Security News
-
Security Reviews
-
Exploits
-
Tools
-
UNIX Focus
-
Windows Focus
Home
Ask the Team
Mailing Lists
Advertising Info
Advisories
About SecuriTeam
Blogs
Brought to you by:
Suppliers of:
Website Testing Tools
Network Testing Tools
Software Testing Tools
SecuriTeam in Your Inbox
New vulnerability?
New tool?
Tell us
(Our
PGP key
).
Security News
QuickShare File Share Directory Traversal Vulnerability
16 Jan. 2013
ELinks Security Bypass Vulnerability
BlazeDVD PLF Exploit DEP/ASLR Bypass (MSF) Vulnerability
WebKit Web Audio Channel Handling Race Condition Buffer Overflow Vulnerability
9 May. 2013
Verax NMS Console AMF Response Plaintext Connection Information Disclosure Vulnerability
Simeji for Android Application Handling Information Disclosure Vulnerability
Ptlib Entity Expansion Recursion XML Nested Entity Handling DoS Vulnerability
ownCloud /core/settings/ajax/setquota.php quota Parameter XSS Vulnerability
Nitro Pro PDF File Handling DoS Vulnerability
MailOrderWorks Dispatch Order Multiple Field XSS Vulnerability
Linux Kernel Dccp Subsystem Ccid Null Pointer Dereference Local DoS Vulnerability
ISC DHCP libdns Unspecified Remote Memory Exhaustion DoS Vulnerability
GroundWork Monitor Enterprise Noma Component Multiple XSS Vulnerability
GroundWork Monitor Enterprise Foundation Admin Interface XSS Vulnerability
Google Chrome Isolated Web Sites Process Handling Issue Vulnerability
Google Android On Samsung Unprivileged Arbitrary SMS Message Sending Vulnerability
FFmpeg Libavcodec/error Function NULL Pointer Dereference DoS Vulnerability
Commons Groups Module for Drupal Group Access Restriction Bypass Vulnerability
Cfingerd RFC1413 (Ident) Client Remote Overflow Vulnerability
Apple IOS / TV USB IOUSBDeviceFamily Driver Pipe Object Pointer Handling Local Privilege Escalation Vulnerability
Apache Qpid Qpid/cpp/include/qpid/framing/Buffer.h Qpid framing Buffer checkAvailable() Function Integer Overflow Vulnerability
Wireshark HART/IP Dissector Malformed Packet Handling Infinite Loop Remote DoS Vulnerability
8 May. 2013
WebKit AddChildNodesToDeletionQueue SVG Animation Handling Use-After-Free Vulnerability
SynConnect index.php loginid Parameter SQL Injection Vulnerability
Siemens SIMATIC WinCC Project File Handling Information Disclosure Vulnerability
RealPlayer MP4 File Parsing Heap Buffer Overflow Vulnerability
Oracle Java SE Security Check Bypass (Issue 58) Vulnerability
Occasions Plugin For WordPress Occasions/occasions.php Occ_content1 Parameter XSS Vulnerability
Mozilla Multiple Product HTML Editor Function Use-after-free Arbitrary Code Execution Vulnerability
MailOrderWorks Create/View Issue Multiple Field XSS Vulnerability
Linux Kernel atm Subsystem getsockname() Multiple Function Stack Memory Local Disclosure Vulnerability
HP System Management Homepage (SMH) Parameter Remote Code Execution Vulnerability
GroundWork Monitor Enterprise NeDi Component Multiple XSS Vulnerability
Google Chrome USB Apps API Multiple Function Memory Corruption Arbitrary Code Execution Vulnerability
Google Chrome Extensions Without 'Tabs' Permission URL Leaking Weakness Vulnerability
Google Android On Samsung Privileged Application Installation (Issue 1) Vulnerability
EMC Multiple Smarts Products XSS Vulnerability
Commons Wikis Module for Drupal Group Access Restriction Bypass Vulnerability
Citrix CloudPlatform Master Server Log4j.conf SSH Private Key / Plaintext Password Disclosure Vulnerability
Cerberus Helpdesk 'peek' Function Ticket Information Disclosure Vulnerability
Apple Mac OS X Messages FaceTime URL Handling FaceTime Call Launch Prompt Bypass Vulnerability
Airtime Remote Shell Command Injection Vulnerability
Verax NMS Multiple Method Authentication Bypass Vulnerability
7 May. 2013
Squid MakeVaryMark() Function X-HEADSHOT Header Handling Remote DoS Vulnerability
Siemens SIMATIC WinCC SQL Database WebNavigator Password Obfuscation Weakness Vulnerability
Red Hat Subscription Asset Manager UI Notifications Form username Field XSS Vulnerability
Piwik Remote Cross-Site Scripting(XSS) Vulnerability
Oracle Java SE Code Fragment Security Weakness (Issue 60) Vulnerability
NEC Aterm Multiple Routers CSRF Vulnerability
Linux Kernel Net/tun Subsystem Ioctl() Stack Memory Local Disclosure Vulnerability
IBM WebSphere Commerce Configuration File Plain Text Password Disclosure Vulnerability
HP Intelligent Management Center User Access Manager Remote Information Disclosure Vulnerability
GroundWork Monitor Enterprise NeDi Arbitrary Command Execution Vulnerability
Google Chrome Video Seeking Handling Out-Of-Bounds Read Issue Vulnerability
Google Android MOUNT_FORMAT_FILESYSTEMS Permission File-In-Use Enumeration Vulnerability
Disk Pool Manager Multiple Dpm Function SQL Injection Vulnerability
Corel WordPerfect WPWIN16.DLL STARTAPP Function WPD File Handling DoS Vulnerability
ClamAV libclamav/wwunpack.c wwunpack() Function WWPack File Handling Heap Corruption Issue Vulnerability
ArtIME Japanese Input for Android Application Handling Information Disclosure Vulnerability
WebKit XSSAuditorDelegate DidBlockScript / XSSAuditor FilterToken Page Block Document.referrer Disclosure Vulnerability
6 May. 2013
Verax NMS clientMain.swf authenticateUser Operation Password Replay Authentication Bypass Vulnerability
Siemens WinCC (TIA Portal) Web Server URL Handling Remote Source Code Disclosure Vulnerability
Samsung TV Malformed SOAPACTION Handling Remote Overflow DoS Vulnerability
PHPBoost /phpboost/user/ url Parameter Malformed Input Information Disclosure Vulnerability
OpenStack Nova Fixed AddFixedIp Function IP Allocation Exhaustion Remote DoS Vulnerability
Linux Kernel L2tp Subsystem Getsockname() Function Stack Memory Local Disclosure Vulnerability
IBM InfoSphere Information Server DataStage Administrator Client Insecure Client Side Controls Remote Privilege Escalation Vulnerability
GroundWork Monitor Enterprise NeDi Component Arbitrary Command Execution Vulnerability
Google Chrome WebContentsImpl CreateOpenerRenderViews Browser Navigation Handling Use-After-Free Vulnerability
Google Chrome Process-Per-Site Mode Extension Process Invalid Binding Reuse Handling Vulnerability
Google Chrome Extension Process Traversal Vulnerability
Google Android On Samsung Phone Action Hijacking Issue Vulnerability
daloRADIUS rep-logs-daloradius.php daloradiusFilter Parameter XSS Vulnerability
ClipShare ufavour.php UID Parameter SQL Injection Vulnerability
Cisco Nexus Operating System (NX-OS) On 7000 Series Configuration Line-Card Handling Memory Consumption Local DoS Vulnerability
Cisco Adaptive Security Appliances UNC Share Pathname Validation Remote DoS Vulnerability
Asteriskguru Queue Statistics Error.php Warning Parameter XSS Vulnerability
Apple IOS / TV Dyld Mach-O Executable File Handling Local Privilege Escalation Vulnerabilit
SAP NetWeaver Classification (CA-CL) SMB Relay Attack Arbitrary File Access Vulnerability
3 May. 2013
Plupload Unspecified XSS Vulnerability
Perl User Supplied Hash Key Rehashing Memory Consumption Remote DoS Vulnerability
OpenStack Keystone Invalid Token Request Logging Disk Consumption Remote DoS Vulnerability
NConf Delete_attr.php Id Parameter SQL Injection Vulnerability
Microsoft IE SaveHistory Use-After-Free Arbitrary Code Execution Vulnerability
Linux Kernel Xfrm_user Subsystem Path Handling Null Pointer Dereference Vulnerability
Linux Kernel Function Crafted Program Ioctl Call Execution Memory Content Local Disclosure Vulnerability
HP Intelligent Management Center TopoContent.jsf Opentopo_symbolid Parameter XSS Vulnerability
GroundWork Monitor Enterprise NeDi Component /nedi/html/System-Export.php SQL Injection Vulnerability
GroundWork Monitor Enterprise Cacti Component Underprivileged Arbitrary Account Manipulation Vulnerability
Google Chrome DevTools External Navigation Drag And Drop Weakness Vulnerability
GNOME Tracker PNG Extractor Image Handling Double-free DoS Vulnerability
Exim with Dovecot Typical Misconfiguration Leads to Remote Command Execution Vulnerability
daloRADIUS acct-date.php Multiple Parameter SQL Injection Vulnerability
ClipShare uplaylist.php UID Parameter SQL Injection Vulnerability
Cisco IOS Type 4 Password Brute Force Weakness Vulnerability
Cam2pc cam2pc.exe BITMAPINFOHEADER(biHeight) Value Processing Integer Overflow Vulnerability
Apple Mac OS X VoiceOver Login Window Handling Local System Configuration Manipulation Vulnerability
Apache Qpid Federation Attribute Handling Federated Interbroker Link Access Restriction Bypass Vulnerability
Adobe Flash Player / AIR Dialog Call-Back Unloaded Module Use-After-Free Arbitrary Vulnerability
ZeroClipboard zeroclipboard.swf id Parameter XSS Vulnerability
2 May. 2013
Varnish Log Directory Permission Weakness Local Information Disclosure Vulnerability
SQLiteManager Dbpath Parameter Database Creation Remote PHP Code Execution Vulnerability
Site Go /site-go/admin/extra/stylemanager/index.php ids Parameter Traversal Arbitrary File Access Vulnerability
SAP Xcelsius Dashboard CSRF Vulnerability
RSA Archer GRC Clickjacking Weakness Vulnerability
Puppet Multiple Function CSRF Vulnerability
PHP-Fusion /downloads.php orderby Parameter SQL Injection Vulnerability
Photodex ProShow Producer ExpandMacroFilename() Function CpicHelpFile Identifer String Handling Stack-Based Buffer Overflow Vulnerability
Oracle Java SE / JRE JSSE Component SSL/TLS Remote DoS Vulnerability
NETGEAR SPH200D URI Malformed Input Path Disclosure Vulnerability
MTP Guestbook /mtp_guestbook/blocked.php simbol Parameter XSS Vulnerability
Kayako Fusion /admin/LiveChat/Group/Manage Visitor Group Title Field XSS Vulnerability
IBM InfoSphere Information Server Unspecified Arbitrary Site Redirect Vulnerability
Gallery Personals gallery.php L Parameter SQL Injection Vulnerability
FFmpeg libavcodec/h264.c decode_slice_header() Function DoS Vulnerability
CKEditor /admin/ckeditor/samples/sample_posteddata.php Script Insertion CSRF Vulnerability
Buffalo TeraStation TS-Series Routers /dynamic.pl ip Parameter Remote Command Execution Vulnerability
Yandex.Metrics Module for Drupal XSS Vulnerability
1 May. 2013
Ubercart Views Module for Drupal Views full name Field XSS Vulnerability
Sonar /reviews/index Multiple Parameter XSS Vulnerability
Site Go /site-go/admin/extra/my_account/index.php idm Parameter Traversal Arbitrary File Access Vulnerability
SAP NetWeaver GRMGApp XML External Entity Data Parsing Arbitrary File Disclosure Vulnerability
RLSWordPressSearch Plugin For WordPress Agentid Parameter SQL Injection Vulnerability
PHP-Fusion /administration/weblink_cats.php Multiple Parameter XSS Vulnerability
ownCloud settings.php Group Input Field XSS Vulnerability
Oracle Java SE / JRE Deployment Component Context-Dependent Vulnerability
OpenSUSE PackageKit Zypp Backend Unprivileged Software Package Downgrade Weakness Vulnerability
NETGEAR DGN1000B Router /setup.cgi Multiple Parameter XSS Vulnerability
MiniUPnP MiniUPnPd HTTP Service SOAPAction Handler ExecuteSoapAction Function Integer Signedness Error Remote DoS Vulnerability
Kayako Fusion /admin/Base/Staff/Insert XSS Vulnerability
Intel 82574L Gigabit Ethernet Card 0x47f Offset Multiple Value Crafted Packet Parsing Remote DoS Vulnerability
Gallery Multiple Issues Vulnerability
EzStats Multiple Product /admin/apitest.php Info Parameter Information Disclosure Vulnerability
Cybozu Garoon XSS Vulnerability
Cisco Unity Express /Web/SA2/ScriptList.do gui_pagenotableData Parameter XSS Vulnerability
Boxes Module For Drupal Simple Box Subject Field XSS Vulnerability
WP-Table Reloaded Plugin For WordPress Parameter XSS Vulnerability
30 Apr. 2013
SkunkWEB Sw.log Permission Weakness Local Information Disclosure Vulnerability
Site Go /index.php style_name Parameter Traversal Arbitrary File Access Vulnerability
Responsive Blog Theme For Drupal Social Icon XSS Vulnerability
Piwigo LocalFiles Editor Plugin File Creation CSRF Vulnerability
PHP-Fusion /administration/articles.php Multiple Parameter XSS Vulnerability
ownCloud /apps/files_pdfviewer/viewer.php Multiple Parameter XSS Vulnerability
Oracle Java SE / JRE CORBA Component Context-Dependent Vulnerability
Nuvoton WPCM450 BMC Plaintext Local Password Disclosure Vulnerability
Nagios XI /nagiosxi/admin/ xiwindow Parameter Arbitrary Site Redirect Vulnerability
Linux Kernel Cross Device Class Command Handling SCSI Command Filter Read-only Restriction Bypass Vulnerability
IBM System Storage TS3500 Tape Library Web Interface Admin Authentication Bypasss Vulnerability
Glossword gw_admin.php User Database Remote Disclosure CSRF Vulnerability
Foxit Advanced PDF Editor Security Cookie Reconstruction Stack-Based Buffer Overflow Vulnerability
Email2image Module For Drupal Arbitrary Node User Information Disclosure Vulnerability
Cybozu Garoon SQL Injection Vulnerability
Cisco Nexus 7000 M1-Series Modules Crafted Packet Parsing Remote DoS Vulnerability
Apple iPhone Sleep Button Canceled Call Screen Lock Bypass Vulnerability
Xen Drivers/xen/pciback/conf_space_capability_msi.c Pciback_enable_msi() Function Kernel Log Message Saturation Local DoS Vulnerability
29 Apr. 2013
Vaadin JsonPaintTarget.addAttribute() Method Map Argument Keys XSS Vulnerability
Supportworks ITSM SQL Injection Vulnerability
Site Go /site-go/admin/extra/visitors/index.php idv Parameter Traversal Arbitrary File Access Vulnerability
Site Go /index.php Multiple Parameter XSS Vulnerability
PHP-Fusion /infusions/shoutbox_panel/shoutbox_admin.php message Parameter XSS Vulnerability
OpenSSL AES-NI CBC Ciphersuite Handling Remote DoS Vulnerability
NETGEAR SPH200D URI Traversal Arbitrary File Access Vulnerability
Nagios XI Legacy Nagios Core Configuration ManagerHost Escalation Entry Config Name Field XSS Vulnerability
JBoss Enterprise Application Platform / JBoss Enterprise Web Platform Insecure Auto-install XML File Admin Password Local Disclosure Vulnerability
IBM Sterling Connect Direct Multiple Unspecified Remote DoS Vulnerability
GNU C Library Function Multibyte Character Handling Local Overflow DoS Vulnerability
Fileutils Gem For Ruby Temporary Directory Hijacking Weakness Vulnerability
EMC AlphaStor Drive Control Program (DCP) New Device Name Creation Remote Overflow Vulnerability
Dragonfly Gem for Ruby Crafted Request Parsing Remote Code Execution Vulnerability
Broadcom UPnP Multiple Module SetConnectionType() Function SOAP Request Parsing Remote Format String Vulnerability
WirelessFiles for iPad/iPhone Multiple File Extension Upload Arbitrary Script Code Execution Vulnerability
26 Apr. 2013
WebKit Cross-Origin Copy Pasted Content Handling XSS Vulnerability
Tridium NiagaraAX Config.bog File Disclosure SoftJACE System Remote Compromise Vulnerability
Site Go /site-go/admin/include/phpinfo.php Direct Request Information Disclosure Vulnerability
Simple History Plugin For WordPress Rss_secret Disclosure RSS Feed Access Restriction Bypass Vulnerability
RSA Archer GRC Traversal Arbitrary File Upload Arbitrary Code Execution Vulnerability
Puppet pe_mcollective Module SSL Key Catalog Disclosure Vulnerability
PHP-Fusion /forum/viewthread.php highlight Parameter XSS Vulnerability
Photodex ProShow Producer Multiple Library Path Arbitrary DLL Injection Code Vulnerability
Oracle Java SE / JRE JSSE Component SSL/TLS Remote Issue Vulnerability
Novell GroupWise Client ActiveX Multiple Method XPItem Pointer Handling Arbitrary Code Execution Vulnerability
Nagios XI Legacy (NagiosQL) Configuration File Injection CSRF Vulnerability
Libvirt VirNetMessageFree() Function Use-After-Free Remote Code Execution Vulnerability
IBM Netezza SQL Injection Vulnerability
GlFusion /calendar/index.php Multiple Parameter XSS Vulnerability
Fileutils Gem For Ruby File_utils.rb Crafted URL Handling Remote Command Execution Vulnerability
Elgg action/widgets/save params Parameter XSS Vulnerability
Clean Theme for Drupal 3 Slide Gallery XSS Vulnerability
Bugzilla show_bug.cgi id Parameter XSS Vulnerability
Xen Netback Implementation Error Path Memory Leak Local DoS Vulnerability
24 Apr. 2013
Ubercart Module for Drupal Views full name Field XSS Vulnerability
Site Go /site-go/admin/extra/ipdenymanager/index.php idm Parameter Traversal Arbitrary File Access Vulnerability
Samba Web Administration Tool Clickjacking Weakness Vulnerability
Rack File Function Symlink Traversal Arbitrary File Disclosure Vulnerability
PHP-Fusion /administration/download_cats.php Multiple Parameter XSS Vulnerability
Oracle Java SE / JRE RMI Component Remote Issue Vulnerability
NETGEAR DGN1000B Router /setup.cgi TimeToLive Parameter Remote Command Execution Vulnerability
Kayako Fusion /admin/Base/Staff/Edit XSS Vulnerability
IBM Tivoli Storage Manager (TSM) Client Traditional Scheduler Service Remote DoS Vulnerability
IBM InfoSphere Information Server Import Export Manager Path Subversion Arbitrary DLL Injection Code Execution Vulnerability
Games Site Script index.php id Parameter SQL Injection Vulnerability
Easy Live Shop System index.php id Parameter SQL Injection Vulnerability
Cisco Unity Express /Web/SA3/AddHoliday.do Holiday.description Parameter XSS Vulnerability
Cisco ATA 187 Analog Telephone Adaptor Remote Authentication Bypass Vulnerability
Apple QuickTime QTIF File Handling Out-Of-Bounds Read DoS Vulnerability
WhatsApp Messenger Address Book Remote Information Disclosure Vulnerability
TP-LINK WR2543ND Multiple Administrative Function CSRF Vulnerability
Site Go /site-go/admin/extra/mainlinks/index.php idl Parameter Traversal Arbitrary File Access Vulnerability
SAP NetWeaver GRMGApp Access Restriction Bypass Vulnerability
Premium Responsive Theme for Drupal 3 Slide Gallery XSS Vulnerability
PHP-Fusion /administration/bbcodes.php __BBCODE__ Parameter XSS Vulnerability
Oracle Java SE / JRE Deployment Component Remote Information Disclosure Vulnerability
OpenStack Compute (Nova) Create Method Parameter Volume ID Verification Access Restriction Bypass Vulnerability
My quiz and poll (myquizpoll) Extension for TYPO3 XSS Vulnerability
Jenkins Crafted Request Parsing Remote DoS Vulnerability
IBM InfoSphere Information Server Import Export Manager Remote Command Execution Vulnerability.
Hiverr categorygigs.php Multiple Parameter SQL Injection Vulnerability
GlFusion /links/index.php Multiple Parameter XSS Vulnerability
FFmpeg libavcodec/h264.c field_end() Function DoS Vulnerability
CommentLuv Plugin for WordPress /wp-admin/admin-ajax.php _ajax_nonce Parameter XSS Vulnerability
Cisco IOS HTTP Server Feature TCP Socket Event Crafted Packet Handling Remote DoS Vulnerability
Zen Load Balancer Multiple Issues Vulnerability
19 Apr. 2013
WebKit Website Handling Memory Corruption Vulnerability
Sthttpd On Gentoo Linux Thttpd.log Permission Weakness Local Information Disclosure Vulnerability
Site Go /site-go/admin/extra/linksmanager/index.php idl Parameter Traversal Arbitrary File Access Vulnerability
SAP NetWeaver TMSADM Account Default Password Vulnerability
Rdoc Generated Document Darkfish.js XSS Vulnerability
PHP-Fusion /administration/phpinfo.php User-Agent HTTP Header XSS Vulnerability
ownCloud Multiple Script Multiple Administrator Action CSRF Vulnerability
Oracle Java SE / JRE JAX-WS Component Remote Information Disclosure Vulnerability
Nagios XI Legacy Nagios Core Configuration Manager Cname Parameter SQL Injection Vulnerability
IBM InfoSphere Information Server Password Field Autocomplete Weakness Authentication Bypass Vulnerability
GlFusion /profiles.php Subject Parameter XSS Vulnerability
FFmpeg libavcodec/vqavideo.c vqa_decode_chunk() Function Boundary Error Buffer Overflow Vulnerability
Devise Database Type Conversion Crafted Request Parsing Security Bypass Vulnerability
Cisco Unified Communications Domain Manager XSS Vulnerability
Car Demon Plugin for WordPress /wp-admin/post.php Multiple Parameter XSS Vulnerability
Apple IOS StoreKit Safari Preferences Smart App Banner Handling JavaScript Re-Enabling Weakness Vulnerability
Slideshare (slideshare) Extension for TYPO3 SQL Injection Vulnerability
16 Apr. 2013
Site Go /site-go/admin/extra/backup/index.php idb Parameter Traversal Arbitrary File Access Vulnerability
Professional Theme For Drupal 3 Slide Gallery XSS Vulnerability
PHP-Fusion /administration/news.php message Parameter XSS Vulnerability
ownCloud /apps/files_external/addMountPoint.php mountpoint Parameter XSS Vulnerability
OpenEMR /interface/main/messages/messages.php Multiple Parameter SQL Injection Vulnerability
MiniUPnP MiniUPnPd HTTP Service SOAPAction Handler ExecuteSoapAction Function Remote Stack OverflowVulnerability
KMPlayer M3U File Handling DoS Vulnerability
IBM Netezza Cross Site Scripting Vulnerability
IBM Multiple Product XSS Vulnerability
Fusionforge Symlink Arbitrary File Ownership Manipulation Local Privilege Escalation Vulnerability
FFmpeg libavcodec/sanm.c process_frame_obj() Function Multiple Integer Overflows Vulnerability
cURL Function SASL DIGEST-MD5 Authentication Negotiation Stack Buffer Overflow Vulnerability
Cisco Unified Presence Server (CUPS) Crafted SIP Packets CPU Consumption Remote DoS Vulnerability
Cisco Cloud Portal NsAPI Interface Crafted URL Handling Remote User Information Disclosure Vulnerability
Buffalo TeraStation TS-Series Routers ip Parameter Remote Command Execution Vulnerability
Adobe Reader PDF File Handling Heap Overflow Vulnerability
3S CoDeSys Gateway Server Traversal Vulnerability
Zenphoto index.php lang Parameter SQL Injection Vulnerability
15 Apr. 2013
Wireshark NTLMSSP Dissector Crafted Packet Parsing Remote Buffer Overflow Vulnerability
WebKit Website Handling Memory Corruption Denial Of Service Vulnerability
TLS / DTLS Protocol CBC-Mode Ciphersuite Distinguishing Attack Information Disclosure Weakness Vulnerability
Site Go /site-go/admin/extra/StyleManager/EditFile.php OpenFolder Parameter Traversal Arbitrary File Access Vulnerability
Simple Corporate Theme for Drupal 3 Slide Gallery XSS Vulnerability
Pktstat Tmp_smtp.c /tmp/smtp.log Symlink Arbitrary File Overwrite Vulnerability
PHP-Fusion /administration/settings_messages.php Multiple Parameter SQL Injection Vulnerability
ownCloud Amazon SDK Server Information Remote Disclosure Vulnerability
Oracle Java SE / JRE JMX Component Remote Information Disclosure Vulnerability
Opera CORS Request Parsing Preflight Request Omission CSRF Weakness Vulnerability
Nagios XI Level Parameter SQL Injection Vulnerability
JBoss Enterprise Application Platform / JBoss Enterprise Web Platform Multiple Servlet Initial Authentication Bypass Vulnerability
IBM Netezza Request Verification Weakness Remote Code Execution Vulnerability
IBM InfoSphere Information Server Import Export Manager Remote Command Execution Vulnerability
Hiverr Profilesetting.php Profile Image File Upload Arbitrary Code Execution Vulnerability
Gambas Temporary Directory Hijacking Weakness Vulnerability
FFmpeg libavcodec/huffyuvdec.c generate_joint_tables() Function Overflow Vulnerability
Adobe Flash Player SWF Content Handling Overflow Vulnerability
3S CoDeSys Gateway Server Crafted Packet Parsing Stack Buffer Overflow Vulnerability
Wysija Newsletters Plugin For WordPress /wp-Admin/admin.php Search Parameter SQL Injection Vulnerability
10 Apr. 2013
Taxonomy Manager Module for Drupal CSRF Vulnerability
Site Go /site-go/admin/edit_config/index.php idc Parameter Traversal Arbitrary File Access Vulnerability
RSA Archer GRC Multiple XSS Vulnerability
PHP-Fusion /forum/postnewthread.php poll_opts Parameter SQL Injection Vulnerability
PfSense Diag_logs_ipsec.php XAUTH Username XSS Vulnerability
Oracle Java SE / JRE Deployment JavaFX Component Context-Dependent Vulnerability
OpenSSL OCSP Response Verification Handling Remote DoS Vulnerability
MTP Image Gallery Edit_photos.php Title Parameter XSS Vulnerability
Ircd-Hybrid Hostmask.c try_parse_v4_netmask() Function Malformed Input Remote DoS Vulnerability
IBM Netezza MHTML Protocol Session Cookie Disclosure Vulnerability
Honeywell Multiple Product ActiveX (HscRemoteDeploy.dll) Arbitrary Code Execution Vulnerability
Gallery Watermark Administration Arbitrary Resource Deletion Vulnerability
FFmpeg libavcodec/aacdec.c aac_decode_init() Function Boundary Error DoS Vulnerability
Display Suite Module for Drupal XSS Vulnerability
CubeCart Shipping Parameter Unserialize() Call Remote PHP Object Manipulation Vulnerability
Adobe Shockwave Player Stack Based Overflow Vulnerability
Adobe Flash Player / AIR Context Dependent Buffer Overflow Vulnerability
xNBD xnbd-server /tmp/xnbd.log Symlink Arbitrary File Creation Vulnerability
9 Apr. 2013
Websense TRITON Unified Security Center Multiple Page Access Restriction Bypass Vulnerability
Squirrelcart PHP Shopping Cart index.php table Parameter XSS Vulnerability
Site Go /site-go/admin/extra/site_reports/index.php idc Parameter Traversal Arbitrary File Access Vulnerability
SAP NetWeaver Exportability Check Service Traversal Arbitrary File Access Vulnerability
Rack Session Cookie Function Timing Attack Remote Code Execution Vulnerability
PHP-Fusion /messages.php Multiple Parameter XSS Vulnerability
PHP Weby Directory Software contact.php subject Parameter SQL Injection Vulnerability
ownCloud /apps/external/ajax/setsites.php Multiple Parameter XSS Vulnerability
Oracle Java SE / JRE Deployment Component Remote Issue Vulnerability
Opera SVG Document ClipPath Handling Arbitrary Code Execution Vulnerability
NETGEAR SPH200D URI XSS Vulnerability
MTP Guestbook /mtp_guestbook/insert_user.php Multiple Parameter XSS Vulnerability
Lorex Multiple Camera Multiple Page Direct Request Authentication Bypass Vulnerability
JBoss Enterprise Application Platform / JBoss Enterprise Web Platform JMX Invoker Roll Restriction Weakness Vulnerability
IBM Tivoli Storage Manager (TSM) Client Web GUI Remote Access Vulnerability
Hiverr Nitintest.php Direct Request Information Disclosure Vulnerability
Fileutils Gem For Ruby Files_utils.rb /tmp File Symlink Arbitrary File Overwrite Vulnerability
eBag Multiple Issues Vulnerability
Company Theme for Drupal 3 Slide Gallery XSS Vulnerability
Cisco Carrier Routing System (CRS) Crafted Packet Parsing Remote DoS Vulnerability
Apache Tomcat Log Directory Permission Weakness Local Information Disclosure Vulnerability
3ware Disk Manager (3DM) Traversal Arbitrary File Access Vulnerability
WP ecommerce Shop Styling Plugin for WordPress dompdf Parameter Remote File Inclusion Vulnerability
5 Apr. 2013
USB Sharp for iPhone Index Foldername Field XSS Vulnerability
SolveMedia Plugin For WordPress Plugins.php API Key Manipulation CSRF Vulnerability
Site Go /site-go/admin/extra/filesmanager/index.php idf Parameter Traversal Arbitrary File Access Vulnerability
Portable SDK for UPnP Devices libupnp unique Function SSDP Request Handling Three Remote Overflows Vulnerability
PHP-Fusion /administration/panel_editor.php panel_list Parameter XSS Vulnerability
NETGEAR DGN1000B Router /tmp/etc/htpasswd Plaintext Password Local Disclosure Vulnerability
Monkey HTTP Daemon Master.log Permission Weakness Local Information Disclosure Vulnerability
Kayako Fusion /admin/Base/CustomFieldGroup/Manage CustomFieldGroup Parameter XSS Vulnerability
ImageCMS Parameter SQL Injection Vulnerability
Glossword Gw_admin/login.php ArPost Parameter SQL Injection Vulnerability
Ftpd Gem For Ruby Shell Character Handling Remote Command Injection Vulnerability
EzStats For Battlefield 3 /ezStats2/compare.php Multiple Parameter XSS Vulnerability
Domain Trader catalog.php id Parameter SQL Injection Vulnerability
Cisco Wireless Lan Controllers Crafted Session Initiation Protocol Packet Parsing Remote DoS Vulnerability
ArrowChat External.php Lang Parameter Traversal Local File Inclusion Vulnerability
Aloaha PDF Crypter VbCrypt.dll ActiveX SaveToFile() Method Arbitrary File Overwrite Vulnerability
Adobe Flash Player AIR Context Dependent Attacker Buffer Overflow Vulnerability
Wireshark CSN.1 Dissector CsnStreamDissector Function Malformed Packet Parsing Infinite Loop Remote DoS Vulnerability
4 Apr. 2013
Sony Playstation Vita Browser Method URL Bar Spoofing Weakness Vulnerability
Site Go /site-go/admin/extra/feedout/index.php idf Parameter Traversal Arbitrary File Access Vulnerability
Samba Web Administration Tool Manipulation CSRF Vulnerability
Python XML Libraries Crafted Entity Request Arbitrary File Access Vulnerability
PHP-Fusion /administration/news_cats.php Multiple Parameter XSS Vulnerability
ownCloud Calendar Application iCalendar File XSS Vulnerability
Oracle Java SE / JRE JAXP Component Remote Information Disclosure Vulnerability
MiniUPnP MiniUPnPd HTTP Service SOAPAction Handler ExecuteSoapAction Function NULL Pointer Dereference Remote DoS Vulnerability
Microsoft IE HTTP / Secure Request Handling Spoofing Weakness Vulnerability
JBoss Enterprise Application Platform / JBoss Enterprise Web Platform SecurityAssociation.getCredential() Function Previous Session Credential Disclosure Vulnerability
IBM Netezza Arbitrary Site Redirect Vulnerability
IBM InfoSphere Information Server Metadata Workbench XSS Vulnerability
HP ArcSight Connector Appliance / Logger Local Privilege Escalation Vulnerability
Google-Url GURL ResolveWithCharsetConverter URL Handling Use-After-Free Code Execution Vulnerability
Google AD Sync Tool Exposure Of Sensitive Information Vulnerability
GlFusion URI XSS Vulnerability
D-Link Multiple DCS Cameras GetConfig Direct Request Configuration File Disclosure Vulnerability
Cisco Wireless Lan Controllers HTTP Profiling Feature Crafted UserAgent String Parsing Remote Code Execution Vulnerability
Business Theme For Drupal 3 Slide Gallery XSS Vulnerability
Apache Maven / Maven Wagon SSL Certificate Validation MitM Spoofing Weakness Vulnerability
Adobe Flash Player / AIR Buffer Overflow Vulnerability
Xen Netback Implementation Ring Producer / Consumer Pointer Handling Infinite Loop Local DoS Vulnerability
2 Apr. 2013
VMware Multiple Product vmci.sys VMCI Control Code Handling Local Privilege Escalation Vulnerability
Snorby Method XML User Information Disclosure Vulnerability
Site Go /site-go/admin/extra/moderators/index.php idm Parameter Traversal Arbitrary File Access Vulnerability
Site Go /site-go/admin/extra/contacts/index.php idc Parameter Traversal Arbitrary File Access Vulnerability
Ruby REXML Library Crafted XML File Text Node Handling DoS Vulnerability
PostgreSQL backend/utils/adt/enum.c enum_recv() Function Crafted SQL Query Parsing Remote DoS Vulnerability
PHP-Fusion /administration/settings_photo.php Multiple Parameter SQL Injection Vulnerability
PHP-Fusion /administration/db_backup.php file Parameter Traversal Arbitrary File Deletion Vulnerability
MTP Poll /poll_script/insert_user.php Multiple Parameter XSS Vulnerability
Kayako Fusion /admin/Base/StaffGroup/Insert XSS Vulnerability
IBM InfoSphere Information Server Multiple Web Interface XSS Vulnerability
FFmpeg libavcodec/gifdec.c gif_copy_img_rect() Function DoS Vulnerability
Creative Theme for Drupal Social Icon XSS Vulnerability
Beijer Electronics Multiple Product Function String Handling Overflow Vulnerability
3S CoDeSys Gateway Server Crafted Packet Parsing Heap Buffer Overflow DoS Vulnerability
Xen Oxenstored Daemon Xenstore Ring Content Handling Local DoS Vulnerability
1 Apr. 2013
WordPress Attack Scanner Plugin For WordPress Multiple File Direct Request Information Disclosure Vulnerability
Weathernews Touch For Android System Log File Location Information Local Disclosure Vulnerability
Sudo System Clock Manipulation Temporary Authentication Limit Bypass Vulnerability
Site Go /site-go/admin/extra/my_tools/index.php idt Parameter Traversal Arbitrary File Access Vulnerability
SecureCRT Insecure Password Storage Weakness Vulnerability
RSA Archer GRC Silverlight Cross-domain Permission Weakness Vulnerability
PHP-Fusion /administration/bbcodes.php enable Parameter SQL Injection Vulnerability
Oracle Java SE / JRE Libraries Component Remote Issue Vulnerability
OpenSSH logingracetime / maxstartup Threshold Connection Saturation Remote DoS Vulnerability
MTP Poll /poll_script/poll_add.php Multiple Parameter XSS Vulnerability
Linux Kernel Tmpfs Mempolicy Object Handling Use-After-Free Local Privilege Escalation Vulnerability
JBoss Enterprise Application Platform / JBoss Enterprise Web Platform CallerIdentityLoginModule Password Retention Remote Session Hijacking Vulnerability
HP XP P9000 Command View Remote DoS Vulnerability
Google Authenticator Login Module For Drupal Authentication Bypass Vulnerability
Drush Debian Packaging Module for Drupal Local Database Credential Disclosure Vulnerability
Cisco Unity Express /Web/SA/SaveConfiguration.do Multiple Action CSRF Vulnerability
Buffalo TeraStation TS-Series Routers Key Parameter Arbitrary File Access Vulnerability
Adobe Flash Player SWF Content Handling Memory Corruption Vulnerability
ActiveFax (ActFax) RAW Server Remote Buffer Overflow Vulnerability
Xen Nested Virtualization Handling Transient Guest Page Mapping Slot Exhaustion Local DoS Vulnerability
29 Mar. 2013
WebYaST /host Configuration Path Handling Host List Manipulation Vulnerability
VMware Multiple Product Management Authentication Protocol Handling Memory Corruption Vulnerability
SSSD Multiple Function Out-of-bounds Read Remote DoS Vulnerability
Search API Module for Drupal Database Backend View Error Message XSS Vulnerability
Ruby on Rails Active Record JSON Parameter Parsing Query Bypass Vulnerability
osTicket url Parameter Arbitrary Site Redirect Vulnerability
Oracle Siebel CRM Siebel Core - Server Infrastructure Subcomponent Vulnerability
Oracle Java SE/JRE AWT Component Remote Code Execution Vulnerability
Oracle Enterprise Manager Grid Control Component Resource Manager Subcomponent Vulnerability
Oracle Database Mobile Server (Database Lite) Remote Information Disclosure Vulnerability
McAfee Application Control Crafted .scr File Restriction Bypass Weakness Vulnerability
JBoss Enterprise Portal Platform GateIn Portal Component Multiple XSS Vulnerability
ICEstate (Real Estate Marketplace) Details.aspx Id Parameter SQL Injection Vulnerability
Havalite CMS Index.php Comment Parameter XSS Vulnerability
Google Chrome Database Metadata Corruption Arbitrary File Access Vulnerability
Fine Uploader Plugin for WordPress File Upload Arbitrary Code Execution Vulnerability
e107 Multiple Parameter SQL Injection Vulnerability
Dailyedition-Mouss Theme For WordPress Index.php Direct Request Path Disclosure Vulnerability
CMS phpshop SQL Injection Vulnerability
Cisco Linksys Multiple Router Insecure Password Reset Functionality Weakness Vulnerability
Barracuda Appliances Multiple Default Undocumented Credentials Vulnerability
Allied Telesis AT-MCF2000M Local Privilege Escalation Vulnerability
Xen AMD IOMMU Feature Remap Entry Handling Local DoS Vulnerability
28 Mar. 2013
Webfs On Gentoo Linux Webfsd.log Permission Weakness Local Information Disclosure Vulnerability
Top Sites out.php id Parameter SQL Injection Vulnerability
Site Go /site-go/admin/extra/mysql/index.php idm Parameter Traversal Arbitrary File Access Vulnerability
Site Go /site-go/admin/extra/contacts/DownloadMailAttach.php file Parameter Traversal Arbitrary File Access Vulnerability
Python XML Libraries Crafted Entity Requests Resource Consumption Remote DoS Vulnerability
PHP-Fusion /forum/postedit.php Parameter SQL Injection Vulnerability
PHP-Fusion /administration/article_cats.php Multiple Parameter XSS Vulnerability
Oracle Java SE / JRE Networking Component Remote Issue Vulnerability
Oracle Java SE / JRE AWT Component Remote Issue Vulnerability
Novell GroupWise Client Multiple Pointer Dereference Remote Code Execution Vulnerability
Nagios XI Address Parameter Remote Command Execution Vulnerability
Juniper Junos Routing Engine (RE) Malformed Packet Handling Remote DoS Vulnerability
IBM InfoSphere Information Services Framework (ISF) Insecure Authorization Controls Remote Privilege Escalation Vulnerabilit
IBM InfoSphere Information Server DataStage Administrator Client Insecure Client Side Controls Remote Privilege Escalation Vulnerabilit
Hiverr Gig_desc.php No Parameter SQL Injection Vulnerability
Gallery Packager Multiple Parameter Escaping Weakness Issue Vulnerability
EzStats Multiple Product Stylesheets/style.php Files Parameter Traversal Arbitrary File Access Vulnerability
Dell PowerConnect 6248P Series Switch Malformed Request Remote DoS Vulnerability
Buffalo TeraStation TS-Series Routers Parameter Arbitrary File Access Vulnerability
Adobe Flash Player / AIR Overflow Vulnerability
WP Symposium Plugin for WordPress index.php uid Parameter SQL Injection Vulnerability
27 Mar. 2013
Watson Management Console Directory Traversal Vulnerability
SSSD src/responder/ssh/sshsrv_cmd.c ssh_cmd_parse_request() Function Out-of-bounds Read Remote DoS Vulnerability
Serva HTTP Request Invalid String Position Unhandled Exception Remote Denial of Service Vulnerability
Sahifa Theme For WordPress Multiple Script Path Disclosure Direct Request Path Disclosure Vulnerability
Profile Wii Friend Code Plugin for MyBB Wii Friend Code Field XSS Vulnerability
phlyLabs phlyMail Lite Path Disclosure and Stored XSS Vulnerabilities
osTicket scp/helptopics.php ids Parameter SQL Injection Vulnerability
Oracle Siebel CRM Siebel Apps - Multi-channel Technologies Remote DoS Vulnerability
Oracle PeopleSoft HRMS Mobile Company Directory Subcomponent Vulnerability
Oracle Java JMX Component Remote Code Execution Vulnerability
Oracle E-Business Suite Oracle Universal Work Queue Component UWQ Server Issues Vulnerability
Oracle Database Mobile Server (Database Lite) Remote Code Execution Vulnerability
NConf /nconf/detail.php id Parameter SQL Injection Vulnerability
LogAnalyzer userchange.php viewid Parameter XSS Vulnerability
iTop Search Term XSS Vulnerability
IBM Cognos TM1 Web Component XSS Vulnerability
gpEasy CMS include/tool/editing_page.php section Parameter XSS Vulnerability
Gallery Plugin for WordPress gallery-plugin.php filename_1 Parameter Arbitrary File Access Vulnerability
EMC Networker Nsrindexd Service Unspecified Overflow Vulnerability
E SMS Script /admin/adminlogin.php Password Field SQL Injection Authentication Bypass Vulnerability
Cydia Repo Manager CSRF Vulnerability
Classified Ultra subclass.php cname Parameter XSS Vulnerability
Browser Rejector Plugin for WordPress wppath Parameter Remote File Inclusion Vulnerability
Atmel AT91SAM7XC Series Microprocessor JTAG Interface Crypto Key Local Disclosure Vulnerability
AdPeeps /adpeeps_servlet.php Bannertext Parameter XSS Vulnerability
T3 Mootools Extension For TYPO3 Unserialize() Call Remote PHP Code Execution Vulnerability
26 Mar. 2013
SNews /snews/snews.php Id Parameter SQL Injection Vulnerability
Schneider Electric Magelis XBT Unspecified Hardcoded Credentials Vulnerability
Reflected XSS in Asteriskguru Queue Statistics
php-Charts wizard/url.php eval() Call Remote PHP Code Execution Vulnerability
phlyLabs phlyMail Lite Open Redirect Vulnerability
OsTicket Scp/groups.php Ids Parameter SQL Injection Vulnerability
Oracle Siebel CRM Security Subcomponent Remote Information Disclosure Vulnerability
Oracle Outside In Technology Handling Remote Heap-Based Buffer Overflow Vulnerability
Oracle Java Deployment Component Remote Code Execution Vulnerability
Oracle Application Framework Diagnostic Mode Bypass Vulnerability
Movable Type Mt-Upgrade.cgi SQL Injection Vulnerability
Lockstep Systems Backup For Workgroups Login Failure Vulnerability
ImageCMS /admin/admin_search/ Q Parameter SQL Injection Vulnerability
Huawei Mobile Partner Installation Permission Weakness Local Privilege Escalation Vulnerability
Google Chrome Hyphenation Support Filename Sanitization Weakness Vulnerability
FreeIPA IPA Domain Joining CA Certificate Disclosure Vulnerability
Elgg action/widgets/save params[twitter_username] Parameter XSS Vulnerability
DotNetNuke MemberDirectory Module Information Disclosure Vulnerabilit
Cisco VPN Client For Windows VPN Driver Malformed Application Handling Local DoS Vulnerability
Beijer Electronics Multiple Product DLL File String Handling Overflow Vulnerability
Apple iOS Kernel User-mode Pointer Validation First Page Kernel Memory Disclosure Vulnerability
Adobe Reader / Acrobat Heap Overflow (2013-0604) Vulnerability
SSSD Race Condition Symlink Arbitrary File Overwrite Vulnerability
22 Mar. 2013
Search API Sorts Module For Drupal Field Labels XSS Vulnerability
Ruby On Rails Active Record Attr_protected Method Bypass Vulnerability
PHPUnit (phpunit) Extension for TYPO3 XSS Vulnerability
ownCloud /core/lostpassword/templates/resetpassword.php XSS Vulnerability
Oracle WebLogic Server Web Container Subcomponent Remote DoS vulnerability
Oracle Siebel CRM Highly Interactive Web UI Subcomponent Remote Information Disclosure Vulnerability
Oracle Java Component Remote Code Execution Vulnerability
Oracle JD Edwards EnterpriseOne SEC Remote Information Disclosure Vulnerability
Oracle Database Mobile Server Remote Code Execution Vulnerability
OpenInviter Plugin For WordPress /tmp Third-Party Program Plaintext Credential Disclosure Vulnerability
Live Chat Component for Joomla! getChat.php last Parameter XSS Vulnerability
IP.Gallery index.php img Parameter SQL Injection Vulnerability
ICart Pro Icart.php Section Parameter SQL Injection Vulnerability
Hitachi Cosminexus Multiple Product Operation Management Portal Authentication Bypass Vulnerability
Google Chrome for Windows Shared Memory Allocation Handling Integer Overflow Vulnerability
Foxit Reader NpFoxitReaderPlugin.dll URL Handling Stack Buffer Overflow Vulnerability
Easy Membership Management Application (E.M.M.A.) admin.php cats Action name Parameter XSS Vulnerability
Dailyedition-Mouss Theme For WordPress Thumb.php Src Parameter File Upload Arbitrary Code Execution Vulnerability
Colloquy Malformed String Handling Remote DoS Vulnerability
Cisco Network Admission Control (NAC) Web Authentication Function XSS Vulnerability
Barracuda SSL VPN setSysProp.jsp Java System Property Manipulation Vulnerability
Apache CloudStack Master Server SSH Private Key / Plaintext Password Disclosure Vulnerability
Adobe Flash Player / AIR Memory Corruption Vulnerability
Xen Debugging Functionality Crafted Hypercall Parsing Local DoS Vulnerability
21 Mar. 2013
TripAdvisor for iOS Cleartext Credential Remote Disclosure Vulnerability
Serva DNS Server QNAME Label Length Value Remote Denial of Service Vulnerability
Ruby on Rails JSON Parser Crafted Payload YAML Subset Decoding Remote Code Execution Vulnerability
Prizm Content Connect default.aspx document Parameter Remote File Inclusion Vulnerability
PfSense /usr/local/www/pkg_mgr_install.php Pkg Parameter XSS Vulnerability
OrangeHRM Index.php/recruitment/viewJobVacancy Vacancy Name Field XSS Vulnerability
Oracle PeopleSoft PeopleTools Security Subcomponent Remote Issue Vulnerability
Oracle Java AWT Component Remote Code Execution Vulnerability
Oracle PeopleSoft HRMS Candidate Gateway Subcomponent Disclosure Vulnerability
Oracle E-Business Suite Oracle Applications Framework Component Bookmarkable Vulnerability
Nero MediaHome NMMediaServer.dll Long Request Line Off-By-One Overflow Vulnerability
MiniUPnP SSDP Parser Malformed Input Handling Multiple Remote DoS Vulnerability
Jenkins Master Cryptographic Key Disclosure Vulnerability
ICEstate (Real Estate Marketplace) id Parameter SQL Injection Vulnerability
HP LeftHand Virtual SAN Appliance Hydra Remote Code Execution Vulnerability
Google Chrome v8 Garbage Collection Handling DoS Vulnerability
Free Blog up.php File Upload Arbitrary Code Execution Vulnerability
Elastix Settings Module Remote Command Execution Vulnerability
DotNetNuke User Profile Image Dimension Handling Disk Space Consumption Remote DoS Vulnerabilit
Dailyedition-Mouss Theme For WordPress Fiche-Disque.php Id Parameter XSS Vulnerability
Cisco Linksys WRT160N /apply.cgi Ping_size Parameter Remote Command Execution Vulnerability
AdPeeps /index.php advertiser_name Parameter XSS Vulnerability
Ad Management Yoga (A.M.Y.) /admin.php Zones Action Multiple Parameter XSS Vulnerability
WeBid validate.php Multiple Parameter SQL Injection Vulnerability
20 Mar. 2013
Simple Login Log Plugin for WordPress wp-login.php Multiple Parameter XSS Vulnerability
Samba Samba Web Administration Tool (SWAT) Manipulation CSRF Vulnerability
Quick.Cart admin.php URI XSS Vulnerability
PHP cURL Library (libcurl) X.509 Certificate Domain Name Matching MiTM Weakness Vulnerability
osTicket tickets.php status Parameter XSS Vulnerability
Oracle PeopleSoft PeopleTools Portal Subcomponent Remote Attacker Vulnerability
Oracle Java SE / JRE 2D Component Remote Code Execution Vulnerability
Oracle Enterprise Manager Grid Control Policy Framework Subcomponent Vulnerability
Oracle Database Mobile Server Remote Information Disclosure Vulnerability
OpenStack Glance Endpoint Handling Error Message Swift Credentials Disclosure Vulnerability
Moodle RSS Feed Disabled Blog Bypass Information Disclosure Vulnerability
Live CSS Module for Drupal File Upload Arbitrary Code Execution Vulnerability
ISC BIND DNS64 Nameserver Response Policy Zone (RPZ) AAAA Record Query Remapping Remote DoS Vulnerability
IBM WebSphere Application Server (WAS) Administrative Console XSS Vulnerability
Google Doc Embedder Plugin for WordPress file Parameter Traversal Arbitrary File Access
Gallery Plugin For WordPress Load Parameter Remote File Inclusion Vulnerability
Floating Tweets Plugin for WordPress skin.php Malformed Input Path Disclosure Vulnerability
Dailyedition-Mouss Theme WordPress Src Parameter File Upload Arbitrary Code Execution Vulnerability
Concert Calendar Addon For WebsiteBaker Modules/concert/view.php Date Parameter SQL Injection Vulnerability
Cisco Wireless Lan Controllers (WLC) Crafted Session Initiation Protocol (SIP) Packet Parsing Remote DoS Vulnerability
AirWatch ASP.NET_SessionId Cookie Deletion CAPTCHA Bypass Vulnerability
AdaptCMS Config.php Question Parameter SQL Injection Vulnerability
yolink Search Plugin for WordPress index.php s Parameter XSS Vulnerability
19 Mar. 2013
Websitebaker Add-on Concert Calendar Multiple Vulnerabilities
TomatoCart File Creation Arbitrary Code Execution Vulnerability
Snort Rule Remote Stack Buffer Overflow Vulnerability
Schneider Electric Software Update (SESU) Client MiTM Unauthenticated Remote Command Execution Vulnerability
PhpPeanuts Multiple Cross Site Scripting Vulnerability
OwnCloud /core/ajax/sharing.php Action Parameter XSS Vulnerability
osTicket scp/filters.php ids Parameter SQL Injection Vulnerability
Oracle PeopleSoft PeopleTools Query Subcomponent Remote Issue Vulnerability
Oracle Java SE/JRE CORBA Component Remote Code Execution Vulnerability
Oracle Enterprise Manager Grid Control Enterprise Component Enterprise Configuration Vulnerability
Oracle E-Business Suite Component Diagnostics Mode ManipulationVulnerability
Opera DOM Event Handling Arbitrary Code Execution Vulnerability
Moodle RSS Feed Blog Post Disclosure Vulnerability
Kohana Framework Path Parameter Traversal Arbitrary File Access Vulnerability
Icinga History.cgi Multiple Parameter Overflow Vulnerability
HP LeftHand Virtual SAN Appliance Hydra Remote AttackerCode Execution Vulnerability
Google Chrome Geolocation Handling DoS Vulnerability
Free Blog Multiple Vulnerabilities
Easy Membership Management Application (E.M.M.A.) Registration Multiple Parameter XSS Vulnerability
D-Link Multiple DCS Cameras /frame/GetConfig Direct Request Configuration File Disclosure Vulnerability
Concert Calendar Addon for WebsiteBaker date Parameter XSS Vulnerability
Barracuda Web Application Firewall XSS Vulnerability
Apache CouchDB Futon UI Browser-Based Test Suite Query Parameter XSS Vulnerability
Adobe Flash Player And AIR Context Dependent Attacker Buffer Overflow Vulnerability
RTTucson Quotations Database quote_search.php keywords Parameter XSS Vulnerability
15 Mar. 2013
WP-Table Reloaded Plugin For WordPress Id Parameter XSS Vulnerability
Tiny Server GET Request Handling Remote Overflow DoS Vulnerability
Simple Machines Forum (SMF) SSI.php Ssi_fetchPosts Function Remote Path Disclosure Vulnerability
Samba AD DC LDAP Directory Objects Erroneous Write Access Permissions Vulnerability
Rack Long String Parsing Memory Consumption Remote DoS Vulnerabilit
PfSense /usr/local/www/progress.php Upload_progress_meter_get_info() Function XSS Vulnerability
osTicket scp/templates.php ids Parameter SQL Injection Vulnerability
Oracle Siebel CRM Siebel Calendar Subcomponent Vulnerability
Oracle PeopleSoft PeopleTools PeopleBooks - PSOL Subcomponent Vulnerability
Oracle Java SE / JavaFX Remote Code Execution Vulnerability
Oracle Enterprise Manager Enterprise Manager Grid Control Vulnerability
Oracle COBRA Component Remote Code Execution Vulnerability
Mozilla Multiple Product Mesa WebGL Canvas Resizing Use-After-Free Arbitrary Code Execution Vulnerability
Incapsula Component For Joomla! /administrator/components/com_incapsula/assets/tips/en/Performance.php Token Parameter XSS Vulnerability
IBM InfoSphere Information Server FastTrack Client Insecure Credential Storage Local Disclosure Vulnerability
Google Chrome Malformed URL Handling Same Origin Policy Bypass Vulnerability
General Electric (GE) Proficy HMI/SCADA - CIMPLICITY CimWebServer.exe HTTP Data Parsing Integer Overflow Vulnerability
E SMS Script /smscollection.php cat_id Parameter SQL Injection Vulnerability
Cisco Wireless Lan Controllers (WLC) Wireless Intrusion Prevention System (WIPS) Component Crafted IP Packet Parsing Remote DoS Vulnerability
Apache CouchDB JSONP Callback Handling XSS Vulnerability
Adobe Reader / Acrobat Stack Overflow Vulnerability
Ad Management Yoga (A.M.Y.) /admin.php Users Action Name Parameter XSS Vulnerability
WordPress Shopping Cart Plugin For WordPress /wp-Content/plugins/levelfourstorefront/scripts/administration/backup.php ReqID Parameter SQL Injection Vulnerability
14 Mar. 2013
Watson SHDSL Routers Management Console Encoded Traversal Arbitrary File Access Vulnerability
Ruby on Rails params_parser.rb Action Pack Type Casting Parameter Parsing Remote Code Execution Vulnerability
Profile Wii Friend Code Plugin For MyBB Profilewfc.php Wii Friend Code Field SQL Injection Vulnerability
phlyMail Lite frontend/derefer.php go Parameter Malformed Input Path Disclosure Vulnerability
OsTicket Include/class.faq.php Ids Parameter SQL Injection Vulnerability
Oracle Siebel CRM Siebel Calendar Subcomponent Remote Issue Vulnerability
Oracle Java Sound Component Remote Code Execution Vulnerability
Oracle Enterprise Manager Grid Control Component Storage Management Subcomponent Vulnerability
Oracle Application Server Single Sign-On Remote Issue vulnerability
Mozilla Multiple Product Function Use-After-Free Arbitrary Code Execution Vulnerability
JBoss Enterprise Application Platform Function Previous Session Credential Disclosure Vulnerability
HP Network Node Manager i XSS Vulnerability
GNOME Online Accounts SSL Certificate Verification MitM Spoofing Weakness Vulnerability
F5 BIG-IP /sam/admin/reports/php/saveSettings.php defaultQuery Parameter SQL Injection Vulnerability
Dell OpenManage Server Administrator /help/sm/en/Output/wwhelp/wwhimpl/js/html/index_main.htm Topic Parameter XSS Vulnerability
Cisco Linksys WRT54GL Unspecified Pre-auth Remote Code Execution Vulnerability
Apache CouchDB Traversal Arbitrary File Access Vulnerability
Adobe Reader and Acrobat Buffer Overflow Vulnerability
Zingiri Forum Plugin For WordPress /wp-Content/plugins/zingiri-Forum/forum.php Zing_forum_output() Function Url Parameter XSS Vulnerability
28 Feb. 2013
WP Photo Album Plus Plugin for WordPress index.php wppa-tag Parameter XSS Vulnerability
User Relationships Module for Drupal Relationship Names Field XSS Vulnerability
SSSD Src/responder/autofs/autofssrv_cmd.c Multiple Function Out-Of-Bounds Read Remote DoS Vulnerability
Simple Login Log Plugin for WordPress wp-admin/users.php where Parameter SQL Injection Vulnerability
Samsung Kies SyncService.dll ActiveX PrepareSync() Method Buffer Overflow Vulnerability
Rockwell Automation Multiple Product MitM Replay Authentication Bypass Vulnerability
phpliteadmin Remote PHP Code Injection Vulnerability
PDF-XChange Viewer JPEG Stream Define Huffman Table Header Heap Buffer Overflow Vulnerability
osTicket scp/syslogs.php ids Parameter SQL Injection Vulnerability
Oracle VM VirtualBox Core Subcomponent Local Issue Vulnerability
Oracle Siebel CRM Siebel Apps - Multi-channel Technologies Subcomponent Disclosure Vulnerability
Oracle Java SE / JRE Libraries Component Remote Code Execution Vulnerability
Oracle E-Business Suite Oracle Payroll Component View Payslip Subcomponent Vulnerability
One-time FE account Extension for TYPO3 unserialize() Call Remote PHP Code Execution Vulnerability
Moodle Messaging System CSRF Vulnerability
JBoss Enterprise Application Platform / JBoss Enterprise Web Platform JMX Console XSS Vulnerability
IBM InfoSphere Master Data Management Collaboration Server Arbitrary Site Redirect Vulnerability
Google Chrome PDF File JavaScript Handling Integer Overflow Vulnerability
E107 E107_admin/download.php Multiple Parameter SQL Injection Vulnerability
Cydia REPO Management User Addition CSRF Vulnerability
Cisco Linksys Multiple Router Password Manipulation CSRF Vulnerability
BigAnt IM Server File Upload Arbitrary Code Execution Vulnerability
Adobe Reader / Acrobat Heap Overflow Vulnerability
Adobe Flash Player / AIR Crafted File Buffer Overflow Vulnerability
XML Sitemap Generator Plugin for WordPress XML File Overwrite Arbitrary Code Execution Vulnerability
27 Feb. 2013
WordPress Shortcodes / Post Content Multiple XSS Vulnerability
Static Methods since 2007 (div2007) Extension for TYPO3 XSS Vulnerability
Spam Free Plugin For WordPress Multiple Script Direct Request Path Disclosure Vulnerability
Schneider Electric Interactive Graphical SCADA System (IGSS) DC.EXE Remote Overflow Vulnerability
Ruby On Rails Active Record +serialize+ Helper YAML Attribute Vulnerability
Pinboard Theme For WordPress Tab Parameter XSS Vulnerability
PhlyMail Lite Config.php Multiple Parameter XSS Vulnerability
osTicket scp/teams.php ids Parameter SQL Injection Vulnerability
Oracle Solaris Filesystem/cachefs Subcomponent Local Privilege Escalation Vulnerability
Oracle PeopleSoft PeopleTools Security Subcomponent Remote Vulnerability
Oracle Outside In Technology Memory Reference Remote DoS Vulnerability
Oracle Java SDK/JDK/JRE Libraries Component Remote Code Execution Vulnerability
Oracle Enterprise Manager Grid Control APM Remote Issue Vulnerability
Nero MediaHome NMMediaServer.dll Long HTTP Request Header Value Parsing Off-By-One Overflow Vulnerability
IRIS Pages/add.php DownloadPDF() Function Remote Command Execution Vulnerability
Google Chrome PDF Image Handling Out-of-bounds Read Issue Vulnerability
Ettercap src/ec_scan.c scan_load_hosts() Function Remote Stack Buffer Overflow Vulnerability
Cool PDF Reader PDF File Stream Handling Stack-Based Buffer Overflow Vulnerability
Cisco Linksys Multiple Router Wait_time Parameter XSS Vulnerability
Allembru Ad Manager /ajax/campaigns.php Cname Parameter XSS Vulnerability
Adobe ColdFusion Information Disclosure Vulnerability
Xen Drivers/passthrough/vtd/intremap.c Set_msi_source_id() Function VT-D Configuration Incorrect Interrupt Injection Local DoS Vulnerability
22 Feb. 2013
RubyGems gemcutter Psych YAML Parser Deserialization Remote Code Execution Vulnerability
osTicket Admin User Addition CSRF Vulnerability
Oracle PeopleSoft HRMS Candidate Gateway Subcomponent Remote Information Vulnerability
Oracle Enterprise Manager Grid Control Component Distributed/Cross Vulnerability
Oracle Database Mobile/Lite Server Server Remote Information Disclosure Vulnerability
Nexpose Console Scan Data Deletion CSRF Vulnerability
Moodle Activity Report Hidden Field Information Disclosure Vulnerability
Linux Kernel /dev/ptmx Key Stroke Timing Local Disclosure Vulnerability
Google Chrome v8 Out-of-bounds Stack Access Issue Vulnerability
Google Chrome Audio IPC Handling Integer Overflow Vulnerability
F5 BIG-IP server.php XML External Entity (XXE) Data Parsing Arbitrary File Disclosure Vulnerability
Developer Formatter Plugin for WordPress devformatter/devformatter.php Multiple Action CSRF Vulnerability
Cisco WebEx Social RSS Service Link XSS Vulnerability
ArrowChat /admin/layout/pages_general.php URI XSS Vulnerability
Adobe ColdFusion Unspecified Authentication Bypass Vulnerability
Ad Management Yoga (A.M.Y.) /admin.php Ads Action Label Parameter XSS Vulnerability
19 Feb. 2013
Schneider Electric BMX NOE 0110 Unspecified SOAP/HTTP Request Remote Code Execution Vulnerability
Piwik Multiple XSS Vulnerability
Oracle Siebel CRM Siebel Apps - Multi-channel Technologies Subcomponent Remote DoS Vulnerability
Oracle PeopleSoft PeopleTools PIA Core Technology Subcomponent Remote Vulnerability
Oracle Siebel CRM Siebel Core Server Infrastructure Subcomponent Remote DoS Vulnerability
Oracle Java CORBA Component Remote Code Execution Vulnerability
Oracle E-Business Suite Oracle Marketing Component Campaign Management Subcomponent Remote Issue
Oracle Access Manager OAM Webgate Subcomponent Unspecified Remote Issue vulnerability
Mozilla Multiple Product Multiple Memory Corruption Vulnerability
Juniper Junos NGET MVPN Environment PIM Join Message Saturation Remote DoS Vulnerability
IBM WebSphere Application Server (WAS) Virtual Member Manager (VMM) XSS Vulnerability
HP JetDirect FTP Service Name Overflow DoS Vulnerability
Google Chrome for Windows IPC NUL Termination Weakness Vulnerability
Free Blog up.php del Parameter Traversal Arbitrary File Deletion Vulnerability
Eye-Fi Helper for Windows Image Handling Traversal Arbitrary File Vulnerability
DVS Custom Notification Plugin for Wordpress Setting Manipulation CSRF Vulnerability
CubeCart Index.php Multiple Parameter XSS Vulnerability
Citrix CloudPlatform Master Server SSH Private Key / Plaintext Password Disclosure Vulnerability
C-Icap Server Request.c Parse_request() Function Remote DoS Vulnerability
Astium VoIP PBX Parameter SQL Injection Authentication Bypass Vulnerability
Adobe Reader / Acrobat Unspecified Local Privilege Escalation Vulnerability
WordPress Shopping Cart Plugin For WordPress /wp-Content/plugins/levelfourstorefront/scripts/administration/exportaccounts.php ReqID Parameter SQL Injection Vulnerability
18 Feb. 2013
Simple Webserver Traversal Arbitrary File Access Vulnerability
Quick.Cms admin.php URI XSS Vulnerability
PhpPeanuts Multiple Unspecified XSS Vulnerability
OwnCloud /apps/bookmarks/ajax/addBookmark.php Url Parameter XSS Vulnerability
osTicket scp/groups.php ids Parameter SQL Injection
Oracle PeopleSoft PeopleTools RTE - Rich Text Editor Subcomponent Remote Vulnerability
Oracle PeopleSoft HRMS Mobile Company Directory Subcomponent Remote Vulnerability
Oracle Java JavaFX Component Remote Code Execution Vulnerability
Oracle Enterprise Manager Grid Control APM(Application Performance Management) Remote Vulnerability
Oracle Agile PLM Framework Security Subcomponent Remote Information Disclosure Vulnerability
NConf /nconf/detail_admin_items.php id Parameter SQL Injection Vulnerability
Juniper Junos J-Web Component URL Encoding Heap Buffer Overflow Vulnerability
Hiverr Inbox_detail.php Gig Parameter SQL Injection Vulnerability
FreeFloat FTP Server Raw Command Handling Overflow Vulnerability
Floating Tweets Plugin For WordPress Admin-Ajax.php Multiple Parameter XSS Vulnerability
Developer Formatter Plugin for WordPress devformatter/devformatter.php Multiple Field XSS Vulnerability
CurvyCorners Module For Drupal XSS Vulnerability
Cisco Unified Communications Domain Manager (CUCDM) XSS Vulnerability
BigAnt IM Server Account/Full Name User Search Account/Full Name Field SQL Injection Vulnerability
Adobe Flash Player / AIR Information Disclosure Vulnerability
Oracle Java Scripting Component Remote Code Execution Vulnerability
15 Feb. 2013
Oracle Enterprise Manager Grid Control Component User Interface Framework Subcomponent Vulnerability
Oracle E-Business Suite Oracle Applications Technology Stack Component Vulnerability
Oracle Application Server Single Sign-On Remote Vulnerability
NextGEN Gallery Plugin For WordPress /wp-Content/plugins/nextgen-Gallery/nggallery.php Test-Head Parameter XSS Vulnerability
Mozilla Multiple Product ~nsHTMLEditRules() Function Use-after-free Arbitrary Code Execution Vulnerability
MantisBT search.php match_type Parameter XSS Vulnerability
JEvents Component for Joomla! index.php year Parameter SQL Injection Vulnerability
IP.Gallery Addon For IP.Board Image Title XSS Vulnerability
IBM Tivoli Federated Identity Manager (TFIM) Trace File Plaintext Local Password Disclosure Vulnerabilit
HP JetDirect Label PCL Multiple Parameter DoS Vulnerability
Google Chrome PDF Image Handling Unspecified Out-of-bounds Read Issue Vulnerability
Google Chrome DOM Handling Use-After-Free Arbitrary Code Execution Vulnerability
FreeIPA Certificate Revocation Lists (CRL) Replication Vulnerability
F5 BIG-IP Server.php External Entity (XXE) Data Parsing Arbitrary File Disclosure Vulnerability
Easy Membership Management Application (E.M.M.A.) Admin.php Plans Action Name Parameter XSS Vulnerability
DataLife Engine preview.php catlist Parameter Remote Code Execution Vulnerability
Cryptzone SE46 Application Whitelisting 16-bit COM .pif File Restriction Bypass Weakness Vulnerability
CiscoWorks Prime LMS Command Handling Remote Command Execution Vulnerability
Cisco Linksys WRT160N /apply.cgi Next_page Parameter Traversal Arbitrary File Access Vulnerability
BigAnt IM Server AntDS.exe Multiple Request Handling Remote Stack-Based Buffer Overflow Vulnerability
Advantech WebAccess '/broadWeb/include/gAddNew.asp' ProjDesc Parameter XSS Vulnerability
Adobe Flash Player / AIR Integer Overflow Vulnerability
Ad Management Yoga (A.M.Y.) /admin.php pricings Action name Parameter XSS Vulnerability
PHPUnit (phpunit) Extension for TYPO3 XSSVulnerability
14 Feb. 2013
Sybase Adaptive Server Enterprise Remote Stack Overflow Vulnerability
Siemens SIMATIC RF Manager keyhelper.ocx ActiveX Control Buffer Overflow Vulnerability
Ruby On Rails JSON Gem Arbitrary Symbol Creation Remote DoS Vulnerability
OwnCloud /settings/personal.php Remote PHP Code Execution Vulnerability
osTicket Multiple Script Path Disclosure Vulnerability
Oracle SE/JRE Deployment Component Remote Code Execution Vulnerability
Oracle MySQL Server Information Schema Subcomponent Remote DoS Vulnerability
Oracle GoldenGate Multiple Component Server Subcomponent Remote DoS Vulnerability
Oracle E-Business Suite Human Resources Component Security Groups Subcomponent Vulnerability
Oracle Access Manager OAM Webgate Subcomponent Remote Vulnerability
Mozilla Multiple Product Canvas Stack Overflow Vulnerability
Microsoft IE CDispNode Use-After-Free Arbitrary Code Execution Vulnerability
JBoss Enterprise Application Platform Plaintext Symmetric Key Disclosure Vulnerability
IBM WebSphere Application Server (WAS) Virtual Member Manager (VMM) Administrative Console XSS Vulnerability
Google Chrome Video Seeking Handling Use-after-free Arbitrary Code Execution Vulnerability
Google Chrome Extension Tab Handling DoS Vulnerability
Facebook For Android Continuation_intent Local Information Disclosure Vulnerability
Concert Calendar Addon For WebsiteBaker Modules/concert/view.php Date Parameter XSS Vulnerability
Cisco Linksys WRT160N /apply.cgi Multiple Parameter XSS Vulnerability
Astium VoIP PBX astiumd Service Request Parsing Remote Overflow DoS Vulnerability
Adobe Reader / Acrobat Memory Corruption Vulnerability
Aastra 6753i IP Phone Configuration Encryption Weakness Information Disclosure Vulnerability
WHMCompleteSolution POST_SESSION Request Parsing Authentication Bypass Vulnerability
13 Feb. 2013
Sybase Adaptive Server Enterprise For Windows DoS Vulnerability
Search API Module for Drupal Admin View Field Names XSS Vulnerability
Redis Insecure Temporary File Symlink Arbitrary File Overwrite Vulnerability
phpLiteAdmin Database Creation File Upload Arbitrary Code ExecutionVulnerability
OwnCloud /apps/calendar/ajax/event/new.php XSS Vulnerability
Oracle Solaris Utility/Umount Subcomponent Local Privilege Escalation Vulnerability
Oracle PeopleSoft PeopleTools Portal Subcomponent Vulnerability
Oracle Enterprise Manager Grid Control Enterprise Manager Base Remote Issue Vulnerability
Oracle Deployment Component Remote Code Execution Vulnerability
Nibbleblog /admin/ajax/uploader.php Direct Request Path Disclosure Vulnerability
MiniUPnP SOAP Handler Remote Stack Overflow Vulnerability
JBoss Enterprise Application Platform / JBoss Enterprise Web Platform Remote Plaintext Symmetric Key Disclosure Vulnerability
IBM InfoSphere Master Data Management Collaboration Server XSS Vulnerability
Google Chrome SVG Layout Handling Use-after-free Arbitrary Code Execution Vulnerability
FreeIPA Cross-Realm Kerberos Trust Active Directory (AD) Multiple Attribute Key Disclosure Vulnerability
Easy Membership Management Application (E.M.M.A.) Admin.php Users Action Username Parameter XSS Vulnerability
Dailyedition-mouss Theme for WordPress fiche-disque.php Remote Information Disclosure Vulnerability
Cisco WebEx Social Search Functionality Parameter Parsing File Disclosure Vulnerability
Barracuda Web Application Firewall Cross Site Scripting Vulnerability
Adobe Reader and Acrobat Local Privilege Escalation Vulnerability
Adobe ColdFusion Authentication Bypass Vulnerability
WordPress Shopping Cart Plugin For WordPress /wp-Content/plugins/levelfourstorefront/scripts/administration/exportsubscribers.php ReqID Parameter SQL Injection Vulnerability
10 Feb. 2013
Xen Nested Virtualization Enabling Error Handling Cleanup Memory Exhaustion Local DoS Vulnerability
8 Feb. 2013
Sybase Adaptive Server Enterprise For Windows Installation Log File Information Disclosure Vulnerability
Schneider Electric Modicon M340 Unspecified TCP Resource Exhaustion Remote DoS Vulnerability
Profile Wii Friend Code Plugin For MyBB Profilewfc.php Wii Friend Code Field XSS Vulnerability
ownCloud /apps/gallery/sharing.php token Parameter XSS Vulnerability
Oracle Siebel CRM Siebel UI Framework Subcomponent Remote Vulnerability
Oracle PeopleSoft PeopleTools PeopleCode Subcomponent Vulnerability
Oracle Java MBeanInstantiator.findClass Method Remote Code Execution Vulnerability
Oracle E-Business Suite Oracle CRM Component Application Framework Remote Issue Vulnerability
Opera SVG Document clipPaths Handling Arbitrary Code Execution Vulnerability
Moodle Assignment Module URL Handling Feedback Comment Disclosure Vulnerability
IBM WebSphere Application Server (WAS) Information Disclosure CSRF Vulnerability
Google Chrome PDF Root Handling Bad Cast Issue Vulnerability
Floating Tweets Plugin For WordPress Skin.php Traversal Arbitrary File Access Vulnerability
Easy Membership Management Application (E.M.M.A.) Admin.php Contents Action Multiple Parameter XSS Vulnerability
Concert Calendar Addon for WebsiteBaker Parameter SQL Injection Vulnerability
Cisco TelePresence VCS Crafted Conductor Request Conference Creation Restriction Bypass Vulnerability
Asterisk HTTP Asterisk Management Interface Remote Stack Corruption Vulnerability
VLC Media Player 'swf' File Stack Buffer Overflow Vulnerability
Snare for Linux Cross-Site Scripting via Log Injection Vulnerability
Multiple Fortinet FortiDB Appliances Cross Site Scripting Vulnerability
Mesh OS Insufficient Entropy Vulnerability
Jenkins Multiple Security Vulnerabilities
Hupa Webmail Stored XSS Vulnerability
Flynax General Classifieds v4.0 CMS Multiple Vulnerabilities
Bitsmith PS Knowbase Buffer Overflow Vulnerability
Pro-face Pro-Server EX WinGP PC Runtime Multiple Vulnerabilities
5 Feb. 2013
Oxide Webserver Denial of Service Vulnerability
IrfanView FlashPix PlugIn Decompression Heap Overflow Vulnerability
Hillstone Software HS TFTP Server Denial Of Service Vulnerability
FortiWeb 4kC,3kC,1kC & VA Cross Site Vulnerabilities
Fail2ban Arbitrary Log Content Injection Vulnerability
e107 CSRF Resulting in SQL Injection Vulnerability
Cisco Linksys WVC200 Wireless-G PTZ Internet Video Camera PlayerPT ActiveX Control PlayerPT.ocx Sprintf Buffer Overflow Vulnerability
Asterisk 'ast_parse_digest()' Stack Buffer Overflow Vulnerability
AnvSoft Any Video Converter Multiple Buffer Overflow Vulnerability
Network Instrument Observer SNMP SetRequest Denial of Service Vulnerability
4 Feb. 2013
Mahara 'query' Parameter Cross Site Scripting Vulnerability
Grep Integer Overflow Vulnerability
IOServer "Root Directory" Trailing Backslash Multiple Vulnerabilities
Sleuth Kit Detection Evasion Security Bypass Weakness
30 Jan. 2013
Red Hat Enterprise Virtualization Manager Multiple Security Vulnerabilities
OfficeSIP Server Denial Of Service Vulnerability
Joomla FireBoard Component (com_fireboard) SQL Injection Vulnerability
CubeCart Cross Site Request Forgery (CSRF) Vulnerability
Axway Secure Transport Path Traversal Vulnerability
WordPress TwentyTen Theme 'loo.php' Arbitrary File Upload Vulnerability
29 Jan. 2013
SAP Netweaver Dispatcher 7.0 EHP1/2 Multiple Vulnerabilities
Netmechanica NetDecision HTTP Server Denial Of Service Vulnerability
Jetty Hash Collision Denial Of Service Vulnerability
ICCLIB Out-of-Bounds Memory Write Remote Code Execution Vulnerability
F5 BIG-IP Remote Root Authentication Bypass Vulnerability
CubeCart Insecure Backup File Vulnerability
Yealink SIP-T20P IP Phone Multiple Security Vulnerabilities
28 Jan. 2013
Spotify 0.8.2.610 (search func) Memory Exhaustion Vulnerability
Optima APIFTP Server Multiple Vulnerabilities
LibTIFF 'DOTRANGE' Tags Handling Remote Buffer Overflow Vulnerability
IrfanView RLE Image Decompression Buffer Overflow Vulnerability
Invision Power Services Invision Gallery Multiple SQL Injection Vulnerabilities
IBM Lotus iNotes Upload Module ActiveX Control Buffer Overflow Vulnerability
Xen Bitmap Local Denial of Service Vulnerability
PyPAM -- Python bindings for PAM - Double Free Corruption Vulnerability
25 Jan. 2013
Ipswitch TFTP Server Directory Traversal Vulnerability
Oreans Themida v2.1.8.0 TMD File Handling Buffer Overflow Vulnerability
ManageEngine OpUtils v6 Stored XSS Vulnerability
Advantech Studio 'NTWebServer.exe' Directory Traversal Vulnerability
Layton Technology HelpBox Security Bypass Vulnerability
Symfony Security Bypass Vulnerability
Wireshark Misaligned Memory Denial of Service Vulnerability
23 Jan. 2013
VLC Media Player .mp4 Denial Of Service Vulnerability
Qutecom Softphone Heap Overflow DoS/Crash Vulnerability
Openconstructor CMS Parameter Multiple SQL Injection Vulnerability
NetSarang Xlpd Printer Daemon 4 Denial of Service Vulnerability
MoinMoin wiki Directory Traversal Vulnerability
ManageEngine OpStor Multiple Vulnerabilities
Inout Mobile Webmail APP Persistent XSS Vulnerability
FlashFXP Buffer Overflow Vulnerability
e107 CSRF Resulting in Arbitrary Javascript Execution Vulnerability
Checkpoint Abra Multiple Vulnerabilities
Adobe Photoshop CS6 PNG Parsing Heap Overflow Vulnerability
PHP Weby Directory Software Admin Account Manipulation CSRF Vulnerability
22 Jan. 2013
Zend Framework 'Zend_Feed' Component Information Disclosure Vulnerabilities
Uebimiau Webmail Stored XSS Vulnerability
tmux '-S' Option Incorrect SetGID Privilege Escalation Vulnerability
Squid 'cachemgr.cgi' Remote Denial of Service Vulnerability
ManageEngine Mobile Application Manager SQL Injection Vulnerability
IBM SPSS Modeler XML Parsing Unspecified Security Vulnerability
FreeIPA Cookie Handling Security Vulnerability
XnView TIFF Image Processing Heap Overflow Vulnerability
21 Jan. 2013
Unity 3D Web Player Denial of Service Vulnerability
Tickets CAD Multiple Vulnerabilities
Sony PC Companion Stack-based Unicode Buffer Overflow Vulnerability
Sielco Sistemi Winlog Multiple Vulnerabilities
Oracle Outside-In JP2 File Parsing Heap Overflow Vulnerability
Novell Groupwise HP3 and 2012 Integer Overflow Vulnerability
MyBB Profile Skype ID Plugin Privilege Escalation Vulnerability
Enterpriser16 LoadBalancer Multiple Web Vulnerabilities
ACDSee PRO RLE Image Processing Heap Overflow Vulnerability
Zoner Photo Studio v15 b3 Buffer Overflow Vulnerabilities
18 Jan. 2013
TomatoCart Piwik Extension Vulnerability
Qt 'XmlHttpRequest' Object Insecure Redirection Information Disclosure Vulnerability
XnView GIF Image Processing Heap Overflow Vulnerability
17 Jan. 2013
TinyMCPUK 'test' Parameter Cross Site Scripting Vulnerability
Novell ZENworks Configuration Management Preboot Service 0x6c Buffer Overflow
Netmechanica NetDecision Dashboard Server Information Disclosure Vulnerability
Mahara Multiple Remote Vulnerabilities
jBilling Cross Site Scripting Vulnerability
Blue Coat Reporter Cross Site Scripting and Cross Site Request Forgery Vulnerabilities
Android FTPServer Remote DoS Vulnerability
WordPress RSVPMaker Persistent XSS Vulnerability
16 Jan. 2013
HP OpenVMS LOGIN or ACMELOGIN, Remote or Local Denial of Service (DoS) Vulnerability
BlazeVideo BlazeDVD Playlist Files Remote Memory Corruption Vulnerability
ACDSee PRO PCT Image Processing Heap Overflow Vulnerability
eGlibc Signedness Code Execution Vulnerability
10 Jan. 2013
Aladdin Knowledge System Ltd. PrivAgent ActiveX Control Multiple Exploits
IBM Java Runtime Environment Multiple Remote Code Execution Vulnerabilities
ACDSee PRO GIF Image Processing Heap Overflow Vulnerability
IrfanView Format PlugIn TTF File Parsing Stack Based Overflow Vulnerability
WordPress WP-Realty Plugin 'language' Parameter Local File Include Vulnerability
7 Jan. 2013
Wordpress Mini Mail Dashboard Widget Stored XSS Vulnerability
Ubuntu APT Insecure File Permissions Local Information Disclosure Vulnerability
Real Networks RealPlayer Multiple Security Vulnerabilities
Multiple Fortinet FortiWeb Appliances Multiple Cross Site Scripting Vulnerabilities
Liferay Webdav File Reading Vulnerability
IBM WebSphere MQ File Transfer Edition Web Gateway CSRF Vulnerability
HP Data Protector EXEC_CMD Remote Code Execution Vulnerability
Cyclope Employee Surveillance Solution SQL Injection Vulnerability
BlazeVideo HDTV Player Pro Filename Handling Vulnerability
Tiny Server Arbitrary File Disclosure Vulnerability
4 Jan. 2013
Sumatra / MuPDF Integer Overflow Vulnerability
Smartfren Connex EC 1261-2 UI OUC Local Privilege Escalation Vulnerability
PHP spl_autoload() Local Denial of Service Vulnerability
ManageEngine Application Manager Multiple Vulnerabilities
Joomla joomgalaxy Multiple Vulnerabilities
Astium VoIP PBX Build 25399 Multiple Vulnerability
iAuto Mobile Application 2012 Multiple Vulnerabilities
GOM Media Player Buffer Overflow Vulnerability
Ezhometech EzServer Remote Heap Corruption Vulnerability
Dell SonicWALL Scrutinizer(StatusFilter.php Q Parameter) SQL Injection Vulnerability
BulletProof FTP Client 2010 - Buffer Overflow Vulnerability
IBM Lotus Quickr 'qp2.cab' ActiveX Control Stack Buffer Overflow Vulnerability
Dr. Web Control Center XSS Vulnerability
3 Jan. 2013
MailTraq Stored XSS Vulnerability
Java AtomicReferenceArray Type Violation Vulnerability
IrfanView DJVU Image Processing Heap Overflow Vulnerability
IlohaMail Webmail Stored XSS Vulnerability
IBM Lotus Notes Client URL Handler Command Injection Vulnerability
HP VSA Remote Command Execution Vulnerability
Havalite CMS 'data/havalite.db3' File Database Information Disclosure Vulnerability
GIMP script-fu Buffer Overflow Vulnerability
FL Studio Producer Edition SEH Based Buffer Overflow Vulnerabilty
Epson EventManager Denial of Service Vulnerability
Edraw Diagram Component 5 ActiveX Buffer Overflow DoS Vulnerability
DAMN Hash Calculator v1.5.1 Local Heap Overflow PoC Vulnerability
ACDSee PRO CUR Image Processing Heap Overflow Vulnerability
AOL Products downloadUpdater2 Plugin SRC Parameter Remote Code Execution Vulnerability
BuyClassifiedScript PHP Code Injection Vulnerability
Adobe Flash Player MP4 SequenceParameterSetNALUnit Buffer Overflow Vulnerability
Website Security Scan
Code Vulnerability Test
Network Assessment Tool
Detect hidden vulnerabilities
Exhaustive automated testing
Real-time, continuous security
Get guidance from professionals
of internal or 3rd party code.
scanning for your entire network
..Security News Archive..
Security News
-
Security Reviews
-
Exploits
-
Tools
-
UNIX Focus
-
Windows Focus
All Sections
Security News
Unix focus
Exploits
Tools
Windows focus
Security Reviews
Recent Articles
Featured Articles
Copyright ©
Beyond Security
All rights reserved.
Terms of Use
Site Privacy Statement
.
