrust 10.4.x Annotation Objects ActiveX Control AnnotateX.dll Uninitialized Pointer Remote Code Execution 2012-03-28
[SECURITY] [DSA 3144-1] openjdk-7 security update 2015-01-29Quest InTrust 10.4.x ReportTree and SimpleTree Classes ArDoc.dll ActiveX Control Remote File Creation / Overwrite Vulnerability 2012-03-28
[SECURITY] [DSA 3146-1] requests security update 2015-01-30Quest Toad for Oracle Explain Plan Display ActiveX Control (QExplain2.dll 6.6.1.1115) Remote File Creation / Overwrite 2012-04-05
[SECURITY] [DSA 3147-1] openjdk-6 security update 2015-01-30Quest vWorkspace 7.5 Connection Broker Client ActiveX Control (pnllmcli.dll 7.5.304.547) SaveMiniLaunchFile() Method Remote File Creation / Overwrite 2012-04-05
[SECURITY] [DSA 3149-1] condor security update 2015-02-02Quick Cart v6.6 XSS Vulnerability 2016-01-19
[SECURITY] [DSA 3150-1] vlc security update 2015-02-02Quick CMS v 6.1 XSS Vulnerability 2016-01-19
[SECURITY] [DSA 3158-1] unrtf security update 2015-02-09QuickAuth - Google Authenticator Pebble app vulnerable to MITM attack when configuring TOTP keys 2016-01-20
[SECURITY] [DSA 3159-1] ruby1.8 security update 2015-02-10QuickBlog v0.8 CMS - Multiple Web Vulnerabilities 2012-06-14
[SECURITY] [DSA 3160-1] xorg-server security update 2015-02-11QuickBooks 2017 Admin Credentials Disclosure 2017-01-06
[SECURITY] [DSA 3161-1] dbus security update 2015-02-11QuickerBB 0.7.0 - Register Cross Site Scripting Vulnerability 2016-08-11
[SECURITY] [DSA 3162-1] bind9 security update 2015-02-18Quicksilver HQ VoHo Concept4E CMS v1.0 - Multiple SQL Injection Web Vulnerabilities 2016-04-07
[SECURITY] [DSA 3163-1] libreoffice security update 2015-02-19Radexscript CMS 2.2.0 - SQL Injection vulnerability 2015-02-09
[SECURITY] [DSA 3164-1] typo3-src security update 2015-02-21Ralf Spenneberg (info os-t de) 
[SECURITY] [DSA 3165-1] xdg-utils security update 2015-02-22Rapid PHP Editor CSRF Remote Command Execution 2016-11-05
[SECURITY] [DSA 3166-1] e2fsprogs security update 2015-02-22RCE and SQL injection via CSRF in Horde Groupware 2015-11-18
[SECURITY] [DSA 3167-1] sudo security update 2015-02-22RCE in Zen Cart via Arbitrary File Inclusion 2015-12-16
[SECURITY] [DSA 3168-1] ruby-redcloth security update 2015-02-22RCE via CSRF in osCmax 2016-02-17
[SECURITY] [DSA 3169-1] eglibc security update 2015-02-23RCE via CSRF in osCommerce 2016-02-17
[SECURITY] [DSA 3171-1] samba security update 2015-02-23RCE via CSRF in phpMyFAQ 2016-04-20
[SECURITY] [DSA 3172-1] cups security update 2015-02-25Re: [#1298868584] Copy&paste from web browser considered dangerous 2013-06-06
[SECURITY] [DSA 3173-1] libgtk2-perl security update 2015-02-25Re: [ANN] Struts 2.3.15.2 GA release available - security fix 2013-09-23
[SECURITY] [DSA 3174-1] iceweasel security update 2015-02-25Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting 2016-03-17
[SECURITY] [DSA 3175-1] kfreebsd-9 security update 2015-02-25Re: [BUGTRAQ]Security Advisory - TP-LINK TL-WR841N LFI - [UPDATE] 2012-11-01
[SECURITY] [DSA 3175-2] kfreebsd-9 security update 2015-05-18Re: [CAL-2012-0015] opera website spoof 2012-06-17
[SECURITY] [DSA 3176-1] request-tracker4 security update 2015-02-26Re: [CVE-2016-1919] Weak eCryptFS Key generation from user password on KNOX 1.0 / Android 4.3 2016-01-19
[SECURITY] [DSA 3179-1] icedove security update 2015-03-03Re: [CVE-2016-1920] VPN Man-in-the-Middle due to shared certificate store on KNOX 1.0 / Android 4.3 2016-01-19
[SECURITY] [DSA 3208-2] freexl regression update 2015-11-14Re: [CVE-ID REQUEST] Atlassian Confluence - Multiple Cross-Site Request Forgery (CSRF) Vulnerabilities 2013-01-16
[SECURITY] [DSA 3249-2] jqueryui security update 2015-06-02Re: [CVE-ID REQUEST] vBulletin - Multiple Open Redirects 2013-01-16
[SECURITY] [DSA 3252-2] sqlite3 security update 2015-06-14Re: [CVE-REQUEST] Foscam <= 11.37.2.48 path traversal vulnerability 2013-03-13
[SECURITY] [DSA 3261-1] libmodule-signature-perl security update 2015-05-15Re: [FD] [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow 2016-03-16
[SECURITY] [DSA 3261-2] libmodule-signature-perl regression update 2015-05-20Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-28
[SECURITY] [DSA 3262-1] xen security update 2015-05-18Re: [FD] Beginner's error: import function of Windows Mail executes rogue program C:\Program.exe with credentials of other account 2014-07-30
[SECURITY] [DSA 3263-1] proftpd-dfsg security update 2015-05-19Re: [FD] Mozilla extensions: a security nightmare 2015-08-05
[SECURITY] [DSA 3264-1] icedove security update 2015-05-19Re: [FD] Mozilla extensions: a security nightmare 2015-08-06
[SECURITY] [DSA 3265-1] zendframework security update 2015-05-20Re: [FD] Mozilla extensions: a security nightmare 2015-08-07
[SECURITY] [DSA 3265-2] zendframework regression update 2015-05-24Re: [FD] SSH host key fingerprint - through HTTPS 2014-09-02
[SECURITY] [DSA 3266-1] fuse security update 2015-05-21RE: [Full-disclosure] Apache suEXEC privilege elevation / 2013-08-09
[SECURITY] [DSA 3268-1] ntfs-3g security update 2015-05-22Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-10
[SECURITY] [DSA 3268-2] ntfs-3g security update 2015-05-26Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-11
[SECURITY] [DSA 3269-2] postgresql-9.1 regression update 2015-05-31Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-12
[SECURITY] [DSA 3270-1] postgresql-9.4 security update 2015-05-22Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-13
[SECURITY] [DSA 3271-1] nbd security update 2015-05-23Re: [Full-disclosure] Binary Planting Goes "Any File Type" 2011-07-08
[SECURITY] [DSA 3272-1] ipsec-tools security update 2015-05-23Re: [Full-disclosure] CVE-2013-1643 - Unauthorised Access To Other Users Email Messages in Symantec PGP Universal Web Messenger 2014-02-18
[SECURITY] [DSA 3273-1] tiff security update 2015-05-25Re: [Full-disclosure] DC4420 - London DEFCON - July meet - Tuesday 19th July 2011 2011-07-13
[SECURITY] [DSA 3275-1] fusionforge security update 2015-05-30Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere! 2013-08-24
[SECURITY] [DSA 3276-1] symfony security update 2015-05-31Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere! 2013-08-25
[SECURITY] [DSA 3277-1] wireshark security update 2015-06-02Re: [Full-disclosure] Defense in depth -- the Microsoft way (part 8): execute everywhere! 2013-08-26
[SECURITY] [DSA 3279-1] redis security update 2015-06-06Re: [Full-disclosure] HP A-series switches are affected, too. [WAS: More on IPv6 RA-Guard evasion (IPv6 security)] 2011-09-01
[SECURITY] [DSA 3280-1] php5 security update 2015-06-07RE: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission 2011-09-15
[SECURITY] [DSA 3281-1] Debian Security Team PGP/GPG key change notice 2015-06-07Re: [Full-disclosure] Microsoft's Binary Planting Clean-Up Mission 2011-09-16
[SECURITY] [DSA 3282-1] strongswan security update 2015-06-08Re: [Full-disclosure] nginx exploit documentation, about a generic way to exploit Linux targets 2013-07-24
[SECURITY] [DSA 3285-1] qemu-kvm security update 2015-06-12Re: [Full-disclosure] OpenSSH 3.5p1 Remote Root Exploit for FreeBSD 2011-07-01
[SECURITY] [DSA 3286-1] xen security update 2015-06-13Re: [Full-disclosure] phpMyAdmin 3.x Conditional Session Manipulation 2011-08-04
[SECURITY] [DSA 3287-1] openssl security update 2015-06-13Re: [Full-disclosure] pidgin OTR information leakage 2012-02-27
[SECURITY] [DSA 3288-1] libav security update 2015-06-13Re: [Full-disclosure] pidgin OTR information leakage 2012-02-28
[SECURITY] [DSA 3289-1] p7zip security update 2015-06-15Re: [Full-disclosure] silly PoCs continue: X-Frame-Options give you less than expected 2011-12-11
[SECURITY] [DSA 3290-1] linux security update 2015-06-18Re: [Full-disclosure] Ubuntu, Linux Mint, and the Guest Account 2012-05-05
[SECURITY] [DSA 3291-1] drupal7 security update 2015-06-18Re: [Full-disclosure] Ubuntu: reseed(8), random.org, and HTTP request 2011-07-06
[SECURITY] [DSA 3292-1] cinder security update 2015-06-19Re: [Full-disclosure] Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin 2012-07-16
[SECURITY] [DSA 3293-1] pyjwt security update 2015-06-20Re: [Full-disclosure] We're now paying up to $20, 000 for web vulns in our services 2012-04-24
[SECURITY] [DSA 3294-1] wireshark security update 2015-06-23Re: [Full-disclosure] Working Remote Root Exploit for OpenSSH 3.4p1 (FreeBSD) 2011-07-01
[SECURITY] [DSA 3295-1] cacti security update 2015-06-24Re: [Full-disclosure] XSS and SQL Injection Vulnerabilities in MiniBB 2013-07-11
[SECURITY] [DSA 3297-1] unattended-upgrades security update 2015-06-29Re: [Full-disclosure] XSS, LFI and SQL Injection Vulnerabilities in Achievo 2012-11-02
[SECURITY] [DSA 3305-1] python-django security update 2015-07-08Re: [oss-security] Case YVS Image Gallery 2012-02-27
[SECURITY] [DSA 3306-1] pdns security update 2015-07-09Re: [oss-security] CVE Request: Planeshift buffer overflow 2012-05-17
[SECURITY] [DSA 3307-1] pdns-recursor security update 2015-07-09Re: [oss-security] CVE Request: Planeshift buffer overflow 2012-05-18
[SECURITY] [DSA 3308-1] mysql-5.5 security update 2015-07-18Re: [oss-security] CVE-2016-4484: - Cryptsetup Initrd root Shell 2016-11-15
[SECURITY] [DSA 3309-1] tidy security update 2015-07-18Re: [oss-security] Docker 1.12.6 - Security Advisory 2017-01-11
[SECURITY] [DSA 3310-1] freexl security update 2015-07-19Re: [oss-security] Dolphin 7.0.7 <= Multiple Cross Site Scripting Vulnerabilities 2012-02-20
[SECURITY] [DSA 3311-1] mariadb-10.0 security update 2015-07-20Re: [oss-security] HTTPS Only (Open Source, Python) 2016-02-11
[SECURITY] [DSA 3312-1] cacti security update 2015-07-22Re: [oss-security] OxWall 1.1.1 <= Multiple Cross Site Scripting Vulnerabilities 2012-02-20
[SECURITY] [DSA 3313-1] linux security update 2015-07-23Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection 2012-11-14
[SECURITY] [DSA 3314-1] typo3-src end of life 2015-07-23Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection 2012-11-13
[SECURITY] [DSA 3315-1] chromium-browser security update 2015-07-24Re: [SE-2011-01] Security vulnerabilities in a digital satellite TV platform 2012-01-04
[SECURITY] [DSA 3316-1] openjdk-7 security update 2015-07-25Re: [SE-2012-01] Broken security fix in IBM Java 7/8 2016-04-05
[SECURITY] [DSA 3317-1] lxc security update 2015-07-25Re: [SE-2012-01] Java 7 Update 11 confirmed to be vulnerable 2013-01-22
[SECURITY] [DSA 3318-1] expat security update 2015-07-26Re: [security bulletin] HPSBUX02922 SSRT101305 rev.1 - HP-UX Running Java5 Runtime Environment (JRE) and Java Developer Kit (JDK), Remote Unauthorized Access, Disclosure of Information, and Other Vulnerabilities 2013-11-14
[SECURITY] [DSA 3319-1] bind9 security update 2015-07-28Re: [SECURITY] [DSA 3325-2] apache2 regression update 2015-08-21
[SECURITY] [DSA 3320-1] openafs security update 2015-07-30Re: [SECURITY] [DSA 3336-1] nss security update 2015-08-17
[SECURITY] [DSA 3321-1] xmltooling security update 2015-07-30Re: [slackware-security] imagemagick (SSA:2016-132-01) 2016-05-11
[SECURITY] [DSA 3323-1] icu security update 2015-08-01Re: <BASE> tag used for hijacking external resources (XSS) 2011-12-16
[SECURITY] [DSA 3324-1] icedove security update 2015-08-01Re: <BASE> tag used for hijacking external resources (XSS) 2011-12-17
[SECURITY] [DSA 3325-1] apache2 security update 2015-08-01Re: Aastra IP Telephone encrypted .tuz configuration file leakage 2013-02-14
[SECURITY] [DSA 3326-1] ghostscript security update 2015-08-02Re: Analysis: Vast IPv6 address space actually enables IPv6 attacks 2012-06-08
[SECURITY] [DSA 3327-1] squid3 security update 2015-08-03Re: Android KeyStore Stack Buffer Overflow (CVE-2014-3100) 2014-07-07
[SECURITY] [DSA 3328-1] wordpress security update 2015-08-04Re: Android wireless accepts fake response (No interaction requires) (Vulnerability ?) 2012-03-15
[SECURITY] [DSA 3328-2] wordpress regression update 2015-08-04Re: Apache suEXEC privilege elevation / information disclosure 2013-08-09
[SECURITY] [DSA 3329-1] linux security update 2015-08-07Re: Apple and Wifi Hotspot Credentials Management Vulnerability 2013-06-17
[SECURITY] [DSA 3330-1] activemq security update 2015-08-07Re: Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) 2016-03-07
[SECURITY] [DSA 3332-2] wordpress regression update 2015-10-29Re: Arbor Networks Peakflow SP web interface XSS 2012-04-04
[SECURITY] [DSA 3336-1] nss security update 2015-08-17Re: Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack 2013-02-12
[SECURITY] [DSA 3337-2] gdk-pixbuf security update 2015-12-17RE: Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img 2015-10-07
[SECURITY] [DSA 3338-1] python-django security update 2015-08-18Re: Basilic RCE bug 2012-07-06
[SECURITY] [DSA 3342-1] vlc security update 2015-08-20Re: Bugtraq ID# 53694 is invalid/fake 2012-06-14
[SECURITY] [DSA 3344-1] php5 security update 2015-08-27Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials 2011-07-26
[SECURITY] [DSA 3345-1] iceweasel security update 2015-08-29Re: CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials 2011-08-05
[SECURITY] [DSA 3346-1] drupal7 security update 2015-08-31RE: Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability 2016-03-30
[SECURITY] [DSA 3347-1] pdns security update 2015-09-02Re: Cisco Security Advisory: Multiple Vulnerabilities in Cisco Prime Data Center Network Manager 2013-11-14
[SECURITY] [DSA 3348-1] qemu security update 2015-09-02Re: CitrusDB 2.4.1 - LFI/SQLi Vulnerability 2012-07-10
[SECURITY] [DSA 3349-1] qemu-kvm security update 2015-09-02Re: CORE-2009-01515 - WordPress Privileges Unchecked in admin.php and Multiple Information 2015-08-19
[SECURITY] [DSA 3350-1] bind9 security update 2015-09-02Re: CORE-2013-0807 - Divide Error in Windows Kernel 2013-12-11
[SECURITY] [DSA 3351-1] chromium-browser security update 2015-09-03Re: CVE-2012-0037: libraptor - XXE in RDF/XML File Interpretation (Multiple office products affected) 2012-03-27
[SECURITY] [DSA 3352-1] screen security update 2015-09-04Re: CVE-2012-3287: md5crypt is no longer considered safe 2012-06-09
[SECURITY] [DSA 3353-1] openslp-dfsg security update 2015-09-05Re: CVE-2012-4366: Insecure default WPA2 passphrase in multiple Belkin wireless routers 2012-11-19
[SECURITY] [DSA 3354-1] spice security update 2015-09-08Re: CVE-2015-3938 Remote Permanent LoV (Loss of View) in Mitsubishi Melsec FX3G-24M PLC 2015-09-29
[SECURITY] [DSA 3355-1] libvdpau security update 2015-09-10Re: CVE-2015-5204: HTTP header injection vulnerability in Apache Cordova File Transfer Plugin for Android 2015-09-24
[SECURITY] [DSA 3355-2] libvdpau regression update 2015-11-02RE: CVE-2016-0729: Apache Xerces-C XML Parser Crashes on Malformed Input 2016-02-26
[SECURITY] [DSA 3356-1] openldap security update 2015-09-12Re: CVE-2016-3222: MS Edge CBaseScriptable::PrivateQueryInterface memory corruption 2016-12-06
[SECURITY] [DSA 3357-1] vzctl security update 2015-09-13Re: CVE-2016-5019: MyFaces Trinidad view state deserialization security vulnerability 2016-09-29
[SECURITY] [DSA 3358-1] php5 security update 2015-09-13Re: DC4420 - London DEFCON - September meet - Tuesday 24th September 2013 2013-09-23
[SECURITY] [DSA 3359-1] virtualbox security update 2015-09-13Re: DDIVRT-2011-39 SolarWinds Storage Manager Server SQL Injection Authentication Bypass 2012-05-03
[SECURITY] [DSA 3360-1] icu security update 2015-09-15Re: Dolibarr CMS v3.2.0 Alpha - File Include Vulnerabilities 2012-02-27
[SECURITY] [DSA 3362-1] qemu-kvm security update 2015-09-18Re: Drupal 7.14 <= Full Path Disclosure Vulnerability 2012-05-10
[SECURITY] [DSA 3363-1] owncloud-client security update 2015-09-20Re: DS3 Authentication Server - Multiple Issues 2013-11-13
[SECURITY] [DSA 3364-1] linux security update 2015-09-21Re: EMC Avamar: World writable cache files 2013-01-21
[SECURITY] [DSA 3365-1] iceweasel security update 2015-09-23Re: Erronous post concerning Backtrack 5 R2 0day 2012-04-13
[SECURITY] [DSA 3366-1] rpcbind security update 2015-09-23Re: ESA-2011-039: RSA(r), The Security Division of EMC, announces security fixes and improvements for RSASecurID(r) Software Token 4.1 for Microsoft(r)Windows(r) 2011-12-20
[SECURITY] [DSA 3367-1] wireshark security update 2015-09-24Re: Executable installers are vulnerable^WEVIL (case 26): the installer of GIMP for Windows allows arbitrary (remote) and escalation of privilege 2016-02-24
[SECURITY] [DSA 3368-1] cyrus-sasl2 security update 2015-09-25Re: Facebook Url Redirection Vuln. 2013-07-11
[SECURITY] [DSA 3369-1] zendframework security update 2015-10-06Re: FastStone Image Viewer 4.6 <= ReadAVonIP Arbitrary Code Execution 2012-10-09
[SECURITY] [DSA 3370-1] freetype security update 2015-10-06RE: FP BugCON 2014 - Mexico City 2013-11-07
[SECURITY] [DSA 3371-1] spice security update 2015-10-09Re: Full Disclosure ASUS Wireless Routers Ten Models - Multiple Vulnerabilities on AiCloud enabled units 2013-07-17
[SECURITY] [DSA 3372-1] linux security update 2015-10-13Re: Fwd: 0-DAY XSS of cforms II is now fixed after a year and four months (was Re: cforms WordPress Plugin Cross Site Scripting Vulnerability - CVE-2010-3977) 2012-02-17
[SECURITY] [DSA 3373-1] owncloud security update 2015-10-18Re: Fwd: vulnerability issue for DB2 express 2013-11-18
[SECURITY] [DSA 3374-1] postgresql-9.4 security update 2015-10-19Re: gnome-terminal, xfce4-terminal, terminator and others write scrollback buffer to disk 2012-03-09
[SECURITY] [DSA 3375-1] wordpress security update 2015-10-19Re: Happy Birthday FreeBSD! Now you are 20 years old and your security is the same as 20 years ago... :) 2013-06-20
[SECURITY] [DSA 3376-1] chromium-browser security update 2015-10-21Re: Hawkeye-G v3 CSRF Vulnerability ***[UPDATED CORRECTED] 2015-08-18
[SECURITY] [DSA 3377-1] mysql-5.5 security update 2015-10-24Re: HttpFileServer 2.3.x Remote Command Execution 2014-09-14
[SECURITY] [DSA 3379-1] miniupnpc security update 2015-10-25Re: Ilient SysAid v8.5.05 - Multiple Web Vulnerabilities Are Fixed! 2012-04-11
[SECURITY] [DSA 3380-1] php5 security update 2015-10-27Re: iOS: List of available trusted root certificates 2013-10-01
[SECURITY] [DSA 3381-1] openjdk-7 security update 2015-10-27Re: jara 1.6 sql injection vulnerability 2011-10-25
[SECURITY] [DSA 3381-2] openjdk-7 security update 2015-11-01Re: Kingcopes AthCon 2012 Slides & Notes --> Video online 2013-03-05
[SECURITY] [DSA 3382-1] phpmyadmin security update 2015-10-28Re: LabWiki <= 1.1 Multiple Vulnerabilities 2011-11-09
[SECURITY] [DSA 3383-1] wordpress security update 2015-10-29Re: Local file inclusion in VtigerCRM 2011-11-09
[SECURITY] [DSA 3384-1] virtualbox security update 2015-10-29Re: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (usbvision driver) 2015-10-07
[SECURITY] [DSA 3385-1] mariadb-10.0 security update 2015-10-31Re: ManageEngine Applications Manager Build No: 12700 Information Disclosure and Un-Authenticated SQL injection. 2016-05-06
[SECURITY] [DSA 3386-1] unzip security update 2015-10-31Re: Micro Login System v1.0 (userpwd.txt) Password Disclosure Vulnerability 2015-08-20
[SECURITY] [DSA 3386-2] unzip regression update 2015-11-09Re: MiniUPnPd Information Disclosure (CVE-2013-2600) 2013-07-12
[SECURITY] [DSA 3387-1] openafs security update 2015-11-01Re: Monkey HTTPD 1.1.1 - Denial of Service Vulnerability 2013-05-31
[SECURITY] [DSA 3388-1] ntp security update 2015-11-01Re: Mozilla Firefox 44.0b2 Cross-site Scripting Vulnerability 2016-01-11
[SECURITY] [DSA 3389-1] elasticsearch end-of-life 2015-11-01Re: Multiple remote vulnerabilities (RCE, bof) in Nuuo NVR and NETGEAR Surveillance 2016-08-04
[SECURITY] [DSA 3390-1] xen security update 2015-11-02Re: Multiple vulnerabilites in vendor IKE implementations, including Cisco, 2015-08-16
[SECURITY] [DSA 3391-1] php-horde security update 2015-11-03Re: Multiple vulnerabilities in McAfee ePO 4.6.6 2013-07-15
[SECURITY] [DSA 3392-1] freeimage security update 2015-11-04Re: Multiple XSS in KnowledgeTree Community Edition 2012-01-16
[SECURITY] [DSA 3393-1] iceweasel security update 2015-11-04Re: Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy 2012-06-22
[SECURITY] [DSA 3394-1] libreoffice security update 2015-11-05Re: Mybb 1.6.8 Sql Injection Vulnerabilitiy 2012-06-08
[SECURITY] [DSA 3395-1] krb5 security update 2015-11-06Re: NetCommWireless HSPA 3G10WVE Wireless Router Multiple vulnerabilities 2016-05-05
[SECURITY] [DSA 3395-2] krb5 security update 2015-11-12Re: NEW : VMSA-2015-0003 VMware product updates address critical information disclosure issue in JRE 2015-08-16
[SECURITY] [DSA 3396-1] linux security update 2015-11-10Re: ntopng 1.2.0 XSS injection using monitored network traffic 2014-09-03
[SECURITY] [DSA 3397-1] wpa security update 2015-11-10Re: OLE DB Provider for Oracle multiple DLL side loading vulnerabilities 2016-02-10
[SECURITY] [DSA 3398-1] strongswan security update 2015-11-16Re: OLE DB Provider for Oracle multiple DLL side loading vulnerabilities 2016-02-11
[SECURITY] [DSA 3399-1] libpng security update 2015-11-18Re: OpenKM 5.1.7 Privilege Escalation 2012-01-04
[SECURITY] [DSA 3400-1] lxc security update 2015-11-19Re: Oracle Auto Service Request /tmp file clobbering vulnerability 2013-03-07
[SECURITY] [DSA 3402-1] symfony security update 2015-11-24Re: Oracle Hyperion password disclosure... 2015-09-08
[SECURITY] [DSA 3403-1] libcommons-collections3-java security update 2015-11-24Re: OS-S 2016-06 Linux cdc_acm Nullpointer Dereference 2016-03-09
[SECURITY] [DSA 3404-1] python-django security update 2015-11-25Re: OS-S 2016-06 Linux cdc_acm Nullpointer Dereference 2016-03-15
[SECURITY] [DSA 3405-1] smokeping security update 2015-11-25Re: OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference 2016-03-15
[SECURITY] [DSA 3406-1] nspr security update 2015-11-25Re: OS-S 2016-08 Linux mct_u232 Nullpointer Dereference 2016-03-15
[SECURITY] [DSA 3407-1] dpkg security update 2015-11-26Re: OS-S 2016-11 Linux wacom multiple Nullpointer Dereferences 2016-03-15
[SECURITY] [DSA 3408-1] gnutls26 security update 2015-12-01Re: OS-S 2016-12 Linux digi_acceleport Nullpointer Dereference 2016-03-15
[SECURITY] [DSA 3409-1] putty security update 2015-12-01Re: oss-2016-13: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) 2016-03-14
[SECURITY] [DSA 3410-1] icedove security update 2015-12-01Re: oss-2016-13: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) 2016-03-15
[SECURITY] [DSA 3411-1] cups-filters security update 2015-12-02Re: oss-2016-15: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) 2016-03-14
[SECURITY] [DSA 3412-1] redis security update 2015-12-03Re: oss-2016-15: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) 2016-03-15
[SECURITY] [DSA 3413-1] openssl security update 2015-12-04Re: oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) 2016-03-14
[SECURITY] [DSA 3414-1] xen security update 2015-12-09Re: oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) 2016-03-15
[SECURITY] [DSA 3415-1] chromium-browser security update 2015-12-10Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) 2016-03-14
[SECURITY] [DSA 3416-1] libphp-phpmailer security update 2015-12-13Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) 2016-03-15
[SECURITY] [DSA 3417-1] bouncycastle security update 2015-12-14RE: ownCloud Unencrypted Private Key Exposure - version (6.0.4) reported not vulnerable 2014-08-05
[SECURITY] [DSA 3418-1] chromium-browser security update 2015-12-15Re: ownCloud Unencrypted Private Key Exposure 2014-08-04
[SECURITY] [DSA 3419-1] cups-filters security update 2015-12-15Re: ownCloud Unencrypted Private Key Exposure 2014-08-05
[SECURITY] [DSA 3420-1] bind9 security update 2015-12-15Re: Perfect PDF products distributed with vulnerable MSVC++ libraries 2011-06-21
[SECURITY] [DSA 3421-1] grub2 security update 2015-12-16Re: Perfect PDF products distributed with vulnerable MSVC++ libraries 2011-06-22
[SECURITY] [DSA 3422-1] iceweasel security update 2015-12-16Re: phpMyBible 0.5.1 Mutiple XSS 2012-04-23
[SECURITY] [DSA 3423-1] cacti security update 2015-12-16Re: pidgin OTR information leakage 2012-02-27
[SECURITY] [DSA 3424-1] subversion security update 2015-12-16Re: Pro Chat Rooms v8.2.0 - Multiple Vulnerabilities 2014-09-09
[SECURITY] [DSA 3425-1] tryton-server security update 2015-12-17Re: PunBB 1.3.6 bug 2011-09-26
[SECURITY] [DSA 3426-1] linux security update 2015-12-17Re: pwgen: non-uniform distribution of passwords 2012-01-17
[SECURITY] [DSA 3426-2] ctdb regression update 2016-03-03Re: pwgen: non-uniform distribution of passwords 2012-01-19
[SECURITY] [DSA 3428-1] tomcat8 security update 2015-12-18Re: pwgen: non-uniform distribution of passwords 2012-01-22
[SECURITY] [DSA 3430-1] libxml2 security update 2015-12-23Re: Re: [Full-disclosure] Apache suEXEC privilege elevation / information disclosure 2013-08-08
[SECURITY] [DSA 3431-1] ganeti security update 2016-01-01Re: Re: [oss-security] Re: [OVSA20121112] OpenVAS Manager Vulnerable To Command Injection 2012-11-14
[SECURITY] [DSA 3432-1] icedove security update 2016-01-01Re: Re: foofus.net security advisory - Lexmark Multifunction Printer Information Leakage 2011-11-10
[SECURITY] [DSA 3433-1] samba security update 2016-01-02Re: Re: Multiple Cross-Site Scripting vulnerabilities in WebCalendar 2011-07-07
[SECURITY] [DSA 3434-1] linux security update 2016-01-05Re: Re: Mybb 1.6.8 'announcements.php' Sql Injection Vulnerabilitiy 2012-06-26
[SECURITY] [DSA 3435-1] git security update 2016-01-05Re: Re: plow 0.0.5 <= Buffer Overflow Vulnerability 2012-07-10
[SECURITY] [DSA 3437-1] gnutls26 security update 2016-01-09Re: Re: UAC Bypass Vulnerability on "Windows 7" in Windows Script Host 2015-08-30
[SECURITY] [DSA 3438-1] xscreensaver security update 2016-01-10Re: Re: WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities 2011-12-14
[SECURITY] [DSA 3439-1] prosody security update 2016-01-10Re: Re: wordpress Lanoba Social Plugin Xss Vulnerabilities 2011-11-29
[SECURITY] [DSA 3440-1] sudo security update 2016-01-11Re: Reflected File Download in AOL Search Website 2015-02-16
[SECURITY] [DSA 3441-1] perl security update 2016-01-11RE: Regarding MS12-020 2012-03-20
[SECURITY] [DSA 3444-1] wordpress security update 2016-01-13Re: Resolved - NNT Change Tracker - Hard-Coded Encryption Key Originally posted as http://seclists.org/fulldisclosure/2011/May/460 2011-06-29
[SECURITY] [DSA 3447-1] tomcat7 security update 2016-01-17RE: RFI in JAF CMS 2011-12-21
[SECURITY] [DSA 3448-1] linux security update 2016-01-19Re: rpi-update tmpfile vulnerability 2013-03-06
[SECURITY] [DSA 3449-1] bind9 security update 2016-01-19Re: rssh security announcement 2012-05-08
[SECURITY] [DSA 3450-1] ecryptfs-utils security update 2016-01-20Re: rssh security announcement 2012-05-09
[SECURITY] [DSA 3451-1] fuse security update 2016-01-21Re: SaaS Marketing platform Hubspot export vulnerability 2014-08-28
[SECURITY] [DSA 3452-1] claws-mail security update 2016-01-23Re: Samsung TV - DoS vulnerability 2013-07-22
[SECURITY] [DSA 3453-1] mariadb-10.0 security update 2016-01-25Re: SAXoPRESS - directory traversal 2012-06-18
[SECURITY] [DSA 3454-1] virtualbox security update 2016-01-26Re: Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) 2013-02-17
[SECURITY] [DSA 3455-1] curl security update 2016-01-27Re: seamless bait-and-switch 2011-12-08
[SECURITY] [DSA 3456-1] chromium-browser security update 2016-01-27Re: seamless bait-and-switch 2011-12-09
[SECURITY] [DSA 3457-1] iceweasel security update 2016-01-27Re: SEC Consult SA-20130417-1 :: Java ActiveX Control Memory Corruption 2013-04-19
[SECURITY] [DSA 3458-1] openjdk-7 security update 2016-01-27Re: server and client side remote code execution through a buffer overflow in all git versions before 2.7.1 (unpublished á´?á´ á´?-2016-2324 and á´?á´ á´?â??2016â??2315) 2016-03-18
[SECURITY] [DSA 3459-1] mysql-5.5 security update 2016-01-28Re: Sielco Sistemi Winlog Buffer Overflow <= v2.07.14 2012-06-22
[SECURITY] [DSA 3460-1] privoxy security update 2016-01-30Re: Simple Mail Server - SMTP Authentication Bypass Vulnerability 2012-01-10
[SECURITY] [DSA 3461-1] freetype security update 2016-01-31Re: Slider Revolution/Showbiz Pro shell upload exploit 2014-12-04
[SECURITY] [DSA 3462-1] radicale security update 2016-01-30Re: SQLi found in Kodak Insite 2013-03-13
[SECURITY] [DSA 3463-1] prosody security update 2016-01-31Re: SSH host key fingerprint - through HTTPS 2014-09-01
[SECURITY] [DSA 3464-1] rails security update 2016-01-31Re: Superuser unsanitized environment vulnerability on Android <= 4.2.x 2013-11-14
[SECURITY] [DSA 3465-1] openjdk-6 security update 2016-02-02Re: TeamSpeak Client <= 3.0.18.1 RFI, Directory Traversal to RCE 2015-10-22
[SECURITY] [DSA 3466-1] krb5 security update 2016-02-04Re: TFTP Server 3CTftpSvc Buffer Overflow Vulnerability (Long transporting mode) 2016-01-10
[SECURITY] [DSA 3467-1] tiff security update 2016-02-06Re: The history of a -probably- 13 years old Oracle bug: TNS Poison 2012-04-26
[SECURITY] [DSA 3468-1] polarssl security update 2016-02-06Re: The history of a -probably- 13 years old Oracle bug: TNS Poison 2012-06-26
[SECURITY] [DSA 3469-1] qemu security update 2016-02-08Re: the week of silly PoCs continues: data://www.mybank.com/ 2011-12-11
[SECURITY] [DSA 3470-1] qemu-kvm security update 2016-02-08Re: Tinyguestbook XSS 2012-01-03
[SECURITY] [DSA 3471-1] qemu security update 2016-02-08Re: Trigerring Java code from a SVG image 2012-05-16
[SECURITY] [DSA 3472-1] wordpress security update 2016-02-08Re: VLC Player 2.0.3 <= ReadAV Arbitrary Code Execution (Update) 2012-10-13
[SECURITY] [DSA 3473-1] nginx security update 2016-02-11Re: VMWare Zimbra Mailer | DKIM longterm Mail Replay vulnerability 2016-02-02
[SECURITY] [DSA 3474-1] libgcrypt20 security update 2016-02-12Re: vTiger CRM 5.2.x <= Remote Code Execution Vulnerability 2011-10-05
[SECURITY] [DSA 3475-1] postgresql-9.1 security update 2016-02-13Re: Vulnerabilities in trading and SCADA softwares 2011-09-14
[SECURITY] [DSA 3476-1] postgresql-9.4 security update 2016-02-13Re: Vulnerabilities in Windows 8 Professional x64 factory preinstallation of Fujitsu Lifebook A512 [continued] 2013-05-08
[SECURITY] [DSA 3477-1] iceweasel security update 2016-02-14Re: Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. 2012-02-20
[SECURITY] [DSA 3478-1] libgcrypt11 security update 2016-02-15Re: VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free (MS13-021 / CVE-2013-0087) 2013-03-19
[SECURITY] [DSA 3479-1] graphite2 security update 2016-02-15RE: VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability 2016-07-27
[SECURITY] [DSA 3480-1] eglibc security update 2016-02-16Re: We're now paying up to $20,000 for web vulns in our services 2012-04-24
[SECURITY] [DSA 3481-1] glibc security update 2016-02-16Re: WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities 2011-12-14
[SECURITY] [DSA 3482-1] libreoffice security update 2016-02-17Re: WikyBlog 1.7.3RC2 XSS vulnerability 2012-03-18
[SECURITY] [DSA 3483-1] cpio security update 2016-02-19Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets 2013-07-11
[SECURITY] [DSA 3485-1] didiwiki security update 2016-02-20Re: Windows 7/8 admin account installation password stored in the clear in LSA Secrets 2013-07-12
[SECURITY] [DSA 3485-2] didiwiki security update 2016-04-12Re: WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-30
[SECURITY] [DSA 3486-1] chromium-browser security update 2016-02-21Re: Wireshark 1.4.0 Malformed IKE Packet Denial of Service 2011-07-13
[SECURITY] [DSA 3490-1] websvn security update 2016-02-24Re: Word 2003 SP2 .doc fork bomb on WinXP SP3 2013-11-08
[SECURITY] [DSA 3491-1] icedove security update 2016-02-24Re: Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability 2012-07-24
[SECURITY] [DSA 3492-1] gajim security update 2016-02-25Re: Wordpress flash-album-gallery plugin Cross-Site Scripting Vulnerabilities 2011-12-01
[SECURITY] [DSA 3493-1] xerces-c security update 2016-02-25Re: Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability 2013-01-11
[SECURITY] [DSA 3494-1] cacti security update 2016-02-27Re: wordpress Lanoba Social Plugin Xss Vulnerabilities 2011-11-21
[SECURITY] [DSA 3495-1] xymon security update 2016-02-29Re: Wordpress pretty-link.1.5.2 plugin Cross-Site Scripting Vulnerabilities 2011-12-08
[SECURITY] [DSA 3496-1] php-horde-core security update 2016-02-28Re: Wordpress skysa-official plugin Cross-Site Scripting Vulnerabilities 2011-12-14
[SECURITY] [DSA 3497-1] php-horde security update 2016-02-28Re: Wordpress Valums Uploader - File Upload Vulnerability 2013-01-29
[SECURITY] [DSA 3498-1] drupal7 security advisory 2016-02-28Re: Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities 2012-05-01
[SECURITY] [DSA 3499-1] pillow security update 2016-02-28Re:joomla com_zimbcomment Components Local File Include vulnerability 2013-09-26
[SECURITY] [DSA 3500-1] openssl security update 2016-03-01Re:Re: Introduction to R-sequence public key cryptography attack 2011-12-12
[SECURITY] [DSA 3501-1] perl security update 2016-03-01Reason Core Security v1.2.0.1 - Unqoted Path Privilege Escalation Vulnerability 2016-11-18
[SECURITY] [DSA 3502-1] roundup security update 2016-03-03Recon 2012 - Call For Papers - June 14-16, 2012 - Montreal, Quebec 2012-02-27
[SECURITY] [DSA 3503-1] linux security update 2016-03-03Recon 2013 Call For Papers - June 21-23, 2013 - Montreal, Quebec 2013-03-09
[SECURITY] [DSA 3504-1] bsh security update 2016-03-04Recon 2014 Call For Papers - June 27-29, 2014 - Montreal, Quebec 2014-02-17
[SECURITY] [DSA 3505-1] wireshark security update 2016-03-04Recon Europe 2017 Call For Papers - January 27 - 29, 2017 - Brussels, Belgium 2016-09-22
[SECURITY] [DSA 3506-1] libav security update 2016-03-04Redaxo CMS contains multiple vulnerabilities 2016-02-16
[SECURITY] [DSA 3507-1] chromium-browser security update 2016-03-05Redirection vulnerability in MBoard 2011-07-27
[SECURITY] [DSA 3508-1] jasper security update 2016-03-06RedTeam Pentesting GmbH (release redteam-pentesting de) 
[SECURITY] [DSA 3509-1] rails security update 2016-03-09Reflected Cross Site Scripting (XSS) Vulnerability in nopcommerce 3.70 2016-08-15
[SECURITY] [DSA 3510-1] iceweasel security update 2016-03-09Reflected Cross-Site Scripiting in CuteEditor 2016-03-14
[SECURITY] [DSA 3514-1] samba security update 2016-03-12Reflected Cross-Site Scripting (XSS) in BlackCat CMS 2014-09-03
[SECURITY] [DSA 3515-1] graphite2 security update 2016-03-13Reflected Cross-Site Scripting (XSS) in e107 2014-07-16
[SECURITY] [DSA 3516-1] wireshark security update 2016-03-13Reflected Cross-Site Scripting (XSS) in EWWW Image Optimizer WordPress Plugin 2014-10-08
[SECURITY] [DSA 3518-1] spip security update 2016-03-16Reflected Cross-Site Scripting (XSS) in Google Calendar Events WordPress Plugin 2014-10-08
[SECURITY] [DSA 3519-1] xen security update 2016-03-17Reflected Cross-Site Scripting (XSS) in iTop 2015-09-23
[SECURITY] [DSA 3520-1] icedove security update 2016-03-18Reflected Cross-Site Scripting (XSS) in Jamroom 2014-08-13
[SECURITY] [DSA 3521-1] git security update 2016-03-19Reflected Cross-Site Scripting (XSS) in MODX Revolution 2014-09-17
[SECURITY] [DSA 3522-1] squid3 security update 2016-03-20Reflected Cross-Site Scripting (XSS) in MyWebSQL 2014-09-03
[SECURITY] [DSA 3523-1] iceweasel security update 2016-03-20Reflected Cross-Site Scripting (XSS) in SearchBlox 2015-06-17
[SECURITY] [DSA 3524-1] activemq security update 2016-03-20Reflected Cross-Site Scripting (XSS) in SourceBans 2015-10-03
[SECURITY] [DSA 3525-1] pixman security update 2016-03-22Reflected Cross-Site Scripting (XSS) in SourceBans 2015-12-02
[SECURITY] [DSA 3526-1] libmatroska security update 2016-03-23Reflected Cross-Site Scripting (XSS) in Textpattern 2014-10-01
[SECURITY] [DSA 3527-1] inspircd security update 2016-03-24Reflected Cross-Site Scripting (XSS) Vulnerability in Litecart CMS 2016-03-16
[SECURITY] [DSA 3528-1] pidgin-otr security update 2016-03-23Reflected cross-site scripting (XSS) vulnerability in Mediatrix Web Management Interface login page 2014-01-23
[SECURITY] [DSA 3529-1] redmine security update 2016-03-23Reflected Cross-Site Scripting (XSS) Vulnerability in Storesprite 2014-06-25
[SECURITY] [DSA 3530-1] tomcat6 security update 2016-03-25Reflected Cross-Site Scripting in Synology DiskStation Manager 2015-05-25
[SECURITY] [DSA 3531-1] chromum-browser security update 2016-03-26Reflected File Download in AOL Search Website 2015-02-16
[SECURITY] [DSA 3532-1] quagga security update 2016-03-27Reflected XSS in Role Scoper WordPress Plugin 2015-12-02
[SECURITY] [DSA 3533-1] openvswitch security update 2016-03-29Reflected XSS in Ultimate Member WordPress Plugin 2015-12-02
[SECURITY] [DSA 3534-1] dhcpcd security update 2016-03-29Reflected XSS vulnarbility in Asus RT-N10 Plus Router 2015-01-29
[SECURITY] [DSA 3535-1] kamailio security update 2016-03-29Reflecting XSS Vulnerability in CMS Contenido 4.9.x-4.9.5 2014-12-24
[SECURITY] [DSA 3536-1] libstruts1.2-java security update 2016-03-31Reflection Scan: an Off-Path Attack on TCP 2012-01-17
[SECURITY] [DSA 3537-1] imlib2 security update 2016-03-31Reflective XSS in Marekkis Watermark-Plugin Cross-Site Scripting Vulnerability 2013-02-18
[SECURITY] [DSA 3538-1] libebml security update 2016-03-31Reflective XSS in uk cookie plugin 2012-11-13
[SECURITY] [DSA 3539-1] srtp security update 2016-04-02Reflective/Stored XSS in Responsive Logo Slideshow Plugin Cross-Site Scripting Vulnerability 2013-02-18
[SECURITY] [DSA 3540-1] lhasa security update 2016-04-03Regarding MS12-020 2012-03-20
[SECURITY] [DSA 3541-1] roundcube security update 2016-04-05Related POC for JCE Joomla Extension <=2.0.10 MultipleVulnerabilities 2011-10-11
[SECURITY] [DSA 3542-1] mercurial security update 2016-04-05RelateIQ Bug Bounty #1 - Persistent Signup Vulnerability 2014-12-16
[SECURITY] [DSA 3543-1] oar security update 2016-04-05Released: rompar - Semi-automation tool for data extraction of microscopic Masked ROM images 2013-01-31
[SECURITY] [DSA 3544-1] python-django security update 2016-04-07Reliable Windows 7 Exploitation: A Case Study 2012-02-28
[SECURITY] [DSA 3545-1] cgit security update 2016-04-07Reminder - DeepSec 2011 Call For Papers 2011-07-17
[SECURITY] [DSA 3546-1] optipng security update 2016-04-07Reminder: ClubHack2012 Call for Papers Closing Soon 2012-10-02
[SECURITY] [DSA 3547-1] imagemagick security update 2016-04-11Remote Buffer Overflow Vulnerability in Samsung Kies 2013-01-09
[SECURITY] [DSA 3548-1] samba security update 2016-04-13Remote Code Execution in DVR affecting over 70 different vendors 2016-03-23
[SECURITY] [DSA 3548-2] samba regression update 2016-04-14Remote Code Execution in Exponent 2016-02-10
[SECURITY] [DSA 3549-1] chromium-browser security update 2016-04-15Remote Code Execution in GLPI 2013-10-02
[SECURITY] [DSA 3550-1] openssh security update 2016-04-15Remote code execution in Puppet 2013-06-19
[SECURITY] [DSA 3551-1] fuseiso security update 2016-04-16Remote Code Execution in Roundcube 2016-01-13
[SECURITY] [DSA 3552-1] tomcat7 security update 2016-04-17Remote Code Execution in Shopware <5.1.5 (CVE-2016-3109) 2016-04-23
[SECURITY] [DSA 3553-1] varnish security update 2016-04-22Remote Code Execution via CSRF in iTop 2016-03-18
[SECURITY] [DSA 3554-1] xen security update 2016-04-21Remote Code Execution via Unauthorised File upload in Cforms 14.7 2014-12-29
[SECURITY] [DSA 3555-1] imlib2 security update 2016-04-23Remote command execution in fastreader ruby gem 2013-03-17
[SECURITY] [DSA 3556-1] libgd2 security update 2016-04-24Remote command execution in Ruby Gem Command Wrap 2013-03-18
[SECURITY] [DSA 3557-1] mysql-5.5 security update 2016-04-26Remote command execution in Ruby Gem ldoce 0.0.2 2013-04-02
[SECURITY] [DSA 3558-1] openjdk-7 security update 2016-04-26Remote Command Injection in Ruby Gem sfpagent 0.4.14 2014-04-18
[SECURITY] [DSA 3559-1] iceweasel security update 2016-04-27Remote Desktop v0.9.4 Android - Multiple Vulnerabilities 2015-01-21
[SECURITY] [DSA 3560-1] php5 security update 2016-04-27Remote file download vulnerability in wordpress plugin wp-ecommerce-shop-styling v2.5 2015-07-08
[SECURITY] [DSA 3561-1] subversion security update 2016-04-29Remote File Inclusion in Gwolle Guestbook WordPress Plugin 2015-12-02
[SECURITY] [DSA 3562-1] tardiff security update 2016-05-01Remote file upload vulnerability in aviary-image-editor-add-on-for-gravity-forms v3.0beta Wordpress plugin 2015-06-10
[SECURITY] [DSA 3563-1] poppler security update 2016-05-01Remote privesc and RCE in Kaseya Virtual System Administrator 2015-09-29
[SECURITY] [DSA 3564-1] chromium-browser security update 2016-05-02Remote shutdown vulnerability in Buffalo NAS (Linkstation 420) 2016-01-24
[SECURITY] [DSA 3565-1] botan1.10 security update 2016-05-02Report OWASP WAF Naxsi bypass Vulnerability 2013-03-26
[SECURITY] [DSA 3565-2] monotone ovito pdns qtcreator softhsm regression update 2016-05-11research nightwatchcybersecurity com 
[SECURITY] [DSA 3566-1] openssl security update 2016-05-03Reserve Logic v1.2 Booking CMS - Multiple Vulnerabilities 2012-07-12
[SECURITY] [DSA 3567-1] libpam-sshauth security update 2016-05-04Resolved - NNT Change Tracker - Hard-Coded Encryption Key - Originally posted as http://seclists.org/fulldisclosure/2011/May/460 2011-06-29
[SECURITY] [DSA 3568-1] libtasn1-6 security update 2016-05-05Resolved - NNT Change Tracker - Hard-Coded Encryption Key Originally posted as http://seclists.org/fulldisclosure/2011/May/460 2011-06-29
[SECURITY] [DSA 3569-1] openafs security update 2016-05-05ResourceSpace Multiple Cross Site Scripting, and HTML and SQL Injection Vulnerabilities 2014-12-11
[SECURITY] [DSA 3570-1] mercurial security update 20Results of a XSLT fuzzing effort 2013-03-08
[SECURITY] [DSA 3570-1] mercurial security update 2016-05-05ReviewBoard Vulnerabilities 2013-08-09
[SECURITY] [DSA 3571-1] ikiwiki security update 2016-05-08Revised IETF I-D: Advice on IPv6 RA-Guard Implementation 2012-01-05
[SECURITY] [DSA 3572-1] websvn security update 2016-05-09Revised IETF I-D: IPv6 Neighbor Discovery, SEND, and IPv6 Fragmentation 2012-01-12
[SECURITY] [DSA 3573-1] qemu security update 2016-05-09Revision of "IPv6 Stable Privacy Addresses" (Fwd: I-D Action: draft-ietf-6man-stable-privacy-addresses-07.txt) 2013-05-19
[SECURITY] [DSA 3574-1] libarchive security update 2016-05-10REWTERZ-20120629 - TEMENOS T24 Cross-Site Scripting (XSS) Vulnerability 2012-06-28
[SECURITY] [DSA 3575-1] libxstream-java security update 2016-05-12REWTERZ-20140101 - ManageEngine ServiceDesk SQL Injection Vulnerability 2015-01-22
[SECURITY] [DSA 3576-1] icedove security update 2016-05-13REWTERZ-20140102 - ManageEngine ServiceDesk Plus User Enumeration Vulnerability 2015-01-22
[SECURITY] [DSA 3577-1] jansson security update 2016-05-14RFC 6528 on Defending against Sequence Number Attacks 2012-02-03
[SECURITY] [DSA 3578-1] libidn security update 2016-05-14Ricardo Iramar dos Santos (riramar gmail com) 
[SECURITY] [DSA 3579-1] xerces-c security update 2016-05-16RootedCON 2014 - Call For Papers 2013-10-02
[SECURITY] [DSA 3580-1] imagemagick security update 2016-05-16rssh security announcement 2012-05-08
[SECURITY] [DSA 3581-1] libndp security update 2016-05-17RUCKUS ADVISORY ID 031813-1: Unauthenticated TCP tunneling on Ruckus devices via SSH server process 2013-05-28
[SECURITY] [DSA 3582-1] expat security update 2016-05-18RUCKUS ADVISORY ID 031813-2: User authentication bypass vulnerability in ZoneDirector administrative web interface 2013-05-28
[SECURITY] [DSA 3583-1] swift-plugin-s3 security update 2016-05-18RUCKUS ADVISORY ID 041414: OpenSSL 1.0.1 library's "Heart bleed" vulnerability - CVE-2014-0160 2014-04-14
[SECURITY] [DSA 3625-1] squid3 security update 2016-07-22RUCKUS ADVISORY ID 10282013 - User authentication bypass vulnerability in Ruckus Access Point's administrative web interface 2013-11-27
[SECURITY] [DSA 3626-1] openssh security update 2016-07-24RUCKUS ADVISORY ID 111113-1: Authenticated code injection vulnerability in ZoneDirector administrative web interface 2013-11-12
[SECURITY] [DSA 3627-1] phpmyadmin security update 2016-07-24RuggedCom - Backdoor Accounts in my SCADA network? You don't say... 2012-04-23
[SECURITY] [DSA 3628-1] perl security update 2016-07-25Ruxcon 2011 Final Call For Papers 2011-08-15
[SECURITY] [DSA 3629-1] ntp security update 2016-07-25Ruxcon 2012 Call For Papers 2012-04-19
[SECURITY] [DSA 3630-1] libgd2 security update 2016-07-26Ruxcon 2013 Final Call For Papers 2013-07-15
[SECURITY] [DSA 3631-1] php5 security update 2016-07-26Ruxcon 2014 Final Call For Presentations 2014-07-15
[SECURITY] [DSA 3632-1] mariadb-10.0 security update 2016-07-27SA500 vulnerabilities - details 2011-07-27
[SECURITY] [DSA 3633-1] xen security update 2016-07-27SaaS Marketing platform Hubspot export vulnerability 2014-08-27
[SECURITY] [DSA 3634-1] redis security update 2016-07-30Safari Address Spoofing - Impact, Code, How It Works, History 2015-06-03
[SECURITY] [DSA 3636-1] collectd security update 2016-07-30Safebreach adsivory: Node.js HTTP Response Splitting (CVE-2016-2216) 2016-02-09
[SECURITY] [DSA 3637-1] chromium-browser security update 2016-07-31Safend Data Protector Multiple Vulnerabilities 2012-11-29
[SECURITY] [DSA 3638-1] curl security update 2016-08-03SafeSEH+SEHOP all-at-once bypass explotation method principles 2012-01-12
[SECURITY] [DSA 3640-1] firefox-esr security update 2016-08-03SaltOS 3.1 Cross-Site Scripting vulnerability 2012-08-23
[SECURITY] [DSA 3641-1] openjdk-7 security update 2016-08-04Salvatore Bonaccorso (carnil debian org) 
[SECURITY] [DSA 3642-1] lighttpd security update 2016-08-06Samsung DVR authentication bypass 2013-08-20
[SECURITY] [DSA 3643-1] kde4libs security update 2016-08-06Samsung DVR credentials encoded in base64 in cookie header 2016-12-17
[SECURITY] [DSA 3644-1] fontconfig security update 2016-08-08Samsung Galaxy S3 partial screen-lock bypass 2013-02-21
[SECURITY] [DSA 3645-1] chromium-browser security update 2016-08-09Sana Net (viewnews.php?id) Remote SQL injection Vulnerability 2011-08-31
[SECURITY] [DSA 3646-1] postgresql-9.4 security update 2016-08-11Sana Net (viewpages.php?id) Remote SQL injection Vulnerability 2011-09-01
[SECURITY] [DSA 3647-1] icedove security update 2016-08-11SANS AppSec 2012 CFP is Open 2011-10-26
[SECURITY] [DSA 3649-1] gnupg security update 2016-08-17SANS AppSec 2012 CFP reminder 2011-12-02
[SECURITY] [DSA 3650-1] libgcrypt20 security update 2016-08-17SAP Business Objects XI R2 Infoview Multiple XSS 2012-03-08
[SECURITY] [DSA 3652-1] imagemagick security update 2016-08-25SAP Netwaver - XML External Entity Injection 2015-09-21
[SECURITY] [DSA 3654-1] quagga security update 2016-08-26SASHA v0.2.0 Mutiple XSS 2011-12-18
[SECURITY] [DSA 3659-1] linux security update 2016-09-04Saveya Bounty #1 - Bypass & Persistent Vulnerability 2016-07-28
[SECURITY] [DSA 3661-1] charybdis security update 2016-09-06SAY Comunicacion (producto.php?id) Remote SQL injection Vulnerability 2011-08-13
[SECURITY] [DSA 3666-1] mysql-5.5 security update 2016-09-14Scanning the IPv6 Internet with the scan6 tool (SI6 IPv6 toolkit) 2013-02-17
[SECURITY] [DSA 3669-1] tomcat7 security update 2016-09-15script-fu buffer overflow in GIMP 2.6 2012-05-30
[SECURITY] [DSA 3672-1] irssi security update 2016-09-21seamless bait-and-switch 2011-12-08
[SECURITY] [DSA 3673-1] openssl security update 2016-09-22Sebastian Perez (s3bap3 gmail com) 
[SECURITY] [DSA 3674-1] firefox-esr security update 2016-09-22Sebastien Delafond (seb debian org) 
[SECURITY] [DSA 3678-1] python-django security update 2016-09-26SEC Consult SA-20110701-0 :: Multiple SQL injection vulnerabilities in WordPress 2011-07-01
[SECURITY] [DSA 3679-1] jackrabbit security update 2016-09-27SEC Consult SA-20110810-0 :: Client-side remote file upload & command execution in Check Point SSL VPN On-Demand applications - CVE-2011-1827 2011-08-10
[SECURITY] [DSA 3680-1] bind9 security update 2016-09-27SEC Consult SA-20111012-0 :: Client-side remote file upload & command execution in Microsoft Forefront UAG Remote Access Agent (CVE-2011-1969) 2011-10-13
[SECURITY] [DSA 3681-2] wordpress regression update 2016-10-01SEC Consult SA-20111219-0 :: Client-side remote arbitrary file upload in SecCommerce SecSigner Java Applet 2011-12-19
[SECURITY] [DSA 3684-1] libdbd-mysql-perl security update 2016-10-03SEC Consult SA-20111219-1 :: Multiple vulnerabilities in WhatsApp 2011-12-19
[SECURITY] [DSA 3691-2] ghostscript regression update 2016-10-28SEC Consult SA-20111230-0 :: Critical authentication bypass in Microsoft ASP.NET Forms - CVE-2011-3416 2011-12-30
[SECURITY] [DSA 3693-1] libgd2 security update 2016-10-14SEC Consult SA-20120104-0 :: Multiple critical vulnerabilities in Apache Struts2 2012-01-05
[SECURITY] [DSA 3694-1] tor security update 2016-10-18SEC Consult SA-20120220-0 :: Multiple critical vulnerabilities in VOXTRONIC voxlog professional 2012-02-20
[SECURITY] [DSA 3695-1] quagga security update 2016-10-18SEC Consult SA-20120220-1 :: Multiple Vulnerabilities in ELBA5 2012-02-20
[SECURITY] [DSA 3698-1] php5 security update 2016-10-24SEC Consult SA-20120315-0 :: Multiple permanent XSS vulnerabilities in EMC Documentum eRoom 2012-03-15
[SECURITY] [DSA 3700-1] asterisk security update 2016-10-25SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd (OpenOffice.org) - CVE-2012-2149 2012-05-18
[SECURITY] [DSA 3701-1] nginx security update 2016-10-25SEC Consult SA-20120618-0 :: Western Digital ShareSpace WEB GUI Sensitive Data Disclosure 2012-06-18
[SECURITY] [DSA 3701-2] nginx regression update 2016-10-28SEC Consult SA-20120618-1 :: Airlock WAF overlong UTF-8 sequence bypass 2012-06-18
[SECURITY] [DSA 3707-1] openjdk-7 security update 2016-11-07SEC Consult SA-20120626-0 :: Zend Framework - Local file disclosure via XXE injection 2012-06-26
[SECURITY] [DSA 3709-1] libxslt security update 2016-11-08SEC Consult SA-20120829-0 :: Symantec Messaging Gateway - Support Backdoor 2012-08-30
[SECURITY] [DSA 3711-1] mariadb-10.0 security update 2016-11-11SEC Consult SA-20121017-0 :: ModSecurity multipart/invalid part ruleset bypass 2012-10-17
[SECURITY] [DSA 3716-1] firefox-esr security update 2016-11-16SEC Consult SA-20121017-1 :: Unirgy uStoreLocator SQL Injection - Magento extension 2012-10-17
[SECURITY] [DSA 3719-1] wireshark security update 2016-11-21SEC Consult SA-20121017-2 :: Multiple vulnerabilities in Oracle WebCenter Sites (former FatWire Content Server) 2012-10-17
[SECURITY] [DSA 3723-1] gst-plugins-good1.0 security update 2016-11-24SEC Consult SA-20121115-0 :: Applicure dotDefender WAF format string vulnerability 2012-11-15
[SECURITY] [DSA 3724-1] gst-plugins-good0.10 security update 2016-11-24SEC Consult SA-20130122-0 :: F5 BIG-IP XML External Entity Injection vulnerability 2013-01-22
[SECURITY] [DSA 3725-1] icu security update 2016-11-27SEC Consult SA-20130122-1 :: F5 BIG-IP SQL injection vulnerability 2013-01-22
[SECURITY] [DSA 3730-1] icedove security update 2016-12-11SEC Consult SA-20130124-0 :: Critical SSH Backdoor in multiple Barracuda Networks Products 2013-01-24
[SECURITY] [DSA 3732-2] php-ssh2 regression update 2016-12-21SEC Consult SA-20130308-0 :: Multiple critical vulnerabilities in GroundWork Monitor Enterprise (part 1) 2013-03-08
[SECURITY] [DSA 3736-1] libupnp security update 2016-12-16SEC Consult SA-20130308-1 :: Multiple vulnerabilities in GroundWork Monitor Enterprise (part 2) 2013-03-08
[SECURITY] [DSA 3738-1] tomcat7 security update 2016-12-18SEC Consult SA-20130311-0 :: Persistent cross-site scripting in jforum 2013-03-11
[SECURITY] [DSA 3743-1] python-bottle security update 2016-12-20SEC Consult SA-20130313-0 :: QlikView Desktop Client Integer Overflow 2013-03-13
[SECURITY] [DSA 3744-1] libxml2 security update 2016-12-23SEC Consult SA-20130403-0 :: Multiple vulnerabilities in Sophos Web Protection Appliance 2013-04-03
[SECURITY] [DSA 3746-1] graphicsmagick security update 2016-12-24SEC Consult SA-20130507-0 :: Multiple vulnerabilities in NetApp OnCommand System Manager 2013-05-07
[SECURITY] [DSA 3750-1] libphp-phpmailer security update 2016-12-31SEC Consult SA-20130523-0 :: JavaScript Execution in IBM WebSphere DataPower Services 2013-05-23
[SECURITY] [DSA 3750-2] libphp-phpmailer regression update 2017-01-03SEC Consult SA-20130605-0 :: Multiple vulnerabilities in CTERA Portal 2013-06-05
[SECURITY] [DSA 3753-1] libvncserver security update 2017-01-05SEC Consult SA-20130904-0 :: GroupLink everything HelpDesk - undocumented password reset/admin takeover and XSS vulnerabilities 2013-09-04
[SECURITY] [DSA 3757-1] icedove security update 2017-01-11SEC Consult SA-20131003-0 :: Denial of service vulnerability in Citrix NetScaler 2013-10-03
[SECURITY] [DSA 3758-1] bind9 security update 2017-01-11SEC Consult SA-20131004-0 :: SQL injection vulnerability in Zabbix 2013-10-04
[SECURITY] [DSA 3760-1] ikiwiki security update 2017-01-12SEC Consult SA-20131015-0 :: Multiple vulnerabilities in SpamTitan 2013-10-15
[SECURITY] [DSA-2210-2] tiff security update 2011-06-25SEC Consult SA-20140122-0 :: Critical vulnerabilities in T-Mobile HOME NET Router LTE (Huawei B593u-12) 2014-01-22
[SECURITY] [DSA-2393-1] bip security update 2012-01-25SEC Consult SA-20140218-0 :: Multiple critical vulnerabilities in Symantec Endpoint Protection 2014-02-18
[SECURITY] [DSA-2471-1] ffmpeg security update 2012-05-13SEC Consult SA-20140227-0 :: Local Buffer Overflow vulnerability in SAS for Windows (Statistical Analysis System) 2014-02-27
[SECURITY] [DSA-2769-1] kfreebsd-9 security update 2013-10-08SEC Consult SA-20140228-0 :: Privilege escalation vulnerability in MICROSENS Profi Line Modular Industrial Switch 2014-02-28
[SECURITY] CVE-2011-1184 Apache Tomcat - Multiple weaknesses in HTTP DIGEST authentication 2011-09-26SEC Consult SA-20140228-1 :: Authentication bypass (SSRF) and local file disclosure in Plex Media Server 2014-02-28
[SECURITY] CVE-2011-2481: Apache Tomcat information disclosure vulnerability 2011-08-12SEC Consult SA-20140307-0 :: Unauthenticated access & manipulation of settings in Huawei E5331 MiFi mobile hotspot 2014-03-07
[SECURITY] CVE-2011-2526 Apache Tomcat Information disclosure and availability vulnerabilities 2011-07-13SEC Consult SA-20140328-0 :: Multiple vulnerabilities in Symantec LiveUpdate Administrator 2014-03-28
[SECURITY] CVE-2011-2729: Commons Daemon fails to drop capabilities (Apache Tomcat) 2011-08-12SEC Consult SA-20140402-0 :: Multiple vulnerabilities in Rhythm File Manager 2014-04-02
[SECURITY] CVE-2011-3190 Apache Tomcat Authentication bypass and information disclosure 2011-08-29SEC Consult SA-20140411-0 :: Multiple vulnerabilities in Plex Media Server 2014-04-11
[SECURITY] CVE-2011-3375 Apache Tomcat Information disclosure 2012-01-17SEC Consult SA-20140423-0 :: Path Traversal/Remote Code Execution in WD Arkeia Network Backup Appliances 2014-04-23
[SECURITY] CVE-2011-3376 Apache Tomcat - Privilege Escalation via Manager app 2011-11-08SEC Consult SA-20140528-0 :: Root Backdoor & Unauthenticated access to voice recordings in NICE Recording eXpress 2014-05-28
[SECURITY] CVE-2011-4367 Apache MyFaces information disclosure vulnerability 2012-02-09SEC Consult SA-20140606-0 :: Multiple critical vulnerabilities in WebTitan 2014-06-06
[SECURITY] CVE-2012-0022 Apache Tomcat Denial of Service 2012-01-17SEC Consult SA-20140630-0 :: Multiple vulnerabilities in IBM Algorithmics RICOS 2014-06-30
[SECURITY] CVE-2012-2138 Apache Sling denial of service vulnerability 2012-07-06SEC Consult SA-20140701-0 :: Stored cross-site scripting vulnerabilities in EMC Documentum eRoom 2014-07-01
[SECURITY] CVE-2012-3544 Chunked transfer encoding extension size is not limited 2013-05-10SEC Consult SA-20140710-1 :: Multiple high risk vulnerabilities in Shopizer webshop 2014-07-10
[SECURITY] CVE-2013-0248 Apache Commons FileUpload - Insecure examples 2013-03-06SEC Consult SA-20140716-0 :: Multiple SSRF vulnerabilities in Alfresco Community Edition 2014-07-16
[SECURITY] CVE-2013-2067 Session fixation with FORM authenticator 2013-05-10SEC Consult SA-20140716-1 :: Remote Code Execution via CSRF in OpenVPN Access Server "Desktop Client" 2014-07-16
[SECURITY] CVE-2013-2187: Apache Archiva Cross-Site Scripting vulnerability 2014-04-19SEC Consult SA-20140716-2 :: Multiple vulnerabilities in Citrix NetScaler Application Delivery Controller and Citrix NetScaler Gateway 2014-07-16
[SECURITY] CVE-2013-2251: Apache Archiva Remote Command Execution 2014-04-19SEC Consult SA-20140716-3 :: Multiple critical vulnerabilities in Bitdefender GravityZone 2014-07-16
[SECURITY] CVE-2013-2251: Apache Continuum affected by Remote Command Execution 2014-06-13SEC Consult SA-20140805-0 :: Multiple vulnerabilities in Readsoft Invoice Processing and Process Director 2014-08-05
[SECURITY] CVE-2013-4286 Incomplete fix for CVE-2005-2090 (Information disclosure) 2014-02-25SEC Consult SA-20140828-0 :: F5 BIG-IP Reflected Cross-Site Scripting 2014-08-28
[SECURITY] CVE-2013-4322 Incomplete fix for CVE-2012-3544 (Denial of Service) 2014-02-25SEC Consult SA-20141106-0 :: XXE & XSS & Arbitrary File Write vulnerabilities in Symantec Endpoint Protection 2014-11-06
[SECURITY] CVE-2013-4444 Remote Code Execution in Apache Tomcat 2014-09-10SEC Consult SA-20141218-1 :: OS command execution vulnerability in GParted 2014-12-18
[SECURITY] CVE-2013-4590 Information disclosure via XXE when running untrusted web applications 2014-02-25SEC Consult SA-20141218-2 :: Multiple high risk vulnerabilities in NetIQ Access Manager 2014-12-18
[SECURITY] CVE-2014-0033 Session fixation still possible with disableURLRewriting enabled 2014-02-25SEC Consult SA-20141219-0 :: XSS & Memory Disclosure vulnerabilities in NetIQ eDirectory NDS iMonitor 2014-12-19
[SECURITY] CVE-2014-0111 Apache Syncope 2014-04-15SEC Consult SA-20150113-1 :: Privilege Escalation & XSS & Missing Authentication in Ansible Tower 2015-01-13
[SECURITY] CVE-2014-0227 Apache Tomcat Request Smuggling 2015-02-09SEC Consult SA-20150113-2 :: Cross-Site Request Forgery in XBMC / Kodi 2015-01-13
[SECURITY] CVE-2014-3503 Apache Syncope 2014-07-07SEC Consult SA-20150122-0 :: Multiple critical vulnerabilities in Symantec Data Center Security: Server Advanced (SDCS:SA) & SCSP 2015-01-22
[SECURITY] CVE-2014-7810: Apache Tomcat Security Manager Bypass 2015-05-14SEC Consult SA-20150227-0 :: Multiple vulnerabilities in Loxone Smart Home 2015-02-27
[SECURITY] CVE-2015-0254 XXE and RCE via XSL extension in JSTL XML tags 2015-02-27SEC Consult SA-20150514-0 :: Multiple vulnerabilities in Loxone Smart Home (part 2) 2015-05-14
[SECURITY] CVE-2015-5174 Apache Tomcat Limited Directory Traversal 2016-02-22SEC Consult SA-20150716-0 :: Permanent Cross-Site Scripting in Oracle Application Express 2015-07-16
[SECURITY] CVE-2015-5345 Apache Tomcat Directory disclosure 2016-02-22SEC Consult SA-20150728-0 :: McAfee Application Control Multiple Vulnerabilities 2015-07-28
[SECURITY] CVE-2015-5346 Apache Tomcat Session fixation 2016-02-22SEC Consult SA-20150805-0 :: Websense Content Gateway Stack Buffer Overflow in handle_debug_network 2015-08-05
[SECURITY] CVE-2015-5349: Apache Directory Studio command injection vulnerability 2016-01-02SEC Consult SA-20151022-0 :: Lime Survey Multiple Critical Vulnerabilities 2015-10-22
[SECURITY] CVE-2015-5351 Apache Tomcat CSRF token leak 2016-02-22SEC Consult SA-20151105-0 :: Insecure default configuration in Ubiquiti Networks products 2015-11-05
[SECURITY] CVE-2016-0706 Apache Tomcat Security Manager bypass 2016-02-22SEC Consult SA-20151210-0 :: Skybox Platform Multiple Vulnerabilities 2015-12-10
[SECURITY] CVE-2016-0714 Apache Tomcat Security Manager Bypass 2016-02-22SEC Consult SA-20160121-0 :: Deliberately hidden backdoor account in AMX (Harman Professional) devices 2016-01-21
[SECURITY] CVE-2016-0763 Apache Tomcat Security Manager Bypass 2016-02-22SEC Consult SA-20160210-0 :: Yeager CMS Multiple Vulnerabilities 2016-02-10
[SECURITY] CVE-2016-5017: Buffer overflow vulnerability in ZooKeeper C cli shell 2016-09-16SEC Consult SA-20160422-0 :: Insecure credential storage in my devolo Android app 2016-04-22
[SECURITY] CVE-2016-8745 Apache Tomcat Information Disclosure 2016-12-12SEC Consult SA-20160422-1 :: Multiple vulnerabilities in Digitalstrom Konfigurator 2016-04-22
[SECURITY] Stored Cross Site Scripting in Ektron CMS 8.7 2014-04-16SEC Consult SA-20160725-0 :: Multiple vulnerabilities in Micro Focus (Novell) Filr 2016-07-25
[SECURITY][CVE-2013-2765][ModSecurity] Remote Null Pointer Dereference 2013-05-28SEC Consult SA-20160825-0 :: Multiple vulnerabilities in Micro Focus (Novell) GroupWise 2016-08-25
[SECURITY][UPDATE] CVE-2016-8745 Apache Tomcat Information Disclosure 2017-01-05SEC Consult SA-20161011-0 :: XXE vulnerability in RSA Enterprise Compromise Assessment Tool (ECAT) 2016-10-11
[SignalSEC Labs]: HTC Touch2 T3333 Video Player Memory Corruption 2011-12-08SEC Consult SA-20161114-0 :: Multiple vulnerabilities in I-Panda SolarEagle - Solar Controller Administration Software / MPPT Solar Controller SMART2 2016-11-14
[slackware-security] bash (rebuild for Slackware 13.0 only) (SSA:2014-268-02) 2014-09-25SEC Consult SA-20161128-0 :: DoS & heap-based buffer overflow in Guidance Software EnCase Forensic 2016-11-28
[slackware-security] bash (SSA:2014-267-01) 2014-09-24SEC Consult Vulnerability Lab (research sec-consult com) 
[slackware-security] bash (SSA:2014-268-01) 2014-09-25SEC Consult whitepaper: Bypassing McAfee Application Whitelisting for Critical Infrastructure Systems 2016-01-12
[slackware-security] bash (SSA:2014-272-01) 2014-09-29Secunia CSI/VIM - Filter Bypass & Persistent Validation Vulnerabilities 2014-06-18
[slackware-security] bind (SSA:2011-189-01) 2011-07-08Secunia Research (remove-vuln secunia com) 
[slackware-security] bind (SSA:2011-224-01) 2011-08-13Secunia Research: Adobe Photoshop TIFF SGI24LogLum Decompression Buffer Overflow 2012-09-03
[slackware-security] bind (SSA:2012-166-01) 2012-06-14Secunia Research: Autonomy Keyview Ichitaro Object Reconstruction Logic Vulnerability 2011-10-07
[slackware-security] bind (SSA:2012-209-01) 2012-07-27Secunia Research: Autonomy Keyview Ichitaro QLST Integer Overflow Vulnerability 2011-10-07
[slackware-security] bind (SSA:2012-257-01) 2012-09-14Secunia Research: Autonomy Keyview Ichitaro Text Parsing Buffer Overflow 2011-10-07
[slackware-security] bind (SSA:2012-284-01) 2012-10-11Secunia Research: Cisco Linksys PlayerPT ActiveX Control "SetSource()" Buffer Overflow 2012-07-17
[slackware-security] bind (SSA:2013-086-01) 2013-03-27Secunia Research: Citrix Access Gateway Plug-in for Windows nsepacom ActiveX Control Buffer Overflow 2012-08-01
[slackware-security] bind (SSA:2014-175-01) 2014-06-24Secunia Research: Cyrus IMAPd NTTP Authentication Bypass Vulnerability 2011-10-05
[slackware-security] bind (SSA:2014-344-01) 2014-12-11Secunia Research: DVR Remote ActiveX Control DVRobot Library Loading Vulnerability 2011-11-17
[slackware-security] bind (SSA:2015-188-04) 2015-07-08Secunia Research: Google Picasa CAMF Section Integer Overflow Vulnerability 2015-11-11
[slackware-security] bind (SSA:2015-209-01) 2015-07-28Secunia Research: Google Picasa Phase One Tags Processing Integer Overflow Vulnerability 2015-10-26
[slackware-security] bind (SSA:2015-245-01) 2015-09-02Secunia Research: Helix Server SNMP Master Agent Service Two Denial of Service Vulnerabilities 2012-04-09
[slackware-security] bind (SSA:2015-349-01) 2015-12-16Secunia Research: InduSoft ISSymbol ActiveX Control Buffer Overflow Vulnerabilities 2011-09-01
[slackware-security] bind (SSA:2016-204-01) 2016-07-22Secunia Research: LibGD "_gdContributionsAlloc()" Integer Overflow Denial of Service Vulnerability 2016-08-03
[slackware-security] bind (SSA:2016-271-01) 2016-09-27Secunia Research: Microsoft Windows OTF Parsing Table Encoding Record Offset Vulnerability 2016-11-10
[slackware-security] bind (SSA:2017-011-01) 2017-01-12Secunia Research: Microsoft Windows Type 1 Font Processing Vulnerability 2016-12-14
[slackware-security] blueman (SSA:2015-356-01) 2015-12-23Secunia Research: Microsoft Windows usp10.dll "GetFontDesc()" Integer Underflow Vulnerability 2015-12-08
[slackware-security] cups (SSA:2015-188-01) 2015-07-08Secunia Research: Network Instruments Observer SNMP OID Processing Denial of Service 2012-06-07
[slackware-security] curl (SSA:2013-038-01) 2013-02-08Secunia Research: Network Instruments Observer SNMP Processing Buffer Overflows 2012-06-07
[slackware-security] curl (SSA:2013-174-01) 2013-06-23Secunia Research: Novell GroupWise iCalendar Date/Time Parsing Denial of Service 2012-09-17
[slackware-security] curl (SSA:2015-302-01) 2015-10-29Secunia Research: Novell GroupWise Internet Agent "TZNAME" Parsing Vulnerability 2011-09-27
[slackware-security] curl (SSA:2016-039-01) 2016-02-08Secunia Research: Novell GroupWise Internet Agent HTTP Interface Buffer Overflow 2011-09-27
[slackware-security] curl (SSA:2016-219-01) 2016-08-06Secunia Research: NTR ActiveX Control "StopModule()" Input Validation Vulnerability 2012-01-11
[slackware-security] curl (SSA:2016-259-01) 2016-09-16Secunia Research: NTR ActiveX Control Four Buffer Overflow Vulnerabilities 2012-01-11
[slackware-security] dhcp (SSA:2012-237-01) 2012-08-24Secunia Research: OpenPNE PHP Object Injection Vulnerability 2014-01-20
[slackware-security] dhcp (SSA:2012-258-01) 2012-09-14Secunia Research: Oracle Outside In "GetTxObj()" Use-After-Free Vulnerability 2016-11-10
[slackware-security] dhcp (SSA:2013-086-02) 2013-03-27Secunia Research: Oracle Outside In "VwStreamRead()" Buffer Overflow Vulnerability 2016-11-10
[slackware-security] dhcp (SSA:2016-012-01) 2016-01-13Secunia Research: Oracle Outside In Technology Paradox Database Handling Buffer Overflow 2013-01-17
[slackware-security] dhcpcd (SSA:2011-210-02) 2011-07-29Secunia Research: Oracle Outside In Two Buffer Overflow Vulnerabilities 2015-10-26
[slackware-security] dhcpcd (SSA:2014-213-02) 2014-08-01Secunia Research: RealNetworks Helix Server Credentials Disclosure Security Issue 2012-04-09
[slackware-security] emacs (SSA:2012-228-02) 2012-08-16Secunia Research: Reprise License Manager "actserver" Buffer Overflow Vulnerability 2016-07-25
[slackware-security] expat (SSA:2016-359-01) 2016-12-24Secunia Research: Reprise License Manager "akey" Buffer Overflow Vulnerability 2016-07-25
[slackware-security] fetchmail (SSA:2011-171-01) 2011-06-20Secunia Research: Sterling Trader Data Processing Buffer Overflow Vulnerability 2011-12-13
[slackware-security] freetype (SSA:2012-176-01) 2012-06-25Secunia Research: Winamp AVI Parsing Two Integer Overflow Vulnerabilities 2011-12-12
[slackware-security] freetype (SSA:2013-015-01) 2013-01-16Secure Item Hub v1.0 iOS - Multiple Web Vulnerabilities 2016-01-27
[slackware-security] freetype (SSA:2015-016-01) 2015-01-17secureURL.php design flaws 2011-09-21
[slackware-security] gdk-pixbuf2 (SSA:2015-244-01) 2015-09-01Securing Android Applications from Screen Capture 2016-04-14
[slackware-security] gimp (SSA:2016-203-01) 2016-07-21Security Advisories 2016-02-03
[slackware-security] git (SSA:2016-075-01) 2016-03-16Security Advisory - Checkpoint Endpoint Connect VPN - DLL Hijack 2012-06-13
[slackware-security] glibc (SSA:2012-041-03) 2012-02-10Security Advisory AA-003: Directory Traversal Vulnerability in Conceptronic GrabnGo Network Storage 2012-09-02
[slackware-security] glibc (SSA:2012-244-01) 2012-08-31Security Advisory AA-004: Directory Traversal Vulnerability in Sitecom Home Storage Center 2012-09-02
[slackware-security] glibc (SSA:2013-260-01) 2013-09-18Security Advisory AA-007: Arbitrary File Upload Vulnerability in Sitecom Home Storage Center 2012-09-12
[slackware-security] glibc (SSA:2015-028-01) 2015-01-28Security Advisory AA-007: Command Injection Vulnerability in Sitecom Home Storage Center 2012-09-12
[slackware-security] gnupg (SSA:2013-287-01) 2013-10-15Security advisory for Bugzilla 4.2 and 4.0.5 2012-02-23
[slackware-security] gnupg (SSA:2014-175-02) 2014-06-24Security advisory for Bugzilla 4.2.1, 4.0.6 and 3.6.9 2012-04-18
[slackware-security] gnupg2 (SSA:2013-287-02) 2013-10-15Security advisory for Bugzilla 4.2rc1, 4.0.3, 3.6.7 and 3.4.13 2011-12-29
[slackware-security] gnupg2 (SSA:2014-175-03) 2014-06-24Security advisory for Bugzilla 4.2rc2, 4.0.4, 3.6.8 and 3.4.14 2012-01-31
[slackware-security] gnutls (SSA:2013-242-01) 2013-08-30Security advisory for Bugzilla 4.3.2, 4.2.2, 4.0.7 and 3.6.10 2012-07-26
[slackware-security] gnutls (SSA:2013-287-03) 2013-10-15Security advisory for Bugzilla 4.3.3, 4.2.3, 4.0.8 and 3.6.11 2012-08-30
[slackware-security] gnutls (SSA:2014-062-01) 2014-03-04Security advisory for Bugzilla 4.4rc1, 4.2.4, 4.0.9 and 3.6.12 2012-11-14
[slackware-security] gnutls (SSA:2014-156-01) 2014-06-06Security advisory for Bugzilla 4.5.3, 4.4.3, 4.2.8, and 4.0.12 2014-04-17
[slackware-security] gnutls (SSA:2017-011-02) 2017-01-12Security advisory for Bugzilla 4.5.5, 4.4.5, 4.2.10, and 4.0.14 2014-07-24
[slackware-security] grub (SSA:2015-351-01) 2015-12-18Security advisory for Bugzilla 4.5.6, 4.4.6, 4.2.11, and 4.0.15 2014-10-06
[slackware-security] hplip (SSA:2013-339-04) 2013-12-06Security advisory for Bugzilla 5.0, 4.4.9, and 4.2.14 2015-09-10
[slackware-security] httpd (SSA:2011-252-01) 2011-09-09Security Advisory for Bugzilla 5.0.1, 4.4.10 and 4.2.15 2015-09-10
[slackware-security] httpd (SSA:2011-284-01) 2011-10-14Security advisory for Bugzilla 5.0.2, 4.4.11 and 4.2.16 2015-12-22
[slackware-security] httpd (SSA:2012-041-01) 2012-02-10Security advisory for Bugzilla 5.0.3 and 4.4.12 2016-05-16
[slackware-security] httpd (SSA:2014-204-01) 2014-07-24Security Advisory in LedgerSMBv 1.3.20 and below: Denial of Service vulnerability 2012-07-30
[slackware-security] httpd (SSA:2016-358-01) 2016-12-24Security advisory, LedgerSMB 1.3.0-1.3.36 2014-02-03
[slackware-security] imagemagick (SSA:2016-132-01) 2016-05-11security advisory: AirDroid 1.0.4 beta 2012-07-12
[slackware-security] irssi (SSA:2016-265-03) 2016-09-21Security Advisory: CVE-2011-2464 - ISC BIND 9 Remote packet Denial of Service against Authoritative and Recursive Servers 2011-07-05
[slackware-security] jasper (SSA:2015-302-02) 2015-10-29Security Advisory: CVE-2011-2465 ISC BIND 9 Remote Crash with Certain RPZ Configurations 2011-07-05
[slackware-security] kernel (SSA:2013-140-01) 2013-05-20Security Advisory: CVE-2011-2516 2011-07-07
[slackware-security] kernel (SSA:2014-050-03) 2014-02-20Security Advisory: NETGEAR Router D6300B Firmware: V1.0.0.14_1.0.14 2014-02-05
[slackware-security] kernel (SSA:2016-242-01) 2016-08-30Security advisory: SQL Injection in LedgerSMB 1.2.24 and lower 2011-08-18
[slackware-security] kernel (SSA:2016-347-01) 2016-12-12Security focus, we need your help 2013-06-26
[slackware-security] libevent (SSA:2016-085-01) 2016-03-25Security Guard CMS QT 4.7.3 - Local Stack Buffer Overflow Vulnerability 2013-10-03
[slackware-security] libexif (SSA:2012-200-01) 2012-07-18Security Implications of Predictable IPv6 Fragment Identification values (rev'ed IETF I-D) 2012-03-04
[slackware-security] libgcrypt (SSA:2016-054-03) 2016-02-23Security issue is_a function in PHP 5.3.7+ 2011-09-23
[slackware-security] libpng (SSA:2011-210-01) 2011-07-29Security Vulnerabilities in Apache Cordova / PhoneGap 2014-01-24
[slackware-security] libpng (SSA:2012-206-01) 2012-07-25security-alert hpe com 
[slackware-security] libpng (SSA:2015-337-01) 2015-12-03Security-Assessment.com Advisory: Destination Search Admin Console Access Control Bypass 2011-10-12
[slackware-security] libpng (SSA:2015-349-02) 2015-12-16Security-Assessment.com Release: Hacking Hollywood Slides, Advisories and Exploits 2011-11-29
[slackware-security] libpng (SSA:2015-351-02) 2015-12-18Securstar - DriveCrypt - Local Kernel Denial of Service/Memory Disclosure/Privilege Escalation 2011-07-20
[slackware-security] libpng (SSA:2016-365-01) 2016-12-30Seeker Adv MS-06 - .Net Cross Site Scripting - Request Validation Bypassing 2012-08-29
[slackware-security] libsndfile (SSA:2016-039-02) 2016-02-08Seeker Advisory Sep11: Insecure Redirect in Microsoft SharePoint Portal 2011-09-14
[slackware-security] libXfont (SSA:2014-013-01) 2014-01-14Seeker Advisory Sep11: Reflected Cross Site Scripting in Microsoft SharePoint Portal 2011-09-13
[slackware-security] mailx (SSA:2016-062-01) 2016-03-03Seeker Advisory: Insecure Redirect in .NET Form Authentication - Redirect From Login Mechanism (ReturnURL Parameter) 2012-03-21
[slackware-security] mariadb (SSA:2014-152-01) 2014-06-01Sefrengo CMS v1.6.1 - Multiple SQL Injection Vulnerabilities 2015-02-02
[slackware-security] mariadb (SSA:2016-305-03) 2016-11-01Self-XSS in Microsoft Dynamics CRM 2013 SP1 2015-01-07
[slackware-security] mariadb, mysql (SSA:2014-050-02) 2014-02-20Sendy 1.1.9.1 - SQL Injection Vulnerability 2014-04-10
[slackware-security] mercurial (SSA:2016-092-01) 2016-04-01SEO New York (prod.php?id) Remote SQL injection Vulnerability 2011-08-07
[slackware-security] mercurial (SSA:2016-123-01) 2016-05-02Seotoaster SQL-Injection Admin Login Bypass 2011-12-15
[slackware-security] mozilla-firefox (SSA:2011-174-01) 2011-06-24Serendipity 1.6 Backend Cross-Site Scripting and SQL-Injection vulnerability 2012-05-08
[slackware-security] mozilla-firefox (SSA:2011-195-02) 2011-07-15Serendipity freetag plugin 'serendipity[tagview]' Cross-Site Scripting vulnerability 2011-09-25
[slackware-security] mozilla-firefox (SSA:2011-249-01) 2011-09-06Serendipity Plugin 'Karma Ranking' Multiple Cross-Site Scripting 2011-11-02
[slackware-security] mozilla-firefox (SSA:2012-166-02) 2012-06-14Serendipity Security Advisory - XSS Vulnerability - CVE-2015-8603 2016-01-07
[slackware-security] mozilla-firefox (SSA:2012-200-02) 2012-07-18Serendipity 'serendipity[filter][bp.ALT]' Cross-Site Scripting vulnerability 2011-11-02
[slackware-security] mozilla-firefox (SSA:2012-244-02) 2012-08-31Serimux SSH Console Switch v2.4 - Multiple Cross Site Vulnerabilities 2016-10-04
[slackware-security] mozilla-firefox (SSA:2012-283-01) 2012-10-10ShakaCon 2013 - Call for Papers 2013-01-02
[slackware-security] mozilla-firefox (SSA:2012-285-01) 2012-10-11shell.com vulnerable TLS 2016-04-20
[slackware-security] mozilla-firefox (SSA:2012-300-01) 2012-10-27Shockwave Flash Object DLL side loading vulnerability 2015-12-16
[slackware-security] mozilla-firefox (SSA:2012-326-02) 2012-11-22Shopify Bug Bounty #8 - (FilePath) Persistent Vulnerability 2015-09-11
[slackware-security] mozilla-firefox (SSA:2013-009-01) 2013-01-10ShopperPress v2.7 Wordpress - Cross Site Vulnerabilities 2012-08-17
[slackware-security] mozilla-firefox (SSA:2013-050-01) 2013-02-20ShopperPress v2.7 Wordpress - SQL Injection Vulnerability 2012-08-17
[slackware-security] mozilla-firefox (SSA:2013-068-01) 2013-03-09Shutdown UX DLL side loading vulnerability 2015-12-16
[slackware-security] mozilla-firefox (SSA:2013-093-01) 2013-04-03Schoolhos CMS v2.29 - (kelas) Data Siswa SQL Injection Vulnerability 2016-11-07
[slackware-security] mozilla-firefox (SSA:2013-135-01) 2013-05-16SI6 Networks IPv6 Toolkit v1.3 released! 2013-02-16
[slackware-security] mozilla-firefox (SSA:2013-219-01) 2013-08-08Sielco Sistemi Winlog Buffer Overflow <= v2.07.14 2012-06-05
[slackware-security] mozilla-firefox (SSA:2013-322-01) 2013-11-19Siche Search v.0.5 Zerboard - Multiple Web Vulnerabilities 2012-04-15
[slackware-security] mozilla-firefox (SSA:2014-039-01) 2014-02-08silly PoCs continue: X-Frame-Options give you less than expected 2011-12-16
[slackware-security] mozilla-firefox (SSA:2014-157-01) 2014-06-07SilverStripe 2.4.5 Multiple backend Cross-site scripting vulnerabilities 2011-10-08
[slackware-security] mozilla-firefox (SSA:2014-204-02) 2014-07-24SilverStripe CMS - Multiple Vulnerabilities - Security Advisory - SOS-12-011 2012-11-30
[slackware-security] mozilla-firefox (SSA:2014-271-01) 2014-09-29SilverStripe CMS 2.4.7 <= Arbitrary URL Redirection 2012-10-14
[slackware-security] mozilla-firefox (SSA:2014-344-02) 2014-12-11SilverStripe CMS 2.4.7 <= Persistent Cross Site Scripting Vulnerability 2012-10-14
[slackware-security] mozilla-firefox (SSA:2015-016-02) 2015-01-17SilverStripe Framework CMS 3.0.5 - Multiple Web Vulnerabilities 2013-10-03
[slackware-security] mozilla-firefox (SSA:2015-056-01) 2015-02-26Simple Forum PHP 2.1 - SQL Injection Vulnerabilities 2012-06-14
[slackware-security] mozilla-firefox (SSA:2015-188-02) 2015-07-08Simple Mail Server - SMTP Authentication Bypass Vulnerability 2012-01-08
[slackware-security] mozilla-firefox (SSA:2015-219-01) 2015-08-08Simple Webserver 2.3-rc1 Directory Traversal 2013-01-03
[slackware-security] mozilla-firefox (SSA:2015-241-01) 2015-08-29SimpleGroupware 0.742 Cross-Site-Scripting vulnerability 2012-02-06
[slackware-security] mozilla-firefox (SSA:2015-265-01) 2015-09-23SimpleTransfer 2.2.1 - Command Injection Vulnerabilities 2013-05-12
[slackware-security] mozilla-firefox (SSA:2015-310-01) 2015-11-06SimpleView CRM - Client Side Open Redirect Vulnerability 2016-02-03
[slackware-security] mozilla-firefox (SSA:2015-349-03) 2015-12-16Simply Media Web (archivio.asp?categoria_id) Remote SQL injection Vulnerability 2011-08-23
[slackware-security] mozilla-firefox (SSA:2016-034-01) 2016-02-04SimplyShare v1.4 iOS - Multiple Web Vulnerabilities 2014-01-29
[slackware-security] mozilla-firefox (SSA:2016-042-01) 2016-02-11Sistem Biwes Multiple Vulnerability 2012-08-29
[slackware-security] mozilla-firefox (SSA:2016-068-01) 2016-03-08Site@School 2.4.10 SQL Injection & XSS vulnerabilities 2011-10-18
[slackware-security] mozilla-firefox (SSA:2016-077-01) 2016-03-17Sitecore CMS 6.4 Open URL Redirect Vulnerability 2011-07-28
[slackware-security] mozilla-firefox (SSA:2016-117-01) 2016-04-27SiteCore XML Control Script Insertion 2014-01-29
[slackware-security] mozilla-firefox (SSA:2016-219-02) 2016-08-06SiteWIX - (edit_photo2.php id) SQL Injection Exploit 2015-10-21
[slackware-security] mozilla-firefox (SSA:2016-336-01) 2016-12-01SKIDATA RFID Freemotion.Gate Unauthenticated Web Service Aribtrary Remote Command Execution 2013-11-19
[slackware-security] mozilla-firefox (SSA:2016-348-01) 2016-12-13Skype Click to Call Update Service local privilege escalation 2013-03-15
[slackware-security] mozilla-nss (SSA:2013-339-01) 2013-12-06Skype Manager - (Email Change) Filter Bypass Vulnerability 2016-05-10
[slackware-security] mozilla-nss (SSA:2014-028-02) 2014-01-28Slackware Security Team (security slackware com) 
[slackware-security] mozilla-nss (SSA:2015-219-02) 2015-08-08Slider Revolution/Showbiz Pro shell upload exploit 2014-11-25
[slackware-security] mozilla-nss (SSA:2015-310-02) 2015-11-06Slides for "Recent Advances in IPv6 Security" at Hackito Ergo Sum 2012 2012-04-14
[slackware-security] mozilla-thunderbird (SSA:2011-189-02) 2011-07-08Slides of our "Hacking IPv6 Networks" training at DEEPSEC 2011 2011-12-19
[slackware-security] mozilla-thunderbird (SSA:2011-249-02) 2011-09-06Slideware of IPv6 hacking training (HIP 2012 edition), and future trainings (Portugal & Belgium) 2012-07-03
[slackware-security] mozilla-thunderbird (SSA:2012-200-03) 2012-07-18Slideware of recent presentations about IPv6 security 2013-06-12
[slackware-security] mozilla-thunderbird (SSA:2012-244-03) 2012-08-31SmarterTools Smarter Track 6-10 - Information Disclosure Vulnerability 2014-09-26
[slackware-security] mozilla-thunderbird (SSA:2012-285-02) 2012-10-11SMF Board v2.0.2 - Multiple Web Vulnerabilities 2012-07-15
[slackware-security] mozilla-thunderbird (SSA:2012-304-01) 2012-10-31Sniffing HDCP crypto keys with a $30 Bus Pirate and a broken HDMI cable 2013-02-18
[slackware-security] mozilla-thunderbird (SSA:2012-326-03) 2012-11-22Snort v2.9.7.0-WIN32 DLL Hijack 2016-10-12
[slackware-security] mozilla-thunderbird (SSA:2013-009-02) 2013-01-10soapbox Local Root / Privilege Escalation Vulnerability 2012-10-09
[slackware-security] mozilla-thunderbird (SSA:2013-050-02) 2013-02-20Social Engine v4.2.5 - Multiple Web Vulnerabilities 2012-08-17
[slackware-security] mozilla-thunderbird (SSA:2013-068-02) 2013-03-09Socusoft Photo 2 Video v8.05 - Buffer Overflow Vulnerability 2012-02-27
[slackware-security] mozilla-thunderbird (SSA:2013-093-02) 2013-04-03Solutiontech (product.php?cat_id) Remote SQL injection Vulnerability 2011-07-27
[slackware-security] mozilla-thunderbird (SSA:2013-135-02) 2013-05-16Some failed authentication attempts using OCIPasswordChange API are not recorded (CVE-2012-0511) 2012-04-19
[slackware-security] mozilla-thunderbird (SSA:2013-219-02) 2013-08-08SonicWALL CDP 5040 v6.x - Multiple Web Vulnerabilities 2012-11-20
[slackware-security] mozilla-thunderbird (SSA:2013-307-01) 2013-11-03SonicWall Dashboard Backend Server - Client Side Cross Site Scripting Web Vulnerability 2014-03-06
[slackware-security] mozilla-thunderbird (SSA:2013-339-02) 2013-12-06SonicWALL EMail Security 7.3.5 - Multiple Vulnerabilities 2012-09-17
[slackware-security] mozilla-thunderbird (SSA:2014-039-02) 2014-02-08Sonicwall OEM Scrutinizer v9.5.2 - Multiple Vulnerabilities 2013-02-14
[slackware-security] mozilla-thunderbird (SSA:2014-204-03) 2014-07-24Sonicwall Scrutinizer v9.5.2 - SQL Injection Vulnerability 2013-02-14
[slackware-security] mozilla-thunderbird (SSA:2014-320-01) 2014-11-16SonicWall Viewpoint v6.0 SP2 - SQL Injection Vulnerability 2011-10-02
[slackware-security] mozilla-thunderbird (SSA:2014-337-01) 2014-12-03Sony Bravia Remote Denial of Service - CVE-2012-2210 2012-04-05
[slackware-security] mozilla-thunderbird (SSA:2015-016-03) 2015-01-17Sony PS3 Firmware v4.31 - Code Execution Vulnerability 2013-05-20
[slackware-security] mozilla-thunderbird (SSA:2015-056-02) 2015-02-26Sophos Antivirus Review 2011-08-04
[slackware-security] mozilla-thunderbird (SSA:2015-137-01) 2015-05-17Sophos Mobile Control EAS Proxy Open Reverse Proxy vulnerability (CVE-2016-6597) 2016-08-05
[slackware-security] mozilla-thunderbird (SSA:2015-192-01) 2015-07-12Sophos XG Firewall (SF01V) - Persistent Web Vulnerability 2016-04-26
[slackware-security] mozilla-thunderbird (SSA:2015-274-01) 2015-10-01Soso Transfer v1.1 iOS - Denial of Service Vulnerability 2016-02-03
[slackware-security] mozilla-thunderbird (SSA:2015-337-02) 2015-12-03Soundy Background Music XSS Vulnerability 2016-03-12
[slackware-security] mozilla-thunderbird (SSA:2016-085-02) 2016-03-25Sourcefire Defense Center - multiple vulnerabilities. 2012-04-04
[slackware-security] mozilla-thunderbird (SSA:2016-095-01) 2016-04-04Spark IM Client Local Password Decryption 2012-07-28
[slackware-security] mozilla-thunderbird (SSA:2016-106-01) 2016-04-15Specially crafted Json service request allows full control over a Liferay portal instance 2012-04-19
[slackware-security] mozilla-thunderbird (SSA:2016-132-01) 2016-05-12Specially crafted webdav request allows reading of local files on liferay 6.0.x 2012-04-19
[slackware-security] mozilla-thunderbird (SSA:2016-365-02) 2016-12-30Spherica Remote SQL injection Vulnerability 2011-08-26
[slackware-security] mozilla-thunderbird x86_64 packages (SSA:2013-136-01) 2013-05-16Spring Source OXM Remote OS Command Injection when XStream and IBM JRE are used 2011-06-30
[slackware-security] MPlayer (SSA:2016-034-02) 2016-02-04SQL Injection and other issues in Micro Technology Services, Inc. Lynx 2012-05-03
[slackware-security] mysql (SSA:2013-022-01) 2013-01-23SQL Injection and RCE in WebsiteBaker 2016-03-18
[slackware-security] ntp (SSA:2015-188-03) 2015-07-08SQL injection attack possible when connecting to PostgreSQL 9.1 with version 8.1 JDBC driver 2012-03-25
[slackware-security] ntp (SSA:2015-302-03) 2015-10-29SQL Injection in AdRotate 2014-02-20
[slackware-security] ntp (SSA:2016-054-04) 2016-02-23Sql injection in AJAX post Search wordpress plugin 2012-11-06
[slackware-security] ntp (SSA:2016-120-01) 2016-04-29SQL Injection in appRain 2013-11-06
[slackware-security] openssh (SSA:2013-322-02) 2013-11-19SQL Injection in b2evolution 2013-05-01
[slackware-security] openssh (SSA:2014-344-03) 2014-12-11SQL injection in Bigware shop software 2012-01-23
[slackware-security] openssh (SSA:2016-014-01) 2016-01-15SQL injection in Bigware shop software 2012-06-05
[slackware-security] openssh (SSA:2016-070-01) 2016-03-11SQL Injection in Count Per Day WordPress Plugin 2015-07-22
[slackware-security] openssh (SSA:2016-219-03) 2016-08-06SQL Injection in Ð?2 2014-07-23
[slackware-security] openssh (SSA:2016-358-02) 2016-12-24SQL Injection in Dokeos 2013-11-27
[slackware-security] openssl (SSA:2013-042-01) 2013-02-12SQL Injection in Dolphin 2013-06-12
[slackware-security] openssl (SSA:2014-013-02) 2014-01-14SQL Injection in Dolphin 2014-06-18
[slackware-security] openssl (SSA:2014-156-03) 2014-06-06SQL Injection in easy2map-photos wordpress plugin v1.09 2015-07-08
[slackware-security] openssl (SSA:2015-162-01) 2015-06-11SQL Injection in GLPI 2016-04-29
[slackware-security] openssl (SSA:2015-190-01) 2015-07-09SQL Injection in Chamilo LMS 2013-11-27
[slackware-security] openssl (SSA:2015-349-04) 2015-12-16SQL Injection in InstantCMS 2013-12-11
[slackware-security] openssl (SSA:2016-034-03) 2016-02-04SQL Injection in JV Comment Joomla Extension 2014-01-23
[slackware-security] openssl (SSA:2016-062-02) 2016-03-03SQL Injection in mAdserve 2014-04-16
[slackware-security] openssl (SSA:2016-124-01) 2016-05-03SQL Injection in Oracle Enterprise Manager (compareWizFirstConfig web page) (CVE-2012-0512) 2012-04-19
[slackware-security] openssl (SSA:2016-270-01) 2016-09-26SQL Injection in Oracle Enterprise Manager (searchPage web page) (CVE-2012-0525) 2012-04-19
[slackware-security] openvpn (SSA:2014-344-04) 2014-12-11SQL Injection in Orbit Open Ad Server 2014-04-09
[slackware-security] patch (SSA:2012-257-02) 2012-09-14SQL Injection in orion.extfeedbackform Bitrix Module 2015-12-16
[slackware-security] patch (SSA:2015-047-01) 2015-02-16SQL Injection in Osclass 2016-02-17
[slackware-security] pcre (SSA:2015-328-01) 2015-11-25SQL injection in Serendipity 2012-06-06
[slackware-security] perl (SSA:2013-072-01) 2013-03-14SQL Injection in Sexy Polling Joomla Extension 2014-01-16
[slackware-security] php (SSA:2011-237-01) 2011-08-25SQL injection in Social Slider 2011-08-10
[slackware-security] php (SSA:2012-041-02) 2012-02-10SQL Injection in SocialEngine 2016-04-06
[slackware-security] php (SSA:2012-195-01) 2012-07-14Sql injection in SugarCRM 2011-11-30
[slackware-security] php (SSA:2013-081-01) 2013-03-24SQL Injection in TestLink 2016-02-17
[slackware-security] php (SSA:2013-161-01) 2013-06-11SQL Injection in vtiger CRM 2013-09-18
[slackware-security] php (SSA:2013-197-01) 2013-07-16SQL Injection in WeBid 2016-02-17
[slackware-security] php (SSA:2013-242-02) 2013-08-30SQL Injection in webSPELL 2016-02-17
[slackware-security] php (SSA:2014-013-03) 2014-01-14SQL Injection Vulnerabilities in TestLink 2012-02-20
[slackware-security] php (SSA:2014-160-01) 2014-06-09SQL Injection Vulnerability in ArticleFR 2014-08-20
[slackware-security] php (SSA:2015-162-02) 2015-06-11SQL Injection Vulnerability in Batavi 1.1.2 2012-02-07
[slackware-security] php (SSA:2015-274-02) 2015-10-01SQL injection vulnerability in Booking Calendar WordPress Plugin 2016-08-01
[slackware-security] php (SSA:2016-034-04) 2016-02-04SQL Injection Vulnerability in ImageCMS 2013-01-23
[slackware-security] php (SSA:2016-062-03) 2016-03-03SQL Injection Vulnerability in OpenEMR 4.1.0 2012-01-03
[slackware-security] php (SSA:2016-067-01) 2016-03-08SQL Injection Vulnerability in OrangeHRM 2012-11-05
[slackware-security] php (SSA:2016-092-02) 2016-04-01SQL Injection Vulnerability in Symphony 2013-04-03
[slackware-security] php (SSA:2016-120-02) 2016-04-29SQL Injection Vulnerability in Wysija Newsletters WordPress Plugin 2013-02-06
[slackware-security] php (SSA:2016-252-01) 2016-09-08SQL Injection, Reflected XSS, Path Traversal, Function Execution in ZenPhoto 1.4.8 2015-07-10
[slackware-security] php (SSA:2016-267-01) 2016-09-23SQLi found in Kodak Insite 2013-02-19
[slackware-security] php (SSA:2016-305-04) 2016-11-01SQLi Vulnerability in ATuter management system 2015-12-02
[slackware-security] php (SSA:2016-347-03) 2016-12-12sqlinjection bug in nova cms 2012-02-12
[slackware-security] pidgin (SSA:2011-178-01) 2011-06-28SQLiteManager 1.2.4 Multiple Cross-Site-Scripting vulnerabilities 2012-01-05
[slackware-security] pidgin (SSA:2012-195-02) 2012-07-14SQL-Ledger patch update for SQL injection 2011-08-24
[slackware-security] pidgin (SSA:2013-044-01) 2013-02-14Squid URL Filtering Bypass 2012-04-16
[slackware-security] pidgin (SSA:2014-344-05) 2014-12-11Squid-3.3.5 DoS PoC 2013-07-15
[slackware-security] pidgin (SSA:2016-265-01) 2016-09-21squidGuard 1.4 - Remote Denial of Service - POC 2012-08-29
[slackware-security] proftpd (SSA:2012-041-04) 2012-02-10Squirrelcart Cart Shop v3.3.4 - Multiple Web Vulnerabilities 2012-06-14
[slackware-security] ruby (SSA:2013-136-02) 2013-05-16Squiz CMS Multiple Vulnerabilities - Security Advisory - SOS-12-007 2012-06-18
[slackware-security] samba (SSA:2011-210-03) 2011-07-29Squiz Matrix - Cross-Site Scripting Vulnerability 2011-06-06
[slackware-security] samba (SSA:2013-322-03) 2013-11-19SSH host key fingerprint - through HTTPS 2014-09-01
[slackware-security] samba (SSA:2014-013-04) 2014-01-14SSO Authentication Bypass and Website Takeover in DOKEOS 2016-02-17
[slackware-security] samba (SSA:2014-175-04) 2014-06-24Staff FTP v3.04 Software - DLL Hijacking Vulnerability 2015-05-19
[slackware-security] samba (SSA:2014-213-01) 2014-08-01Staff FTP v3.04 Software - DLL Hijacking Vulnerability 2015-05-20
[slackware-security] samba (SSA:2015-020-01) 2015-01-21Stanford University - Multiple SQL Injection Vulnerabilities 2016-05-10
[slackware-security] samba (SSA:2016-106-02) 2016-04-15Stash v1.0.3 CMS - SQL Injection Vulnerability 2016-08-15
[slackware-security] seamonkey (SSA:2011-195-01) 2011-07-15Static Analysis Tool Exposition (SATE) - Call for Participation 2011-07-11
[slackware-security] seamonkey (SSA:2011-249-03) 2011-09-06Steam Weak File Permissions Privilege Escalation 2015-11-23
[slackware-security] seamonkey (SSA:2012-166-04) 2012-06-14Stefan Kanthak (stefan kanthak nexgo de) 
[slackware-security] seamonkey (SSA:2012-200-04) 2012-07-18Stored Cross-Site Scripting vulnerability in Count per Day WordPress Plugin 2016-08-04
[slackware-security] seamonkey (SSA:2012-244-04) 2012-08-31Stored Cross-Site Scripting vulnerability in Easy Testimonials WordPress Plugin 2016-07-31
[slackware-security] seamonkey (SSA:2012-288-01) 2012-10-15Stored XSS in Terillion Reviews Wordpress Plugin 2013-03-08
[slackware-security] seamonkey (SSA:2012-304-02) 2012-10-31Stored XSS in WP Photo Album Plus WordPress Plugin 2015-05-20
[slackware-security] seamonkey (SSA:2012-326-01) 2012-11-22Stored XSS Vulnerability in F5 BIG-IP Application Security Manager 2015-01-12
[slackware-security] seamonkey (SSA:2013-009-03) 2013-01-10Strength and Weakness of Methods to Confirm SSH Host Key 2014-09-22
[slackware-security] seamonkey (SSA:2013-072-02) 2013-03-14Struts2 Prefixed Parameters OGNL Injection Vulnerability 2013-08-13
[slackware-security] seamonkey (SSA:2013-219-03) 2013-08-08Struts2 Prefixed Parameters Open Redirect Vulnerability 2013-08-13
[slackware-security] seamonkey (SSA:2013-322-04) 2013-11-19Struts2 Security Challenge 2012-03-14
[slackware-security] seamonkey (SSA:2013-339-03) 2013-12-06struts2 xsltResult Local code execution vulnerability 2012-03-22
[slackware-security] seamonkey (SSA:2014-039-03) 2014-02-08Studio Linea (prodotto.php?id) Remote SQL injection Vulnerability 2011-09-01
[slackware-security] seamonkey (SSA:2014-175-05) 2014-06-24StudioLine Photo Basic 3 ActiveX control Insecure Method 2011-08-17
[slackware-security] seamonkey (SSA:2014-252-01) 2014-09-09Stunnel CVE-2014-0016 PRNG Initialization Weakness
[slackware-security] seamonkey (SSA:2014-344-06) 2014-12-11Subject mail: CVE-2015-7320 - Multiple Reflective XSS in Appointment Booking Calendar 1.1.7 WordPress plugin 2015-09-26
[slackware-security] seamonkey (SSA:2015-016-04) 2015-01-17submit cxsec org 
[slackware-security] seamonkey (SSA:2015-047-02) 2015-02-16Subrion v4.0.5 CMS - SQL Injection Vulnerability 2016-08-05
[slackware-security] seamonkey (SSA:2015-246-01) 2015-09-03Subverting BIND's SRTT Algorithm: Derandomizing NS Selection 2013-08-14
[slackware-security] seamonkey (SSA:2015-274-03) 2015-10-01Summer of Pwnage (lists securify nl) 
[slackware-security] seamonkey (SSA:2015-318-01) 2015-11-15Sun iPlanet Error Page Link Injection 2012-06-30
[slackware-security] seamonkey (SSA:2016-075-02) 2016-03-16Superuser "su --daemon" vulnerability on Android >= 4.3 2013-11-13
[slackware-security] seamonkey (SSA:2016-365-03) 2016-12-30Superuser unsanitized environment vulnerability on Android <= 4.2.x 2013-11-13
[slackware-security] sendmail (SSA:2014-156-04) 2014-06-06Support Incident Tracker <= 3.65 (translate.php) Remote Code Execution Vulnerability 2011-11-19
[slackware-security] slocate (SSA:2012-244-05) 2012-08-31SurgeFtp Server BufferOverflow Vulnerability 2013-07-22
[slackware-security] stunnel (SSA:2016-219-04) 2016-08-06Swagger Editor v2.9.9 "description" Key DOM-based Cross-Site Scripting 2016-05-03
[slackware-security] subversion (SSA:2013-251-01) 2013-09-09Switch v4.68 - Code Execution Vulnerability 2015-12-22
[slackware-security] subversion (SSA:2014-058-01) 2014-02-27Switchvox Asterisk v5.1.2 - Multiple Web Vulnerabilities 2012-10-01
[slackware-security] subversion (SSA:2016-097-01) 2016-04-06Syhunt: Google V8 - Server-Side JS Injection in vulnerable web apps 2012-02-25
[slackware-security] subversion (SSA:2016-121-01) 2016-04-30Syhunt: Time-Based Blind NoSQL Injection 2011-12-19
[slackware-security] sudo (SSA:2013-065-01) 2013-03-07Symantec EP 12.1.4013 Disabling Vulnerability 2015-07-08
[slackware-security] sudo (SSA:2014-064-01) 2014-03-06Symantec EP DOS 2016-01-08
[slackware-security] sudo (SSA:2015-047-03) 2015-02-16Symantec VIP Access Desktop Arbitrary DLL Execution 2016-12-09
[slackware-security] t1lib (SSA:2012-228-01) 2012-08-16Symantec Workspace Virtualization 6.4.1895.0 Local Kernel Mode Privilege Escalation Exploit 2013-07-18
[slackware-security] vsftpd (SSA:2012-041-05) 2012-02-10Symfony2 Local File Disclosure - Security Advisory - SOS-12-002 2012-03-05
[slackware-security] wpa_supplicant (SSA:2014-344-07) 2014-12-11Symphony CMS 2.6.2 2015-06-06
[slackware-security] x11 (SSA:2016-305-02) 2016-11-01Symphony CMS multiple vulnerabilities 2016-02-08
[slackware-security] xorg-server (SSA:2013-287-05) 2013-10-15Symphony CMS XSS Vulnerability 2015-06-08
[softScheck] Denial of Service in Microsoft Office 2007-2013 2014-04-03SynConnect PMS SQL Injection Vulnerability 2013-03-25
[SOJOBO-ADV-13-01] - Zenphoto 1.4.5.2 multiple vulnerabilities 2013-10-03Synchrony Infotech (product_details.php?id) Remote SQL injection Vulnerability 2011-08-06
[SOJOBO-ADV-13-03] - Wordpress plugin Gallery Bank 2.0.19 Reflected Cross Site Scripting 2013-11-05Synology Photo Station 5 - Reflected Cross-Site Scripting 2012-03-10
[SOJOBO-ADV-13-04] - PHP-Nuke 8.2.4 multiple vulnerabilities 2013-11-18Synology Photo Station multiple Cross-Site Scripting vulnerabilities 2015-05-25
[SOJOBO-ADV-13-05] - Vtiger 5.4.0 Reflected Cross Site Scripting 2013-12-11Synology Video Station command injection and multiple SQL injection vulnerabilities 2015-09-09
[Spam] Chengdu Bureau of Commerce - SQL Injection Vulnerability 2012-04-23sysadmin privilege in EMC Documentum Content Server 2015-08-17
[Spam] Skype v5.6.59.x - Memory Corruption Vulnerability 2012-02-17Syslog Watcher Pro 'Date' Parameter Cross Site Scripting Vulnerability 2013-04-30
[SQLi] vBilling for FreeSWITCH 2013-04-22SYSS-2015-033: Missing Function Level Access Control (CWE-935) in Page2Flip Premium App 2.5 2015-08-24
[SUSPECTED ] Halifax - MonthlySYSS-2015-061 Wirecard Checkout Page - Improper Validation of Integrity Check Value 2015-11-13
[Suspected Spam] AnvSoft Any Video Converter 4.3.6 - Multiple Buffer Overflow Vulnerabilities 2012-04-08t2'12: Call for Papers 2012 (Helsinki / Finland) 2012-05-11
[Suspected Spam] Astaro Command Center v2.x - Multiple Web Vulnerabilities 2012-04-03t2'13: Call for Papers 2013 (Helsinki / Finland) 2013-06-11
[Suspected Spam] Astaro Command Center v2.x - Multiple Web Vulnerabilities 2012-04-08t2'14: Call for Papers 2014 (Helsinki / Finland) 2014-05-19
[Suspected Spam] Astaro Security Gateway v7.504 - Multiple Web Vulnerabilities 2012-04-08t2â?²11 Challenge to be released 2011-09-10 10:00 EEST 2011-09-04
[Suspected Spam] Barracuda CudaTel v2.0.029.1 - Multiple Web Vulnerabilities 2012-03-08tallison apache org 
[Suspected Spam] Barracuda Spam/Virus WAF 600 - Multiple Web Vulnerabilities 2012-01-20Taser Axon Dock (Body-Worn Camera Docking Station) v3.1 - Authentication Bypass 2016-08-15
[Suspected Spam] Barracuda WAF 660 v7.6.0.028 - Cross Site Vulnerability 2012-03-08TCExam Edit Cross-Site Scripting 2012-08-13
[Suspected Spam] Bart`s CMS - SQL Injection Vulnerability 2012-01-23TCExam Edit SQL Injection 2012-08-14
[Suspected Spam] Content Papst CMS v2011.2 - Multiple Web Vulnerabilities 2011-12-18TconZERO (prodotto.php?idprodotto) Remote SQL injection Vulnerability 2011-08-26
[Suspected Spam] Cyberoam UTM v10.01.2 build 059 - File Include Vulnerabilities 2012-04-15TCPing 2.1.0 Buffer Overflow 2015-11-01
[Suspected Spam] DHTMLX Suite v.3.0 - Multiple Web Vulnerabilities 2012-04-12TC-SA-2011-01: Multiple vulnerabilities in OmniTouch Instant Communication Suite 2011-10-24
[Suspected Spam] eFront Community++ v3.6.10 - Multiple Web Vulnerabilities 2012-02-09TC-SA-2011-02: Multiple web-vulnerabilities in iTop version 1.1.181 2011-11-21
[Suspected Spam] eFront Community++ v3.6.10 - SQL Injection Vulnerability 2012-02-11TC-SA-2012-01: Multiple web-vulnerabilities in ownCloud 3.0.0 2012-04-18
[Suspected Spam] Endian UTM Firewall v2.4.x & v2.5.0 - Multiple Web Vulnerabilities 2012-03-01TC-SA-2013-01: Reflected Cross-Site-Scripting (XSS) vulnerability in e107 CMS v1.0.2 2013-04-03
[Suspected Spam] eSyndiCat Pro v2.4.1 - Multiple Web Vulnerabilities 2012-06-14TeamSHATTER Security Advisory: Buffer Overflow in Oracle Database (CTXSYS.DRVDISP.TABLEFUNC_ASOWN function) 2011-10-21
[Suspected Spam] FlashFXP v4.1.8.1701 - Buffer Overflow Vulnerability 2012-03-01TeamSHATTER Security Advisory: Cross-site scripting in Oracle EM (advReplicationAdmin) (CVE-2013-0355) 2013-02-21
[Suspected Spam] Havalite CMS v1.0.4 - Multiple Web Vulnerabilities 2012-04-23TeamSHATTER Security Advisory: Database Vault Account Management Vulnerabilites 2011-10-21
[Suspected Spam] IPhone TreasonSMS - HTML Inject & File Include Vulnerability 2012-04-23TeamSHATTER Security Advisory: HTTP Response Splitting in Oracle EM (policyViewSettings) (CVE-2013-0354) 2013-02-21
[Suspected Spam] Swoopo Gold Shop CMS v8.4.56 - Multiple Web Vulnerabilities 2012-06-14TeamSHATTER Security Advisory: Oracle EM Segment Advisor Arbitrary URL redirection/phishing (CVE-2012-3219) 2013-02-21
[Suspected Spam] Swoopo Gold Shop CMS v8.4.56 - Multiple Web Vulnerabilities 2012-06-15TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (metricDetail$type page) 2011-07-27
[SUSPICIOUS MESSAGE] PleaseTeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (notifRuleInfo$mode page) 2011-07-27
[SYSS-2014-011] FancyFon FAMOC - Cross-Site Scripting 2015-01-27TeamSHATTER Security Advisory: Oracle Enterprise Manager vulnerable to XSS (sitemap page) 2011-07-27
[SYSS-2014-012] FancyFon FAMOC - Session Fixation 2015-01-27TeamSHATTER Security Advisory: Privilege escalation via internal sql injection in RESTORE DATABASE command 2012-04-11
[SYSS-2014-013] FancyFon FAMOC - Use of a One-Way Hash without a Salt 2015-01-27TeamSHATTER Security Advisory: SQL Injection in Oracle EM (advReplicationAdmin) (CVE-2013-0372) 2013-02-21
[SYSS-2015-001] Kaspersky Endpoint Security - Authentication Bypass 2015-10-01TeamSHATTER Security Advisory: SQL Injection in Oracle EM (dBClone) (CVE-2013-0374) 2013-02-21
[SYSS-2015-002] Kaspersky Endpoint Security - Use of One-Way Hash withouth a Salt 2015-10-01TeamSHATTER Security Advisory: SQL Injection in Oracle EM (Resource Manager) (CVE-2013-0358) 2013-02-21
[SYSS-2015-003] Kaspersky Small Office Security - Authentication Bypass 2015-10-01TeamSHATTER Security Advisory: SQL Injection in Oracle EM (streams queue) (CVE-2013-0373) 2013-02-21
[SYSS-2015-004] Kaspersky Small Office Security - Use of One-Way Hash withouth a Salt 2015-10-01TeamSHATTER Security Advisory: SQL Injection Vulnerability in Oracle DROP INDEX for spatial datatypes 2011-10-21
[SYSS-2015-005] Kaspersky Total Security - Authentication Bypass 2015-10-01TeamSpeak Client <= 3.0.18.1 RFI, Directory Traversal to RCE 2015-10-22
[SYSS-2015-006] Kaspersky Total Security - Use of One-Way Hash withouth a Salt 2015-10-01TeempIp XSS Cookie Theft 2016-10-03
[SYSS-2015-007] Kaspersky Internet Security - Authentication Bypass 2015-10-01Techsoft Web Solutions CMS 2016 Q2 - SQL Injection Web Vulnerability 2016-04-04
[SYSS-2015-008] Kaspersky Internet Security - Use of One-Way Hash withouth a Salt 2015-10-01Techsoft WS CMS (2016 Q2) - SQL Injection Web Vulnerability 2016-04-07
[SYSS-2015-009] Kaspersky Anti-Virus - Authentication Bypass 2015-10-01tekno.Portal 0.1b - SQLi Vulnerability in "anket.php" 2012-07-26
[SYSS-2015-010] Kaspersky Anti-Virus - Use of One-Way Hash withouth a Salt 2015-10-01Tekno.Portal v0.1b 'link.php' Blind SQL Injection Vulnerability 2012-08-01
[SYSS-2015-016] Avaya one-X® Agent - Hard-coded Cryptographic Key 2015-09-03Telegram (API) - Cross Site Request Forgery Vulnerabilities 2016-01-27
[SYSS-2015-020] ZENWorks Mobile Management - Cross-Site Scripting 2015-06-12Telisca IPS Lock 2 Vulnerability 2016-04-25
[SYSS-2015-025] Netop Remote Control - Insufficiently Protected Credentials 2015-08-24Telus Actiontec T2200H Modem Input Validation Flaw Allows Elevated Shell Access 2016-08-18
[SYSS-2015-026] Denial of Service (CWE-730) and Overly Restrictive Account Lockout Mechanism (CWE-645) in Page2Flip Premium App 2.5 2015-08-24TELUS Security Labs VR - Oracle Java Web Start Command Argument Injection Remote Code Execution 2012-02-15
[SYSS-2015-027] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5 2015-08-24TEMENOS T24 R07.03 Authentication Bypass 2012-07-30
[SYSS-2015-028] Cross-Site Scripting (CWE-79) in Page2Flip Premium App 2.5 2015-08-24TEMENOS T24 R07.03 Reflected Cross-Site Scripting 2012-07-30
[SYSS-2015-029] Insecure Direct Object Reference (CWE-932) in Page2Flip Premium App 2.5 2015-08-24TestLink 1.9.14 CSRF Vulnerability 2015-11-08
[SYSS-2015-030] Improper Handling of Insufficient Privileges (CWE-274) in Page2Flip Premium App 2.5 2015-08-24TestLink 1.9.14 Persistent XSS 2015-11-08
[SYSS-2015-031] sysPass - SQL Injection 2015-07-13TestLink Security Advisory - Multiple XSS Vulnerabilities - CVE-2015-7391 2015-10-07
[SYSS-2015-032] Broken Authentication and Session Management (CWE-930) in Page2Flip Premium App 2.5 2015-08-24TestLink Security Advisory - SQL Injection Vulnerability - CVE-2015-7390 2015-10-07
[SYSS-2015-034] MATESO Password Safe and Repository Enterprise - SQL Injection 2015-10-12Tftpd32 DHCP Server Denial Of Service Vulnerability 2012-05-21
[SYSS-2015-037] MATESO Password Safe and Repository Enterprise - Insufficiently Protected Credentials 2015-10-12Tftpd32 DNS Server Denial Of Service Vulnerability 2012-05-26
[SYSS-2015-039] CSRF in OpenText Secure MFT 2015-10-02ThaiWeb CMS 2015Q3 - SQL Injection Web Vulnerability 2015-07-23
[SYSS-2015-041] XSS in OpenText Secure MFT 2015-08-19The history of a -probably- 13 years old Oracle bug: TNS Poison 2012-04-18
[SYSS-2015-046] sysPass - Insecure Direct Object References (CWE-932) 2015-12-07The LAD Melbourne Cms Sql Injection Vulnerability 2011-08-15
[SYSS-2015-047] sysPass - Cross-Site Scripting (CWE-79) 2015-12-07The story of the Linux kernel 3.x... 2012-05-15
[SYSS-2015-053] innovaphone IP222/IP232 - Denial of Service 2016-03-04THE STUDIO (prod.php?id) Remote SQL injection Vulnerability 2011-08-06
[SYSS-2015-055] Novell Filr - Cross-Site Scripting (CWE-79) 2016-02-19the week of silly PoCs continues: data://www.mybank.com/ 2011-12-09
[SYSS-2015-056] Thru Managed File Transfer Portal 9.0.2 - SQL Injection 2016-02-19Thijs Kinkhorst (thijs debian org) 
[SYSS-2015-057] Thru Managed File Transfer Portal 9.0.2 - Cross-Site Scripting 2016-02-19things you can do with downloads 2012-05-30
[SYSS-2015-058] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (CWE-932) 2016-02-19This vulnerability is being disclosed publicly without a patch in accordance with the ZDI 180 day deadline. 2012-08-22
[SYSS-2015-058] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) 2016-03-04Thomson Reuters FATCA - Arbitrary File Upload 2015-08-07
[SYSS-2015-059] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (CWE-932) 2016-02-19Thomson TWG850 Wireless Router Multiple Vulnerabilities 2016-03-09
[SYSS-2015-059] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) 2016-03-04ThreeDify Designer ActiveX control Insecure Method 2011-08-03
[SYSS-2015-060] Thru Managed File Transfer Portal 9.0.2 - Improperly Implemented Security Check for Standard (CWE-358) 2016-02-19ThreeDify Designer ActiveX control multiple buffer overflow vulnerabilities 2011-08-03
[SYSS-2015-060] Thru Managed File Transfer Portal 9.0.2 - Improperly Implemented Security Check for Standard (REVISED) 2016-03-04Thycotic Password Manager Secret Server iOS Application - MITM SSL Certificate Vulnerability 2015-05-27
[SYSS-2015-062] ownCloud - Information Exposure Through Directory Listing (CWE-548) 2016-02-19TigerCom My Assistant v1.1 iOS - File Include Vulnerability 2014-06-03
[SYSS-2015-062] ownCloud Information Exposure Through Directory Listing (CVE-2016-1499) 2016-01-07Tiki Wiki CMS Groupware <= 8.2 (snarf_ajax.php) Remote PHP Code Injection 2011-12-23
[SYSS-2015-063] OpenCms - Cross Site Scripting 2016-02-22Tiki Wiki CMS Groupware Multiple XSS vulnerabilities 2011-11-17
[SYSS-2015-064] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (CWE-932) 2016-02-19Tiki Wiki CMS Groupware Stored Cross-Site-Scripting 2011-12-20
[SYSS-2015-064] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) 2016-03-04Tim Schughart (t schughart prosec-networks com) 
[SYSS-2015-066] perfact::mpa - Cross-Site Scripting 2016-02-29TimeClock - Multiple SQL Injections 2016-02-02
[SYSS-2015-067] perfact::mpa - Insecure Direct Object References 2016-02-29Timesheet Next Gen 1.5.2 Multiple SQLi 2012-03-02
[SYSS-2015-069] perfact::mpa - Insecure Direct Object References 2016-02-29Tinyguestbook XSS 2012-01-03
[SYSS-2015-070] perfact::mpa - Cross-Site Scripting 2016-02-29TLS/SSL Compatibility Report 2011 2011-09-22
[SYSS-2015-071] perfact::mpa - Cross-Site Request Forgery 2016-02-29T-Mobile Internet Manager - DLL Hijacking (mfc71enu.dll) 2015-02-11
[SYSS-2015-072] perfact::mpa - Insecure Direct Object References 2016-02-29TomatoCart 1.x | Unrestricted File Creation 2013-01-04
[SYSS-2015-073] perfact::mpa - URL Redirection to Untrusted Site 2016-02-29ToorCamp 2012: The American Hacker Camp 2012-04-25
[SYSS-2016-009] Sophos UTM 525 Web Application Firewall - Cross-Site Scripting in 2016-03-01ToorCon 13 Call For Papers 2011-08-18
[SYSS-2016-016] innovaphone IP222 - Improper Input Validation 2016-03-24ToorCon 16 Call For Papers! 2014-08-20
[SYSS-2016-017] innovaphone IP222 - Improper Input Validation 2016-03-24Tor Browser Bundle for Linux (2.2.35-8) "EVIL bug" 2012-03-19
[SYSS-2016-018] innovaphone IP222 - Improper Restriction of Excessive Authentication Attempts 2016-03-24Torque Server Buffer Overflow Vulnerability 2011-07-13
[SYSS-2016-031] CHERRY B.UNLIMITED AES - Missing Protection against Replay Attacks 2016-07-29Toshiba ConfigFree CF7 File Remote Command Execution 2012-09-21
[SYSS-2016-032] CHERRY B.UNLIMITED AES - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) 2016-07-29Toshiba ConfigFree CF7 File Stack Buffer Overflow (Comment Field 2012-09-21
[SYSS-2016-033] Microsoft Wireless Desktop 2000 - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) 2016-10-10Toshiba ConfigFree CF7 File Stack Buffer Overflow (ProfileName) 2012-09-21
[SYSS-2016-038] CHERRY B.UNLIMITED AES - Keystroke Injection Vulnerability 2016-07-29Total Quality Machines (productdetail.php) SQL Injection Vulnerabilities 2012-04-14
[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2016-10-10Total Shop UK eCommerce Generic Cross-Site Scripting 2012-08-13
[SYSS-2016-043] Microsoft Wireless Desktop 2000 - Cryptographic Issues (CWE-310), Insufficient Protection against Replay Attacks 2016-10-11Totemomail v4.x & v5.x - Filter Bypass & Persistent Vulnerability 2016-04-25
[SYSS-2016-044] Logitech K520 - Insufficient Protection against Replay Attacks 2016-07-29TP Link Gateway v3.12.4 - Multiple Web Vulnerabilities 2012-07-11
[SYSS-2016-045] Perixx PERIDUO-710W - Insufficient Protection of Code (Firmware) and Data (Cryptographic Key) 2016-07-29TPTI-11-06: Oracle Java ICC Profile rcs2 Tag Parsing Remote Code Execution Vulnerability 2011-06-15
[SYSS-2016-046] Perixx PERIDUO-710W - Missing Protection against Replay Attacks 2016-07-29TPTI-11-07: Adobe Shockwave iml32.dll CSWV Chunk Parsing Remote Code Execution Vulnerability 2011-06-15
[SYSS-2016-047] Perixx PERIDUO-710W - Keystroke Injection Vulnerability 2016-07-29TPTI-11-08: Adobe Shockwave iml32.dll DEMX Chunk GIF Parsing Remote Code Execution Vulnerability 2011-06-15
[SYSS-2016-048] QNAP QTS - OS Command Injection 2016-08-18TPTI-11-10: Adobe Shockwave dirapi.dll rcsL Chunk Parsing Remote Code Execution Vulnerability 2011-06-15
[SYSS-2016-049] QNAP QTS - Persistent Cross-Site Scripting 2016-08-18TPTI-11-11: Adobe Shockwave Lnam Chunk Parsing Remote Code Execution Vulnerability 2011-06-15
[SYSS-2016-050] QNAP QTS - Persistent Cross-Site Scripting 2016-08-18TPTI-11-12: McAfee SaaS MyAsUtil5.2.0.603.dll SecureObjectFactory Instantiation Design Flaw Remote Code Execution Vulnerability 2011-08-08
[SYSS-2016-051] QNAP QTS - Reflected Cross-Site Scripting 2016-08-18TPTI-11-13: McAfee SaaS myCIOScn.dll Scan Method Script Injection Remote Code Execution Vulnerability 2011-08-08
[SYSS-2016-052] QNAP QTS - OS Command Injection 2016-08-18TPTI-12-01 : Oracle Java True Type Font IDEF Opcode Parsing Remote Code Execution Vulnerability 2012-02-22
[SYSS-2016-053] QNAP QTS - Arbitrary File Overwrite 2016-08-18Traffic amplification via Quake 3-based servers 2012-03-26
[SYSS-2016-054] QNAP QTS - OS Command Injection 2016-08-18Training : Advanced Android & iOS Hands-on Exploitation at Toorcon San Diego [16th-17th Oct,2013] 2013-10-15
[SYSS-2016-055] QNAP QTS - OS Command Injection 2016-08-18Trend Micro (Account) - Email Spoofing Web Vulnerability 2016-04-26
[SYSS-2016-059] Microsoft Wireless Desktop 2000 - Insufficient Verification of Data Authenticity (CWE-345) 2016-07-29Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability 2016-03-31
[SYSS-2016-060] Logitech M520 - Insufficient Verification of Data Authenticity (CWE-345) 2016-09-30Trend Micro Deep Discovery Authentication Bypass 2015-08-19
[SYSS-2016-063] VMware ESXi 6 - Improper Input Validation (CWE-20) 2016-08-05Trend Micro Deep Discovery XSS 2015-08-19
[SYSS-2016-064] Multi Kon Trade M2B GSM Wireless Alarm System - Improper Restriction of Excessive Authentication Attempts (CWE-307) 2016-11-24Trend Micro Direct Pass - Filter Bypass & Cross Site Scripting Vulnerability 2016-05-10
[SYSS-2016-065] NASdeluxe NDL-2400r: OS Command Injection 2016-08-04Trend Micro Direct Pass - Filter Bypass & Persistent Web Vulnerability 2016-01-28
[SYSS-2016-066] Multi Kon Trade M2B GSM Wireless Alarm System - Missing Protection against Replay Attacks 2016-11-24Trend Micro DirectPass 1.5.0.1060 - Multiple Vulnerabilities 2013-05-21
[SYSS-2016-067] NetIQ Access Manager (iManager) - Temporary Second Order Cross-Site Scripting (CWE-79) 2016-08-17TrendMicro DDI Cross Site Request Forgerys 2016-03-26
[SYSS-2016-068] Fujitsu Wireless Keyboard Set LX901 - Cryptographic Issues (CWE-310), Missing Protection against Replay Attacks 2016-10-10TRENDnet SecurView TV-IP121WN Wireless Internet Camera UltraMJCam ActiveX Control OpenFileDlg WideCharToMultiByte Remote Stack Buffer Overflow 2012-03-28
[SYSS-2016-071] Blaupunkt Smart GSM Alarm SA 2500 Kit - Missing Protection against Replay Attacks 2016-11-24Trigerring Java code from a SVG image 2012-05-15
[SYSS-2016-072] Olympia Protect 9061 - Missing Protection against Replay Attacks 2016-11-23Trimble® Infrastructure GNSS Series Receivers Cross Site Scripting (XSS) vulnerability 2013-01-15
[SYSS-2016-106] EASY HOME Alarmanlagen-Set - Missing Protection against Replay Attacks 2016-11-23Trusteer Rapport and anti-keylogging 2011-09-21
[SYSS-2016-107] EASY HOME Alarmanlagen-Set - Cryptographic Issues (CWE-310) 2016-11-24TTW (ricetta.php?id) Remote SQL injection Vulnerability 2011-09-04
[The ManageOwnage Series, part II]: User credential disclosure in ManageEngine DeviceExpert 2014-08-27Tugux CMS 1.2 Multiple vulnerability (BLIND sql & xss) 2011-07-12
[The ManageOwnage Series, part IX]: 0-day arbitrary file download in NetFlow Analyzer and IT360 2014-11-30Tweet-wheel XSS Vulnerability 2016-04-23
[The ManageOwnage Series, part V]: RCE / file upload / arbitrary file deletion in OpManager, Social IT and IT360 2014-09-27TWiki Security Advisory - XSS Vulnerability - CVE-2014-9325 2014-12-19
[The ManageOwnage Series, part VI]: 0day database info and superuser credential disclosure in EventLog Analyser 2014-11-05TWiki Security Advisory - XSS Vulnerability - CVE-2014-9367 2014-12-19
[The ManageOwnage Series, part VII]: Super admin privesc + password DB dump in Password Manager Pro 2014-11-08Twitter App 5.0 vulnerable to eavesdropping 2012-11-20
[The ManageOwnage series, part VIII]: Remote code execution and blind SQLi in OpManager, Social IT and IT360 2014-11-09Two Cross-Site Scripting (XSS) Vulnerabilities in Seo Panel 2014-05-16
[The ManageOwnage Series, part X]: 0-day administrator account creation in Desktop Central 2014-12-31Two Instagram Android App Security Vulnerabilities 2013-08-28
[The ManageOwnage Series, part XI]: Remote code execution in ServiceDesk, Asset Explorer, Support Center and IT360 2015-01-04Two Reflected Cross-Site Scripting (XSS) Vulnerabilities in Forma Lms 2014-11-05
[The ManageOwnage Series, part XII]: Multiple vulnerabilities in FailOverServlet (OpManager, AppManager, IT360) 2015-01-28Two Reflected XSS Vulnerabilities in Calls to Action WordPress plugin 2015-12-02
[Tool] DoS for OpenSLP (and others) 2011-07-26Two Reflected XSS Vulnerabilities in Easing Slider WordPress Plugin 2015-02-11
[TSI-ADV-1201] Path Traversal on Polycom Web Management Interface 2012-03-05Two Remote Code Execution Vulnerabilities in Internet Explorer 2011-10-12
[TSI-ADV-1202] Polycom Web Management Interface O.S. Command Injection 2012-03-05Two security issues fixed in ioQuake3 engine 2011-07-28
[waraxe-2012-SA#080] - Multiple Vulnerabilities in NextBBS 0.6.0 2012-03-27Two Vulnerabilities in NetworkMiner : DLL Hijacking + Directory Traversal 2013-08-07
[waraxe-2012-SA#081] - Multiple Vulnerabilities in Coppermine 1.5.18 2012-03-29Two XSS in Contact Form DB WordPress plugin 2014-10-08
[waraxe-2012-SA#082] - File Existence Disclosure in Uploadify 3.0.0 2012-04-05Two XSS vulnerabilities in Simple Security WordPress Plugin 2015-01-14
[waraxe-2012-SA#084] - Multiple Vulnerabilities in OpenCart 1.5.2.1 2012-04-06Two XSS Vulnerabilities in SupportCenter Plus 2015-01-28
[waraxe-2012-SA#085] - Reflected XSS in Uploadify Integration Wordpress plugin 2012-04-06TWSL2011-006: IBM Web Application Firewall Bypass 2011-06-21
[waraxe-2012-SA#086] - Local File Inclusion in Invision Power Board 3.3.0 2012-04-12TWSL2011-007: iOS SSL Implementation Does Not Validate Certificate Chain 2011-07-25
[waraxe-2012-SA#087] - Reflected XSS in Joomla 1.5.26 "ja_purity" template 2012-05-03TWSL2011-008: Focus Stealing Vulnerability in Android 2011-08-08
[waraxe-2012-SA#088] - Reflected XSS in Joomla 2.5.4 admin sysinfo page 2012-05-03TWSL2011-013: Multiple Vulnerabilities in IceWarp Mail Server 2011-09-23
[waraxe-2012-SA#089] - Multiple Vulnerabilities in TorrentTrader 2.08 2012-09-17TWSL2011-014: Vulnerability in Pantech Web Browser SSL Implementation 2011-09-23
[waraxe-2012-SA#090] - Insecure SSL Connection in Thomson SpeedTouch ST780 2012-09-25TWSL2011-017: Multiple Vulnerabilities in Merethis Centreon 2011-11-07
[waraxe-2012-SA#092] - Multiple Vulnerabilities in Wordpress Slideshow Plugin 2012-10-17TWSL2011-018: Authentication Bypass Vulnerability in IBM TS3100/TS3200 Web User Interface 2011-12-20
[waraxe-2012-SA#093] - Multiple Vulnerabilities in Wordpress Social Discussions Plugin 2012-10-17TWSL2011-019: Cross-Site Scripting Vulnerability in phpMyAdmin 2011-12-22
[waraxe-2012-SA#094] - Multiple Vulnerabilities in Wordpress GRAND Flash Album Gallery Plugin 2012-10-24TWSL2012-001: Cross-Site Scripting Vulnerability in Textpattern Content Management System 2012-01-04
[waraxe-2012-SA#095] - Multiple Vulnerabilities in Wordpress FoxyPress Plugin 2012-10-30TWSL2012-002: Multiple Vulnerabilities in WordPress 2012-01-24
[waraxe-2013-SA#098] - Directory Traversal Vulnerabilities in OpenCart 1.5.5.1 2013-03-19TWSL2012-003: Cross-Site Scripting Vulnerability in Movable Type Publishing Platform 2012-02-24
[waraxe-2013-SA#099] - Update Spoofing Vulnerability in LibreOffice 4.0.1.2 2013-03-21TWSL2012-008: Multiple Vulnerabilities in Scrutinizer NetFlow & sFlow Analyzer 2012-04-12
[waraxe-2013-SA#103] - Multiple Vulnerabilities in phpMyAdmin 2013-04-24TWSL2013-004: Group Name Enumeration Vulnerability in Cisco IKE Implementation 2013-04-18
[waraxe-2013-SA#104] - Multiple Vulnerabilities in Spider Event Calendar Wordpress Plugin 2013-05-22Typesettercms v5.0.1 - (Delete Files) CSRF Vulnerability 2016-08-05
[waraxe-2013-SA#105] - Multiple Vulnerabilities in Spider Catalog Wordpress Plugin 2013-05-22TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4 2016-05-19
[waraxe-2013-SA#106] - Multiple Vulnerabilities in Saurus CMS 4.7.1 2013-07-14UAC Bypass Vulnerability on "Windows 7" in Windows Script Host 2015-08-27
[Win32-API] SetNamedSecurityInfo() IGNORES and DESTROYS protected DACLs/SACLs 2012-06-19Ubiquiti Networks Bug Bounty #9 - Invoice Persistent Vulnerabilities 2016-02-22
[WorldCIST'15]: Call for Workshops Proposals - Proceedings by Springer 2014-08-07UBNT Bug Bounty #1 - Client Side Cross Site Scripting Vulnerability 2015-08-20
[WorldCIST'15]: Call for Workshops Proposals; Proceedings by Springer - Indexed by ISI, Scopus, DBLP, etc. 2014-08-25UBNT Bug Bounty #2 - XML External Entity Vulnerability 2016-04-25
[ZDI-15-396] ManageEngine ServiceDesk Plus remote code execution 2015-10-02UBNT Bug Bounty #3 - Persistent Filename Vulnerability 2015-08-20
{CVE-ID request} - OCS-Inventory-NG Multiple Stored Cross Site Scripting Vulnerabilities. 2014-07-07Ubuntu, Linux Mint, and the Guest Account 2012-05-05
{Lostmon´s Group} Elgg 1.8 beta2 and prior to 1.7.11 'container_guid' and 'owner_guid' SQL Injection 2011-08-15Ubuntu: reseed(8), random.org, and HTTP request 2011-07-06
<BASE> tag used for hijacking external resources (XSS) 2011-12-15UDID v1.0 iOS - Persistent Mail Encode Vulnerability 2015-09-22
0A29-11-1 : Cross-Site Scripting vulnerabilities in HP Network Node Manager i 9.10 2011-11-23UDID+ v2.5 iOS - Mail Command Inject Vulnerability 2015-07-17
0A29-11-2 : Privilege escalation vulnerability in HP Application Lifestyle Management (ALM) Platform v11 2011-12-08Ultimate PHP Board (UPB) 2.2.7 Cross Site Scripting Vulnerability 2015-03-05
0A29-11-3 : Cross-Site Scripting vulnerabilities in Nagios XI < 2011R1.9 2011-12-14Ultra Electronics / AEP Networks - SSL VPN (Netilla / Series A / Ultra Protect) Vulnerabilities 2014-10-02
0A29-11-4 : Privilege escalation vulnerabilities in Nagios XI installer < 2011R1.9 2011-12-14UltraEdit v22.20 - Buffer Overflow Vulnerability 2015-09-23
0A29-12-1 : Cross-Site Scripting vulnerabilities in Nagios XI < 2011R3.0 2012-06-14Unauthenticated Arbitrary Directory Dump in BMC BladeLogic Server Automation 2016-09-04
0A29-12-2 :Metasploit 'pcap_log' plugin privilege escalation vulnerability 2012-07-16Unauthenticated command execution on Netgear DGN devices 2013-05-31
0day full - Free Monthly Websites v2.0 - Multiple Web Vulnerabilities 2013-02-04Unauthenticated Reflected XSS vulnarbility in Asus RT-N10 Plus router 2015-01-29
0-day vulnerabilities in Call of Duty MW3 and CryEngine 3 2012-11-14Unauthenticated remote access to D-Link DCS cameras 2013-01-28
0-day: QNAP NAS Devices suffer of heap overflow 2016-12-31Unauthenticated remote code execution on D-Link ShareCenter products 2012-02-08
1 Click Audio Converter v2.3.6 - Activex Buffer Overflow 2015-06-05Unauthenticated SQL Injection in Huge-IT Video Gallery v1.0.9 for Joomla 2016-09-21
1 Click Extract Audio v2.3.6 - Activex Buffer Overflow 2015-06-05Unauthorized console access on Satechi travel router v1.5 2013-11-22
11in1 CMS v1.2.1 - SQL Injection Vulnerabilities 2012-03-05Unchecked Buffer in Microchip TCP/IP Stack Could Allow Remote Code Execution 2013-04-30
15 TOTOLINK router models vulnerable to multiple RCEs 2015-07-15Unicorn Router WB-3300NR CSRF (Factory Reset/DNS Change) 2013-10-30
16TH AVAR INTERNATIONAL SECURITY CONFERENCE 2013 - (4th-7th Dec'13, Chennai. India) 2013-11-19UNIT4 Prosoft HRMS XSS Vulnerability 2015-02-13
2 Buffer Overflows in Wireless Manager Sony VAIO 2012-05-30Universal Reader Filename Denial Of Service Vulnerability 2012-05-12
2012 Honeynet Project Security Workshop 2012-02-16Unlimited Pop-Ups WordPress Plugin XSS Vulnerability 2016-04-23
28C3: CFP for 28th Chaos Communication Congress 2011-09-08unlimitsec gmail com 
29C3: Call for Participation for 29th Chaos Communication Congress 2012-08-03Unpatched IIS Vulnerabilities / Microsoft July Security Bulletin 2012-07-16
2wire password reset module 2011-06-22Untrusted Pointer Dereference Vulnerability in Corel WordPerfect X6 2013-03-07
30C3 Call for Participation 2013-08-28Update: CVE-2014-0053 Information Disclosure when using Grails 2014-02-27
4 TOTOLINK router models vulnerable to CSRF and XSS attacks 2015-07-15Update: Linksys EA2700, EA3500, E4200v2, EA4500 Unspecified unauthenticated remote access 2013-08-15
44Café 23rd April details 2013-04-22Updated - CA20121018-01: Security Notice for CA ARCserve Backup 2013-01-14
6House Design (product_details.php?id) Remote SQL injection Vulnerability 2011-08-06Upload directory traversal in Novell ZenWorks Handheld Management 7.0.2 2011-06-27
7sepehr CMS 2012 - Multiple SQL Injection Vulnerabilities 2012-08-12URL Redirection Vulnerability In Verint Impact 360 2016-11-08
802.1X password exploit on many HTC Android devices 2012-02-01US DoD's Dc3dd v7.2.6 suffers from a Buffer Overflow vulnerability - Advanced Information Security Corporation - Zero Day Research 2015-10-14
A comprehensive study of Huawei 3G routers - XSS, CSRF, DoS, unauthenticated firmware update, RCE 2015-10-07US-CERT Alert TA13-088A: DNS Amplification Attacks 2013-03-29
A1 Solutions (cat_sell.php?cid) Remote SQL injection Vulnerability 2011-07-28Use-After-Free in PHP 2015-06-10
Aastra IP Telephone encrypted .tuz configuration file leakage 2013-01-03Useless OpenSSH resources exhausion bug via GSSAPI 2011-08-04
Abarkam (detail.php?input) Remote SQL injection Vulnerability 2011-09-03UTA EDU University ENG - SQL Injection Vulnerability 2013-08-29
AbsoluteTelnet 10.14 DLL Hijack Code Exec 2016-03-21Valid tiny-erp <= 1.6 SQL Injection Vulnerability 2011-11-19
ABUS TVIP 11550/21550 Multiple vulnerabilities (and possibly other ABUS cams) 2011-10-08Validation Bypass in C2Box application : CVE - 2015-4626 2016-03-28
Abusing Oracle's CREATE DATABASE LINK Privilege for fun and Profit 2014-07-08ValtNet (photogallery.html?id_categoria) Remote SQL injection Vulnerability 2011-08-19
ACC PHP eMail v1.1 - Multiple Web Vulnerabilites 2012-04-13VaM Shop v1.69 - Multiple Web Vulnerabilities 2012-10-30
AccelSite Content Manager v1.0 - SQL Injection Vulnerability 2016-04-08VamCart v0.9 CMS - Multiple Web Vulnerabilities 2012-07-15
Accentis Content Resource Management System - SQL 2015-11-02Vanctech File Commander 1.1 iOS - Multiple Vulnerabilities 2014-03-31
Accentis Content Resource Management System - XSS 2015-11-02Vbulletin (blog_plugin_useradmin) v4.1.12 Sql Injection Vulnerability 2012-09-18
AccessDiver V4.301 Buffer Overflow 2015-12-26vBulletin <= 5.2.2 Preauth Server Side Request Forgery (SSRF) 2016-08-08
ACROS Blog: Adobe Reader X (10.1.2) msiexec.exe Planting 2012-04-16Vbulletin 4.0.x => 4.1.3 (messagegroupid) SQL injection Vulnerability 2011-07-21
Actiontec WCB3000N (Telus Branded) Local Unauthenticated Privilege Elevation and Password Reset 2016-11-15vBulletin 4.1.10 Sql Injection Vulnerabilitiy 2012-04-04
Active CMS 1.2.0 'mod' Cross-site Scripting Vulnerability 2011-10-06Vbulletin Cms (Sendmessage.php Page) 0Day Exploit 2016-04-13
Acuity CMS 2.6.x <= Arbitrary File Upload 2012-05-20Veeam Backup & Replication Local Privilege Escalation Vulnerability 2015-10-08
Acuity CMS 2.6.x <= Cross Site Scripting 2012-04-17Vega beta release: a new open-source web-application security assessment platform 2011-07-01
Acuity CMS 2.6.x <= Path Traversal Arbitrary File Access 2012-05-20Vegetav (news_item.php?id) Remote SQL injection Vulnerability 2011-07-29
Ad Manager Pro v. 4 Remote FLI 2012-08-23Verax NMS Hardcoded Private Key (CVE-2013-1352) 2013-03-06
AdaCore Security Advisory SA-2012-L119-003 Hash collisions in AWS 2012-01-27Verax NMS Password Disclosure (CVE-2013-1631) 2013-03-06
AdaptCMS 2.0.1 Multiple security vulnerabilities 2011-09-26Verax NMS Password Replay Attack (CVE-2013-1351) 2013-03-06
ADICO CMS v1.1 - Blind SQL Injection Vulnerability 2012-06-14VertrigoServ 2.25 Cross-Site-Scripting vulnerability 2012-01-05
Admidio 2.3.5 Multiple security vulnerabilities 2012-09-01viagra generic singapore 2015-07-30
Admin Password Reset & RCE via CSRF in Dating Pro 2016-03-18Vicon Network Cameras - Authentication Bypass 2016-07-28
admin@evolution-sec.com (admin evolution-sec com) Video WiFi Transfer 1.01 - Directory Traversal Vulnerability 2014-08-04
AdNovum NevisWeb Security Proxy Vulnerability - Cross-site scripting (XSS) within 302 Redirections 2012-06-14VideoCharge Studio v2.12.3.685 cc.dll CHTTPResponse::GetHttpResponse() Buffer Overflow Remote Code Execution 2014-02-19
Adobe - Multiple Client Side Cross Site Scripting Web Vulnerabilities 2016-02-19VideoLAN VLC Media Player <= 2.0.4 Crash Bug 2012-11-05
Adobe Animate <= v15.2.1.95 Memory Corruption Vulnerability 2016-12-14vincent ruijter kpn com 
Adobe Photoshop CS5.1 U3D.8BI Library Collada Asset Elements Stack Based Buffer Overflow Vulnerability 2012-05-10Virtual Freer v1.58 - Client Side Cross Site Scripting Vulnerability 2016-04-07
Adobe Premiere Clip v1.1.1 iOS - (cid:x) Filter Bypass & Persistent Software Vulnerability 2015-11-18Virtualismi (prodotto.php?id) Cross Site Scripting Vulnerabilities 2011-09-02
Adobe Reader XI versions are vulnerable to a heap overflow 2013-01-29Visual Tools DVR multiple vulnerabilities 2012-10-15
Adobe Shockwave Player Remote Code Execution (CVE-2012-2029) 2012-05-09Vivint Sky Control Panel Unauthenticated Access Vulnerability 2016-03-01
Adobe Shockwave Player Remote Code Execution (CVE-2012-2030) 2012-05-09VLC media player v1.1.11 (.amr) Local Crash PoC 2012-01-04
Adobe Shockwave Player Remote Code Execution (CVE-2012-2031) 2012-05-09VLC Player 2.0.3 <= ReadAV Arbitrary Code Execution (Update) 2012-10-10
AdobeWorkgroupHelper Stack Based Buffer Overflow 2015-10-13VMSA-2011-0011 VMware hosted products address remote code execution vulnerability 2011-10-05
Advanced Electron Forum v1.0.9 CSRF 2016-01-18VMSA-2011-0012 VMware ESXi and ESX updates to third party libraries and ESX Service Console 2011-10-13
Advanced Electron Forum v1.0.9 Persistent XSS 2016-01-18VMSA-2011-0013 VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX 2011-10-28
Advanced Electron Forum v1.0.9 RFI / CSRF 2016-01-18VMSA-2011-0014 VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability 2011-11-18
Advanced Electron Forums (AEF) 1.0.9 <= Cross Site Request Forgery (CSRF) Vulnerability 2011-09-26VMSA-2012-0001 VMware ESXi and ESX updates to third party library and ESX Service Console 2012-01-31
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-07VMSA-2012-0002 VMware vCenter Chargeback Manager Information Leak and Denial of Service 2012-03-09
Advanced Information Security Corporation, Security Advisory (MYSQL v5.6.24 Buffer Overflows) 2015-10-09VMSA-2012-0003 VMware VirtualCenter Update and ESX 3.5 patch update JRE 2012-03-09
Advanced Information Security Corporation, Security Advisory (Oracle's MYSQL v5.6.24 Latest - Buffer Overflows) Repost 2015-10-07VMSA-2012-0004 VMware View privilege escalation and cross-site scripting 2012-03-16
Advantech WebAccess CVE-2014-2368 Unsafe ActiveX Control Remote Security WeaknessVMSA-2012-0005 VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues 2012-03-16
Advisories (advisories compass-security com) VMSA-2012-0007 VMware hosted products and ESXi/ESX patches address privilege escalation 2012-04-13
Advisory 01/2012: Suhosin PHP Extension Transparent Cookie Encryption Stack Buffer Overflow 2012-01-19VMSA-2012-0008 VMware ESX updates to ESX Service Console 2012-04-27
Advisory for MS11-035 / ZDI-11-167 2011-09-13VMSA-2012-0009 VMware Workstation, Player, ESXi and ESX patches address critical security issues 2012-05-03
Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr" 2016-03-09VMSA-2012-0011 VMware hosted products and ESXi and ESX patches address security issues 2012-06-14
Advisory: Android SQLite Journal Information Disclosure (CVE-2011-3901) 2012-05-03VMSA-2012-0013 VMware vSphere and vCOps updates to third party libraries 2012-08-31
Advisory: Arro and Other Android Taxi Hailing Apps Did Not Use SSL (Mobile Knowledge) 2015-12-08VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates 2012-10-10
Advisory: Dolphin Browser HD Cross-Application Scripting 2011-09-20VMware Backdoor ghi.guest.trashFolder.state Uninitialized Memory Potential VM Break 2012-05-04
Advisory: Insufficient Parameter Sanitization in login.live.com (Microsoft) 2015-09-21VMware Backdoor Response Uninitialized Memory Potential VM Break 2012-05-03
Advisory: Opera Mobile Cache Poisoning XAS 2011-09-20VMware High-Bandwidth Backdoor ROM Overwrite Privilege Elevation 2012-03-30
Advisory: sudo 1.8 Format String Vulnerability 2012-01-30VMware Security Response Center (security vmware com) 
Advisory: web-based VM detection and coarse-grained fingerprinting 2015-10-05VMware Tools Multiple Vulnerabilities 2011-06-03
Aeris Calandar v2.1 - Buffer Overflow Vulnerability 2015-12-22VMWare Tools susceptible to binary planting by hijack 2012-09-04
Aerohive Hive Manager and Hive OS Multiple Vulnerabilities 2014-08-28VMWare Zimbra Mailer | DKIM longterm Mail Replay vulnerability 2016-01-30
Agent Image (news_details.php?news_ID) Remote SQL injection Vulnerability 2011-07-27Voice Logger astTECS - bypass login & arbitrary file download 2013-07-16
Ahrare Andeysheh Cms Multiple Vulnerabilities 2016-04-16VoipNow v4.0.1 - (xajax_handler) Persistent Vulnerability 2016-04-26
Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability 2013-07-10vOlk Botnet Framework v4.0 - Multiple Web Vulnerabilities 2012-10-10
Air Drive Plus v2.4 iOS - Arbitrary File Upload Vulnerability 2015-09-22VP2016-001: Remote Command Execution in File Replication Pro 2016-02-10
Air Gallery 1.0 Air Photo Browser - Multiple Vulnerabilities 2013-12-10vTiger CRM 5.2.x <= Blind SQL Injection Vulnerability 2011-10-05
AirDroid ID - Client Side JSONP Callback Vulnerability 2015-07-17vTiger CRM 5.2.x <= Multiple Cross Site Scripting Vulnerabilities 2011-10-04
AirPhoto WebDisk v4.1.0 iOS - Code Execution Vulnerability 2014-04-23vTiger CRM 5.2.x <= Remote Code Execution Vulnerability 2011-10-05
AirSnort v0.2.7 Stack Corruption DOS 2016-08-09Vtiger CRM Authenticated Remote Code Execution (CVE-2015-6000) 2015-09-28
Akeni LAN v1.2.118 - Filter Bypass Vulnerability (Local) 2012-11-18Vulnerabilities in 3S CoDeSys 3.4 SP4 Patch 2 2011-11-29
alex_haynes outlook com Vulnerabilities in Apache Solr < 4.6.0 2013-12-09
Alfazeta (list-prodotti.php?idcategoria) Remote SQL injection Vulnerability 2011-08-24Vulnerabilities in BroadWin WebAccess Client 1.0.0.10 2011-09-02
Alice (Telefonica Germany) Modem 1111 DoS + XSS 2011-07-11Vulnerabilities in Cytel Studio 9 2011-10-03
AlienVault OSSIM 4.3 CSRF 2015-10-26Vulnerabilities in EViews 7.2 2011-09-28
AlienVault OSSIM 4.3 CSRF vulnerability report 2015-10-25Vulnerabilities in Facebook and Facebook Messenger for Android [STIC-2014-0529] 2014-07-29
All in One SEO Pack Plugin for WordPress 1.3.6.4 - 2.0.3 XSS 2013-10-02Vulnerabilities in GenStat 14.1.0.5943 2011-10-03
AllReader v1.0 iOS - Multiple Web Vulnerabilities 2014-06-03Vulnerabilities in PcVue 10 (SCADA) 2011-09-28
AllWebMenus < 1.1.9 WordPress Menu Plugin Arbitrary file upload 2012-01-22vulnerabilities in Samsung Epic 4G Touch with 2.3.6 and probably other Samsung Galaxies 2012-08-16
Almost no resp. only some mitigation(s) for "DLL hijacking" via load-time dependencies 2015-12-21Vulnerabilities in Samsung TV (remote controller protocol) 2012-04-19
Alsovalue CMS 2016Q1 - SQL Injection Web Vulnerability 2016-02-08Vulnerabilities in Serv-U 11.1.0.3 2011-12-04
Alt-N MDaemon Email Body HTML/JS Injection Vulnerability 2013-02-20Vulnerabilities in Siemens Automation License Manager 2011-11-28
Alt-N MDaemon's WebAdmin Remote Code Execution Vulnerability 2013-02-20Vulnerabilities in Siemens SIMATIC WinCC flexible 2008 SP2 2011-11-28
Alt-N MDaemon's WorldClient & WebAdmin Cross-Site Request Forgery Vulnerability 2013-02-20Vulnerabilities in Sunway ForceControl 6.1 sp3 (SCADA) 2011-09-23
Alt-N MDaemon's WorldClient Disclosure of Authentication Credentials Vulnerability 2013-02-20Vulnerabilities in trading and SCADA softwares 2011-09-13
Alt-N MDaemon's WorldClient Predictable Session ID Vulnerability 2013-02-20Vulnerabilities in Winlog 2.07.16 2012-06-28
Alt-N MDaemon's WorldClient Username Enumeration Vulnerability 2013-02-20Vulnerabilities within Mura CMS / Sitecore MCS / SmarterMail 2014-01-28
ALTOGRADO (catalogo.php?id_categoria) Remote SQL injection Vulnerability 2011-08-18Vulnerabilitites in Debian F*EX <= 20100208 and F*EX 20111129-2. 2012-02-20
Amigot Corp (story.php?id) Remote SQL injection Vulnerability 2011-08-09Vulnerability found in Flynax Classifieds products 2011-09-26
An Analysis of the (In)Security State of the GameHouse Game Installation Mechanism 2013-09-19Vulnerability in "Fujitsu Desktop Update" (for Windows) 2013-05-08
Analysis: Vast IPv6 address space actually enables IPv6 attacks 2012-06-08Vulnerability in Microsoft Security Essentials <v4.2 2013-05-04
Andrea Barisani (andrea inversepath com) Vulnerability in Pydio/AjaXplorer < = 5.0.3 2013-11-10
Andreas Stieger (astieger suse com) Vulnerability in Pydio/AjaXplorer <= 5.0.3 2013-11-10
Andrew Klaus (andrewklaus gmail com) vulnerability issue for DB2 express 2013-11-11
Android & iOS Hands-on Exploitation at SyScan 2014 2014-02-20Vulnerability Lab (research vulnerability-lab com) 
Android Bluetooth Pairing Packet Processing Vulnerability(by wangzq from NCNIPC) 2014-09-17Vulnerability Report on AWCM 2.2 2012-11-08
Android Browser Cross-Application Scripting (CVE-2011-2357) 2011-08-02VULNERABLE and COMPLETELY outdated 3rd-party libraries/components used in 3CX Phone 6 2013-05-06
Android DNS poisoning: Randomness gone bad (CVE-2012-2808) 2012-07-24Vulnerable Microsoft VC++ 2005 RTM runtime libraries installed with "Microsoft Security Essentials" (and numerous other Microsoft products) 2013-06-03
Android Fragment Injection vulnerability 2013-12-10Vulnerable Microsoft VC++ 2005 runtime libraries in "Microsoft Live Meeting 2007 Client" installed in private location 2012-07-03
Android ICS "adb restore" directory traversal vulnerability (resending after bounce) 2013-06-20Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by eM client 2012-11-02
Android information leak 2012-04-11Vulnerable MSVC++ 2008 runtime libraries distributed with and installed by Ogg DirectShow filters 2012-10-03
Android KeyStore Stack Buffer Overflow (CVE-2014-3100) 2014-06-23Vulnerable, superfluous/outdated/deprecated/superseded 3rd party OCXs and DLLs distributed by and installed with Dataram RamDisk 4.0.0 2012-11-06
Android NFC Service Denial of Service 2014-07-09VUPEN - Adobe Flash Player "Matrix3D" Integer Overflow Code Execution (APSB12-19) 2012-09-11
Android Superuser shell character escape vulnerability 2013-11-13VUPEN - Microsoft Windows Common Controls MSCOMCTL.OCX Use-after-free (CVE-2012-1856 / MS12-060) 2012-09-11
Android Vulnerability: Install App Without User Explicit Consent 2014-03-10VUPEN - Mozilla Firefox "nsHTMLEditRules" Remote Use-after-free (CVE-2012-3958 / MFSA 2012-58) 2012-09-11
Android wipe unreliable 2012-03-18VUPEN Security Research - Adobe Acrobat & Reader XI-X "AcroBroker" Sandbox Bypass (Pwn2Own) 2014-06-02
Android wireless accepts fake response (No interaction requires) (Vulnerability ?) 2012-03-12VUPEN Security Research - Adobe Acrobat & Reader XI-X Barcode Heap Overflow (Pwn2Own) 2014-05-26
ANNOUNCE: RFIDIOt v1.0d released and code migration 2012-10-03VUPEN Security Research - Adobe Acrobat and Reader BMP Dimensions Heap Overflow Vulnerability 2011-09-14
Announcing Hackademic CFP 2012-03-13VUPEN Security Research - Adobe Acrobat and Reader IFF Processing Heap Overflow Vulnerability 2011-09-14
Another Solaris 10 Patch Cluster Symlink Attack 2012-08-09VUPEN Security Research - Adobe Acrobat and Reader Image Processing Integer Overflow (APSB12-01) 2012-01-11
Any Video Converter DLL Hijack 2016-08-09VUPEN Security Research - Adobe Acrobat and Reader PCX Processing Heap Overflow Vulnerability 2011-09-14
AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution 2012-08-06VUPEN Security Research - Adobe Acrobat and Reader Picture Dimensions Heap Overflow Vulnerability 2011-09-14
Apache James Server 2.3.2 security vulnerability fixed 2015-09-30VUPEN Security Research - Adobe Acrobat and Reader Picture Processing Stack Overflow Vulnerability 2011-09-14
Apache OpenOffice Security (orcmid apache org) VUPEN Security Research - Adobe Acrobat and Reader TIFF BitsPerSample Heap Overflow Vulnerability 2011-09-14
Apache PHP Remote Exploit - apache-magika.c 2013-10-29VUPEN Security Research - Adobe Flash ExternalInterface Use-After-Free Code Execution (Pwn2Own) 2014-04-14
Apache Sling Framework v2.3.6 - Information Disclosure Vulnerability 2016-02-10VUPEN Security Research - Adobe Flash Player "Matrix3D" Remote Memory Corruption (CVE-2012-0768) 2012-03-19
apache struts2 remote code execute 2012-08-21VUPEN Security Research - Adobe Flash Player "SAlign" Memory Corruption Vulnerability (CVE-2011-2459) 2011-12-16
Apache Subversion mod_dav_svn DoS via MKACTIVITY/PROPFIND 2013-03-05VUPEN Security Research - Adobe Flash Player ActionScript FileReference Buffer Overflow (APSB11-21) 2011-08-11
Apache VCL improper input validation 2013-05-06VUPEN Security Research - Adobe Flash Player NetStream Remote Code Execution Vulnerability (APSB12-07 / CVE-2012-0773) 2012-04-19
apparitionsec gmail com VUPEN Security Research - Adobe Flash Player RTMP Data Processing Object Confusion (CVE-2013-2555) 2013-04-18
apparitionsec gmail com - hyp3rlinx VUPEN Security Research - Adobe Shockwave rcsL Record Array Indexing Vulnerability (APSB11-19) 2011-08-11
apparitionsec gmail com (hyp3rlinx) VUPEN Security Research - Google Chrome WebKit Engine Child Tag Deletion Stale Pointer Vulnerability 2011-10-07
apparitionsec gmail com/hyp3rlinx VUPEN Security Research - Google Chrome WebKit Engine Ruby Tag Stale Pointer Vulnerability 2011-10-07
AppFish Offline Coder v2.2 iOS - Persistent Software Vulnerability 2014-04-10VUPEN Security Research - Microsoft Internet Explorer "Col" Element Remote Heap Overflow (MS12-037 / CVE-2012-1876) 2012-06-19
Apple and Wifi Hotspot Credentials Management Vulnerability 2013-06-17VUPEN Security Research - Microsoft Internet Explorer "CollectionCache" Remote Use-after-free (MS12-037) 2012-06-19
Apple iOS / OSX Foundation NSXMLParser XML eXternal Entity (XXE) Flaw 2014-09-18VUPEN Security Research - Microsoft Internet Explorer "GetAtomTable" Remote Use-after-free (MS12-037 / CVE-2012-1875) 2012-06-19
Apple iOS 7 iPad2 Face-Time 1.0.2 - Privacy Vulnerability 2013-10-03VUPEN Security Research - Microsoft Internet Explorer "OnMove" Use-After-Free Vulnerability (MS12-063) 2012-10-23
Apple iOS 7.2 - Sim Lock Screen Display Bypass Vulnerability 2013-10-15VUPEN Security Research - Microsoft Internet Explorer "ReplaceAdjacentText" Use-after-free (MS13-059) 2013-08-30
Apple iOS 9.3.1 (iPhone 6S & iPhone Plus) - (3D Touch) Passcode Bypass Vulnerability 2016-04-05VUPEN Security Research - Microsoft Internet Explorer "Request" Object Confusion Sandbox Bypass (Pwn2Own 2014) 2014-07-16
Apple iOS v7.1.2 - Merge Apps Service Local Bypass Vulnerability 2014-09-02VUPEN Security Research - Microsoft Internet Explorer "scrollIntoView" Use-After-Free Vulnerability (MS12-063) 2012-10-23
Apple iOS v8.x - Message Context & Privacy Vulnerability 2014-12-18VUPEN Security Research - Microsoft Internet Explorer "ShowSaveFileDialog()" Sandbox Bypass (Pwn2Own 2014) 2014-07-16
Apple iOS v9.1, 9.2 & 9.2.1 - Application Update Loop Pass Code Bypass 2016-02-04VUPEN Security Research - Microsoft Internet Explorer "X-UA-COMPATIBLE" Use-after-free Vulnerability 2011-10-21
Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) 2016-03-07VUPEN Security Research - Microsoft Internet Explorer 10-9 Object Confusion Sandbox Bypass (MS13-037 / Pwn2Own) 2013-05-21
Apple iOS/tvOS/watchOS Remote memory corruption through certificate 2016-12-12VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "CDisplayPointer" Use-after-free (MS13-028) 2013-05-03
Apple iTunes & AppStore - Filter Bypass & Persistent Invoice Vulnerability 2015-07-27VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnMove" Use-after-free (MS13-021 / CVE-2013-0087) 2013-03-19
Apple libc incomplete fix of Security Update for OS X El Capitan 10.11.2 2016-08-26VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "OnResize" Use-after-free (MS13-021 / CVE-2013-0087) 2013-03-19
Apple Motion Integer Overflow Vulnerability 2013-10-07VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 "Scroll" Use-after-free (MS13-028) 2013-05-03
Apple Product Security (product-security-noreply lists apple com) VUPEN Security Research - Microsoft Internet Explorer 10-9-8-7-6 VML Remote Integer Overflow (MS13-037 / Pwn2Own) 2013-05-21
Apple Quicktime Memory Corruption (CVE-2012-0671) 2012-05-15VUPEN Security Research - Microsoft Internet Explorer CSS @import Memory Corruption (Pwn2Own 2014) 2014-07-16
Apple Safari FTP PASV manipulation vulnerability (CVE-2015-5912) 2015-09-16VUPEN Security Research - Microsoft Internet Explorer Protected Mode Sandbox Bypass (Pwn2Own 2013 / MS13-059) 2013-08-30
Apple WatchOS v2.1 - Denial of Service Vulnerability 2016-01-27VUPEN Security Research - Microsoft Internet Explorer VML Remote Code Execution (MS12-023 / CVE-2012-0172) 2012-04-17
Apple's Mail.app mail of death 2011-10-29VUPEN Security Research - Microsoft Office Excel Formula Record Heap Corruption Vulnerability 2011-09-19
APPLE-SA-2011-06-23-1 Mac OS X v10.6.8 and Security Update 2011-004 2011-06-23VUPEN Security Research - Microsoft Windows "datime.dll" Remote Code Execution Vulnerability (MS11-090) 2011-12-16
APPLE-SA-2011-06-28-1 Java for Mac OS X 10.6 Update 5 2011-06-28VUPEN Security Research - Microsoft Windows "DirectShow" Privilege Escalation Vulnerability (Pwn2Own 2014) 2014-07-16
APPLE-SA-2011-06-28-2 Java for Mac OS X 10.5 Update 10 2011-06-28VUPEN Security Research - Microsoft Windows "LdrHotPatchRoutine" Remote ASLR Bypass (Pwn2Own 2013 / MS13-063) 2013-08-30
APPLE-SA-2011-07-15-1 iOS 4.3.4 Software Update 2011-07-15VUPEN Security Research - Microsoft Windows Media Player DVR-MS Buffer Overflow Vulnerability (MS11-092) 2011-12-16
APPLE-SA-2011-07-15-2 iOS 4.2.9 Software Update for iPhone 2011-07-15VUPEN Security Research - Microsoft Windows OLE Automation Integer Underflow Vulnerability (MS11-038) 2011-06-17
APPLE-SA-2011-07-20-1 Safari 5.1 and Safari 5.0.6 2011-07-20VUPEN Security Research - Microsoft Windows Time Behaviour Remote Use-after-free Vulnerability (MS11-090) 2011-12-16
APPLE-SA-2011-07-20-2 iWork 9.1 Update 2011-07-25VUPEN Security Research - Mozilla Firefox "BumpChunk" Object Processing Use-after-free (Pwn2Own) 2014-03-26
APPLE-SA-2011-07-25-1 iOS 4.3.5 Software Update 2011-07-25VUPEN Security Research - Mozilla Firefox "DocumentViewerImpl" Class Remote Use-After-Free Vulnerability 2012-11-23
APPLE-SA-2011-07-25-2 iOS 4.2.10 Software Update for iPhone 2011-07-25VUPEN Security Research - Mozilla Firefox "imgRequestProxy" Remote Use-After-Free Vulnerability 2012-11-29
APPLE-SA-2011-08-03-1 QuickTime 7.7 2011-08-03VUPEN Security Research - Mozilla Firefox "nsHTMLEditRules" Use-After-Free (MFSA-2013-29 / CVE-2013-0787) 2013-03-19
APPLE-SA-2011-09-09-1 Security Update 2011-005 2011-09-09VUPEN Security Research - Novell GroupWise "BYWEEKNO" Remote Memory Corruption Vulnerability 2011-09-28
APPLE-SA-2011-10-11-1 iTunes 10.5 2011-10-11VUPEN Security Research - Novell GroupWise "integerList" Remote Buffer Overflow Vulnerability 2011-09-28
APPLE-SA-2011-10-12-1 iOS 5 Software Update 2011-10-12VUPEN Security Research - Novell GroupWise "RRULE" Remote Buffer Overflow Vulnerability 2011-09-28
APPLE-SA-2011-10-12-2 Apple TV Software Update 4.4 2011-10-12VUPEN Security Research - Novell GroupWise "TZNAME" Remote Buffer Overflow Vulnerability 2011-09-28
APPLE-SA-2011-10-12-3 OS X Lion v10.7.2 and Security Update 2011-006 2011-10-12VUPEN Security Research - Oracle Java Font Processing "maxPointCount" Heap Overflow Vulnerability 2012-10-23
APPLE-SA-2011-10-12-4 Safari 5.1.1 2011-10-12VUPEN Security Research - Oracle Java Font Processing Glyph Element Memory Corruption Vulnerability 2012-10-23
APPLE-SA-2011-10-12-5 Pages for iOS v1.5 2011-10-12VUPEN Security Research - Oracle Java ICC Profile "bfd" Tag Integer Overflow Code Execution Vulnerability 2011-06-09
APPLE-SA-2011-10-12-6 Numbers for iOS v1.5 2011-10-12VUPEN Security Research - Oracle Java ICC Profile "clrt" Tag Integer Overflow Code Execution Vulnerability 2011-06-09
APPLE-SA-2011-10-26-1 QuickTime 7.7.1 2011-10-26VUPEN Security Research - Oracle Java ICC Profile "mluc" Tag Integer Overflow Code Execution Vulnerability 2011-06-09
APPLE-SA-2011-11-08-1 Java for Mac OS X 10.7 Update 1 and Java for Mac OS X 10.6 Update 6 2011-11-08VUPEN Security Research - Oracle Java ICC Profile "ncl2" Tag Integer Overflow Code Execution Vulnerability 2011-06-09
APPLE-SA-2011-11-10-1 iOS 5.0.1 Software Update 2011-11-10VUPEN Security Research - Oracle Java ICC Profile "pseq" Tag Integer Overflow Code Execution Vulnerability 2011-06-09
APPLE-SA-2011-11-10-2 Time Capsule and AirPort Base Station (802.11n) Firmware 7.6 2011-11-11VUPEN Security Research - Oracle Java ICC Profile "scrn" Tag Integer Overflow Code Execution Vulnerability 2011-06-09
APPLE-SA-2011-11-14-1 iTunes 10.5.1 2011-11-14VUPEN Security Research - Oracle Java JavaFX Video Frame Decoding Remote Heap Overflow (Pwn2Own 2013) 2013-04-18
APPLE-SA-2012-02-01-1 OS X Lion v10.7.3 and Security Update 2012-001 2012-02-01VUPlayer 2.49 - (.pls) Buffer Overflow Vulnerability 2016-07-27
APPLE-SA-2012-03-07-1 iTunes 10.6 2012-03-07VUPlayer 2.49 - (.wax) Buffer Overflow Vulnerability 2016-07-27
APPLE-SA-2012-03-07-2 iOS 5.1 Software Update 2012-03-07W150D Wireless N 150 ADSL2 Modem Router - Cross Site Request Forgery Vulnerability 2015-10-09
APPLE-SA-2012-03-07-3 Apple TV 5.0 2012-03-07Warah Agencia (productos.php?categoria_id) Remote SQL injection Vulnerability 2011-08-23
APPLE-SA-2012-03-12-1 Safari 5.1.4 2012-03-12WASC Announcement: Static Analysis Technologies Evaluation Criteria Published 2013-05-10
APPLE-SA-2012-04-03-1 Java for OS X 2012-001 and Java for Mac OS X 10.6 Update 7 2012-04-03Weak authentication in EMC Secure Remote Services Virtual Edition Web Portal 2015-08-17
APPLE-SA-2012-04-12-1 Java for OS X 2012-003 and Java for Mac OS X 10.6 Update 8 2012-04-12Weak firmware encryption and predictable WPA key on Sitecom routers 2014-04-24
APPLE-SA-2012-05-07-1 iOS 5.1.1 Software Update 2012-05-07Weak Local Database Credentials in Infoblox Network Automation 2014-07-09
APPLE-SA-2012-05-09-1 OS X Lion v10.7.4 and Security Update 2012-002 2012-05-09Weak password encryption on Huawei products 2012-11-13
APPLE-SA-2012-05-09-2 Safari 5.1.7 2012-05-09Web Art Studio (prodotto.php?lang) Remote SQL injection Vulnerability 2011-08-26
APPLE-SA-2012-05-14-1 Flashback Removal Security Update 2012-05-14Web Design Sydney (news-item.php?id) (news-item.php?newsid) Remote SQL injection Vulnerability 2011-08-07
APPLE-SA-2012-05-14-2 Leopard Security Update 2012-003 2012-05-14Web Encryption Extension security update 2014-07-25
APPLE-SA-2012-05-15-1 QuickTime 7.7.2 2012-05-15Web Fusion Nepal (find.php?id) Remote SQL injection Vulnerability 2011-07-28
APPLE-SA-2012-06-11-1 iTunes 10.6.3 2012-06-11Web Fusion Nepal (tour.php?category) XSS Vulnerability 2011-07-28
APPLE-SA-2012-06-12-1 Java for OS X 2012-004 and Java for Mac OS X 10.6 Update 9 2012-06-12Web Login Bruteforce in Symantec Endpoint Protection Manager 12.1.4023.4080 2014-07-22
APPLE-SA-2012-07-25-1 Safari 6.0 2012-07-25Web Progetto (prodotti.php?idcategoria) Remote SQL injection Vulnerability 2011-08-26
APPLE-SA-2012-07-25-2 Xcode 4.4 2012-07-25Web vulnerabilities in Siemens S7-300/S7-400/CP343-1/CP443-1 2016-11-21
APPLE-SA-2012-08-20-1 Apple Remote Desktop 3.6.1 2012-08-20WebAssist PowerCMS PHP - Multiple Web Vulnerabilities 2013-10-03
APPLE-SA-2012-09-05-1 Java for OS X 2012-005 and Java for Mac OS X 10.6 Update 10 2012-09-05WebBoutiques Cms Cross-Site Scripting Vulnerability 2015-12-07
APPLE-SA-2012-09-12-1 iTunes 10.7 2012-09-12WebCalendar <= 1.2.4 Two Security Vulnerabilities 2012-04-23
APPLE-SA-2012-09-17-1 Apple Remote Desktop 3.5.3 2012-09-17Webcalendar 1.2.4 'location' XSS 2012-01-20
APPLE-SA-2012-09-19-1 iOS 6 2012-09-19WebComIndia CMS 2015Q4 - Auth Bypass Vulnerability 2015-10-09
APPLE-SA-2012-09-19-2 OS X Mountain Lion v10.8.2, OS X Lion v10.7.5 and Security Update 2012-004 2012-09-19Webdesigns-studio (sysMsg.php?errMsg) Cross Site Scripting Vulnerabilities 2011-08-06
APPLE-SA-2012-09-19-3 Safari 6.0.1 2012-09-19WebDrive Buffer OverFlow PoC 2015-06-01
APPLE-SA-2012-09-24-1 Apple TV 5.1 2012-09-24Webgrind XSS vulnerability 2015-05-21
APPLE-SA-2012-10-16-1 Java for OS X 2012-006 and Java for Mac OS X 10.6 Update 11 2012-10-16WeBid 1.1.1 Unrestricted File Upload Exploit 2015-03-04
APPLE-SA-2012-11-01-1 iOS 6.0.1 2012-11-01Webify Product Series - Multiple Web Vulnerabilities 2012-06-15
APPLE-SA-2012-11-01-2 Safari 6.0.2 2012-11-01WebKitGTK+ Security Advisory WSA-2015-0001 2015-01-26
APPLE-SA-2012-11-07-1 QuickTime 7.7.3 2012-11-08WebKitGTK+ Security Advisory WSA-2015-0002 2015-12-28
APPLE-SA-2012-11-29-1 Apple TV 5.1.1 2012-11-29WebKitGTK+ Security Advisory WSA-2016-0001 2016-02-01
APPLE-SA-2013-01-28-1 iOS 6.1 Software Update 2013-01-28WebKitGTK+ Security Advisory WSA-2016-0002 2016-03-11
APPLE-SA-2013-01-28-2 Apple TV 5.2 2013-01-28WebKitGTK+ Security Advisory WSA-2016-0003 2016-03-31
APPLE-SA-2013-02-04-1 OS X Server v2.2.1 2013-02-04WebKitGTK+ Security Advisory WSA-2016-0005 2016-08-25
APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6 Update 13 2013-02-19Webline CMS (2016Q2) - SQL Injection Vulnerability 2016-04-13
APPLE-SA-2013-03-14-2 Safari 6.0.3 2013-03-14WebMartIndia CMS 2016 Q1 - SQL Injection Vulnerability 2016-01-27
APPLE-SA-2013-03-19-1 iOS 6.1.3 2013-03-19WebRising (dettaglio.asp?id) Remote SQL injection Vulnerability 2011-08-17
APPLE-SA-2013-03-19-2 Apple TV 5.2.1 2013-03-19Webroot SecureAnywhere Mobile Protection - MITM SSL Certificate Vulnerability 2015-09-04
APPLE-SA-2013-05-16-1 iTunes 11.0.3 2013-05-16WebsiteBaker 2.8.1 <= Arbitrary File Upload Vulnerability 2011-08-13
APPLE-SA-2013-06-04-1 OS X Mountain Lion v10.8.4 and Security Update 2013-002 2013-06-04WebsiteBaker 2.8.1 <= Cross Site Request Forgery (CSRF) Vulnerability 2011-08-13
APPLE-SA-2013-06-04-2 Safari 6.0.5 2013-06-04WebsiteBaker 2.8.2 SP2 HTTP-Referer XSS vulnerability 2012-02-18
APPLE-SA-2013-06-18-1 Java for OS X 2013-004 and Mac OS X v10.6 Update 16 2013-06-18WebSolutions India Design CMS - SQL Injection Vulnerability 2015-08-20
APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4 2013-09-06WebSurgery v1.1 released (Web application security testing suite) 2013-11-11
APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update 2013-004 2013-09-12WebSVN 2.3.2 Unproper Metacharacters Escaping exec() Remote Commands Injection Vulnerability 2011-06-03
APPLE-SA-2013-09-12-2 Safari 5.1.10 2013-09-12Webutler CMS 3.2 - Cross-Site Request Forgery 2016-04-21
APPLE-SA-2013-09-17-1 OS X Server v2.2.2 2013-09-17webyuss (prodotto.php?id) (quadri.php?id) Remote SQL injection Vulnerability 2011-08-30
APPLE-SA-2013-09-18-1 iTunes 11.1 2013-09-18Western Union CN Bug Bounty #6 - Client Side Cross Site Scripting Web Vulnerability 2015-12-22
APPLE-SA-2013-09-18-2 iOS 7 2013-09-18WHM Panel Mail Delivery Reports crash database Vulnerability 2016-11-12
APPLE-SA-2013-09-18-3 Xcode 5.0 2013-09-18WHM Panel Mail Delivery Reports crash database Vulnerability 2016-11-13
APPLE-SA-2013-09-20-1 Apple TV 6.0 2013-09-20Wickr Desktop v2.2.1 Windows - Denial of Service Vulnerability 2014-12-25
APPLE-SA-2013-09-26-1 iOS 7.0.2 2013-09-26Wifi Album v1.47 iOS - Command Injection Vulnerability 2013-05-12
APPLE-SA-2013-10-03-1 OS X v10.8.5 Supplemental Update 2013-10-03WiFi Drive CR v1.0 iOS - Persistent Filename Dir List Vulnerability 2015-09-23
APPLE-SA-2013-11-14-1 iOS 7.0.4 2013-11-14WiFi File Browser Pro v2.0.8 - Code Execution Vulnerability 2015-01-16
APPLE-SA-2014-03-10-1 iOS 7.1 2014-03-10WiFi HD v7.3.0 iOS - Multiple Web Vulnerabilities 2014-07-29
APPLE-SA-2014-03-10-2 Apple TV 6.1 2014-03-10Wifi Photo Transfer 2.1 & 1.1 PRO - Multiple Vulnerabilities 2013-05-12
APPLE-SA-2014-04-01-1 Safari 6.1.3 and Safari 7.0.3 2014-04-01WiFly 1.0 Pro iOS - Multiple Web Vulnerabilities 2013-07-17
APPLE-SA-2014-04-22-1 Security Update 2014-002 2014-04-22Wikidforum 2.10 Multiple security vulnerabilities 2012-03-10
APPLE-SA-2014-04-22-2 iOS 7.1.1 2014-04-22WikkaWiki <= 1.3.2 Multiple Security Vulnerabilities 2011-11-30
APPLE-SA-2014-04-22-3 Apple TV 6.1.1 2014-04-22WikyBlog 1.7.3RC2 XSS vulnerability 2012-03-15
APPLE-SA-2014-05-15-1 OS X Mavericks v10.9.3 2014-05-15WinaXe v7.7 FTP 'Server Ready' CMD Remote Buffer Overflow 2016-11-05
APPLE-SA-2014-05-15-2 iTunes 11.2 2014-05-15wincvs-2.0.2.4 Privilege Escalation 2016-10-25
APPLE-SA-2014-05-16-1 iTunes 11.2.1 2014-05-17Windows 7/8 admin account installation password stored in the clear in LSA Secrets 2013-07-11
APPLE-SA-2014-06-30-1 Safari 6.1.5 and Safari 7.0.5 2014-06-30Windows Authentication UI DLL side loading vulnerability 2015-12-12
APPLE-SA-2014-06-30-2 OS X Mavericks 10.9.4 and Security Update 2014-003 2014-06-30Windows Embedded POSReady 2009: cruft, not craft 2013-08-21
APPLE-SA-2014-06-30-3 iOS 7.1.2 2014-06-30Windows server 2008 R1 local DoS 2011-09-06
APPLE-SA-2014-06-30-4 Apple TV 6.1.2 2014-06-30WingFTP Server Denial of Service Vulnerability 2012-10-09
APPLE-SA-2014-08-13-1 Safari 6.1.6 and Safari 7.0.6 2014-08-13WININET CHttpHeaderParser::ParseStatusLine out-of-bounds read details 2016-11-10
APPLE-SA-2014-09-17-1 iOS 8 2014-09-17Winn Guestbook v2.4.8c Stored XSS 2011-12-29
APPLE-SA-2014-09-17-2 Apple TV 7 2014-09-17Winni Neessen (winni insecure so) 
APPLE-SA-2014-09-17-3 OS X Mavericks 10.9.5 and Security Update 2014-004 2014-09-18WinRadius Server Denial Of Service Vulnerability 2012-05-27
APPLE-SA-2014-09-17-4 Safari 6.2 and Safari 7.1 2014-09-18WinRAR SFX v5.21 - Remote Code Execution Vulnerability 2015-09-28
APPLE-SA-2014-09-17-5 OS X Server 3.2.1 2014-09-18WinSaber - Unquoted Service Path Privilege Escalation 2016-08-02
APPLE-SA-2014-09-17-6 OS X Server 2.2.3 2014-09-18Wireless Disk PRO v2.3 iOS - Multiple Web Vulnerabilities 2013-05-12
APPLE-SA-2014-09-17-7 Xcode 6.0.1 2014-09-18Wireless Drive v1.1.0 iOS - Multiple Web Vulnerabilities 2014-03-27
APPLE-SA-2014-11-17-1 iOS 8.1.1 2014-11-17Wireless File Transfer Pro Android - Multiple CSRF Vulnerabilities 2015-02-26
APPLE-SA-2014-11-17-2 OS X Yosemite 10.10.1 2014-11-17Wireless N ADSL 2/2+ Modem Router - DT5130 - Xss / URL Redirect / Command Injection 2014-12-03
APPLE-SA-2014-11-17-3 Apple TV 7.0.2 2014-11-17Wireless Photo Access 1.0.10 iOS - Multiple Vulnerabilities 2013-05-12
APPLE-SA-2014-12-11-1 Safari 8.0.2, Safari 7.1.2, and Safari 6.2.2 2014-12-11Wireless Photo Transfer v3.0 iOS - File Include Vulnerability 2015-05-18
APPLE-SA-2014-12-18-1 Xcode 6.2 beta 3 2014-12-18Wireless Transfer App 3.7 iOS - Multiple Web Vulnerabilities 2013-12-05
APPLE-SA-2014-12-2-1 Safari 8.0.1, Safari 7.1.1, and Safari 6.2.1 2014-12-03Wireshark 1.4.0 Malformed IKE Packet Denial of Service 2011-07-11
APPLE-SA-2014-15-20-1 OS X Server 3.1.2 2014-05-20Wireshark 1.6.1 Malformed IKE Packet Denial of Service 2011-07-28
APPLE-SA-2015-05-19-1 Watch OS 1.0.1 2015-05-19Wisecracker 1.0 - A high performance distributed cryptanalysis framework 2012-11-05
APPLE-SA-2015-06-30-1 iOS 8.4 2015-06-30WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability 2015-05-19
APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005 2015-06-30WISE-FTP Software v8.0.2 - DLL Hijacking Vulnerability 2015-05-20
APPLE-SA-2015-06-30-3 Mac EFI Security Update 2015-001 2015-06-30WOC Consulting (search_result.php?cid) Remote SQL injection Vulnerability 2011-07-28
APPLE-SA-2015-06-30-4 Safari 8.0.7, Safari 7.1.7, and Safari 6.2.7 2015-06-30Wolf CMS v0.7.5 - Multiple Web Vulnerabilities 2012-02-27
APPLE-SA-2015-08-13-1 Safari 8.0.8, Safari 7.1.8, and Safari 6.2.8 2015-08-13Woltlab Burning Board 3.9.1 pl1 - Persistent Web Vulnerability & Editor Reverse Encoding Issue 2014-04-11
APPLE-SA-2015-08-13-2 OS X Yosemite v10.10.5 and Security Update 2015-006 2015-08-13Wonderware Information Server CVE-2014-2381 Weak Encryption Security Weakness
APPLE-SA-2015-08-13-3 iOS 8.4.1 2015-08-13Word 2003 SP2 .doc fork bomb on WinXP SP3 2013-11-08
APPLE-SA-2015-08-13-4 OS X Server v4.1.5 2015-08-13Wordpress (editormonkey) Arbitrary File Upload Vulnerability 2012-07-04
APPLE-SA-2015-08-20-1 QuickTime 7.7.8 2015-08-20Wordpress (chenpress Plugin) Arbitrary File Upload Vulnerability 2012-07-21
APPLE-SA-2015-09-16-1 iOS 9 2015-09-16WordPress <=4.0 Denial of Service Exploit (CVE-2014-9034) 2014-11-29
APPLE-SA-2015-09-16-2 Xcode 7.0 2015-09-16WordPress <=v4.4 Username Exists Information Disclosure 2015-12-10
APPLE-SA-2015-09-16-3 iTunes 12.3 2015-09-16Wordpress 1-jquery-photo-gallery-slideshow-flash plugin Cross-Site Scripting Vulnerabilities 2011-11-30
APPLE-SA-2015-09-16-4 OS X Server 5.0.3 2015-09-16WordPress 3 persistent script injection 2014-11-20
APPLE-SA-2015-09-21-1 watchOS 2 2015-09-21Wordpress adminimize Plugin Vulnerabilities 2011-11-21
APPLE-SA-2015-09-30-01 iOS 9.0.2 2015-09-30Wordpress advanced-text-widget Plugin Vulnerabilities 2011-11-21
APPLE-SA-2015-09-30-2 Safari 9 2015-09-30Wordpress alert-before-your-post Plugin Cross-Site Scripting Vulnerabilities 2011-11-21
APPLE-SA-2015-09-30-3 OS X El Capitan 10.11 2015-09-30Wordpress Booking System (Booking Calendar) plugin SQL Injection 2014-05-21
APPLE-SA-2015-10-15-1 Keynote 6.6, Pages 5.6, Numbers 3.6, and iWork for iOS 2.6 2015-10-15WordPress Bulk Delete Plugin [Privilege Escalation] 2016-03-03
APPLE-SA-2015-10-21-1 iOS 9.1 2015-10-21Wordpress bulletproof-security <=.51 multiple vulnerabilities 2014-11-05
APPLE-SA-2015-10-21-2 watchOS 2.0.1 2015-10-21Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities 2013-10-11
APPLE-SA-2015-10-21-3 Safari 9.0.1 2015-10-21Wordpress Cart66 Plugin 1.5.1.14 Multiple Vulnerabilities 2013-10-12
APPLE-SA-2015-10-21-4 OS X El Capitan 10.11.1 and Security Update 2015-007 2015-10-21Wordpress clickdesk-live-support-chat plugin Cross-Site Scripting Vulnerabilities 2011-11-23
APPLE-SA-2015-10-21-5 iTunes 12.3.1 2015-10-21Wordpress Content Text Slider on Post 6.8 - Persistent Vulnerability 2015-12-22
APPLE-SA-2015-10-21-6 Mac EFI Security Update 2015-002 2015-10-21Wordpress Developer Formatter CSRF Vulnerability 2013-01-22
APPLE-SA-2015-10-21-7 Xcode 7.1 2015-10-21Wordpress Download Monitor - Download Page Cross-Site Scripting 2012-09-09
APPLE-SA-2015-10-21-8 OS X Server 5.0.15 2015-10-21Wordpress enable-latex plugin Remote File Include Vulnerabilities 2011-11-23
APPLE-SA-2015-12-08-1 iOS 9.2 2015-12-08Wordpress Facebook Survey v1 - SQL Injection Vulnerability 2012-11-20
APPLE-SA-2015-12-08-2 tvOS 9.1 2015-12-09Wordpress fckeditor Arbitrary File Upload Vulnerability 2012-08-26
APPLE-SA-2015-12-08-3 OS X El Capitan 10.11.2 and Security Update 2015-008 2015-12-08Wordpress featurific-for-wordpress plugin Cross-Site Scripting Vulnerabilities 2011-11-23
APPLE-SA-2015-12-08-4 watchOS 2.1 2015-12-08Wordpress fgallery_plus Plugin Xss vulnerabilities 2013-09-21
APPLE-SA-2015-12-08-4 watchOS 2.1 2015-12-09Wordpress fgallery_plus Plugin Xss vulnerabilities 2013-09-22
APPLE-SA-2015-12-08-5 Safari 9.0.2 2015-12-08WordPress Fixes Multiple Vulnerabilities With 3.6.1 Release 2013-09-13
APPLE-SA-2015-12-08-6 Xcode 7.2 2015-12-08Wordpress flash-album-gallery plugin Cross-Site Scripting Vulnerabilities 2011-11-30
APPLE-SA-2015-12-11-1 iTunes 12.3.2 2015-12-11WordPress flash-album-gallery Plugin 'flagshow.php' Cross Site Scripting Vulnerability 2011-12-12
APPLE-SA-2016-01-07-1 QuickTime 7.7.9 2016-01-08wordpress Flexible Custom Post Type plugin Xss Vulnerabilities 2011-11-16
APPLE-SA-2016-01-19-1 iOS 9.2.1 2016-01-19Wordpress gallery-3.8.3 plugin Arbitrary File Read Vulnerability 2013-01-10
APPLE-SA-2016-01-19-2 OS X El Capitan 10.11.3 and Security Update 2016-001 2016-01-19wordpress jigoshop Plugin path disclosure vulnerabilities 2013-11-05
APPLE-SA-2016-01-19-3 Safari 9.0.3 2016-01-19Wordpress Kish Guest Posting Plugin 1.0 (uploadify.php) Unrestricted File Upload Vulnerability 2012-01-23
APPLE-SA-2016-01-25-1 tvOS 9.1.1 2016-01-25wordpress Lanoba Social Plugin Xss Vulnerabilities 2011-11-19
APPLE-SA-2016-02-25-1 Apple TV 7.2.1 2016-02-25Wordpress Media Cleaner Plugin - XSS Vulnerability 2015-02-27
APPLE-SA-2016-03-21-1 iOS 9.3 2016-03-22Wordpress meenews 5.1 plugin Cross-Site Scripting Vulnerabilities 2011-11-23
APPLE-SA-2016-03-21-2 watchOS 2.2 2016-03-22WordPress Plugin BackWPUp 2.1.4 - Security Advisory - SOS-11-012 2011-10-17
APPLE-SA-2016-03-21-3 tvOS 9.2 2016-03-22Wordpress plugin Buddypress <= 1.9.1 privilege escalation vulnerability 2014-02-13
APPLE-SA-2016-03-21-4 Xcode 7.3 2016-03-22Wordpress plugin Buddypress <= 1.9.1 stored xss vulnerability 2014-02-13
APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002 2016-03-22Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability 2013-09-18
APPLE-SA-2016-03-21-6 Safari 9.1 2016-03-22WordPress Plugin 'Count Per Day' 3.1.1 Multiple Cross-site scripting vulnerabilities 2012-07-16
APPLE-SA-2016-03-21-7 OS X Server 5.1 2016-03-22WordPress Plugin event-registration 6.02.02: SQL-Injection and persistent XSS 2016-05-09
APPLE-SA-2016-03-31-1 iBooks Author 2.4.1 2016-03-31WordPress plugin GravityForms Cross-site Scripting vulnerability 2016-03-01
APPLE-SA-2016-05-03-1 Xcode 7.3.1 2016-05-04WordPress Plugin 'Quick Post Widget' 1.9.1 Multiple Cross-site scripting vulnerabilities 2012-08-10
APPLE-SA-2016-05-16-1 tvOS 9.2.1 2016-05-16Wordpress Plugin Simple Gmail Login Stack Trace Vulnerability 2012-11-29
APPLE-SA-2016-05-16-2 iOS 9.3.2 2016-05-16WordPress plugin wp-ultimate-exporter SQL injection vulnerability 2016-02-25
APPLE-SA-2016-05-16-3 watchOS 2.2.1 2016-05-16WordPress Plugin: Advanced XML Reader v0.3.4 XXE Vulnerability 2013-05-02
APPLE-SA-2016-05-16-4 OS X El Capitan 10.11.5 and Security Update 2016-003 2016-05-16WordPress podPress Plugin XSS in SWF 2013-03-28
APPLE-SA-2016-05-16-5 Safari 9.1.1 2016-05-16Wordpress post-gallery Plugin Xss vulnerabilities 2013-08-24
APPLE-SA-2016-05-16-6 iTunes 12.4 2016-05-16Wordpress pretty-link.1.5.2 plugin Cross-Site Scripting Vulnerabilities 2011-12-04
APPLE-SA-2016-08-25-1 iOS 9.3.5 2016-08-25Wordpress Robo Gallery v2.0.14 - Code Execution Vulnerability 2016-04-12
APPLE-SA-2016-09-14-1 iOS 10.0.1 2016-09-14Wordpress Scoreme Theme - Client Side Cross Site Scripting Web Vulnerability 2016-04-04
APPLE-SA-2016-09-20-2 Safari 10 2016-09-20Wordpress skysa-official plugin Cross-Site Scripting Vulnerabilities 2011-11-27
APPLE-SA-2016-09-20-3 iOS 10 2016-09-20WordPress Slideshow Gallery 1.4.6 Shell Upload Vulnerability (CVE-2014-5460) 2014-08-30
APPLE-SA-2016-09-20-4 macOS Server 5.2 2016-09-20WordPress SolveMedia 1.1.0 CSRF Vulnerability 2013-01-24
APPLE-SA-2016-09-20-5 watchOS 3 2016-09-20Wordpress taggator plugin Sql Injection Vulnerabilities 2012-04-05
APPLE-SA-2016-09-20-6 tvOS 10 2016-09-20WordPress thecotton Themes Remote File Upload Vulnerability 2014-03-01
APPLE-SA-2016-10-24-3 Safari 10.0.1 2016-10-24Wordpress the-welcomizer plugin Cross-Site Scripting Vulnerabilities 2011-12-13
APPLE-SA-2016-10-27-3 iTunes 12.5.2 for Windows 2016-10-27Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability 2016-04-29
APPLE-SA-2016-12-12-1 iOS 10.2 2016-12-12Wordpress Truemag Theme - Client Side Cross Site Scripting Web Vulnerability 2016-05-10
APPLE-SA-2016-12-12-2 watchOS 3.1.1 2016-12-12WordPress User Meta Manager Plugin [Blind SQLI] 2016-02-04
APPLE-SA-2016-12-12-3 tvOS 10.1 2016-12-12WordPress User Meta Manager Plugin [Information Disclosure] 2016-02-08
APPLE-SA-2016-12-13-2 Safari 10.0.2 2016-12-13WordPress User Meta Manager Plugin [Privilege Escalation] 2016-02-04
APPLE-SA-2016-12-13-3 iTunes 12.5.4 2016-12-13WordPress User Submitted Posts Plugin [Persistent XSS] 2016-02-24
APPLE-SA-2016-12-13-5 Additional information for APPLE-SA-2016-12-12-1 iOS 10.2 2016-12-13WordPress Users Ultra Plugin [Blind SQL injection] - Update 2015-12-08
APPLE-SA-2016-12-13-7 Additional information for APPLE-SA-2016-12-12-2 watchOS 3.1.1 2016-12-13WordPress Users Ultra Plugin [Blind SQL injection] 2015-12-02
APPLE-SA-2016-12-13-8 Transporter 1.9.2 2016-12-13WordPress Users Ultra Plugin [Persistence XSS] 2015-12-02
Appologics AirBeam v1.9.2 iOS - Multiple Web Vulnerabilities 2013-11-20WordPress Users Ultra Plugin [Unrestricted File Upload] 2015-11-17
appRain CMF <= 0.1.5 (uploadify.php) Unrestricted File Upload Vulnerability 2012-01-19Wordpress Valums Uploader - File Upload Vulnerability 2013-01-22
appRain CMF v0.1.5 - Multiple Web Vulnerabilities 2011-12-18Wordpress videowhisper-live-streaming-integration Plugin Xss vulnerabilities 2013-08-23
AppSec DC 2012 CFP EXTENDED! 2012-01-06WordPress WooCommerce - Store Toolkit Plugin [Privilege Escalation] 2016-02-08
AppSec DC 2012 CFP is OPEN! 2011-10-12WordPress Wordfence Firewall 5.1.2 Cross Site Scripting 2014-11-05
AppSec USA 2011 CFP Reminder, CTF Pre-Conference Challenge #2 2011-06-04WordPress WP User Frontend Plugin [Unrestricted File Upload] 2016-02-08
AppSec USA 2011 Open Source Showcase Call for Demos 2011-07-29Wordpress WPsc-MijnPress plugin Cross-Site Scripting Vulnerabilities 2012-04-30
Arasism (IR) CMS - File Upload Vulnerability 2012-08-09Wordpress Zingiri Web Shop Plugin <= 2.2.3 Remote Code Execution Vulnerability 2011-11-13
Arbitrary code execution resp. escalation of privilege with Mozilla's SETUP.EXE 2015-10-28Working Remote Root Exploit for OpenSSH 3.4p1 (FreeBSD) 2011-07-01
Arbitrary File Content Disclosure in Atutor 2016-08-02Workshop Proposal/Paper Submission Deadlines 2013-03-27
Arbitrary File Disclosure and Open Redirect in Bonita BPM 2015-06-10WorldCIST 2015 - 3rd World Conference on Information Systems and Technologies 2014-09-27
Arbitrary File Upload in '1 Flash Gallery' Wordpress Plugin 2011-09-07WorldCIST'14 - Submission deadline: December 7 2013-12-01
Arbitrary File Upload in HelpDEZk 2014-11-05WorldCIST'17 - Call for Workshops Proposals; Deadline: September 5 2016-08-03
Arbitrary File Upload/Execution in Collabtive 2012-06-05WorldCIST'17 - Submission deadline: November 27 2016-11-24
Arbitrary files deletion in HP OpenView Communication Broker 2011-06-30WorldCIST'2016 - Brazil: Call for Workshops Proposals - Best Papers published by ISI/SCI Journals 2015-07-21
Arbitrary files deletion in HP OpenView Performance Agent 2011-06-27WorldCIST'2017 - Submission deadline: November 30 2016-11-26
Arbitrary files deletion in Novell File Reporter 1.0.4.2 2011-06-27WowzaMediaServer SecureToken bypass (and worse) 2013-04-30
Arbitrary memory corruption in NCSS 07.1.21 2011-09-29WowzaMediaServer StorageDir escape (regression) 2013-04-30
Arbor Networks Peakflow SP web interface XSS 2012-04-03WP Advanced Importer XSS Vulnerability 2016-02-24
ArcGIS for Server Vulnerability Disclosure 2014-08-20WP Easy Gallery v4.1.4 Stored XSS Vulnerability 2016-01-26
Ariadne 2.7.6 Multiple XSS vulnerabilities 2011-12-01WP External Links v1.80 - Cross Site Scripting Web Vulnerabilities 2016-03-31
Arte Dude (collections.php?id) (property.php?id) Remote SQL injection Vulnerability 2011-08-05WP Good News Themes - Client Side Cross Site Scripting Web Vulnerability 2016-02-29
Aruba Advisory AID-070611 Cross Site Scripting vulnerability in ArubaOS and AirWave Administration Web Interfaces 2011-07-06WP Symposium Pro Social Network Plugin XSS and Critical CSRF Vulnerability 2016-01-08
Aruba Networks multiple advisories: OS command injection in RAP web interface and 802.1X EAP-TLS user authentication bypass 2012-03-19WP Ultimate Exporter XSS Vulnerability 2016-02-24
Ashampoo 3D CAD Professional 3 ActiveX control Insecure Method 2011-06-28WP-Comment-Rating XSS Vulnerability 2016-01-30
ASP.NET Core 5-RC1 HTTP Header Injection 2016-12-21WPN-XM Serverstack v0.8.6 CSRF - MySQL / PHP.INI Hijacking 2016-04-09
ASPR #2011-08-18-1: Remote Binary Planting in Mozilla Firefox 2011-08-18WPN-XM Serverstack v0.8.6 XSS 2016-04-09
ASPR #2011-08-18-2: Remote Binary Planting in Mozilla Thunderbird 2011-08-18WP-Ultimate CSV Importer XSS Vulnerability 2016-01-26
AST-2011-011: Possible enumeration of SIP users due to differing authentication responses 2011-06-28WSO2 CARBON v4.4.5 PERSISTENT XSS COOKIE THEFT 2016-08-13
AST-2011-012: Remote crash vulnerability in SIP channel driver 2011-10-17WSO2 SOA Enablement Server - Reflected Cross-Site Scripting 2016-05-17
AST-2011-013: Possible remote enumeration of SIP endpoints with differing NAT settings 2011-12-08WSO2-CARBON v4.4.5 CSRF / DOS 2016-08-13
AST-2011-014: Remote crash possibility with SIP and the â??automonâ?? feature enabled 2011-12-08WSTAFF Remote SQL injection Vulnerability 2011-09-03
AST-2012-002: Remote Crash Vulnerability in Milliwatt Application 2012-03-15WWW File Share Pro v7.0 - Denial of Service Vulnerability 2014-09-01
AST-2012-003: Stack Buffer Overflow in HTTP Manager 2012-03-15XADV-2013003 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow 2013-11-09
AST-2012-004: Asterisk Manager User Unauthorized Shell Access 2012-04-23XADV-2013003 Linux Kernel eCryptfs write_tag_3_packet Heap Buffer Overflow Vulnerability 2013-11-04
AST-2012-005: Heap Buffer Overflow in Skinny Channel Driver 2012-04-23XADV-2013003 Linux Kernel fbdev Driver arcfb_write() Overflow 2013-11-19
AST-2012-006: Remote Crash Vulnerability in SIP Channel Driver 2012-04-23XADV-2013005 FreeBSD 10 <= nand Driver IOCTL Kernel Memory Leak Bug 2013-11-16
AST-2012-007: Remote crash vulnerability in IAX2 channel driver. 2012-05-29XADV-2013006 FreeBSD <= 10 kernel qlxge/qlxgbe Driver IOCTL Multiple Kernel Memory Leak Bugs 2013-11-16
AST-2012-008: Skinny Channel Driver Remote Crash Vulnerability 2012-05-29XADV-2013007 Linux Kernel bt8xx Video Driver IOCTL Heap Overflow 2013-11-19
AST-2012-009: Skinny Channel Driver Remote Crash Vulnerability 2012-06-14XADV-2013008 Linux Kernel 3.11.7 <= sk_attach_filter Kernel Heap Corruption 2013-11-19
AST-2012-010: Possible resource leak on uncompleted re-invite transactions 2012-07-05XAMPP 1.8.1 Local Write Access Vulnerability 2013-09-26
AST-2012-011: Remote crash vulnerability in voice mail application 2012-07-05XAMPP Control Panel Memory Corruption Denial Of Service 2016-12-24
AST-2012-012: Asterisk Manager User Unauthorized Shell Access 2012-08-30XCloner Wordpress/Joomla! backup Plugin v3.1.1 (Wordpress) v3.5.1 (Joomla!) Vulnerabilities 2014-11-06
AST-2012-013: ACL rules ignored when placing outbound calls by certain IAX2 users 2012-08-30XCon 2012 XFocus Information Security Conference Call for Paper 2012-03-07
AST-2012-014: Crashes due to large stack allocations when using TCP 2013-01-02XEE vulnerabilities in SharePoint (MS11-074) and DotNetNuke 2011-09-15
AST-2012-015: Denial of Service Through Exploitation of Device State Caching 2013-01-02Xmas 2011 Security Puzzle 2011-12-23
AST-2013-001: Buffer Overflow Exploit Through SIP SDP Header 2013-03-27XMB - eXtreme Message Board v1.9.11.13 Weak Crypto 2016-01-23
AST-2013-002: Denial of Service in HTTP server 2013-03-27XnView JLS File Decompression Heap Overflow 2012-10-03
AST-2013-003: Username disclosure in SIP channel driver 2013-03-27Xoops 2.5.7.2 CSRF - Arbitrary User Deletions 2016-03-18
AST-2013-004: Remote Crash From Late Arriving SIP ACK With SDP 2013-08-28Xoops 2.5.7.2 Directory Traversal Bypass 2016-03-18
AST-2013-005: Remote Crash when Invalid SDP is sent in SIP Request 2013-08-28Xplace Company (dettaglio.asp?id) (alloggi-dett.asp?id) (eventi.asp?id) Remote SQL injection Vulnerability 2011-08-17
AST-2014-006: Asterisk Manager User Unauthorized Shell Access 2014-06-12Xpra memory disclosure 2012-01-18
AST-2014-007: Exhaustion of Allowed Concurrent HTTP Connections 2014-06-12XSS (Cross Site Scripting) in Social CRM & Community Solutions powered by Lithium in Knowledge base section 2016-03-24
AST-2014-008: Denial of Service in PJSIP Channel Driver Subscriptions 2014-06-12XSS and Blind SQL Injection Vulnerabilities in Banana Dance CMS 2012-08-22
AST-2014-009: Remote crash based on malformed SIP subscription requests 2014-09-18XSS and Blind SQL Injection Vulnerabilities in ExponentCMS 2012-04-23
AST-2014-010: Remote crash when handling out of call message in certain dialplan configurations 2014-09-18XSS and CSRF Horde Groupware Web mail Edition 2013-11-03
AST-2014-012: Mixed IP address families in access control lists may permit unwanted traffic. 2014-11-21XSS and SQL Injection Vulnerabilities in Jara 2012-08-22
AST-2014-013: PJSIP ACLs are not loaded on startup 2014-11-21XSS and SQL Injection Vulnerabilities in OrderSys 2012-08-22
AST-2014-014: High call load may result in hung channels in ConfBridge. 2014-11-21XSS and SQL Injection Vulnerabilities on Symphony CMS 2.2.3 2011-11-01
AST-2014-015: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21XSS and SQLi in huge IT gallery v1.1.5 for Joomla 2016-07-25
AST-2014-016: Remote Crash Vulnerability in PJSIP channel driver 2014-11-21XSS Ebuddy (responsible disclosure) 2011-09-02
AST-2014-017: <font size="3" style="font-size: 12pt">Permission escalation through ConfBridge actions/dialplan functions</font> 2014-11-21XSS in answer my question plugin 2012-11-04
AST-2014-018: AMI permission escalation through DB dialplan function 2014-11-21XSS in dokeos 2.1.1 2012-10-30
AST-2016-001: BEAST vulnerability in HTTP server 2016-02-04XSS in Elgg 1.8.12, 1.7.16 (core module "Twitter widget") 2013-01-29
AST-2016-002: File descriptor exhaustion in chan_sip 2016-02-04XSS in Fast Secure Contact Form wordpress plugin 2011-08-17
AST-2016-003: Remote crash vulnerability when receiving UDPTL FAX data. 2016-02-04XSS in FlatPress 2011-06-28
AST-2016-004: Long Contact URIs in REGISTER requests can crash Asterisk 2016-04-14XSS in IBM Open Admin Tool 2011-08-30
AST-2016-005: TCP denial of service in PJProject 2016-04-14XSS in Kaseya version 6.2.0.0 web interface 2012-04-20
AST-2016-007: RTP Resource Exhaustion 2016-09-08XSS in OneOrZero AIMS 2012-01-18
AST-2016-008: Crash on SDP offer or answer from endpoint using Opus 2016-12-08XSS in OSSEC wui 0.3 2012-09-27
AST-2016-009: <br> 2016-12-08XSS in Redirection wordpress plugin 2011-08-31
Asterisk Security Team (security asterisk org) XSS in Tiki Wiki CMS Groupware 2011-07-20
ASTPP VoIP Billing (4cf207a) - Multiple Web Vulnerabilities 2012-09-13XSS in tooltip plugin of Zurb Foundation 5 2016-11-29
ASUS AiCloud Enabled Routers 12 Models - Authentication bypass and Sensitive file/path disclosure 2014-02-08XSS in WP e-Commerce 2011-08-03
ASUS router drive-by code execution via XSS and authentication bypass 2014-02-21XSS in Zikula 2011-09-07
ASUS RT-N56U Persistent XSS 2016-02-02XSS on Juniper JUNOS 11.4 Embedthis Appweb 3.2.3 2013-11-11
ASUS RT-N66U Router - HTTPS Directory traversal and full file access and credential disclosure vuln 2013-06-22XSS phpLDAPadmin: 1.2.0.5 (Debian package) and 1.2.2 (sourceforge) 2012-01-31
at32 ReverseProxy - Multiple HTTP Header Field Denial Of Service Vulnerability 2012-03-19XSS Vulnerabilities in ClipBucket 2012-10-19
AthCon 2012 CFP is now OPEN! 2012-01-12XSS Vulnerabilities in CMSMini 2012-10-19
AthCon 2013 CFP OPEN 2013-01-01XSS Vulnerabilities in eFront 2011-11-01
AthCon 2013 Rev. Challenge 2013 2013-03-11XSS Vulnerabilities in LabWiki 2012-08-22
Atmel "secure" crypto co-processor series microprocessors (AT91SAM7XC) leaking keys, plus bonus DESFire hack 2013-02-11XSS Vulnerabilities in OpenCms 2013-07-17
aTube Catcher ActiveX Control Insecure Method 2011-07-06XSS Vulnerabilities in phpFreeChat 2012-10-02
ATutor 2.0.3 Multiple XSS vulnerabilities 2012-01-15XSS Vulnerabilities in TaskFreak 2012-10-19
Audacity 2.0.5 contains Arbitrary DLL Injection Code Execution 2015-05-28XSS Vulnerabilities in TWiki < 5.1.0 2011-09-22
AuraDVD Ripper Professional v1.6.3 - DLL Hijacking Exploit 2016-10-04XSS vulnerability in FortiMail Messaging Security Appliance 2011-09-13
Aurora WebOPAC SQL Injection - Security Advisory - SOS-12-004 2012-03-12XSS vulnerability in Intellect Core banking software - Polaris 2015-12-09
AusCERT2015 Call for Papers: closes 18th January 2015-01-14XSS vulnerability in Joomla 1.6.3 2011-11-10
Authentication Bypass in Netgear Router Firmware N300_1.1.0.31_1.0.1.img and N300-1.1.0.28_1.0.1.img 2015-10-06XSS vulnerability in OFBiz forms 2015-07-15
Authentication bypass in PHP File Manager 0.9.8 2016-01-25XSS Vulnerability in Simple Slider Wordpress Plugin 2012-11-21
Authentication-Bypass in CosmoShop ePRO V10.17.00 (and lower, maybe higher) 2014-02-26XSS Vulnerability in Synnefo Client for Synnefo IMS 2015 - CVE-2015-8247 2015-12-12
Autobahn|Python Insecure allowedOrigins validation >= 0.14.1 2016-07-23XSS, Code Execution, DOS, Password Leak, Weak Authentication in GetSimpleCMS 3.3.5 2015-07-15
Avant-Garde Technologies (display-section.php?id) Remote SQL injection Vulnerability 2011-08-09XSSer v1.6 -beta- aka "Grey Swarm!" released. 2011-11-30
AVAVoIP v1.5.12 - Multiple Web Vulnerabilities 2012-07-17XWeavers (page.asp?id) Remote SQL injection Vulnerability 2011-08-07
Avira License Application - Cross Site Request Forgery Vulnerability 2014-09-01XWeavers (sysMsg.php?errMsg) Cross Site Scripting Vulnerabilities 2011-08-06
Avira Mobile Security iOS Application - Cleartext Credentials Vulnerability 2015-09-04Xymon: Critical security issues in all versions prior to 4.3.25 2016-02-14
Avolve Software ProjectDox Multiple Vulnerability Disclosure 2014-09-03Yahoo Bug Bounty #32 - Cross Site Request Forgery bulkImport Web Vulnerability 2015-09-11
Avon Groups (search_result.php?cid) Remote SQL injection Vulnerability 2011-07-28Yahoo Bug Bounty #37 - Sender Spoofing Vulnerability 2016-03-14
awiki 20100125 multiple local file inclusion vulnerabilities 2011-08-15Yahoo! Bug Bounty #25 Flickr API - Persistent Service Vulnerability 2014-07-07
Axessh 4.2.2 Denial Of Service 2016-11-05Yahoo! Bug Bounty #29 YM - Filter Bypass & Persistent Web Vulnerability 2014-07-10
Axis VoIP Manager v2.1.5.7 - Multiple Web Vulnerabilities 2012-09-17Yahoo! Bug Bounty #30 YM - Application-Side Mail Encoding (File Attachment) Vulnerability 2014-07-10
b2ePMS 1.0 Authentication Bypass Vulnerability 2012-05-11Yahoo! Messenger v11.5 - Buffer Overflow Vulnerability 2012-02-11
Back to 28: Grub2 Authentication Bypass 0-Day [CVE-2015-8370] 2015-12-15Yarubo #1: Arbitrary SQL Execution in Participants Database for Wordpress 2014-06-01
Backdoor access to Techboard/Syac devices 2014-07-07YaTFTPSvr TFTP Server Directory Traversal Vulnerability 2011-10-30
Backdoor credentials found in 4 TOTOLINK router models 2015-07-15Yealink VOIP Phone Persistent Cross Site Scripting Vulnerability [CVE-2012-1417] 2012-03-13
BACKEND (categoria.php?id) Remote SQL injection Vulnerability 2011-08-13Yet Another CMS 1.0 SQL Injection & XSS vulnerabilities 2011-10-19
Backtrack 5 R2 priv escalation 0day found in CTF exercise 2012-04-11Yves-Alexis Perez (corsac debian org) 
BananaDance Wiki b2.2 - Multiple Web Vulnerabilities 2012-11-11YVS Image Gallery Sql injection 2012-02-23
Barracuda Appliances - Validation Filter Bypass Vulnerability 2012-08-01ZAPms v1.42 CMS - Client Side Cross Site Scripting Web Vulnerability 2013-10-15
Barracuda Backup v2.0 - Multiple Web Vulnerabilities 2011-09-28ZDI-11-171: Sybase OneBridge Mobile Data Suite Format String Remore Code Execution Vulnerability 2011-06-03
Barracuda Bug Bounty #36 Firewall - Client Side Exception Handling Web Vulnerability 2014-02-21ZDI-11-172: Novell iPrint nipplib.dll uri Remote Code Execution Vulnerability 2011-06-06
Barracuda CudaTel 2.6.02.04 - Multiple Client Side Cross Site Vulnerabilities (Bug Bounty #17) 2013-07-17ZDI-11-173: Novell iPrint nipplib.dll profile-time Remote Code Execution Vulnerability 2011-06-06
Barracuda CudaTel 2.6.02.040 - Client Side Cross Site Scripting Vulnerability 2013-07-16ZDI-11-174: Novell iPrint nipplib.dll profile-name Remote Code Execution Vulnerability 2011-06-06
Barracuda CudaTel 2.6.02.040 - Remote SQL Injection Vulnerability 2013-07-20ZDI-11-175: Novell iPrint nipplib.dll file-date-time Remote Code Execution Vulnerability 2011-06-06
Barracuda CudaTel 2.6.02.040 - SQL Injection Vulnerability 2013-07-22ZDI-11-176: Novell iPrint nipplib.dll driver-version Remote Code Vulnerability 2011-06-06
Barracuda LB, SVF, WAF & WEF - Multiple Vulnerabilities 2013-07-20ZDI-11-177: Novell iPrint nipplib.dll core-package Remote Code Execution Vulnerability 2011-06-06
Barracuda Networks Bug Bounty #31 Firewall - Persistent Access Policy Vulnerability 2014-02-26ZDI-11-178: Novell iPrint nipplib.dll client-file-name Remote Code Execution Vulnerability 2011-06-06
Barracuda Networks Bug Bounty #38 Message Archiver - Multiple Vulnerabilities 2016-01-27ZDI-11-179: Novell iPrint nipplib.dll iprint-client-config-info Remote Code Execution Vulnerability 2011-06-06
Barracuda Networks Firewall 6.1.2 #36 - Filter Bypass & Exception Handling Vulnerability + PoC Video BNSEC-2398 2014-07-24ZDI-11-180: Novell iPrint op-printer-list-all-jobs cookie Remote Code Execution Vulnerability 2011-06-06
Barracuda Networks Firewall 6.1.5 - Filter Bypass & Persistent Vulnerabilities 2014-07-25ZDI-11-181: Novell iPrint op-printer-list-all-jobs url Remote Code Execution Vulnerability 2011-06-06
Barracuda Networks Firewall Bug Bounty #32 - Filter Bypass & Persistent Web Vulnerabilities 2014-02-25ZDI-11-182: Oracle Java IE Browser Plugin Corrupted Window Procedure Hook Remote Code Execution Vulnerability 2011-06-08
Barracuda Networks Spam&Virus Firewall v5.1.3 - Client Side Cross Site Vulnerability 2014-07-28ZDI-11-183: Oracle Java ICC Profile MultiLanguage 'mluc' Tag Parsing Remote Code Execution Vulnerability 2011-06-08
Barracuda Networks Spam&Virus Firewall v6.0.2 (600 & Vx) - Client Side Cross Site Vulnerability 2014-07-22ZDI-11-184: Oracle Java ICC Profile Sequence Description 'pseq' Tag Parsing Remote Code Execution Vulnerability 2011-06-08
Barracuda Networks Web Application Firewall v6.1.5 & LoadBalancer v4.2.2 #37 - Filter Bypass & Multiple Vulnerabilities 2014-07-29ZDI-11-185: Oracle Java ICC Profile 'bfd ' Tag Parsing Remote Code Execution Vulnerability 2011-06-08
Barracuda Networks Web Security Flex Appliance Application v4.x - Filter Bypass & Persistent Vulnerabilities (BNSEC 707) 2014-08-25ZDI-11-186: Oracle Java ICC Profile Multi-Language 'curv' Tag Parsing Remote Code Execution Vulnerability 2011-06-08
Barracuda Networks Web Security Flex v4.1 - Persistent Vulnerabilities (BNSEC-699) 2014-08-25ZDI-11-187: Oracle Java ICC Profile clrt Tag Parsing Remote Code Execution Vulnerability 2011-06-08
Barracuda SSL VPN 680 - Cross Site Scripting Vulnerabilities 2012-08-01ZDI-11-188: Oracle Java ICC Profile ncl2 Count Tag Parsing Remote Code Execution Vulnerability 2011-06-08
Barracuda SSL VPN 680 2.2.2.203 - Redirect Web Vulnerability 2013-05-27ZDI-11-189: Oracle Java ICC Profile ncl2 DevCoords Tag Parsing Remote Code Execution Vulnerability 2011-06-08
Barracuda Web Filter 910 5.0.015 - Multiple Vulnerabilities 2012-09-04ZDI-11-190: Oracle Java ICC Profile 'crdi' Tag Parsing Remote Code Execution Vulnerability 2011-06-08
bashis (mcw noemail eu) ZDI-11-191: Oracle Java ICC Screening Tag Parsing Remote Code Execution Vulnerability 2011-06-08
Basic Forum by JM LLC - Multiple Vulnerabilities 2013-07-24ZDI-11-192: Oracle Java Web Start Command Argument Injection Remote Code Execution Vulnerability 2011-06-08
Basilic RCE bug 2012-06-30ZDI-11-193: Microsoft Internet Explorer DOM Modification Race Remote Code Execution Vulnerability 2011-06-14
bcksrvr format string in Sybase Adaptive Server 15.5 2011-06-27ZDI-11-194: Microsoft Internet Explorer layout-grid-char style Remote Code Execution Vulnerability 2011-06-14
bcksrvr format string in Sybase Adaptive Server 15.5 2011-06-30ZDI-11-195: Microsoft Internet Explorer selection.empty Remote Code Execution Vulnerability 2011-06-14
BDA MPEG2 Transport Information Filter DLL side loading vulnerability 2016-02-10ZDI-11-196: Microsoft Internet Explorer HTTP 302 Redirect Remote Code Execution Vulnerability 2011-06-14
Beehive Forum 101 Multiple XSS vulnerabilities 2012-01-15ZDI-11-197: Microsoft Internet Explorer vgx.dll imagedata Remote Code Execution Vulnerability 2011-06-14
Beginners error: Apple's iCloudServices for Windows run rogue program C:\Program.exe (and some more) 2014-08-16ZDI-11-198: (Pwn2Own) Microsoft Internet Explorer Uninitialized Variable Information Leak Vulnerability 2011-06-14
Beginners error: Apple's Software Update runs rogue program C:\Program.exe (and some more) 2014-08-16ZDI-11-199: Oracle Java Soundbank Decompression Remote Code Execution Vulnerability 2011-06-14
Beginners error: Hewlett-Packards driver software executes rogue binary C:\Program.exe 2014-05-20ZDI-11-200: Adobe Shockwave AudioMixer Structure Parsing Remote Code Execution Vulnerability 2011-06-14
Beginners error: QuickTime for Windows runs rogue program C:\Program.exe when opening associated files 2014-08-07ZDI-11-201: Adobe Shockwave Cursor Structure Parsing Remote Code Execution Vulnerability 2011-06-14
Beginners error: Windows Live Mail 2011 runs rogue C:\Program.exe when opening associated URLs 2014-08-16ZDI-11-202: Adobe Shockwave rcsL String Parsing Remote Code Execution Vulnerability 2011-06-14
Belkin N150 Router Multiple XSS Vulnerability 2016-02-24ZDI-11-203: Adobe Shockwave xtcL Chunk Parsing Integer Overflow Remote Code Execution Vulnerability 2011-06-14
Belkin N150 Wireless Home Router Multiple Vulnerabilities 2015-11-30ZDI-11-204: Adobe Shockwave TextXtra Text Element Parsing Remote Code Execution Vulnerability 2011-06-14
BeneficialBank Business v4.13.1 - Auth Bypass Vulnerability 2012-08-05ZDI-11-205: Adobe Shockwave Missing Lctx Chunk Remote Code Execution Vulnerability 2011-06-14
Berend-Jan Wever (berendj nwever nl) ZDI-11-206: Adobe Shockwave GIF Decompression Remote Code Execution Vulnerability 2011-06-14
Better WP Security v3.4.3 Wordpress - Web Vulnerabilities 2012-10-01ZDI-11-207: Adobe Shockwave tSAC Chunk String Termination Remote Code Execution Vulnerability 2011-06-14
BFS-SA-2015-003: Internet Explorer CObjectElement Use-After-Free Vulnerability 2015-12-10ZDI-11-208: Adobe Shockwave rcsL Parsing Remote Code Execution Vulnerability 2011-06-14
BFS-SA-2016-001: FireEye Detection Evasion and Whitelisting of Arbitrary Malware 2016-02-15ZDI-11-209: Adobe Shockwave rcsL Substructure Parsing Remote Code Execution Vulnerability 2011-06-14
BigACE CMS - XSS Vulnerabilities 2012-01-03ZDI-11-210: Adobe Shockwave rcsL Chunk Parsing Misallocation Remote Code Execution Vulnerability 2011-06-14
Bilyoner mobile apps prone to various SSL/TLS attacks 2014-05-15ZDI-11-211: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk 0xFFFFFF49 Field Remote Code Execution Vulnerability 2011-06-14
Birebin.com Android App SSL certificate validation weakness 2014-04-24ZDI-11-212: Adobe Shockwave KEY* Chunk Invalid Size Remote Code Execution Vulnerability 2011-06-14
Bit Defender #39 - Auth Token Bypass Vulnerability 2017-01-11ZDI-11-213: Adobe Shockwave rcsL Trusted Offset Chunk Processing Remote Code Execution Vulnerability 2011-06-14
Bitcoin/Altcoin Stratum Pool Mass Duplicate Shares Exploit 2016-04-04ZDI-11-214: Adobe Shockwave CASt Chunk Parsing Remote Code Execution Vulnerability 2011-06-14
Bitsmith PS Knowbase 3.2.3 - Buffer Overflow Vulnerability 2012-03-30ZDI-11-215: Adobe Shockwave DEMX Chunk Multiple Field Parsing Remote Code Execution Vulnerability 2011-06-14
Bitweaver 2.8.1 Multiple Cross-site Scripting Vulnerabilities 2011-09-29ZDI-11-216: Adobe Shockwave rcsL Chunk 16-bit Field Parsing Remote Code Execution Vulnerability 2011-06-14
bizConsulting (prodotto.php?id) Remote SQL injection Vulnerability 2011-08-30ZDI-11-217: Adobe Shockwave Font Structure Parsing Remote Code Execution Vulnerability 2011-06-14
BK Mobile CMS SQLi and XSS Vulnerability 2016-01-27ZDI-11-218: Adobe Acrobat Reader tesselate.x3d Multimedia Playing Remote Code Execution Vulnerability 2011-06-14
B-Keen communication (dettaglio_news.php&id) Remote SQL injection Vulnerability 2011-08-26ZDI-11-219: Adobe Acrobat Reader 3difr.x3d Multimedia Playing Remote Code Execution Vulnerability 2011-06-14
BlackBerry Z 10 - Storage and Access File-Exchange Authentication By-Pass [MZ-13-04] 2014-08-12ZDI-11-220: Adobe Shockwave Director File rcsL Chunk Multiple Opcode Parsing Remote Code Execution Vulnerability 2011-06-15
Blackboard LMS 9.1 SP14 - (Profile) Persistent Vulnerability 2017-01-11ZDI-11-221: Adobe Shockwave Shockwave 3d Asset.x32 DEMX 0xFFFFFF45 Field Parsing Remote Code Execution Vulnerability 2011-06-15
BlackBoard LMS 9.1 SP14 - (Title) Persistent Vulnerability 2017-01-11ZDI-11-222: Adobe Shockwave Shockwave 3d Asset.x32 DEMX Chunk Substructure Count Remote Code Execution Vulnerability 2011-06-15
Blackboard Mobile Learn v3.0 - Persistent Web Vulnerability 2012-07-16ZDI-11-223: Mozilla Firefox SVGPathSegList.replaceItem Remote Code Execution Vulnerability 2011-06-21
BlackCat CMS v1.1.1 Arbitrary File Download Vulnerability 2015-06-16ZDI-11-224: Mozilla Firefox SVGPointList.appendItem Remote Code Execution Vulnerability 2011-06-21
Blat.exe v2.7.6 SMTP / NNTP Mailer Buffer Overflow 2015-10-14ZDI-11-225: Mozilla Firefox nsXULCommandDispatcher Remote Code Execution Vulnerability 2011-06-21
Blind SQL Injection in Webmatic 2012-07-04ZDI-11-226: Citrix EdgeSight Launcher Service Remote Code Execution Vulnerability 2011-06-27
Blind SQL Injection Vulnerability in Exponent CMS 2.4.0 2016-11-10ZDI-11-227: Novell File Reporter Engine RECORD Tag Parsing Remote Code Execution Vulnerability 2011-06-27
Blind SQL Injection Vulnerability in KnowledgeTree <= 3.7.0.2 2014-04-19ZDI-11-228: Apple ColorSync ICC Profile ncl2 Parsing Remote Code Execution Vulnerability 2011-06-29
Blind SQL injections in CivicRM 2016-04-11ZDI-11-229: Apple QuickTime RIFF fmt Chunk Parsing Remote Code Execution Vulnerability 2011-06-29
BlinkSale Bug Bounty #1 - Encode & Validation Vulnerability 2015-02-11ZDI-11-230: Apple Quicktime Apple Lossless Audio Codec Parsing Remote Code Execution Vulnerability 2011-06-29
Blitz CMS Community - SQL Injection Web Vulnerability 2015-01-12ZDI-11-231: Apple QuickTime Pict File Matrix Parsing Remote Code Execution Vulnerability 2011-06-29
Blogs manager <= 1.101 SQL Injection Vulnerability 2011-11-19ZDI-11-232: HP iNode Management Center iNodeMngChecker.exe Remote Code Execution Vulnerability 2011-07-01
BlueMe Bluetooth v5.0 iOS - Code Execution Vulnerability 2014-04-10ZDI-11-233: Symantec Web Gateway forget.php SQL Injection Vulnerability 2011-07-07
Bluetooth Chat Connect v1.0 iOS - Multiple Vulnerabilities 2013-06-09ZDI-11-234: Trend Micro Control Manager CasLogDirectInsertHandler.cs Remote Code Execution Vulnerability 2011-07-11
Bluetooth Photo-File Share v2.1 iOS - Multiple Web Vulnerabilities 2014-06-03ZDI-11-235: TrendMicro Control Manager CASProcessor.exe BLOB Remote Code Execution Vulnerability 2011-07-12
BMC-2015-0005: File inclusion vulnerability in "BIRT Viewer" servlet used in BMC Remedy AR Reporting 2015-09-23ZDI-11-236: EMC Documentum eRoom Indexing Server OpenText HummingBird Connector Remote Code Execution Vulnerability 2011-07-18
BMC-2015-0006: File inclusion vulnerability in "BIRT Engine" servlet used in BMC Remedy AR Reporting 2015-09-23ZDI-11-237: CA Total Defense Suite Gateway Security Malformed HTTP Packet Remote Code Execution Vulnerability 2011-07-20
BMC-2015-0010: User enumeration vulnerability in BMC Server Automation (BSA) Unix/Linux RSCD Agent (CVE-2016-1542) 2016-03-28ZDI-11-238: Oracle Secure Backup validate_login Command Injection Remote Code Execution Vulnerability 2011-07-21
BMC-2015-0011: Unauthorized password reset vulnerability in BMC Server Automation (BSA) (CVE-2016-1543) 2016-03-28ZDI-11-239: Apple Safari Webkit FrameOwner Element Remote Code Execution Vulnerability 2011-07-27
BoltWire 3.4.16 Multiple XSS vulnerabilities 2012-01-15ZDI-11-240: Apple Safari Webkit SVG Marker Remote Code Execution Vulnerability 2011-07-27
Bookmark4U lostpasswd.php env[include_prefix] Parameter RFI 2012-07-02ZDI-11-241: Webkit setAttributes attributeChanged Remote Code Execution Vulnerability 2011-07-27
BookNux 0.2 <= Multiple Vulnerabilities 2012-07-06ZDI-11-242: Apple Safari Rendering Object Body Detachment Remote Code Execution Vulnerability 2011-07-27
Boolean algebra and CSS history theft 2014-06-24ZDI-11-243: WebKit ContentEditable Inline Style Remote Code Execution Vulnerability 2011-07-27
Boolean-based SQL injection Vulnerability in K2 Platforms 2015-10-13ZDI-11-244: (0day) FlexNet License Server Manager lmadmin Remote Code Execution Vulnerability 2011-07-28
Boonex Dolphin v7.0.9 CMS & Mobile App - Multiple Web Vulnerabilities 2012-06-14ZDI-11-245: Sybase Adaptive Server Backup and Monitor Server Translation Array Remote Code Execution Vulnerability 2011-07-29
Borland Caliber 11.0 Quiksoft EasyMail SMTP Object Buffer Overflows 2013-04-25ZDI-11-246: Sybase Adaptive Server Backup and Monitor Server NULL Write Remote Code Execution Vulnerability 2011-07-29
Borland Silk Central 12.1 TeeChart Pro Activex control AddSeries Remote Code Execution 2013-04-25ZDI-11-247: Microsoft Internet Explorer XSLT SetViewSlave Remote Code Execution Vulnerability 2011-08-09
Botconf 2013 - Call for short talks - Deadline Aug 31 2013 2013-07-13ZDI-11-248: Microsoft Internet Explorer 9 STYLE Object Parsing Remote Code Execution Vulnerability 2011-08-09
Botconf 2013 - Pre-programme pubished & registration open (Nantes, France, 5-6/12/2013) 2013-09-15ZDI-11-249: (Pwn2Own) Microsoft Internet Explorer Protected Mode Bypass Vulnerability 2011-08-09
Breaking the links: Exploiting the linker 2011-06-29ZDI-11-250: Apple QuickTime STTS atom Remote Code Execution Vulnerability 2011-08-09
Briefcase 4.0 iOS - Code Execution & File Include Vulnerability 2014-09-15ZDI-11-251: Apple QuickTime STSS atom Parsing Remote Code Execution Vulnerability 2011-08-09
Brother MFC Administration Reflected Cross-Site Scripting 2015-01-07ZDI-11-252: Apple QuickTime PICT Image PnSize Opcode Remote Code Execution Vulnerability 2011-08-12
bshastry sec t-labs tu-berlin de ZDI-11-253: Adobe Flash Player BitmapData.scroll Integer Overflow Remote Code Execution Vulnerability 2011-08-12
Buffer Overflow in My Wifi Router Software 2015-06-13ZDI-11-254: Apple QuickTime 'trun' atom sampleCount Integer Overflow Remote Code Execution Vulnerability 2011-08-16
BufferOverflow Vulnerability on Logica HotScan SWIFT Alliance Access Interface 2012-10-09ZDI-11-255: Apple QuickTime Player H.264 Reference Picture List Remote Code Execution Vulnerability 2011-08-16
Bugcrowd CSV injection vulnerability 2016-04-04ZDI-11-256: Apple QuickTime Media Link src Parameter Remote Code Execution Vulnerability 2011-08-16
Buggy insecure "security" software executes rogue binary during installation and uninstallation 2014-04-16ZDI-11-257: Apple QuickTime Player H.264 Slice Header Remote Code Execution Vulnerability 2011-08-16
bugs in IJG jpeg6b & libjpeg-turbo 2013-12-04ZDI-11-258: Apple QuickTime STSC atom Parsing Remote Code Execution Vulnerability 2011-08-16
BulletProof Security 53.3 - Security Advisory - Multiple XSS Vulnerabilities 2016-05-10ZDI-11-259: Apple QuickTime STSZ atom Parsing Remote Code Execution Vulnerability 2011-08-16
BUZLAB (prodotti.php?idCategoria) Remote SQL injection Vulnerability 2011-08-26ZDI-11-260: Nortel Media Application Server cstore.exe cs_anams Remote Code Execution Vulnerability 2011-08-16
BvCom (dettaglio.php?idnews) Remote SQL injection Vulnerability 2011-09-03ZDI-11-261: HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability 2011-08-16
C & C++ for OS - Filter Bypass & Persistent Vulnerability 2016-04-25ZDI-11-262: Symantec Veritas Storage Foundation vxsvc.exe Unicode String Parsing Remote Code Execution Vulnerability 2011-08-16
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability 2012-04-26ZDI-11-263: Symantec Veritas Storage Foundation vxsvc.exe ASCII String Unpacking Remote Code Execution Vulnerability 2011-08-16
C4B XPhone UC Web 4.1.890S R1 - Cross Site Vulnerability 2012-04-29ZDI-11-264: Symantec Veritas Storage Foundation vxsvc.exe Value Unpacking Integer Overflow Remote Code Execution Vulnerability 2011-08-16
CA ARCserve D2D r15 GWT RPC Request Auth Bypass / Credentials Disclosure and Commands Execution 2011-07-26ZDI-11-265: RealNetworks Realplayer QCP Parsing Remote Code Execution Vulnerability 2011-08-16
CA20110720-01: Security Notice for CA Gateway Security and Total Defense 2011-07-20ZDI-11-266: RealNetworks RealPlayer Advanced Audio Coding Element Remote Code Execution Vulnerability 2011-08-16
CA20110809-01: Security Notice for CA ARCserve D2D 2011-08-10ZDI-11-267: RealNetworks Realplayer MP3 ID3 tags Remote Code Execution Vulnerability 2011-08-16
CA20111116-01: Security Notice for CA Directory 2011-11-16ZDI-11-268: RealNetworks RealPlayer SWF DefineFont Remote Code Execution Vulnerability 2011-08-16
CA20111208-01: Security Notice for CA SiteMinder [updated] 2012-08-27ZDI-11-269: RealNetworks RealPlayer Cross-Zone Scripting Remote Code Execution Vulnerability 2011-08-16
CA20111208-01: Security Notice for CA SiteMinder 2011-12-09ZDI-11-270: Mozilla Firefox SVGTextElement.getCharNumAtPosition Remote Code Execution Vulnerability 2011-08-17
CA20120320-01: Security Notice for CA ARCserve Backup 2012-03-21ZDI-11-271: Mozilla Firefox appendChild DOM Tree Inconsistency Remote Code Execution Vulnerability 2011-08-17
CA20121001-01: Security Notice for CA License 2012-10-01ZDI-11-272: (0day) FlexNet License Server Manager Remote Code Execution Vulnerability 2011-08-17
CA20121018-01: Security Notice for CA ARCserve Backup 2012-10-18ZDI-11-273: EMC Autostart Domain Name Logging Remote Code Execution Vulnerability 2011-08-23
CA20121220-01: Security Notice for CA IdentityMinder [updated] 2013-01-18ZDI-11-274: EMC Autostart ftAgent Opcode 0x140 Parsing Remote Code Execution Vulnerability 2011-08-23
CA20130213-01: Security Notice for CA ControlMinder 2013-02-13ZDI-11-275: EMC Autostart ftAgent Opcode 0x11 Parsing Remote Code Execution Vulnerability 2011-08-23
CA20130319-01: Security Notice for SiteMinder products using SAML 2013-03-20ZDI-11-276: Adobe Flash Player MP4 sequenceParameterSetNALUnit Remote Code Execution Vulnerability 2011-08-23
CA20130528-01: Security Notice for CA Process Automation (CA PAM) 2013-05-28ZDI-11-277: Apple QuickTime 3g2 'mp4v' atom size Remote Code Execution Vulnerability 2011-08-31
CA20140218-01: Security Notice for CA 2E Web Option 2014-02-19ZDI-11-278: Novell Cloud Manager Insufficient Framework User Validation Vulnerability 2011-09-02
CA20140403-01: Security Notice for CA Erwin Web Portal 2014-04-03ZDI-11-279: (0day) Witness Systems eQuality Unify Remote Code Execution Vulnerability 2011-09-02
CA20140413-01: Security Notice for OpenSSL Heartbleed Vulnerability 2014-05-16ZDI-11-287 : Internet Explorer Select Element Cache Remote Code Execution Vulnerability 2011-10-15
CA20141001-01: Security Notice for Bash Shellshock Vulnerability 2014-10-06ZDI-11-288 : Microsoft Internet Explorer Select Element Insufficient,Type Checking Remote Code Execution Vulnerability 2011-10-17
CA20141103-01: Security Notice for CA Cloud Service Management 2014-11-06ZDI-11-289 : Microsoft Internet Explorer swapNode Handling Remote Code,Execution Vulnerability 2011-10-17
CA20141215-01: Security Notice for CA LISA Release Automation 2014-12-15ZDI-11-290 : Microsoft Internet Explorer SetExpandedClipRect Remote,Code Execution Vulnerability 2011-10-17
CA20150604-01: Security Notice for CA Common Services 2015-06-04ZDI-11-295 : Apple QuickTime FlashPix JPEG Tables Selector Remote Code Execution Vulnerability 2011-10-18
CA20160323-01: Security Notice for CA Single Sign-On Web Agents 2016-03-23ZDI-11-296 : Adobe Reader BMP Image RLE Decoding Remote Code Execution Vulnerability 2011-10-26
CA20160405-01: Security Notice for CA API Gateway 2016-04-05ZDI-11-297 : Adobe Reader U3D PCX Parsing Remote Code Execution Vulnerability 2011-10-26
CA20160721-01: Security Notice for CA eHealth 2016-07-22ZDI-11-298 : Adobe Reader U3D IFF RGBA Parsing Remote Code Execution Vulnerability 2011-10-26
CA20170109-01: Security Notice for CA Service Desk Manager 2017-01-12ZDI-11-299 : Adobe Reader PICT Parsing Remote Code Execution Vulnerability 2011-10-26
Cades (2016Q1) - (id) Multiple SQL Injection Vulnerabilities 2016-03-31ZDI-11-300 : Adobe Reader U3D PICT 10h Encoding Remote Code Execution Vulnerability 2011-10-26
CakePHP 2.x-2.2.0-RC2 XXE Injection 2012-07-16ZDI-11-301 : Adobe Reader U3D PICT 0Eh Encoding Remote Code Execution Vulnerability 2011-10-26
CakePHP AssetDispatcher Local File Inclusion Vulnerability 2013-08-13ZDI-11-302 : Adobe Reader U3D TIFF Resource Buffer Overflow Remote Code Execution Vulnerability 2011-10-26
Calisto light, light plus and full, Sql Injection And user or Admin bypass 2011-08-11ZDI-11-303 : Apple QuickTime H264 Stream frame_cropping Remote Code Execution Vulnerability 2011-10-26
Call For Paper 2012-02-01ZDI-11-304 : Apple Quicktime Advanced Audio Codec Frame Parsing Remote Code Execution Vulnerability 2011-10-26
Call for Paper/Event - nullcon Goa 2014 2013-09-04ZDI-11-305 : Oracle Java Applet Rhino Script Engine Remote Code Execution Vulnerability 2011-10-26
Call for Paper: 3rd Workshop on Security and Privacy in Social Networks 2012-04-30ZDI-11-306 : Oracle Java IIOP Deserialization Type Confusion Remote Code Execution Vulnerability 2011-10-26
Call for Papers - 2012 Rocky Mountain Information Security Conference 2011-12-08ZDI-11-307 : Oracle Java MixerSequencer.nAddControllerEventCallback Remote Code Execution Vulnerability 2011-10-26
Call For Papers - CISTI 2016 Workshops - Deadline March 15 2016-02-28ZDI-11-308 : Cisco WebEx Player ATAS32.DLL linesProcessed Remote Code Execution Vulnerability 2011-10-26
Call for Papers - WorldCIST'17 - 5th World Conference on Information Systems and Technologies (Published by Springer) 2016-09-18ZDI-11-309 : Novell iPrint Client nipplib.dll GetDriverSettings Remote Code Execution Vulnerability 2011-10-26
Call for Papers / Speakers for ISACA Ireland Conference on 3rd Oct in Dublin 2014-07-21ZDI-11-310 : Adobe Reader Compound Glyph Index Sign Extension Remote Code Execution Vulnerability 2011-10-26
call for papers- £Ã£Ó£Ó£Å£²£°£±£´ 2014-05-27ZDI-11-311 : Apple Quicktime Empty URL Data Handler Remote Code Execution Vulnerability 2011-10-27
Call for Papers 2014-04-05ZDI-11-312 : Apple QuickTime Atom Hierarachy Argument Size Mismatch Remote Code Execution Vulnerability 2011-10-27
Call for Papers -YSTS 6 - Security Conference, Brazil 2011-12-10ZDI-11-313 : Apple QuickTime FLC RLE Packet Count Decompression Remote Code Execution Vulnerability 2011-10-27
Call for Papers: DIMVA 2013 2012-10-29ZDI-11-314 : Apple Quicktime PnPixPat PatType 3 Parsing Remote Code Execution Vulnerability 2011-10-27
Call for Papers: ICITST-2011 2011-07-18ZDI-11-315 : Apple QuickTime FLC Delta Decompression Remote Code Execution Vulnerability 2011-10-27
Call for Papers: The 6th International Conference for Internet Technology and Secured Transactions (ICITST-2011)! 2011-08-15ZDI-11-316 : Apple QuickTime H264 Matrix Conversion Remote Code Execution Vulnerability 2011-10-27
Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) 2012-05-19ZDI-11-329 : InduSoft WebStudio CEServer Operation 0x15 Remote Code Execution Vulnerability 2011-11-16
Call for Papers: The 7th International Conference for Internet Technology and Secured Transactions (ICITST-2012) 2012-07-07ZDI-11-330 : InduSoft WebStudio Unauthenticated Remote Operations Remote Code Execution Vulnerability 2011-11-16
Call for Participation - 5th International Conference on Cyber Security, Cyber Welfare and Digital Forensic 2016-11-25ZDI-11-331 : RealNetwork RealPlayer MPG Width Integer Underflow Remote Code Execution Vulnerability 2011-11-28
Call for Participation: DIMVA 2011 2011-06-10ZDI-11-332 : RealNetworks RealPlayer Malformed AAC File Parsing Remote Code Execution Vulnerability 2011-11-28
Call for Participation: Semantic Web Business and Innovation (SWBI2015) * Switzerland 2014-09-11ZDI-11-333 : RealNetworks RealPlayer ATRC Code Data Parsing Remote Code Execution Vulnerability 2011-11-28
CAM UnZip v5.1 Archive Directory Traversal 2016-04-12ZDI-11-334 : RealNetworks RealPlayer genr Sample Size Parsing Remote Code Execution Vulnerability 2011-11-28
Canoy Softwares (search_result.php?loc_id) Remote SQL injection Vulnerability 2011-07-28ZDI-11-335 : RealNetworks RealPlayer RV10 Sample Height Parsing Remote Code Execution Vulnerability 2011-11-28
CanSecWest 2012 Mar 7-9; 2nd call for papers, closes next week, Monday.Dec 5 2011 2011-11-30ZDI-11-336 : RealNetworks RealPlayer Invalid Codec Name Remote Code Execution Vulnerability 2011-11-28
Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability 2016-08-01ZDI-11-337 : RealNetworks RealPlayer RV30 Uninitialized Index Value Remote Code Execution Vulnerability 2011-11-28
Car CMS v3.00.30 - Search Cross Site Scripting Vulnerability 2016-08-02ZDI-11-338 : RealNetworks RealPlayer IVR MLTI Chunk Length Parsing Remote Code Execution Vulnerability 2011-11-28
Car Portal CMS v3.0 - Multiple Web Vulnerabilities 2012-04-26ZDI-11-340 : Apple Quicktime Font Table Signed Length Remote Code Execution Vulnerability 2011-12-07
cdeVision (index.php?page) Remote File Inclusion Vulnerability 2011-08-12ZDI-11-341 : Cisco WebEx Player WRF Type 0 Parsing Remote Code Execution Vulnerability 2011-12-07
CdeVision Cross Site Scripting Vulnerabilities 2011-08-12ZDI-11-342 : Novell ZENworks Asset Management Remote Code Execution Vulnerability 2011-12-07
CdeVision(students.php?id) (gallery.php?cat) Remote SQL injection Vulnerability 2011-08-13ZDI-11-343 : RealNetworks RealPlayer mp4arender esds channel count Remote Code Execution Vulnerability 2011-12-07
Cells Blog CMS v1.1 - Multiple Web Vulnerabilites 2012-06-14ZDI-11-344 : RealNetworks RealPlayer RV20 Decoding Remote Code Execution Vulnerability 2011-12-07
CF Image Host CSRF 2015-11-14ZDI-11-345 : TrendMicro Control Manager CmdProcessor.exe AddTask Remote Code Execution Vulnerability 2011-12-07
CF Image Host PHP Command Injection 2015-11-14ZDI-11-346 : Microsoft Office 2007 Office Art Shape Record Hierarchy Parsing Remote Code Execution Vulnerability 2011-12-13
CF Image Host XSS 2015-11-14ZDI-11-347 : Microsoft Office Word Hidden Border Remote Code Execution Vulnerability 2011-12-13
CFP 1st International Conference on Information Systems Security and Privacy - ICISSP 2015 2014-06-26ZDI-11-348 : HP OpenView NNM nnmRptConfig.exe nameParams Remote Code Execution Vulnerability 2011-12-13
CfP and Special Session :: CyberSec2017 2016-11-01ZDI-11-350 : Enterasys NetSight nssyslogd PRI Remote Code Execution Vulnerability 2011-12-19
CFP BugCON 2014 - Mexico City 2013-11-07ZDI-11-351 : WellinTech KingView HistoryServer.exe Opcode 3 Parsing Remote Code Execution Vulnerability 2011-12-22
CFP Deadline Approaching - Third International Conference on Informatics & Applications | Malaysia 2014-09-01ZDI-11-352 : HP Managed Printing Administration jobAcct Multiple Vulnerabilities 2011-12-22
CfP for 4th OWASP Day Germany 2011 now open 2011-08-10ZDI-11-353 : HP Managed Printing Administration MPAUploader.dll Remote Code Execution Vulnerability 2011-12-22
CFP for first independent international Security Conference in Russia - ZeroNights (by Defcon-Russia) 2011-09-16ZDI-11-354 : HP Managed Printing Administration jobDelivery Multiple Vulnerabilities 2011-12-22
CFP for ZeroNights conference Moscow 19-20 November 2012 2012-08-15ZDI-12-001 : HP Managed Printing Administration img_id Multiple Vulnerabilities 2012-01-05
CFP Observe. Hack. Make. 2013-01-30ZDI-12-002 : HP OpenView NNM ov.dll _OVBuildPath Remote Code Execution Vulnerability 2012-01-05
CFP open for ClubHack2011 2011-07-30ZDI-12-003 : HP OpenView NNM webappmon.exe parameter Remote Code Execution Vulnerability 2012-01-05
CFP: Hacktivity 2012, October 12-13, Budapest, Hungary 2012-05-24ZDI-12-004 : Apple Quicktime JPEG2000 COD Remote Code Execution Vulnerability 2012-01-05
CFP: IEEE SafeConfig: 6th Symposium on Security Analytics and Automation 2013-05-23ZDI-12-005 : Apple Quicktime RLE BGRA Decoding Remote Code Execution Vulnerability 2012-01-05
CFP: IEEE SocialCom11 /PASSAT11 2011-06-03ZDI-12-006 : Novell Netware XNFS.NLM NFS Rename Remote Code Execution Vulnerability 2012-01-05
CFP: Passwords 2015, Dec 7-9, Cambridge, UK 2015-07-10ZDI-12-007 : Novell Netware XNFS.NLM STAT Notify Remote Code Execution Vulnerability 2012-01-05
CFP: Passwords^13 Bergen (Norway), December 2-3 2013 2013-10-13ZDI-12-008 : Citrix Provisioning Services streamprocess.exe vDisk Name Parsing Remote Code Execution Vulnerability 2012-01-10
CFP: Passwords^14, Las Vegas, August 5-6 2014-03-03ZDI-12-009 : Citrix Provisioning Services Stream Service 0x40020000 Remote Code Execution Vulnerability 2012-01-10
CFP: SIN 2016 - 9th International Conference on Security of Information and Networks 2016-02-07ZDI-12-010 : Citrix Provisioning Services Stream Service 0x40020006 Remote Code Execution Vulnerability 2012-01-10
CFP: WorldCIST'14 - World Conference on IST, at Madeira Island 2013-09-30ZDI-12-011 : Novell Netware XNFS caller_name xdrDecodeString Remote Code Execution Vulnerability 2012-01-10
CFP: WorldCIST'14 - World Conference on IST; Best papers published in ISI Journals 2013-09-06ZDI-12-012 : (0Day) McAfee SaaS myCIOScn.dll ShowReport Method Remote Command Execution 2012-01-12
CFP: WorldCIST'14 - World Conference on IST; Best papers published in JCR/ISI Journals 2013-08-14ZDI-12-013 : HP Easy Printer Care XMLCacheMgr Class ActiveX Control Remote Code Execution Vulnerability 2012-01-12
cfpbrussels2017 recon cx ZDI-12-014 : HP Easy Printer Care XMLSimpleAccessor Class ActiveX Control Remote Code Execution Vulnerability 2012-01-12
cgcraft llc (collections.php?id) Cross Site Scripting Vulnerabilities 2011-07-30ZDI-12-015 : (0Day) HP StorageWorks P2000 G3 Directory Traversal and Default Account Vulnerabilities 2012-01-12
cgcraft llc (info.php?id) (news_item.php?id) Remote SQL injection Vulnerability 2011-07-29ZDI-12-016 : (0Day) HP Diagnostics Server magentservice.exe Remote Code Execution Vulnerability 2012-01-12
CIS Manager Content Management System 2015Q4 - SQL Injection Vulnerability 2015-11-25ZDI-12-017 : Oracle Outside In OOXML Relationship Tag Parsing Remote Code Execution Vulnerability 2012-01-20
Cisco AnyConnect elevation of privileges via DLL side loading 2015-09-22ZDI-12-018 : Symantec PCAnywhere awhost32 Remote Code Execution Vulnerability 2012-01-25
Cisco AnyConnect elevation of privileges via DMG install script 2015-09-23ZDI-12-019 : IBM SPSS mraboutb.dll ActiveX Control SetLicenseInfoEx Method Remote Code Execution Vulnerability 2012-01-30
Cisco CUCM - Multiple Vulnerabilities 2011-11-08ZDI-12-021 : Adobe Reader BMP Resource Signedness Remote Code Execution Vulnerability 2012-02-08
Cisco EPC 3925 Multiple Vulnerabilities 2016-09-15ZDI-12-022 : Total Defense Suite UNC Management Console ExportReport SQL Injection Vulnerability 2012-02-08
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx sprintf Buffer Overflow Vulnerability 2012-03-22ZDI-12-023 : Total Defense Suite UNC Management Web Service Database Credentials Disclosure Vulnerability 2012-02-08
Cisco RV Series multiple vulnerabilities 2014-11-06ZDI-12-024 : Total Defense Suite UNC Management Web Service uncsp_ViewReportsHomepage SQL Injection Vulnerability 2012-02-08
Cisco Security Advisory Update v1.1: Cisco Unified IP Phone Local Kernel System Call Input Validation Vulnerability 2013-01-17ZDI-12-025 : EMC Networker indexd.exe Opcode 0x01 Parsing Remote Code Execution 2012-02-08
Cisco Security Advisory: Apache HTTPd Range Header Denial of Service Vulnerability 2011-08-30ZDI-12-026 : IBM SPSS ExportHTML.dll ActiveX Control Render Method Remote Code Execution Vulnerability 2012-02-08
Cisco Security Advisory: Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products 2014-07-09ZDI-12-027 : IBM SPSS VsVIEW6.ocx ActiveX Control SaveDoc Method Remote Code Execution Vulnerability 2012-02-08
Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player 2011-10-26ZDI-12-028 : IBM Rational Rhapsody BBFlashBack.FBRecorder.1 Control Multiple Remote Code Execution Vulnerabilities 2012-02-08
Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player 2012-04-04ZDI-12-029 : IBM Rational Rhapsody BBFlashBack.Recorder.1 InsertMarker Remote Code Execution Vulnerability 2012-02-08
Cisco Security Advisory: Buffer Overflow Vulnerabilities in the Cisco WebEx Player 2012-06-27ZDI-12-030 : IBM Rational Rhapsody BBFlashBack.Recorder.1 TestCompatibilityRecordMode Remote Code Execution Vulnerability 2012-02-08
Cisco Security Advisory: Cisco 10000 Series Denial of Service Vulnerability 2011-09-28ZDI-12-031 : Novell iPrint Server attributes-natural-language Remote Code Execution Vulnerability 2012-02-08
Cisco Security Advisory: Cisco 7600 Series Route Switch Processor 720 with 10 Gigabit Ethernet Uplinks Denial of Service Vulnerability 2014-03-26ZDI-12-032 : Oracle Java Runtime Environment readMabCurveData Integer Overflow Remote Code Execution Vulnerability 2012-02-22
Cisco Security Advisory: Cisco Adaptive Security Appliance SNMP Remote Code Execution Vulnerability 2016-08-17ZDI-12-033 : ABB WebWare RobNetScanHost.exe Remote Code Execution Vulnerability 2012-02-22
Cisco Security Advisory: Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability 2016-04-20ZDI-12-034 : Microsoft Windows Media Player ASX Meta-File Parsing Remote Code Execution Vulnerability 2012-02-22
Cisco Security Advisory: Cisco Adaptive Security Appliance with FirePOWER Services Kernel Logging Denial of Service Vulnerability 2016-05-04ZDI-12-035 : Microsoft Internet Explorer CDispNode t:MEDIA Remote Code Execution Vulnerability 2012-02-22
Cisco Security Advisory: Cisco Aironet 1800 Series Access Point Denial of Service Vulnerability 2016-01-13ZDI-12-036 : Microsoft Internet Explorer VML CDispScroller Remote Code Execution Vulnerability 2012-02-22
Cisco Security Advisory: Cisco Application Control Engine Administrator IP Address Overlap Vulnerability 2012-06-20ZDI-12-037 : Oracle Java Web Start JNLP Double Quote Remote Code Execution Vulnerability 2012-02-22
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability 2015-07-22ZDI-12-038 : Oracle Java JavaFX Arbitrary Argument Remote Code Execution Vulnerability 2012-02-22
Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability 2016-02-03ZDI-12-039 : Oracle Java Web Start java-vm-args Command Argument Injection Remote Code Execution 2012-02-22
Cisco Security Advisory: Cisco ASA 1000V Cloud Firewall H.323 Inspection Denial of Service Vulnerability 2013-01-16ZDI-12-075 : Apple Quicktime RLE Sample Decoding Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliance Clientless VPN ActiveX Control Remote Code Execution Vulnerability 2012-03-14ZDI-12-076 : Apple QuickTime MPEG Stream Padding Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASA 5500 Series Adaptive Security Appliances and Cisco Catalyst 6500 Series ASA Services Module Denial of Service Vulnerability 2012-06-20ZDI-12-077 : Apple QuickTime QTVR QTVRStringAtom Parsing Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASA Content Security and Control Security Services Module Denial of Service Vulnerability 2016-03-09ZDI-12-078 : Apple QuickTime SVQ3 Codec mb_skip_run Parsing Remote Code Execution 2012-06-06
Cisco Security Advisory: Cisco ASA Next-Generation Firewall Fragmented Traffic Denial of Service Vulnerability 2013-06-26ZDI-12-079 : Apple QuickTime H264 Picture Width Parsing Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASA Software DHCPv6 Relay Denial of Service Vulnerability 2015-10-21ZDI-12-080 : Adobe Flash Player MP4 Stream Decoding Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASA Software DNS Denial of Service Vulnerability 2015-10-21ZDI-12-081 : Oracle Java GlueGen Arbitrary Native Library Loading Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASA Software Identity Firewall Feature Buffer Overflow Vulnerability 2016-10-19ZDI-12-083 : Oracle Java OpenAL Library Pointer Manipulation Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASA Software IKEv1 and IKEv2 Buffer Overflow Vulnerability 2016-02-10ZDI-12-084 : RealNetworks RealPlayer RV10 Encoded Height/Width Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASA Software VPN ISAKMP Denial of Service Vulnerability 2015-10-21ZDI-12-085 : RealNetworks RealPlayer dmp4 esds Width Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASA-CX and Cisco Prime Security Manager Privilege Escalation Vulnerability 2016-02-03ZDI-12-086 : RealNetworks RealPlayer rvrender RMFF Flags Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASA-CX and Cisco PRSM Log Retention Denial of Service Vulnerability 2012-09-12ZDI-12-087 : RealNetworks RealPlayer raac.dll stsz Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASR 1000 Series Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability 2015-07-30ZDI-12-088 : HP DataDirect OpenAccess GIOP Opcode 0x0E Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASR 900 Series Aggregation Services Routers Buffer Overflow Vulnerability 2016-11-02ZDI-12-089 : HP DataDirect OpenAccess GIOP Parsing Remote Code Execution Vulnerability 2012-06-06
Cisco Security Advisory: Cisco ASR 9000 Series Routers Line Card IP Version 4 Denial of Service Vulnerability 2011-07-20ZDI-12-090 : Symantec Web Gateway Shell Command Injection Remote Code Execution Vulnerability 2012-06-08
Cisco Security Advisory: Cisco AsyncOS TCP Flood Denial of Service Vulnerability 2015-11-04ZDI-12-091 : Symantec Web Gateway upload_file Remote Code Execution Vulnerability 2012-06-08
Cisco Security Advisory: Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability 2013-02-06ZDI-12-092 : RealNetworks RealPlayer QCELP Stream Parsing Remote Code Execution Vulnerability 2012-06-08
Cisco Security Advisory: Cisco Cable Modem with Digital Voice Remote Code Execution Vulnerability 2016-03-09ZDI-12-093 : (Pwn2Own) Microsoft Internet Explorer Fixed Table Colspan Remote Code Execution Vulnerability 2012-06-12
Cisco Security Advisory: Cisco Catalyst 4500E Series Switch with Cisco Catalyst Supervisor Engine 7L-E Denial of Service Vulnerability 2012-09-26ZDI-12-094 : RealNetworks Helix Server rn5auth Credential Parsing Remote Code Execution Vulnerability 2012-06-21
Cisco Security Advisory: Cisco Cius Denial of Service Vulnerability 2012-02-29ZDI-12-095 : Apple Quicktime TeXML transform Attribute Remote Code Execution Vulnerability 2012-06-21
Cisco Security Advisory: Cisco Cloud Services Platform 2100 Command Injection Vulnerability 2016-09-21ZDI-12-096 : HP Data Protector Express Opcode 0x330 Parsing Remote Code Execution Vulnerability 2012-06-21
Cisco Security Advisory: Cisco Cloud Services Platform 2100 Remote Command Execution Vulnerability 2016-09-21ZDI-12-097 : HP Data Protector Express Opcode 0x320 Parsing Remote Code Execution Vulnerability 2012-06-21
Cisco Security Advisory: Cisco Content Services Gateway Denial of Service Vulnerability 2011-07-06ZDI-12-098 : AOL Products dnUpdater ActiveX Uninitialized Pointer Remote Code Execution Vulnerability 2012-06-21
Cisco Security Advisory: Cisco Device Manager Command Execution Vulnerability 2013-04-24ZDI-12-099 : DataDirect OpenAccess oaagent.exe GIOP Remote Code Execution Vulnerability 2012-06-21
Cisco Security Advisory: Cisco Digital Media Manager Privilege Escalation Vulnerability 2012-01-18ZDI-12-100 : HP OpenView Performance Manager PMParamHandler Remote Code Execution Vulnerability 2012-06-21
Cisco Security Advisory: Cisco Email Security Appliance Anti-Spam Scanner Bypass Vulnerability 2015-11-04ZDI-12-101 : IBM Cognos tm1admsd.exe Multiple Operations Remote Code Execution Vulnerabilities 2012-06-27
Cisco Security Advisory: Cisco Email Security Appliance Email Scanner Denial of Service Vulnerability 2015-11-04ZDI-12-102 : Novell iPrint Client nipplib.dll GetDriverSettings realm Remote Code Execution Vulnerability 2012-06-27
Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability 2016-03-30ZDI-12-103 : Apple Quicktime Dataref URI Buffer Remote Code Execution 2012-06-27
Cisco Security Advisory: Cisco Firepower Management Center Privilege Escalation Vulnerability 2016-08-17ZDI-12-104 : SAP Netweaver ABAP msg_server.exe Parameter Value Remote Code Execution Vulnerability 2012-06-27
Cisco Security Advisory: Cisco Firepower Management Center Remote Command Execution Vulnerability 2016-08-17ZDI-12-105 : Apple Quicktime Text Track Descriptor Parsing Remote Code Execution 2012-06-27
Cisco Security Advisory: Cisco FirePOWER System Software Packet Processing Denial of Service Vulnerability 2016-05-04ZDI-12-106 : Avaya IP Office Customer Call Reporter ImageUpload Remote Code Execution Vulnerability 2012-06-28
Cisco Security Advisory: Cisco Firewall Services Module Crafted Protocol Independent Multicast Message Denial of Service Vulnerability 2012-03-14ZDI-12-107 : Apple Quicktime TeXML Style Element Parsing Remote Code Execution Vulnerability 2012-06-28
Cisco Security Advisory: Cisco Integrated Management Controller Supervisor and Cisco UCS Director Remote File Overwrite Vulnerability 2015-09-02ZDI-12-108 : Apple Quicktime TeXML sampleData Element Parsing Remote Code Execution Vulnerability 2012-06-28
Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability 2016-03-23ZDI-12-109 : Apple Quicktime TeXML Karaoke Element Parsing Remote Code Execution Vulnerability 2012-06-28
Cisco Security Advisory: Cisco IOS and IOS XE Software AAA Login Denial of Service Vulnerability 2016-09-28ZDI-12-110 : Mozilla Firefox AttributeChildRemoved Use-After-Free Remote Code Execution Vulnerability 2012-06-28
Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability 2016-03-23ZDI-12-111 : SAP Netweaver ABAP msg_server.exe Opcode 0x43 Remote Code Execution Vulnerability 2012-06-28
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service Vulnerability 2016-09-28ZDI-12-112 : SAP Netweaver ABAP msg_server.exe Parameter Name Remote Code Execution Vulnerability 2012-06-28
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability 2016-03-23ZDI-12-113 : IBM Rational ClearQuest CQOle ActiveX Control Remote Code Execution Vulnerability 2012-06-28
Cisco Security Advisory: Cisco IOS and IOS XE Software IPv6 First Hop Security Denial of Service Vulnerabilities 2015-09-23ZDI-12-114 : HP OpenView Performance Agent coda.exe Opcode 0x34 Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS and IOS XE Software Multicast Routing Denial of Service Vulnerabilities 2016-09-28ZDI-12-115 : HP OpenView Performance Agent coda.exe Opcode 0x8C Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability 2016-03-23ZDI-12-116 : EMC AutoStart ftAgent Opcode 50 Subcode 04 Parsing Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Memory Leak Vulnerability 2016-09-28ZDI-12-117 : EMC AutoStart ftAgent Opcode 50 Parsing Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS and IOS XE Software SSH Version 2 RSA-Based User Authentication Bypass Vulnerability 2015-09-23ZDI-12-118: EMC AutoStart ftAgent Opcode 0x03 Parsing Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability 2016-03-23ZDI-12-119: EMC AutoStart ftAgent Opcode 0x41 Subcode 0x00 Parsing Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS Internet Key Exchange Vulnerability 2012-03-28ZDI-12-120: EMC AutoStart ftAgent Opcode 85 Subcode 22 Parsing Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS Software and Cisco IOS XE Software EnergyWise Crafted Packet Denial of Service Vulnerability 2014-08-06ZDI-12-121: EMC AutoStart ftAgent Opcode 85 Subcode 01 Parsing Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS Software Common Industrial Protocol Request Denial of Service Vulnerability 2016-09-28ZDI-12-122: EMC AutoStart ftAgent Opcode 65 Parsing Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS Software Crafted IPv6 Packet Denial of Service Vulnerability 2014-03-26ZDI-12-123: EMC AutoStart ftAgent Opcode 50 Subcode 60 Parsing Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS Software Crafted Network Time Protocol Packets Denial of Service Vulnerability 2016-08-04ZDI-12-124: EMC AutoStart ftAgent Opcode 50 Subcode 42 Parsing Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS Software Data-Link Switching Vulnerability 2011-09-28ZDI-12-125: Apple Quicktime QTPlugin SetLanguage Remote Code Execution Vulnerability 2012-07-12
Cisco Security Advisory: Cisco IOS Software DHCP Denial of Service Vulnerability 2012-09-26ZDI-12-126 : (0 day) HP StorageWorks File Migration Agent RsaCIFS.dll Remote Code Execution Vulnerability 2012-07-18
Cisco Security Advisory: Cisco IOS Software DHCP Version 6 Denial of Service Vulnerability 2012-09-26ZDI-12-127 : (0Day) HP StorageWorks File Migration Agent RsaFTP.dll Remote Code Execution Vulnerability 2012-07-18
Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Version 2 Denial of Service Vulnerability 2014-03-26ZDI-12-136 : Apple QuickTime Invalid Public Movie Atom Remote Code Execution Vulnerability 2012-08-17
Cisco Security Advisory: Cisco IOS Software Internet Key Exchange Vulnerability 2013-03-27ZDI-12-137 : Apple Mac OS X libsecurity_cdsa_plugin Malloc Integer Truncation Remote Code Execution Vulnerability 2012-08-17
Cisco Security Advisory: Cisco IOS Software Intrusion Prevention System Denial of Service Vulnerability 2012-09-26ZDI-12-138 : SAP Business Objects Financial Consolidation CtAppReg.dll username Remote Code Execution Vulnerability 2012-08-17
Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability 2011-09-28ZDI-12-139 : SAP Crystal Reports crystalras.exe OBUnmarshal Remote Code Execution Vulnerability 2012-08-17
Cisco Security Advisory: Cisco IOS Software IP Service Level Agreement Vulnerability 2013-03-27ZDI-12-140 : McAfee SmartFilter Administration Server SFAdminSrv.exe JBoss RMI Remote Code Execution Vulnerabilty 2012-08-17
Cisco Security Advisory: Cisco IOS Software IPS and Zone-Based Firewall Vulnerabilities 2011-09-28ZDI-12-141 : Microsoft .NET Framework Clipboard Unsafe Memory Access Remote Code Execution Vulnerability 2012-08-17
Cisco Security Advisory: Cisco IOS Software IPv6 Denial of Service Vulnerability 2011-09-28ZDI-12-142 : Oracle Java WebStart Browser Argument Injection Remote Code Execution Vulnerability 2012-08-17
Cisco Security Advisory: Cisco IOS Software IPv6 over MPLS Vulnerabilities 2011-09-28ZDI-12-143 : Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability 2012-08-17
Cisco Security Advisory: Cisco IOS Software Malformed Border Gateway Protocol Attribute Vulnerability 2012-09-26ZDI-12-144 : EMC AutoStart ftAgent Opcode 0x4B Subcode 0x1D4C Parsing Remote Code Execution Vulnerability 2012-08-17
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities 2011-09-28ZDI-12-145 : Symantec Endpoint Protection SemSvc.exe AgentServlet Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities 2012-09-26ZDI-12-146 : Novell eDirectory RelativeToFullDN Parsing Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerabilities 2014-03-26ZDI-12-147 : WebKit ContentEditable swapInNode Use-After-Free Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability 2012-03-28ZDI-12-148 : GE Proficy Real-Time Information Portal Remote Interface Service Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Network Address Translation Vulnerability 2013-03-27ZDI-12-149 : Cisco AnyConnect VPN Client Verification Bypass Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Protocol Translation Vulnerability 2013-03-27ZDI-12-150 : Oracle Outside In XPM Processing Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Resource Reservation Protocol Denial of Service Vulnerability 2013-03-27ZDI-12-151 : Oracle Outside In Excel File TxO Parsing Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Reverse SSH Denial of Service Vulnerability 2012-03-28ZDI-12-152 : Oracle Outside In Excel MergeCells Record Parsing Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software RSVP Denial of Service Vulnerability 2012-03-28ZDI-12-153 : Apple QuickTime sean Atom Size Parsing Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerabilities 2011-09-28ZDI-12-155 : InduSoft Thin Client ISSymbol InternationalOrder Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability 2013-11-06ZDI-12-156 : Cisco AnyConnect VPN Client Arbitrary Program Instantiation Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Session Initiation Protocol Denial of Service Vulnerability 2014-03-26ZDI-12-157 : Microsoft Excel Series Record Parsing Type Mismatch Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability 2012-03-28ZDI-12-158 : Microsoft Internet Explorer MSADO CacheSize Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Smart Install Denial of Service Vulnerability 2013-03-27ZDI-12-160 : EMC AutoStart ftAgent Opcode 0x14 Subcode 0x7F8 Parsing Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Smart Install Remote Code Execution Vulnerability 2011-09-28ZDI-12-161 : EMC AutoStart ftAgent Opcode 0x2d Subcode 0x1194 Parsing Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software SSL VPN Denial of Service Vulnerability 2014-03-26ZDI-12-164 : (0Day) HP Intelligent Management Center img.exe Integer Wrap Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability 2015-07-22ZDI-12-165 : (0Day) HP Operations Agent for NonStop Server HEALTH Packet Parsing Remote Code Execution Vulnerability 2012-08-22
Cisco Security Advisory: Cisco IOS Software Tunneled Traffic Queue Wedge Vulnerability 2012-09-26ZDI-12-167 : (0Day) Novell File Reporter NFRAgent.exe VOL Tag Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability 2016-03-23ZDI-12-168 : InduSoft Thin Client ISSymbol InternationalSeparator Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco IOS Software Zone-Based Policy Firewall Session Initiation Protocol Inspection Denial of Service Vulnerability 2013-03-27ZDI-12-169 : GE Proficy Historian KeyHelp ActiveX LaunchTriPane Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco IOS XE Software NAT Denial of Service Vulnerability 2016-09-28ZDI-12-170 : (0Day) HP Application Lifecycle Management XGO.ocx ActiveX Control Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco IOS XE Software Network Address Translation Denial of Service Vulnerability 2015-09-23ZDI-12-171 : (0Day) Hewlett-Packard Intelligent Management Center UAM sprintf Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco IOS XR Software Crafted IPv6 Packet Denial of Service Vulnerability 2015-06-11ZDI-12-172 : (0Day) HP Operations Orchestration RSScheduler Service JDBC Connector Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco IOS XR Software for Cisco ASR 9001 Aggregation Services Routers Fragmented Packet Denial of Service Vulnerability 2016-08-10ZDI-12-173 : (0Day) HP SiteScope SOAP Call getSiteScopeConfiguration Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco IOS XR Software Memory Exhaustion Vulnerability 2013-10-02ZDI-12-174 : (0Day) HP SiteScope UploadFilesHandler Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco IOS XR Software Route Processor Denial of Service Vulnerability 2012-05-30ZDI-12-175 : (0Day) HP SiteScope SOAP Call create Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco IP Video Phone E20 Default Root Account 2012-01-18ZDI-12-176 : (0Day) HP SiteScope SOAP Call getFileInternal Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco Ironport Appliances Sophos Anti-virus Vulnerabilities 2012-11-09ZDI-12-177 : (0Day) HP SiteScope SOAP Call loadFileContent Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco IronPort Appliances Telnet Remote Code Execution Vulnerability 2012-01-26ZDI-12-178 : (0Day) HP SiteScope SOAP Call update Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco Meeting Server and Meeting App Buffer Underflow Vulnerability 2016-11-02ZDI-12-179 : EMC ApplicationXtender Desktop Viewer AEXView ActiveX AnnoSave Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco Meeting Server Client Authentication Bypass Vulnerability 2016-10-12ZDI-12-180 : Novell ZENWorks AdminStudio ISGrid.dll ActiveX Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco Mobility Services Engine Privilege Escalation Vulnerability 2015-11-04ZDI-12-182 : EMC AppXtender WxSuperCtrl650.ocx ActiveX Control Remote Code Execution Vulnerability 2012-08-29
Cisco Security Advisory: Cisco Mobility Services Engine Static Credential Vulnerability 2015-11-04ZendStudio IDE v13.5.1 Privilege Escalation 2016-10-12
Cisco Security Advisory: Cisco Modular Encoding Platform D9036 Software Default Credentials Vulnerability 2016-01-20Zenphoto 1.4.10 Local File Inclusion 2015-12-02
Cisco Security Advisory: Cisco Network Admission Control Manager SQL Injection Vulnerability 2013-04-17Zenphoto 1.4.10 XSS Vulnerability 2015-12-01
Cisco Security Advisory: Cisco Nexus 1000V Series Switch Software Release 4.2(1)SV1(5.2) Virtual Security Gateway Bypass Issue 2012-11-07zFtp Server <= 2011-04-13 | "STAT,CWD" Remote Denial of Service Vulnerability 2011-10-25
Cisco Security Advisory: Cisco Nexus 5000 and 3000 Series Switches Access Control List Bypass Vulnerability 2011-09-07zFTPServer Suite 6.0.0.52 'rmdir' Directory Traversal 2011-12-10
Cisco Security Advisory: Cisco Nexus 9000 Series ACI Mode Switch ICMP Record Route Vulnerability 2016-02-03Zhone ADSL2+ 4P Bridge & Router (Broadcom) - Multiple Vulnerabilities 2015-09-03
Cisco Security Advisory: Cisco NX-OS Malformed IP Packet Denial of Service Vulnerability 2012-02-15Zimbra Collaboration Suite (ZCS) Session Replay Vulnerability 2013-09-13
Cisco Security Advisory: Cisco NX-OS Software Crafted DHCPv4 Packet Denial of Service Vulnerability 2016-10-05Zimbra Cross-Site Scripting vulnerabilities 2016-02-25
Cisco Security Advisory: Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability 2016-10-05ZMS v3.2 CMS - Multiple Client Side Cross Site Scripting Web Vulnerabilities 2016-07-29
Cisco Security Advisory: Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability 2016-10-05ZOHO ManageEngine ADSelfService Plus Administrative Access 2011-10-11
Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Denial of Service Vulnerabilities 2013-08-21Zoll ePCR v2.6.4 iOS - Multiple Persistent Vulnerabilities 2016-08-02
Cisco Security Advisory: Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration Vulnerability 2013-09-18Zoll Checklist v1.2.2 iOS - Multiple Persistent Vulnerabilities 2016-07-28
Cisco Security Advisory: Cisco Prime Collaboration Assurance Default Account Credential Vulnerability 2015-12-09Zoner Photo Studio v15 b3 - Buffer Overflow Vulnerabilities 2012-11-13
Cisco Security Advisory: Cisco Prime Collaboration Provisioning Web Framework Access Controls Bypass Vulnerability 2015-09-16Zones Web Solution (index.php?manufacturers_id) Remote SQL injection Vulnerability 2011-07-26
Cisco Security Advisory: Cisco Prime Data Center Network Manager Remote Command Execution Vulnerability 2012-10-31Zones Web Solution (status.asp?print) (search_result.php?loc_id) Remote SQL injection Vulnerabilities 2011-07-28
Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Privilege Escalation API Vulnerability 2016-04-06Zones Web Solution (StoneDetails.php?stone) XSS Vulnerability 2011-07-28
Cisco Security Advisory: Cisco Prime Infrastructure and Evolved Programmable Network Manager Remote Code Execution Vulnerability 2016-04-06Zope Management Interface CSRF vulnerabilities 2015-10-07
Cisco Security Advisory: Cisco Prime Infrastructure Command Execution Vulnerability 2014-02-26Zortam Media Studio 20.60 - Buffer Overflow Vulnerability 2016-07-28
Cisco Security Advisory: Cisco Prime LAN Management Solution Command Execution Vulnerability 2013-01-09ZTE 831CII Multiple Vulnerablities 2014-11-06
Cisco Security Advisory: Cisco RV220 Management Authentication Bypass Vulnerability 2016-01-27ZTE Datacard MF19 0V1.0.0B PCW - Multiple Vulnerabilities 2015-01-06
Cisco Security Advisory: Cisco SA 500 Series Security Appliances Web Management Interface Vulnerabilities 2011-07-20ZTE Datacard PCW(Telecom MF180) - Multiple Software Vulnerabilities 2015-01-12
Cisco Security Advisory: Cisco Secure Access Control Server Remote Command Execution Vulnerability 2013-08-28ZTE GPON F427 and possibly F460/F600 - authorization bypass and cleartext password storage 2015-10-02
Cisco Security Advisory: Cisco Secure Access Control System SQL Injection Vulnerability 2015-02-11ZTE Ucell 3G Modem App - Privilege Escalation Vulnerability 2014-12-25
Cisco Security Advisory: Cisco Secure Access Control System TACACS+ Authentication Bypass Vulnerability 2012-11-07ZTE ZXDSL 831 Multiple Cross Site Scripting 2014-11-06
Cisco Security Advisory: Cisco Security Agent Remote Code Execution Vulnerabilities 2011-10-26ZTE ZXDSL 831CII Direct Object Reference 2014-11-06
Cisco Security Advisory: Cisco Show and Share Security Vulnerabilities 2011-10-19ZyXel WAP3205 v1 Multiple XSS 2016-01-23