|
27 Dec 2013 | STAT52 | |
|
|
23 Dec 2013 | VULN564 | VMware : VMware ESXi and ESX unauthorized file access through vCenter Server and ESX | VMware ESXi versions 5, 4, VMware ESX versions 4.
|
|
20 Dec 2013 | STAT51 | |
|
|
20 Dec 2013 | VULN563 | cpanel : Multiple Vulnerabilities fixed in cPanel & WHM product | Systems running cPanel, WHM version prior to
|
|
20 Dec 2013 | VULN562 | EMC : RSA Archer GRC Multiple Cross-Site Scripting Vulnerabilities | Systems running RSA Archer version 5.x.
|
|
20 Dec 2013 | VULN561 | APPLE : APPLE-SA-2013-12-19-1 Motion 5.1 | Mac OS X running Motion versions prior to 5.1.
|
|
18 Dec 2013 | VULN560 | IBM : IBM Storwize V7000 Unified V1.4.2.1 Includes Fixes for IBM Storwize V7000 Security Vulnerabilities | IBM Storwize V7000 versions 1.3, 1.4.
|
|
18 Dec 2013 | VULN559 | Wireshark : Various protocol disscetors DoS vulnerabilities fixed | Systems running Wireshark versions 1.10.x, 1.8.x
|
|
18 Dec 2013 | VULN558 | Zimbra : Critical Security Vulnerability Addressed in 7.2.6/8.0.6 Maintenance Releases | Systems running Zimbra Collaboration Server
|
|
18 Dec 2013 | VULN557 | Asterisk : Buffer Overflow and Permission Escalation vulnerabilities fixed | Systems Asterisk, Certified Asterisk versions
|
|
17 Dec 2013 | VULN556 | APPLE : APPLE-SA-2013-12-16-2 OS X Mavericks v10.9.1 | APPLE Mac OS X versions prior to 10.9.1.
|
|
17 Dec 2013 | VULN555 | APPLE : Safari 6.1.1 and Safari 7.0.1 | Systems running Safari version prior to 6.1.1,
|
|
17 Dec 2013 | VULN554 | IP.Board : IP.Board 3.3.x, 3.4.x Security Update | Systems running IP.Board versions 3.3.x, 3.4.x.
|
|
17 Dec 2013 | VULN553 | OpenSAML-J : OpenSAML Java ParserPool and Decrypter Vulnerable To XML Attacks | Systems running OpenSAML-J version prior to 2.6.1.
|
|
13 Dec 2013 | STAT50 | |
|
|
12 Dec 2013 | VULN552 | Plone : Hotfix for Plone vulnerabilities available | Systems running Plone version 4.3.x, 4.2.x, 4.1.x,
|
|
12 Dec 2013 | VULN551 | EMC : RSA Security Analytics Multiple Vulnerabilities | Systems running RSA Security Analytics version
|
|
11 Dec 2013 | VULN550 | Microsoft : Critical Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution | Systems running Microsoft Exchange Server version
|
|
11 Dec 2013 | VULN549 | Microsoft : Important Vulnerability in a Microsoft Office Shared Component Could Allow Security Feature Bypass | -
|
|
11 Dec 2013 | VULN548 | Microsoft : Important Vulnerability in Microsoft Office Could Allow Information Disclosure | Systems running Microsoft Office version 2013.
|
|
11 Dec 2013 | VULN547 | Microsoft : Important Vulnerability in ASP.NET SignalR Could Allow Elevation of Privilege | Systems running ASP.NET SignalR versions 1.1.x,
|
|
11 Dec 2013 | VULN546 | Microsoft : Important Vulnerability in LPC Client or LPC Server Could Allow Elevation of Privilege | Windows version XP, Server 2003.
|
|
11 Dec 2013 | VULN545 | Microsoft : Important Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege | Windows version XP, Server 2003, Vista,
|
|
11 Dec 2013 | VULN544 | Microsoft : Important Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution | Systems running Microsoft SharePoint Server
|
|
11 Dec 2013 | VULN543 | Microsoft : Critical Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution | Windows version Vista, Server 2008,
|
|
11 Dec 2013 | VULN542 | Microsoft : Critical Cumulative Security Update for Internet Explorer | Systems running Internet Explorer version 6, 7, 8,
|
|
11 Dec 2013 | VULN541 | Microsoft : Critical Vulnerability in Microsoft Scripting Runtime Object Library Could Allow Remote Code Execution | Windows version XP, Server 2003, Vista,
|
|
11 Dec 2013 | VULN540 | Microsoft : Critical Vulnerability in Windows Could Allow Remote Code Execution | Windows version XP, Server 2003, Vista,
|
|
11 Dec 2013 | VULN539 | Adobe : Security updates available for Adobe Flash Player | Windows, Mac OS X running Adobe Flash Player
|
|
11 Dec 2013 | VULN538 | Adobe : Security update available for Adobe Shockwave Player | Systems running Adobe Shockwave Player versions
|
|
11 Dec 2013 | VULN537 | TYPO3 : Multiple Vulnerabilities in TYPO3 CMS | Systems running TYPO3 CMS versions 4.5.0 to
|
|
9 Dec 2013 | VULN536 | US-CERT : NagiosQL 3.2 Service Pack 2 contains a reflected cross-site scripting vulnerability | Systems running NagiosQL versions 3.2 and earlier.
|
|
9 Dec 2013 | VULN535 | VMware : VMware ESX updates to third party libraries | VMware ESX versions 4.1.
|
|
6 Dec 2013 | STAT49 | |
|
|
5 Dec 2013 | VULN534 | Xen : Guest triggerable AMD CPU erratum may cause host hang | Systems running Xen versions 3.3 and after.
|
|
5 Dec 2013 | VULN533 | Google : Google Chrome 31.0.1650.63 fixes medium to high vulnerabilities | Systems running Chrome versions prior to
|
|
4 Dec 2013 | VULN531 | HP : HP Service Manager and ServiceCenter, Remote Code,Execution | Systems running HP Service Manager versions 7.11,
|
|
4 Dec 2013 | VULN530 | IBM : Security vulnerabilities in Perl for AIX | IBM AIX versions 6.1, 7.1.
|
|
4 Dec 2013 | VULN529 | VMware : VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation | VMware ESX version 4.x,
|
|
3 Dec 2013 | VULN528 | Xen : DoS and privilege escalation vulnerabilities fixed | Systems running Xen versions 3.0.3 and later.
|
|
3 Dec 2013 | VULN527 | Shibboleth SP : Curl library skips TLS server certificate name checking | Systems running Shibboleth SP.
|
|
29 Nov 2013 | STAT48 | |
|
|
27 Nov 2013 | VULN526 | NetBSD : embryonic TCP sockets local DoS | NetBSD versions current, 6.x.
|
|
26 Nov 2013 | VULN525 | Moodle : XSS and unauthorized file access vulnerabilities fixed | Systems running Moodle versions prior to 2.6,
|
|
22 Nov 2013 | STAT47 | |
|
|
22 Nov 2013 | VULN524 | RSA : RSA Data Protection Manager Appliance Multiple Vulnerabilities | Systems running RSA DPM Appliance versions
|
|
22 Nov 2013 | VULN523 | Ruby : Heap Overflow in Floating Point Parsing | Systems running ruby versions 1.8, 1.9, 2.0.0,
|
|
21 Nov 2013 | VULN522 | DRUPAL : SA-CORE-2013-003 - Drupal core - Multiple vulnerabilities | Systems running Drupal core versions 6.x, 7.x
|
|
20 Nov 2013 | VULN521 | FreeBSD : OpenSSH AES-GCM memory corruption vulnerability | FreeBSD version 10.0-BETA running OpenSSH.
|
|
20 Nov 2013 | VULN520 | EMC : EMC Document Sciences xPression Multiple Vulnerabilities | Systems running EMC Document Sciences xPression
|
|
20 Nov 2013 | VULN519 | (Nginx : nginx security advisory (CVE-2013-4547)) | Systems running nginx versions 0.8.41 up to and
|
|
19 Nov 2013 | VULN518 | Mozilla : Miscellaneous Network Security Services (NSS) vulnerabilities | Systems running Firefox versions prior to 25.0.1,
|
|
15 Nov 2013 | STAT46 | |
|
|
15 Nov 2013 | VULN517 | BlackBerry : Vulnerability in remote file access feature impacts BlackBerry Link | Windows running BlackBerry Link version 1.0.1.12
|
|
15 Nov 2013 | VULN516 | MediaWiki : MediaWiki Security Release 1.21.3, 1.20.8 and 1.19.9 | systems running MediaWiki version prior to
|
|
15 Nov 2013 | VULN515 | Red Hat : Moderate kernel security, bug fix and enhancement update | systems running Red Hat OpenStack version 3.0.
|
|
15 Nov 2013 | VULN514 | Red Hat : Critical spacewalk-java security update | Red Hat Satellite version 5.2, 5.3, 5.4, 5.5, 5.6.
|
|
15 Nov 2013 | VULN513 | Cisco : Cisco IOS Software SSL VPN Interface Queue Wedge Denial of Service Vulnerability | Cisco IOS.
|
|
15 Nov 2013 | VULN512 | Cisco : Cisco Unified Communications Manager Arbitrary File Read/Write Vulnerability | Cisco Unified Communications Manager software.
|
|
15 Nov 2013 | VULN511 | IBM : Privilege escalation vulnerability in IBM DB2's Audit Facility | Linux, Unix running IBM DB2 versions 9.1, 9.5,
|
|
15 Nov 2013 | VULN510 | VMware : VMware Workstation host privilege escalation vulnerability | Linux versions 5.x, 9.x, prior to 5.0.3, 9.0.3
|
|
15 Nov 2013 | VULN509 | APPLE : APPLE-SA-2013-11-14-1 iOS 7.0.4 | iOS versions prior to 7.0.4.
|
|
14 Nov 2013 | VULN508 | NetBSD : Use after free in Xserver handling of ImageText requests | NetBSD version 5, 6.
|
|
13 Nov 2013 | VULN507 | Google Chrome : Google Chrome 31.0.1650.48 fixes multiple security vulnerabilities | Systems running Google Chrome version prior to
|
|
13 Nov 2013 | VULN506 | Adobe : Hotfix available for ColdFusion | Systems running ColdFusion version 10, 9.0.2,
|
|
13 Nov 2013 | VULN505 | Adobe : Security updates available for Adobe Flash Player | Systems running Adobe Flash Player versions prior
|
|
13 Nov 2013 | VULN504 | Microsoft : Vulnerability in DirectAccess Could Allow Security Feature Bypass | Windows version XP, Server 2003, Vista,
|
|
13 Nov 2013 | VULN503 | Microsoft : Important Vulnerability in Digital Signatures Could Allow Denial of Service | Windows version XP, Server 2003, Vista,
|
|
13 Nov 2013 | VULN502 | Microsoft : Important Vulnerability in Microsoft Outlook Could Allow Information Disclosure | Systems running Microsoft Office version 2007,
|
|
13 Nov 2013 | VULN501 | Microsoft : Important Vulnerability in Windows Ancillary Function Driver Could Allow Information Disclosure | Windows version XP, Server 2003, Vista,
|
|
13 Nov 2013 | VULN500 | Microsoft : Important Vulnerability in Hyper-V Could Allow Elevation of Privilege | Windows version 8, Server 2012.
|
|
13 Nov 2013 | VULN499 | Microsoft : Important Vulnerabilities in Microsoft Office Could Allow Remote Code Execution | Systems running Microsoft Office version 2003,
|
|
13 Nov 2013 | VULN498 | Microsoft : Critical Cumulative Security Update of ActiveX Kill Bits | Windows version XP, Server 2003, Vista,
|
|
13 Nov 2013 | VULN497 | Microsoft : Critical Vulnerability in Windows Graphics Device Interface Could Allow Remote Code ,Execution | Windows version XP, Server 2003, Vista,
|
|
13 Nov 2013 | VULN496 | Microsoft : Critical Cumulative Security Update for Internet Explorer (2888505) | Systems running Internet Explorer versions 6, 7,
|
|
12 Nov 2013 | VULN495 | Microsoft : ActiveX Control issue being addressed in Update Tuesday | Systems running Internet Explorer.
|
|
12 Nov 2013 | VULN494 | Xen : Host crash due to guest VMX instruction execution | Systems running Xen versions 4.3.x, 4.2.x, 4.1.x.
|
|
12 Nov 2013 | VULN493 | Samba: Vulnerabilities fixed in versions 3.6.20, 4.0.11, 4.1.1 | Systems running samba versions 3.2.x, 3.3.x,
|
|
8 Nov 2013 | STAT45 | |
|
|
8 Nov 2013 | VULN492 | Joomla! : Core XSS Vulnerabilities fixed in new versions | Systems running Joomla! versions 2.5.x, 3.x prior
|
|
7 Nov 2013 | VULN491 | BIND : A Winsock API Bug Can Cause a Side-Effect Affecting BIND ACLs | Microsoft Windows running BIND versions 9.6, 9.8,
|
|
6 Nov 2013 | VULN490 | Microsoft : Vulnerability in Microsoft Graphics Component Could Allow Remote Code Execution | Microsoft Windows,
|
|
31 Oct 2013 | STAT44 | |
|
|
31 Oct 2013 | VULN489 | Cisco : Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers | Cisco IOS XE Software for 1000 Series Aggregation
|
|
31 Oct 2013 | VULN488 | Tiki-Wiki : Tiki Wiki CMS security updates | Systems running Tiki versions prior to 11.1,
|
|
31 Oct 2013 | VULN487 | Horde : New Horde, IMP, Mnemo versions fix XSS vulnerability | Systems running
|
|
30 Oct 2013 | VULN486 | Mozilla : Multiple vulnerabilities fixed in Firefox, Thunderbird, Seamonkey | Systems running
|
|
25 Oct 2013 | STAT43 | |
|
|
24 Oct 2013 | VULN485 | DRUPAL : SA-CONTRIB-2013-081 - Spaces - Access bypass | Systems running Spaces for DRUPAL versions
|
|
24 Oct 2013 | VULN484 | Cocaine rubygem : Recursive Interpolation Vulnerability in Cocaine rubygem | Systems running Cocaine rubygem versions 0.4.x,
|
|
24 Oct 2013 | VULN483 | Webcollab : Webcollab 3.31 fix HTTP Response Splitting Vulnerability | Systems running Webcollab versions prior to 3.31.
|
|
24 Oct 2013 | VULN482 | Cisco : Multiple Vulnerabilities in Cisco Identity Services Engine | Systems running Cisco Identity Services Engine.
|
|
24 Oct 2013 | VULN481 | Cisco : Cisco IOS XR Software Route Processor Denial of Service Vulnerability | Cisco IOS XR versions 3.3.0 up to and including
|
|
24 Oct 2013 | VULN480 | Cisco : Apache Struts 2 Command Execution Vulnerability in Multiple Cisco Products | Cisco software running Apache Struts 2,
|
|
23 Oct 2013 | VULN479 | Apache : CVE-2013-4390 Apache Sling open redirect on login | Systems running Apache Sling version prior to
|
|
23 Oct 2013 | VULN478 | GuppY : GuppY - Security Patch 4.6.28 | Systems running GuppY version prior to 4.6.28.
|
|
23 Oct 2013 | VULN477 | Roundcube : Security updates 0.9.5 and 0.8.7 | Systems running Roundcube Webmail version prior
|
|
23 Oct 2013 | VULN476 | APPLE : APPLE-SA-2013-10-22-4 Keynote 6.0 | OS X version 10.9 or later running Keynote
|
|
23 Oct 2013 | VULN475 | Simple Machines Forum : SMF 1.1.19 and 2.0.6 critical security patches released | Windows running Simple Machines Forum versions
|
|
23 Oct 2013 | VULN474 | APPLE : APPLE-SA-2013-10-22-8 iTunes 11.1.2 | Windows running iTunes versions prior to 11.1.2.
|
|
23 Oct 2013 | VULN473 | APPLE : APPLE-SA-2013-10-22-3 OS X Mavericks v10.9 | Mac OS X versions prior to 10.9.
|
|
23 Oct 2013 | VULN472 | APPLE : APPLE-SA-2013-10-22-2 Safari 6.1 fixes multiple vulnerabilities | Mac OS X versions 10.7, 10.8.
|
|
23 Oct 2013 | VULN471 | APPLE : APPLE-SA-2013-10-22-5 OS X Server 3.0 | Systems running OS X Server versions prior to 3.0.
|
|
23 Oct 2013 | VULN470 | APPLE : APPLE Remote Desktop 3.5.4, 3.7 fix arbitrary code execution vulnerability | Systems running Apple Remote Desktop versions 3.
|
|
23 Oct 2013 | VULN469 | APPLE : APPLE-SA-2013-10-22-1 iOS 7.0.3 | iOS versions prior to 7.0.3.
|
|
22 Oct 2013 | VULN468 | US-CERT : SAP Sybase Adaptive Server Enterprise vulnerable to XML injection | Systems running SAP Sybase Adaptive Server
|
|
21 Oct 2013 | VULN467 | US-CERT : D-Link routers authenticate administrative access using specific User-Agent string | D-Link routers.
|
|
21 Oct 2013 | VULN466 | Bugzilla : 4.4.1, 4.2.7, and 4.0.11 Security Advisory | Systems running Bugzilla versions prior to 4.4.1,
|
|
21 Oct 2013 | VULN465 | VMware : VMware vSphere updates address multiple vulnerabilities | Systems running VMware vCenter Server,
|
|
18 Oct 2013 | STAT42 | |
|
|
17 Oct 2013 | VULN464 | SciPy : SciPy 0.12.1 fixes privilege escalation vulnerability | Systems running SciPy versions prior to 0.12.1.
|
|
17 Oct 2013 | VULN463 | Cisco : Use of Dual_EC_DRBG in Cisco Products | Cisco software.
|
|
16 Oct 2013 | VULN462 | Symfony : Symfony 2.0.25, 2.1.13, 2.2.9 and 2.3.6 released | Systems running Symfony versions 2.0.X, 2.1.X,
|
|
16 Oct 2013 | VULN461 | Google Chrome : Chrome 30.0.1599.101 fixes Use after free vulnerabilities | Systems running Google Chrome versions prior to
|
|
16 Oct 2013 | VULN460 | APPLE : APPLE-SA-2013-10-15-1 Java for OS X 2013-005 and,Mac OS X v10.6 Update 17 | Mac OS X versions 10.6, 10.7, 10.8.
|
|
16 Oct 2013 | VULN459 | Oracle : October 2013 Critical Patch Update Released | Systems running Oracle Database,
|
|
11 Oct 2013 | STAT41 | |
|
|
11 Oct 2013 | VULN458 | Xen : Multiple vulnerabilities fixed in Xen | Systems running Xen versions 3.1.x, 4.2.x, 4.3.x,
|
|
11 Oct 2013 | VULN457 | McAfee : McAfee Managed Agent update fixes the "Denial,of Service" vulnerability against the FrameworkService.exe | Systems running McAfee Agent versions up to and
|
|
10 Oct 2013 | VULN456 | Apache : mod_fcgid 2.3.9 Fix possible heap buffer overwrite | Systems running mod_fcgid versions prior to 2.3.9.
|
|
10 Oct 2013 | VULN455 | Cisco : Multiple Vulnerabilities in Cisco Firewall Services Module Software | Cisco Firewall Services Module Software.
|
|
10 Oct 2013 | VULN454 | Cisco : Multiple Vulnerabilities in Cisco ASA Software | Cisco ASA Software.
|
|
10 Oct 2013 | VULN453 | US-CERT : ASUS RT-N10E Wireless Router vulnerable to authentication bypass | ASUS RT-N10E Wireless Router firmware versions
|
|
10 Oct 2013 | VULN452 | MyBB : MyBB 1.6.11 - Security & Maintenance Release | Systems running MyBB version prior to 1.6.11.
|
|
10 Oct 2013 | VULN451 | BlackBerry : Vulnerability in BlackBerry Universal Device Service wrapper impacts BlackBerry Enterprise Service 10 | Systems running
|
|
9 Oct 2013 | VULN450 | Microsoft : Important Vulnerability in Silverlight Could Allow Information Disclosure | Systems running Microsoft Silverlight version 5.
|
|
9 Oct 2013 | VULN449 | Microsoft : Important Vulnerabilities in Microsoft Word Could Allow Remote Code Execution | Systems running
|
|
9 Oct 2013 | VULN448 | Microsoft : Important Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution | Systems running
|
|
9 Oct 2013 | VULN447 | Microsoft : Important Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution | Systems running Microsoft SharePoint Server
|
|
9 Oct 2013 | VULN446 | Microsoft : Critical Vulnerabilities in .NET Framework Could Allow Remote Code Execution | Systems running Microsoft .NET Framework
|
|
9 Oct 2013 | VULN445 | Microsoft : Critical Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution | Windows version XP, Vista, 7, 8, RT, Server 2003,
|
|
9 Oct 2013 | VULN444 | Microsoft : Critical Cumulative Security Update for Internet Explorer | Systems running Internet Explorer version 6, 7,
|
|
9 Oct 2013 | VULN443 | Adobe : Security update available for RoboHelp | Windows running RoboHelp version 10.
|
|
9 Oct 2013 | VULN442 | Adobe : Security updates available for Adobe Reader and Acrobat | Systems running Adobe Reader, Adobe Acrobat
|
|
8 Oct 2013 | VULN441 | GnuPG : GnuPG 2.0.22, 1.4.15 fix possible infinite recursion | Systems running GnuPG version prior to 2.0.22,
|
|
8 Oct 2013 | VULN440 | Xen : qemu SCSI REPORT LUNS buffer overflow | Systems running Xen.
|
|
8 Oct 2013 | VULN439 | Citrix : Citrix NetScaler Application Delivery Controller Denial of Service Vulnerability | Systems running Citrix NetScaler ADC version 10.0
|
|
8 Oct 2013 | VULN438 | Zabbix : SQL injection in Zabbix frontend and API | Systems running Zabbix versions prior to
|
|
8 Oct 2013 | VULN437 | Adobe : Illegal Access to Adobe Source Code | Systems running Adobe products.
|
|
4 Oct 2013 | STAT40 | |
|
|
2 Oct 2013 | VULN436 | Cisco : Cisco IOS XR Software Memory Exhaustion Vulnerability | Cisco IOS XR version 4.3.1.
|
|
2 Oct 2013 | VULN435 | Google Chrome : Google Chrome 30.0.1599.66 fixes multiple vulnerabilities | Systems running Google Chrome versions prior to
|
|
1 Oct 2013 | VULN434 | Xen : Patches for Information leak and Memory accessible vulnerabilities | Systems running Xen versions 3.3.x up to and
|
|
1 Oct 2013 | VULN433 | Apache Camel : CVE-2013-4330 Apache Camel critical disclosure vulnerability | Systems running Apache Camel versions 2.
|
|
30 Sep 2013 | VULN432 | IP.Board : IP.Board 3.3.x-3.4.x and IP.Gallery 4.2.x-5.0.x Security Update | Systems running IP.Board versions 3.3.x,3.4.x,
|
|
27 Sep 2013 | STAT39 | |
|
|
27 Sep 2013 | VULN431 | splunk : Splunk 5.0.5 addresses one vulnerability | Systems running Splunk versions prior to 5.0.5.
|
|
27 Sep 2013 | VULN430 | TYPO3 : Several vulnerabilities in third party extensions | Systems running booking for TYPO3,
|
|
26 Sep 2013 | VULN429 | Suricata : Suricata 1.4.6 fixes Denial of Service vulnerability | Systems running Suricata versions prior to 1.4.6.
|
|
26 Sep 2013 | VULN428 | Cisco : Multiple vulnerabilities fixed in Cisco IOS Software | Cisco IOS Software.
|
|
26 Sep 2013 | VULN427 | (TYPO3 : Several vulnerabilities in extension Apache Solr for TYPO3 (solr)) | Systems running Apache Solr for TYPO3 versions
|
|
26 Sep 2013 | VULN426 | (TYPO3 : Information Disclosure in extension Direct Mail (direct_mail)) | Systems running direct_mail for TYPO3 versions
|
|
26 Sep 2013 | VULN425 | (TYPO3 : SQL Injection vulnerability in extension Formhandler (formhandler)) | Systems running formhandler for TYPO3 versions
|
|
26 Sep 2013 | VULN424 | (TYPO3 : SQL Injection vulnerability in extension RealURL: speaking paths for TYPO3 (realurl)) | Systems running realurl for TYPO3 versions prior
|
|
26 Sep 2013 | VULN423 | (TYPO3 : Several vulnerabilities in extension AWStats (cc_awstats)) | Systems running cc_awstats for TYPO3 versions up
|
|
24 Sep 2013 | VULN422 | US-CERT : Dell iDRAC 6 is vulnerable to a cross-site scripting (XSS) attack | Dell Firmware running Dell iDRAC version 6, 7.
|
|
24 Sep 2013 | VULN421 | US-CERT : KnowledgeView Editorial and Management application cross-site scripting vulnerability | Systems running
|
|
24 Sep 2013 | VULN420 | Moodle : XSS and object injection Vulnerabilities fixed in 2.5.2, 2.4.6 and 2.3.9 | Systems running
|
|
23 Sep 2013 | VULN419 | Apache : Vulnerabilities fixed in Struts 2.3.15.2 | Systems running
|
|
23 Sep 2013 | VULN418 | Citrix : Citrix CloudPortal Services Manager Multiple Security Updates | Systems running
|
|
23 Sep 2013 | VULN417 | APPLE : APPLE-SA-2013-09-20-1 Apple TV 6.0 | Systems running Apple TV versions prior to 6.0.
|
|
20 Sep 2013 | STAT38 | |
|
|
20 Sep 2013 | VULN416 | HP : HP ArcSight Enterprise Security Manager Management Web Interface, Remote Cross Site Scripting | Systems running
|
|
19 Sep 2013 | VULN415 | GLPI : GLPI 0.84.2, Security fix - CVE-2013-5696 | Systems running GLPI versions prior to 0.84.2.
|
|
19 Sep 2013 | VULN414 | APPLE : APPLE-SA-2013-09-18-1 iTunes 11.1 | Windows running iTunes versions prior to 11.1.
|
|
19 Sep 2013 | VULN413 | APPLE : APPLE-SA-2013-09-18-3 Xcode 5.0 | Mac OS X running Xcode versions prior to 5.0.
|
|
19 Sep 2013 | VULN412 | APPLE : APPLE-SA-2013-09-18-2 iOS 7 | iOS versions prior to 7.
|
|
19 Sep 2013 | VULN411 | Cisco : Multiple Vulnerabilities in Cisco Prime Data Center Network Manager | Systems running
|
|
19 Sep 2013 | VULN410 | Cisco : Cisco Prime Central for Hosted Collaboration Solution Assurance Unauthenticated Username and Password Enumeration | Systems running
|
|
18 Sep 2013 | VULN409 | (IBM : Buffer Overflow Vulnerability in IBM iNotes (CVE-2013-4068)) | Systems running IBM iNotes versions 8.5.3, 9.0.
|
|
18 Sep 2013 | VULN408 | Microsoft : Vulnerability in Internet Explorer Could Allow Remote Code Execution | Systems running
|
|
18 Sep 2013 | VULN407 | Mozilla : Multiple vulnerabilities fixed in firefox, Thunderbird, Seamonkey | Systems running
|
|
18 Sep 2013 | VULN406 | APPLE : APPLE-SA-2013-09-17-1 OS X Server v2.2.2 | Systems running OS X Server version 2.2.2.
|
|
13 Sep 2013 | STAT37 | |
|
|
13 Sep 2013 | VULN405 | (Drupal : SA-CONTRIB-2013-076 - jQuery Countdown - Cross Site Scripting (XSS)) | Systems running jQuery Countdown for DRUPAL
|
|
13 Sep 2013 | VULN404 | (Drupal : SA-CONTRIB-2013-074 - MediaFront - Cross Site Scripting (XSS)) | Systems running MediaFront for DRUPAL versions
|
|
13 Sep 2013 | VULN403 | Xen : libxl partially sets up HVM passthrough even with disabled iommu | Systems running Xen versions 4.1.x, 4.2.x.
|
|
13 Sep 2013 | VULN402 | APPLE : APPLE-SA-2013-09-12-1 OS X Mountain Lion v10.8.5 and Security Update,2013-004 | Mac OS X.
|
|
13 Sep 2013 | VULN401 | APPLE : APPLE-SA-2013-09-12-2 Safari 5.1.10 | -
|
|
12 Sep 2013 | VULN400 | Django : Django 1.4.7,Django 1.5.3, and Django 1.6 beta 3 fixes directory-traversal vulnerability | Systems running Django versions 1.4, 1.5, 1.6
|
|
12 Sep 2013 | VULN399 | NetBSD : user settable small BPF buffer can cause a panic | NetBSD versions 5, 6, -current.
|
|
12 Sep 2013 | VULN398 | APPLE : APPLE-SA-2013-09-10-1 OS X Flash Player plug-in blocked | Mac OS X running Flash Player versions prior to
|
|
11 Sep 2013 | VULN397 | FreeBSD : Cross-mount links between nullfs(5) mounts | FreeBSD versions all running nullfs.
|
|
11 Sep 2013 | VULN396 | (FreeBSD : Kernel memory disclosure in sendfile(2)) | FreeBSD versions 9.2-RC1, 9.2-RC2 running sendfile.
|
|
11 Sep 2013 | VULN395 | (FreeBSD : Insufficient credential checks in network ioctl(2)) | FreeBSD versions all running sys_netinet6,
|
|
11 Sep 2013 | VULN394 | Microsoft : Important Vulnerability in Microsoft Office IME (Chinese) Could Allow Elevation of Privilege | Systems running Microsoft Office version 2010,
|
|
11 Sep 2013 | VULN393 | Microsoft : Important Vulnerability in Active Directory Could Allow Denial of Service | Windows version Vista, Server 2008, 7, 8,
|
|
11 Sep 2013 | VULN392 | Microsoft : Important Vulnerability in FrontPage Could Allow Information Disclosure | Systems running Microsoft FrontPage version 2003.
|
|
11 Sep 2013 | VULN391 | Microsoft :Important Vulnerability in Windows Service Control Manager Could Allow Elevation of Privilege | Windows version 7, Server 2008.
|
|
11 Sep 2013 | VULN390 | Microsoft : Important Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation of Privilege | Windows version XP, Server 2003, Vista,
|
|
11 Sep 2013 | VULN389 | Microsoft : Important Vulnerabilities in Microsoft Access Could Allow Remote Code Execution | Systems running
|
|
11 Sep 2013 | VULN388 | Microsoft : Important Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution | Systems running
|
|
11 Sep 2013 | VULN387 | Microsoft : Important Vulnerabilities in Microsoft Office Could Allow Remote Code Executio | Systems running
|
|
11 Sep 2013 | VULN386 | Microsoft : Important Vulnerability in Windows Theme File Could Allow Remote Code Execution | Windows version XP, Server 2003, Vista, Server 2008.
|
|
11 Sep 2013 | VULN385 | Microsoft : Critical Vulnerability in OLE Could Allow Remote Code Execution | windows version XP, Server 2003.
|
|
11 Sep 2013 | VULN384 | Microsoft : Critical Cumulative Security Update for Internet Explorer | Systems running
|
|
11 Sep 2013 | VULN383 | Microsoft : Critical Vulnerability in Microsoft Outlook Could Allow Remote Code Execution | Systems running
|
|
11 Sep 2013 | VULN382 | Microsoft : Critical Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution | Systems running Microsoft SharePoint Server.
|
|
11 Sep 2013 | VULN381 | Adobe : Security update available for Adobe Shockwave Player | Systems running
|
|
11 Sep 2013 | VULN380 | Adobe : Security updates available for Adobe Reader and Acrobat | Systems running
|
|
11 Sep 2013 | VULN379 | Adobe : Security updates available for Adobe Flash Player | Systems running
|
|
9 Sep 2013 | VULN378 | APPLE : APPLE-SA-2013-09-06-1 AirPort Base Station Firmware Update 7.6.4 | APPLE AirPort Base Station Firmware version prior
|
|
6 Sep 2013 | STAT36 | |
|
|
6 Sep 2013 | VULN377 | US-CERT : Coursemill Learning Management System contains multiple vulnerabilities | Systems running
|
|
6 Sep 2013 | VULN376 | TYPO3 : Incomplete Access Management and Remote Code Execution Vulnerability in TYPO3 Core | Systems running TYPO3 Core versions 6.0.0 up to
|
|
6 Sep 2013 | VULN375 | Drupal : Drupal core - Users can insert hidden text and links | Systems running Drupal core versions 6.x, 7.x.
|
|
5 Sep 2013 | VULN374 | Cisco : Multiple Vulnerabilities in the Cisco WebEx Recording Format and Advanced Recording Format Players | Systems running Cisco WebEx Business Suite
|
|
30 Aug 2013 | VULN373 | DRUPAL : SA-CONTRIB-2013-072 - Node View Permissions - Access Bypass | Node View Permissions for DRUPAL versions 7.x-1.0.
|
|
30 Aug 2013 | VULN372 | APPLE : Java Web plug-in blocked | Mac OS X running Java.
|
|
30 Aug 2013 | VULN371 | F5 : sol14638 TLS/SSL RC4 vulnerability - CVE-2013-2566 | F5 products software.
|
|
30 Aug 2013 | STAT35 | |
|
|
29 Aug 2013 | VULN370 | Debian : [DSA 2745-1] linux security update | Debian versions wheezy.
|
|
29 Aug 2013 | VULN369 | Cisco : Cisco Secure Access Control Server Remote Command Execution Vulnerability | Systems running Cisco Secure Access Control Server
|
|
28 Aug 2013 | VULN368 | US-CERT : SearchBlox contains multiple vulnerabilities | Systems running SearchBlox versions up to and
|
|
28 Aug 2013 | VULN367 | (Asterisk : Asterisk 1.8.15-cert3, 11.2-cert2, 1.8.23.1, 10.12.3, 10.12.3-digiumphones, 11.5.1 Now Available (Security Release)) | Systems running Asterisk versions 1.8, 10, 11,
|
|
27 Aug 2013 | VULN366 | Roundcube : Roundcube webmail Update 0.9.3 fixes XSS vulnerabilities | Systems running Roundcube webmail versions prior
|
|
26 Aug 2013 | VULN365 | RealPlayer : RealNetworks, Inc. Releases Update to Address Security Vulnerabilities | Systems running RealPlayer versions 11.x, 14.0.0
|
|
23 Aug 2013 | STAT34 | |
|
|
23 Aug 2013 | VULN364 | (HP : HP StoreOnce D2D Backup System, Remote Denial of Service (DoS)) | Systems running HP StoreOnce D2D Backup System
|
|
23 Aug 2013 | VULN363 | (IBM : Unauthorized Access to Table Vulnerability in DB2 (CVE-2013-4033)) | Systems running
|
|
23 Aug 2013 | VULN362 | (IBM : WebSphere Portal vulnerable to unauthorized access to user directory (CVE-2013-3016)) | Systems running
|
|
23 Aug 2013 | VULN361 | VMware : VMware Workstation host privilege escalation vulnerability | Systems running
|
|
22 Aug 2013 | VULN360 | DRUPAL : Zen - Cross Site Scripting | Systems running Zen for DRUPAL versions 7.x-3.x
|
|
22 Aug 2013 | VULN359 | Cisco : Cisco Unified Communications Manager IM and Presence Service Denial of Service Vulnerability | Systems running
|
|
22 Aug 2013 | VULN358 | Cisco : Cisco Prime Central for Hosted Collaboration Solution Assurance Denial of Service Vulnerabilities | Systems running
|
|
22 Aug 2013 | VULN357 | Cisco : Multiple Vulnerabilities in Cisco Unified Communications Manager | Cisco Unified Communications Manager versions 7,
|
|
22 Aug 2013 | VULN356 | FreeBSD : vulnerabilities fixed in IP_MSFILTER and sctp | FreeBSD versions up to and including 9.2.
|
|
21 Aug 2013 | VULN355 | McAfee : MEG 7.5 SMTP proxy stops responding when scanning specifically ,formatted emails | Systems running McAfee Email Gateway versions 7.5.
|
|
21 Aug 2013 | VULN354 | Google : Google Chrome 29.0.1547.57 fixes security vulnerabilities | Systems running Google Chrome versions prior to
|
|
20 Aug 2013 | VULN353 | IBM : IBM HTTP Server Fix Pack 7 (8.0.0.7) fixes several vulnerabilities | Systems running IBM HTTP Server versions 8 prior
|
|
20 Aug 2013 | VULN352 | Django : XSS in admin interface and via is_safe_url fixed | Systems running Django versions 1.4, 1.5, 1.6,
|
|
19 Aug 2013 | STAT33 | |
|
|
16 Aug 2013 | VULN351 | US-CERT : Dell BIOS in some Latitude laptops and Precision Mobile Workstations vulnerable to buffer overflow | Dell BIOS.
|
|
16 Aug 2013 | VULN350 | CakePHP : CakePHP 2.3.8 & 2.2.9 fix security issue in AssetDispatcher | Systems running CakePHP versions prior to
|
|
16 Aug 2013 | VULN349 | DotNetNuke : Vulnerabilities fixed in DNN 6.2.9/7.1.1 versions | Systems running DotNetNuke versions prior to
|
|
16 Aug 2013 | VULN348 | Simple Machines Forum : SMF 2.0.5 critical security patch released | Systems running Simple Machines Forum versions 2.x
|
|
14 Aug 2013 | VULN347 | Microsoft : Important Vulnerability in Active Directory Federation Services Could Allow Information Disclosure | Systems running
|
|
14 Aug 2013 | VULN346 | Microsoft : Important Vulnerability in ICMPv6 could allow Denial of Service | Windows versions Vista, Server 2008, 7,
|
|
14 Aug 2013 | VULN345 | Microsoft : Important Vulnerability in Windows NAT Driver Could Allow Denial of Service | Windows version Server 2012 running
|
|
14 Aug 2013 | VULN344 | Microsoft : Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege | Windows versions XP, Server 2003, Vista,
|
|
14 Aug 2013 | VULN343 | Microsoft : Important Vulnerability in Remote Procedure Call Could Allow Elevation of Privilege | Windows versions Vista, XP, Server 2003,
|
|
14 Aug 2013 | VULN342 | Microsoft : Critical Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution | Systems running Microsoft Exchange Server versions
|
|
14 Aug 2013 | VULN341 | Microsoft : Critical Vulnerability in Unicode Scripts Processor Could Allow Remote Code Execution | Windows version XP, Server 2003
|
|
14 Aug 2013 | VULN340 | Microsoft : Cumulative Security Update for Internet Explorer | Systems running Internet Explorer versions 6, 7,
|
|
9 Aug 2013 | STAT32 | |
|
|
8 Aug 2013 | VULN339 | PuTTY : PuTTY vulnerabilities vuln-signature-stringlen and vuln-modmul fixed | Systems running PuTTY versions 0.52 up to and
|
|
8 Aug 2013 | VULN338 | US-CERT : BREACH vulnerability in compressed HTTPS | Systems implementing compressed HTTPS.
|
|
8 Aug 2013 | VULN337 | DRUPAL : RESTful Web Services (RESTWS) - Access Bypass | Systems running RESTful Web Services for DRUPAL
|
|
8 Aug 2013 | VULN336 | Cisco : Cisco TelePresence System Default Credentials Vulnerability | Systems running CiscoTelePresence System Software
|
|
7 Aug 2013 | VULN335 | Atlassian : Reflected XSS in JIRA Admin Panel fixed | Systems running Atlassian JIRA versions
|
|
7 Aug 2013 | VULN334 | Apache : Apache CloudStack Cross-site scripting (XSS) vulnerabiliity | Systems running Apache CloudStack versions
|
|
7 Aug 2013 | VULN333 | Mozilla : Multiple vulnerabilities fixed in Firefox, Thunderbird, SeaMonkey | Systems running
|
|
7 Aug 2013 | VULN332 | Cacti : Cacti 0.8.8b fixes SQL injection and shell escaping issues | Systems running Cacti versions prior to 0.8.8b.
|
|
7 Aug 2013 | VULN331 | Samba : Denial of service - CPU loop and memory allocation | Systems running Samba versions 3.x, 4.x
|
|
6 Aug 2013 | VULN330 | Atlassian Confluence : Confluence Security Advisory 2013-08-05 | Systems running Atlassian Confluence versions
|
|
6 Aug 2013 | VULN329 | TYPO3 : TYPO3-EXT-SA-2013-013 Several vulnerabilities in third party extensions | Systems running Browser for TYPO3,
|
|
5 Aug 2013 | VULN328 | Symantec : Symantec Workspace Virtualization Local Kernel Elevation of Privilege | Systems running Symantec Workspace Virtualization
|
|
5 Aug 2013 | VULN327 | Symantec : Symantec Backup Exec Multiple Issues | Systems running Symantec Backup Exec versions
|
|
5 Aug 2013 | VULN326 | phpMyAdmin : ClickJacking protection can be bypassed | Systems running phpMyAdmin versions 3.5.x,
|
|
2 Aug 2013 | VULN325 | (StrongSwan : strongSwan Denial-of-Service Vulnerability (CVE-2013-5018)) | Systems running strongSwan versions 4.x,
|
|
2 Aug 2013 | STAT31 | |
|
|
2 Aug 2013 | VULN324 | Joomla! : Joomla! 2.5.14 and 3.1.5 fix Unauthorised Uploads vulnerability | Systems running Joomla! versions 2.5.x prior to
|
|
2 Aug 2013 | VULN323 | Splunk : Splunk 5.0.4 addresses one vulnerability | Systems running Splunk versions prior to 5.0.4.
|
|
2 Aug 2013 | VULN322 | Symantec : Symantec Encryption Management Server Web Email Protection XSS | Systems running Symantec Encryption Management
|
|
2 Aug 2013 | VULN321 | Symantec : Symantec Web Gateway Security Issues | Systems running Symantec Web Gateway versions
|
|
2 Aug 2013 | VULN320 | Cisco : OSPF LSA Manipulation Vulnerability in Multiple Cisco Products | Cisco software implementing OSPF LSA protocol,
|
|
1 Aug 2013 | VULN319 | TYPO3 : Cross-Site Scripting and Remote Code Execution Vulnerability in TYPO3 Core | Systems running TYPO3 versions prior to 4.5.29,
|
|
1 Aug 2013 | VULN318 | Cisco : Authenticated Command Injection Vulnerability in Multiple Cisco Content Network and Video Delivery Products | Systems running Cisco WAAS Software,
|
|
1 Aug 2013 | VULN317 | Cisco : Cisco WAAS Central Manager Remote Code ,Execution Vulnerability | Systems running Cisco Wide Area Application
|
|
1 Aug 2013 | VULN316 | VMware : VMware ESX and ESXi updates to third party libraries | Systems running VMware ESXi versions 5.x, 4.x,
|
|
31 Jul 2013 | VULN315 | Google Chrome : Google Chrome version 28.0.1500.95 fix security vulnerabilities | Systems running Google Chrome versions prior to
|
|
31 Jul 2013 | VULN314 | NetBSD : Protocol handling issues in X Window System client libraries | NetBSD versions 6, 7 running X Window System
|
|
31 Jul 2013 | VULN313 | NetBSD : Arbitrary Kernel Read with netstat -P | NetBSD versions 6, 7.
|
|
30 Jul 2013 | VULN312 | BIND : BIND Security Jul2013 CVE2013-4854 | Systems running BIND versions 9 from 9.7 up to
|
|
26 Jul 2013 | STAT30 | |
|
|
19 Jul 2013 | STAT29 | |
|
|
12 Jul 2013 | VULN311 | PHP : PHP 5.3.27 fixes heap corruption and Buffer overflow | Systems running PHP versions 5 prior to 5.3.27.
|
|
12 Jul 2013 | VULN310 | Apache : Apache HTTP Server 2.0.65 and 2.2.25 | Systems running Apache HTTP Server versions prior
|
|
12 Jul 2013 | STAT28 | |
|
|
11 Jul 2013 | VULN309 | DRUPAL : SA-CONTRIB-2013-056 - Stage File Proxy - Denial of Service | Systems running Stage File Proxy for DRUPAL
|
|
11 Jul 2013 | VULN308 | DRUPAL : SA-CONTRIB-2013-057 - TinyBox - Cross Site Scripting | Systems running TinyBox for DRUPAL versions 7.x.
|
|
11 Jul 2013 | VULN307 | Squid : Buffer overflow in HTTP request handling | Systems running
|
|
10 Jul 2013 | VULN306 | Red Hat : Important kernel security and bug fix update | Red Hat Enterprise Linux version 6.2.
|
|
10 Jul 2013 | VULN305 | Microsoft : Critical Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution | Windows version Server 2008, 7, 8
|
|
10 Jul 2013 | VULN304 | Microsoft : Critical Vulnerability in Windows Media Format Runtime Could Allow Remote Code Execution | Windows version XP, Server 2003, Vista,
|
|
10 Jul 2013 | VULN303 | Microsoft : Critical Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution | Windows version XP, Server 2003, Vista,
|
|
10 Jul 2013 | VULN302 | Microsoft : Critical Vulnerabilities in .NET Framework and Silverlight Could Allow Remote Code Execution | Windows version XP, Server 2003, Vista,
|
|
10 Jul 2013 | VULN301 | Microsoft : Critical Vulnerability in GDI+ Could Allow Remote Code Execution | Windows version XP, Server 2003, Vista,
|
|
10 Jul 2013 | VULN300 | Microsoft : Critical Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Remote Code Execution | Windows version XP, Server 2003, Vista,
|
|
10 Jul 2013 | VULN299 | Microsoft : Cumulative Security Update for Internet Explorer | Systems running Microsoft Internet Explorer.
|
|
10 Jul 2013 | VULN298 | Adobe : Security updates available for Adobe Flash Player | Systems running Adobe Flash Player.
|
|
10 Jul 2013 | VULN297 | Adobe : Security update available for Adobe Shockwave Player | Systems running Adobe Shockwave Player versions
|
|
10 Jul 2013 | VULN296 | Adobe : Hotfixes available for ColdFusion | Systems running Adobe ColdFusion versions 10, 9.
|
|
9 Jul 2013 | VULN295 | Apache : CVE-2013-2160 Denial of Service Attacks on Apache CXF | Systems running Apache CXF versions prior to
|
|
9 Jul 2013 | VULN294 | OTRS : Sql Injection + Xss Issue | Systems running OTRS, OTRS ITSM versions 3.
|
|
9 Jul 2013 | VULN293 | (IBM : IBM Tivoli Directory Server (TDS) Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)) | Systems running Tivoli Directory Server
|
|
9 Jul 2013 | VULN292 | EMC : EMC Replication Manager Sensitive Information Disclosure Vulnerability | Systems running EMC Replication Manager
|
|
9 Jul 2013 | VULN291 | IBM : WebSphere Application Server Community Edition 3.0.0.3 Oracle CPU April 2013 | Systems running WebSphere Application Server
|
|
9 Jul 2013 | VULN290 | RSA : RSA Authentication Manager Sensitive Information Disclosure Vulnerability | Systems running RSA Authentication Manager
|
|
8 Jul 2013 | VULN289 | cPanel : Important cPanel Security Disclosure TSR-2013-0007 | Systems running cPanel versions prior to
|
|
5 Jul 2013 | VULN288 | US-CERT : Digital Alert Systems DASDEC and Monroe Electronics R189 One-Net firmware exposes private root SSH key | Monroe Electronics firmware version 2.0-2,
|
|
5 Jul 2013 | VULN287 | IBM : tftp Security Vulnerability | IBM AIX versions 6.1, 7.1 running tftp.
|
|
5 Jul 2013 | VULN286 | Symantec : Symantec Security Information Manager Console Security Issues | Systems running Symantec Security Information
|
|
5 Jul 2013 | VULN285 | (Irfanview : irfanview Version 4.36 fixes arbitrary code execution vulnerability (Secunia Advisory SA53579)) | Systems running Irfanview versions
|
|
5 Jul 2013 | VULN284 | Citrix : Memory Management Vulnerability in Citrix XenServer Could Result in Host Compromise | Systems running Citrix XenServer versions
|
|
5 Jul 2013 | STAT27 | |
|
|
3 Jul 2013 | VULN283 | APPLE : APPLE-SA-2013-07-02-1 Security Update 2013-003 | Mac OS X versions 10.6.8, Server 10.6.8, 10.7.5,
|
|
3 Jul 2013 | VULN282 | AjaXplorer : AjaXplorer Core 5.0.1 bugfix and security release | Systems running AjaXplorer Core versions prior to
|
|
2 Jul 2013 | VULN281 | HP : HP ProCurve, H3C, 3COM Routers and Switches, Remote Information Disclosure and Code Execution | HP ProCurve routers and switches software,
|
|
2 Jul 2013 | VULN280 | Red Hat : Important Red Hat JBoss BRMS 5.3.1 update | Systems running Red Hat JBoss Middleware version
|
|
2 Jul 2013 | VULN279 | Apache Geronimo : CVE-2013-1777 Apache Geronimo 3 RMI classloader exposure | Systems running Apache Geronimo versions
|
|
1 Jul 2013 | VULN278 | Gallery : Gallery 3.0.9 security release | Systems running Gallery versions
|
|
1 Jul 2013 | VULN277 | phpMyAdmin : GLOBALS variable scope injection fixed | -
|
|
1 Jul 2013 | VULN276 | Apache : Apache XML Security Signature Spoofing Vulnerability | Systems running Apache Santuario XML Security for
|
|
28 Jun 2013 | STAT26 | |
|
|
28 Jun 2013 | VULN275 | (IBM : WebSphere Application Server Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)) | Systems running IBM WebSphere Application Server
|
|
28 Jun 2013 | VULN274 | Red Hat : Important vulnerabilities fixed in openstack-keystone | Systems running Red Hat OpenStack versions 3.
|
|
28 Jun 2013 | VULN273 | Citrix : Security vulnerability in Citrix XenServer PV guest kernel loading could result in privilege escalation | Systems running Citrix XenServer versions 5, 6.
|
|
28 Jun 2013 | VULN272.1 | (Ruby : Hostname check bypassing vulnerability in SSL client (CVE-2013-4073)) | Systems running
|
|
27 Jun 2013 | VULN272 | Opera : Security breach stopped | Systems running Opera.
|
|
27 Jun 2013 | VULN271 | DRUPAL : Fast Permissions Administration - Access Bypass | Fast Permissions Administration for DRUPAL
|
|
27 Jun 2013 | VULN270 | (HP : HP-UX Running HP Secure Shell, Remote Denial of Service (DoS)) | HP-UX versions B.11.11, B.11.23, B.11.31
|
|
27 Jun 2013 | VULN269 | BIG-IP : Client-side component flaw - CVE-2013-0150 Security Advisory | BIG-IP software products.
|
|
27 Jun 2013 | VULN268 | Cisco : Cisco ASA Next-Generation Firewall Fragmented Traffic Denial of Service Vulnerability | Cisco ASA Next-Generation Firewall.
|
|
27 Jun 2013 | VULN267 | Cisco : Multiple Vulnerabilities in Cisco Content Security Management Appliance | Cisco IronPort AsyncOS Software for Cisco Content
|
|
27 Jun 2013 | VULN266 | Cisco : Multiple Vulnerabilities in Cisco Web Security Appliance | Cisco IronPort AsyncOS Software for Cisco Web
|
|
27 Jun 2013 | VULN265 | Cisco : Multiple Vulnerabilities in Cisco Email Security Appliance | Cisco IronPort AsyncOS Software.
|
|
26 Jun 2013 | VULN264 | Mozilla : Multiple vulnerabilities fixed in Firefox and Thunderbird | -
|
|
26 Jun 2013 | VULN263 | DRUPAL : SA-CONTRIB-2013-053 - Login Security - Multiple Vulnerabilities | Systems running Login Security for DRUPAL
|
|
25 Jun 2013 | VULN262 | (IBM : IBM Tivoli Directory Integrator (TDI) Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)) | Systems running IBM Tivoli Directory Integrator
|
|
25 Jun 2013 | VULN261 | (IBM : IBM Tivoli Access Manager for e-business (TAMeb) Java API Documentation Frame Injection Vulnerability (CVE-2013-1571)) | Systems running IBM Security Access Manager for Web
|
|
25 Jun 2013 | VULN260 | IBM : IBM Tivoli Federated Identity Manager (TFIM) and IBM Tivoli Federated Identity Manager Business Gateway | Systems running Tivoli Federated Identity Manager
|
|
25 Jun 2013 | VULN259 | Xen : Important vulnerabilities fixed in Xen | Systems running Xen versions up to and including
|
|
24 Jun 2013 | VULN258 | Apache OpenOffice : Security Vulnerabilities fixed in Apache OpenOffice and OpenOffice SDK | Systems running
|
|
24 Jun 2013 | VULN257 | Cisco : Cisco WebEx Social Cross-Site Request Forgery Vulnerability | Systems running Cisco WebEx Social.
|
|
24 Jun 2013 | VULN256 | WordPress : WordPress 3.5.2 Maintenance and Security Release | Systems running WordPress versions prior to 3.5.2,
|
|
24 Jun 2013 | VULN255 | Project cURL : libcurl URL decode buffer boundary flaw | Systems curl, libcurl versions prior to 7.31.0.
|
|
24 Jun 2013 | VULN254 | GLPI : filtering some user inputs eliminates possible SQL injections | Systems running GLPI versions prior to 0.83.9.
|
|
21 Jun 2013 | STAT25 | |
|
|
20 Jun 2013 | VULN252 | RSA : Security vulnerabilities fixed in RSA BSAFE products | Systems running RSA BSAFE Micro Edition Suite,
|
|
20 Jun 2013 | VULN251 | Symantec : Symantec Endpoint Protection Manager/Protection Center 12.x Buffer Overflow | Systems running
|
|
20 Jun 2013 | VULN250 | OTRS : Information Disclosure fixed in OTRS 3.x | Systems running OTRS versions 3.0.x up to and
|
|
19 Jun 2013 | VULN249 | APPLE : APPLE-SA-2013-06-18-1 Java for OS X 2013-004 and Mac OS X v10.6 Update 16 | Mac OS X running Java versions prior to 1.6.0_51,
|
|
19 Jun 2013 | VULN248 | IBM : Vulnerability in Rational Rhapsody Help System (CVE-2013-0599), affecting Rational Rhapsody and Rational Rhapsody | -
|
|
19 Jun 2013 | VULN247 | Sybase : Urgent from SAP & Sybase: Possible security vulnerabilities in EAServer 6.3.1 and 6.2 | Systems running EAServer versions 6.3.1, 6.2
|
|
19 Jun 2013 | VULN246 | IBM : IBM Tivoli Monitoring Basic Services Vulnerabilities | AIX, HP-UX, Linux, Solaris, Windows running
|
|
19 Jun 2013 | VULN245 | IBM : IBM DB2 Java API Documentation Frame Injection Vulnerability | -
|
|
19 Jun 2013 | VULN244 | Shibboleth : Shibboleth Service Provider Security Advisory [18 June 2013] | -
|
|
19 Jun 2013 | VULN243 | Google Chrome : Chrome 27.0.1453.116 fix Clickjacking in the Flash plug-in | Systems running Chrome versions prior to
|
|
19 Jun 2013 | VULN242 | Oracle : June 2013 Critical Patch Update for Java SE Released | Systems running Java SE versions up to and
|
|
18 Jun 2013 | VULN241 | BlackBerry : Vulnerability in BlackBerry Protect impacts BlackBerry Z10 smartphone software | BlackBerry 10 OS version 10.0.10.261 and earlier,
|
|
18 Jun 2013 | VULN240 | FreeBSD : Privilege escalation via mmap | FreeBSD versions 9.0 and later.
|
|
14 Jun 2013 | STAT24 | |
|
|
14 Jun 2013 | VULN239 | Parallels Plesk Panel: phppath/PHP vulnerability | Systems running
|
|
14 Jun 2013 | VULN238 | (DRUPAL : SA-CONTRIB-2013-052 - Display Suite - Cross Site Scripting (XSS)) | Systems running
|
|
14 Jun 2013 | VULN237 | Best Practical : Security vulnerability in RT::Extension::MobileUI | Systems running
|
|
13 Jun 2013 | VULN236 | Cisco : Cisco Access Control Server Privilege Escalation Vulnerability | Systems running Cisco Secure Access Control
|
|
13 Jun 2013 | VULN235 | IBM : IBM Notes vulnerabilities fixed | Windows running IBM Notes versions 9.0, 8.5.x,
|
|
12 Jun 2013 | VULN234 | Microsoft : Important Vulnerability in Windows Print Spooler Components Could Allow Elevation of Privilege | Systems running
|
|
12 Jun 2013 | VULN233 | Microsoft : Important Vulnerability in Kernel-Mode Driver Could Allow Denial of Service | Windows version XP, Server 2003, Vista, 7, 8,
|
|
12 Jun 2013 | VULN232 | Microsoft : Important Vulnerability in Windows Kernel Could Allow Information Disclosure | Windows version XP, Server 2003, Vista, 7, 8,
|
|
12 Jun 2013 | VULN231 | Microsoft : Critical Cumulative Security Update for Internet Explorer | Systems running
|
|
12 Jun 2013 | VULN230 | Microsoft : Important Vulnerability in Microsoft Office Could Allow Remote Code Execution | Systems running Microsoft Office version 2003,
|
|
12 Jun 2013 | VULN229 | VMware : VMware vCenter Chargeback Manager Remote Code Execution | Systems running
|
|
12 Jun 2013 | VULN228 | Adobe : Security updates available for Adobe Flash Player | Systems running Adobe Flash Player versions
|
|
10 Jun 2013 | VULN227 | IBM : IBM Lotus Quickr for Domino ActiveX control buffer overflow vulnerability | Systems running Lotus Quickr for Domino
|
|
10 Jun 2013 | VULN226 | Cisco : Cisco WebEx Meetings Server Information Disclosure Vulnerability | Systems running Cisco WebEx Meetings Server .
|
|
10 Jun 2013 | VULN225 | phpmyadmin : XSS due to unescaped HTML output in Create View page | Systems running phpmyadmin versions 4.0.x
|
|
7 Jun 2013 | STAT23 | |
|
|
3 Jun 2013 | VULN224 | TYPO3 : Security Bypass Vulnerability in extension powermail | Systems running powermail for TYPO3 versions
|
|
3 Jun 2013 | VULN223 | Apache : Vulnerabilities fixed in Apache Subversion | Systems running Apache Subversion versions
|
|
31 May 2013 | STAT22 | |
|
|
31 May 2013 | VULN222 | Plone : PloneFormGen vulnerability requires immediate upgrade | Systems running PloneFormGen versions 1.6.x,
|
|
31 May 2013 | VULN221 | Horde : XSS vulnerability fixed in various Horde softwares | Systems running
|
|
31 May 2013 | VULN220 | GNUTLS : GNUTLS-SA-2013-2 CVE-2013-2116 | Systems running gnutls 2.12.23.
|
|
31 May 2013 | VULN219 | Splunk : Splunk 5.0.3 addresses multiple vulnerabilities - May 28, 2013 | Systems running Splunk versions 5.x,
|
|
31 May 2013 | VULN218 | (Computer Assossiates : Security Notice for CA Process Automation (CA PAM)) | Systems running
|
|
31 May 2013 | VULN217 | VMware : VMware ESX third party update for Service Console package sudo | VMware ESX version 4.0.
|
|
29 May 2013 | VULN216 | Red Hat : Moderate: httpd security update | -
|
|
29 May 2013 | VULN215 | (Apache : Struts 2.3.14.2 GA (fast track | security)) | Systems running Apache Struts
|
|
29 May 2013 | VULN214 | IBM : IBM Security QRadar SIEM affected by vulnerabilities in the IBM Java Runtime Environment | Systems running
|
|
27 May 2013 | VULN213 | SUSE : Critical Security update for Linux kernel | SUSE Linux Enterprise version 11 SP2
|
|
27 May 2013 | VULN212 | Cisco : Cisco ISM Malformed Authentication Header Packet Denial of Service Vulnerability | Cisco IOS.
|
|
27 May 2013 | VULN211 | Cisco : Cisco IOS XR Software SNMP Denial of Service Vulnerability | Cisco IOS XR Software.
|
|
27 May 2013 | VULN210 | Novell : NAM 3.2 Identity Server vulnerable to cross site scripting (XSS) attacks | Systems running NetIQ Access Manager version 3.2.
|
|
27 May 2013 | VULN209 | IBM : IBM Tivoli Access Manager - token authentication RSA SecurID library uses weak cryptography | Systems running IBM Tivoli Access Manager
|
|
27 May 2013 | VULN208 | SPIP : SPIP 3.0.9 / 2.1.22 / 2.0.23 - corrections de bug et faille critique | Systems running SPIP versions prior to 3.0.9,
|
|
24 May 2013 | STAT21 | |
|
|
23 May 2013 | VULN207 | US-CERT : Linux kernel perf_swevent_enabled array out-of-bound access privilege escalation vulnerability | Linux.
|
|
23 May 2013 | VULN206 | Struts : Struts Vulnerabilities allow remote command execution | Systems running Struts versions prior to 2.3.14.1.
|
|
23 May 2013 | VULN205 | Dovecot : DoS security vulnerability fixed in Dovecot 2.2.2 | Systems running Dovecot versions prior to 2.2.2.
|
|
23 May 2013 | VULN204 | Bestpractical : Security vulnerabilities in RT | Systems running RT versions 3.8.x, 4.0.x
|
|
23 May 2013 | VULN203 | Debian : request-tracker3.8 and request-tracker4 security updates | Debian running request-tracker versions 3.8, 4.
|
|
23 May 2013 | VULN202 | OTRS : Security Advisory 2013-03 OTRS Help Desk 3.2.7, 3.1.16, 3.0.20, OTRS ITSM 3.2.5, 3.1.9, 3.0.8 | Systems running
|
|
23 May 2013 | VULN201 | APPLE : APPLE-SA-2013-05-22-1 QuickTime 7.7.4 | Systems running QuickTime versions prior to 7.7.4.
|
|
22 May 2013 | VULN200 | Moodle : Multiple vulnerabilities fixed in Moodle | -
|
|
17 May 2013 | STAT20 | |
|
|
17 May 2013 | VULN199 | EMC : RSA SecurID Sensitive Information Disclosure Vulnerability | Systems running
|
|
17 May 2013 | VULN198 | APPLE : APPLE-SA-2013-05-16-1 iTunes 11.0.3 | Systems running iTunes versions prior to 11.0.3.
|
|
16 May 2013 | VULN197 | Cisco : Cisco TelePresence Supervisor MSE 8050 Denial of Service Vulnerability | Cisco TelePresence Supervisor MSE 8050 software.
|
|
16 May 2013 | VULN196 | FortiClient VPN : Potential Man-In-The Middle Vulnerability in FortiClient VPN | Systems running FortiClient, FortiClient Lite,
|
|
15 May 2013 | VULN195 | Adobe : Security updates available for Adobe Flash Player | Windows, Mac OS X running Adobe Flash Player
|
|
15 May 2013 | VULN194 | Microsoft : Important Vulnerability in Lync Could Allow Remote Code Execution | Systems running
|
|
15 May 2013 | VULN193 | Mozilla : Multiple vulnerabilities fixed in Firefox, Thunderbird | Systems running Firefox versions 21.0, ESR 17.0.6,
|
|
15 May 2013 | VULN192 | Adobe : Security update: Hotfix available for ColdFusion | Systems running ColdFusion versions 10, 9.0.2,
|
|
15 May 2013 | VULN191 | Microsoft : Important Vulnerabilities in Kernel-Mode Drivers Could Allow Elevation Of Privilege | Windows versions XP, Vista, Server 2008, 7,
|
|
15 May 2013 | VULN190 | Microsoft : Important Vulnerability in Microsoft Visio Could Allow Information Disclosure | Windows running Windows Essentials
|
|
15 May 2013 | VULN189 | Microsoft : Important Vulnerability in Microsoft Visio Could Allow Information Disclosure | Windows running Microsoft Visio versions 2003,
|
|
15 May 2013 | VULN188 | Microsoft : Important Vulnerability in Microsoft Word Could Allow Remote Code Execution | Systems running Microsoft Word version 2003 .
|
|
15 May 2013 | VULN187 | Microsoft : Important Vulnerabilities in ,Microsoft Publisher Could Allow Remote Code Execution | Systems running Microsoft Publisher versions
|
|
15 May 2013 | VULN186 | Microsoft : Important Vulnerabilities in .NET Framework Could Allow Spoofing | Windows running .NET Framework versions 2, 3, 4.
|
|
15 May 2013 | VULN185 | Microsoft : Important Vulnerability in HTTP.sys Could Allow Denial of Service | Windows version 8, Server 2012, RT.
|
|
15 May 2013 | VULN184 | Microsoft : Critical,,Security Updates for Internet Explorer | Systems running Internet Explorer
|
|
15 May 2013 | VULN183 | Adobe : Security updates available for Adobe Reader and Acrobat | Systems running
|
|
13 May 2013 | VULN182 | IBM : Multiple vulnerabilities in the Java Runtime Environment bundled with IBM OpenPages GRC Platform version | Systems running IBM OpenPages GRC Platform
|
|
13 May 2013 | VULN181 | Aruba : Sponsor Confirmation Approval Bypass Vulnerability in Aruba Networks ClearPass Guest product | Systems running
|
|
13 May 2013 | VULN180 | EMC : RSA Authentication Agent Cross-Site Scripting (XSS) ,Vulnerability | Systems running RSA Authentication Agent
|
|
13 May 2013 | VULN179 | Symantec : Symantec Brightmail Gateway Management Console Stored XSS | Systems running Symantec Brightmail Gateway
|
|
13 May 2013 | VULN178 | Apache Tomcat : Chunked transfer encoding extension size is not limited | Systems running Tomcat versions 6, 7.
|
|
10 May 2013 | STAT19 | |
|
|
10 May 2013 | VULN177 | Adobe : Security Advisory for ColdFusion | Systems running Adobe ColdFusion versions 10, 9
|
|
10 May 2013 | VULN176 | EMC : EMC AlphaStor Buffer Overflow Vulnerability | Systems running EMC AlphaStor versions 4 prior to
|
|
10 May 2013 | VULN175 | EMC : EMC Documentum Multiple Vulnerabilities | Systems running EMC Documentum Webtop,
|
|
10 May 2013 | VULN174 | Cisco : Cisco Prime Data Center Network Manager Remote,Command Execution Vulnerability | Systems running Cisco Prime Data Center Network
|
|
10 May 2013 | VULN173 | Citrix : Citrix XenServer Multiple Security Updates | Systems running Citrix XenServer versions up to
|
|
7 May 2013 | VULN172 | (IBM : IBM Notes PNG integer overflow (CVE-2013-2977)) | Systems running IBM Notes versions 8.5.x, 9.0.
|
|
7 May 2013 | VULN171 | Apache : Apache VCL improper input validation | Systems running Apache VCL 2.1, 2.2, 2.2.1, 2.3,
|
|
7 May 2013 | VULN170 | US-CERT : IBM Notes runs arbitrary JAVA and Javascript in emails | Systems running IBM Notes versions 8.0.x, 8.5.x,
|
|
7 May 2013 | VULN169 | IBM : WebSphere MQ Security Vulnerability - multiple security vulnerabilities in IBM JRE 5.0 | Systems running IBM WebSphere MQ versions 7.0.x.x.
|
|
7 May 2013 | VULN168 | RSA : RSA Archer GRC Multiple Vulnerabilities | Systems running RSA Archer GRC version 5.x,
|
|
6 May 2013 | VULN167 | Xen : Patches published to fix Xen vulnerabilities | Systems running Xen.
|
|
6 May 2013 | VULN166 | Cisco : Cisco IOS XR Software Crafted SNMP Packets Denial of Service Vulnerability | Cisco IOS XR Software.
|
|
6 May 2013 | VULN165 | Cisco : Cisco WebEx Cache Directory Read Vulnerability | Systems running Cisco WebEx Node for MCS,
|
|
6 May 2013 | VULN164 | IP.Board : IP.Board 3.2.x, 3.3.x, and 3.4.x Critical Security Update | Systems running IP.Board versions prior to 3.4,
|
|
6 May 2013 | VULN163 | D-Link : Security Fix - Beta Firmware Version 1.04 build 7712 DCS-1100/1130 | D-Link IP Cameras firmware.
|
|
6 May 2013 | VULN162 | Microsoft : Vulnerability in Internet Explorer Could Allow Remote Code Execution | Systems running Internet Explorer version 8.
|
|
3 May 2013 | STAT18 | |
|
|
30 Apr 2013 | VULN161 | IBM : Vulnerabilities in AppScan Standard | Windows running IBM Security AppScan Standard
|
|
30 Apr 2013 | VULN160 | HP : HP Service Manager, Java Runtime,Environment (JRE) Security Update | Systems running HP Service Manager.
|
|
30 Apr 2013 | VULN159 | Cisco : Cisco Nexus 7000 Frame Forwarding Loop Denial of Service Vulnerability | Cisco NX-OS Software.
|
|
30 Apr 2013 | VULN158 | Cisco : Cisco IPS SensorApp Regex Vulnerability | -
|
|
30 Apr 2013 | VULN157 | Cisco : Cisco IOS XR Software SNMP Memory Leak Vulnerability | Cisco IOS XR.
|
|
30 Apr 2013 | VULN156 | Cisco : Cisco ASA Software Easy VPN Privilege Escalation Vulnerability | Cisco ASA software.
|
|
30 Apr 2013 | VULN155 | FreeBSD : Insufficient input validation in the NFS server | -
|
|
26 Apr 2013 | STAT17 | |
|
|
26 Apr 2013 | VULN154 | HP : HP Managed Printing Administration (MPA), Remote Cross Site Scripting | HP Managed Printing Administration versions
|
|
26 Apr 2013 | VULN153 | HP : HP LaserJet MFP Printers, HP Color LaserJet MFP Printers, Certain HP LaserJet Printers, Remote Unauthorized | HP Printers firmware.
|
|
26 Apr 2013 | VULN152 | phpMyAdmin : Multiple vulnerabilities fixed in phpMyAdmin | Systems running phpMyAdmin versions 3.5.x prior
|
|
26 Apr 2013 | VULN151 | Gallery : Gallery 3.0.7 security release available | Systems running Gallery versions versions prior
|
|
26 Apr 2013 | VULN150 | Joomla! : Multiple vulnerabilities fixed in Joomla! | Systems running Joomla! versions 2.5.x prior to
|
|
19 Apr 2013 | STAT16 | |
|
|
15 Apr 2013 | VULN149 | Drupal : RESTful Web Services (RESTWS) - Denial of Service | Systems running RESTful Web Services versions 7.x.
|
|
15 Apr 2013 | VULN148 | cURL : libcurl cookie domain tailmatch | Systems running libcurl versions up to and
|
|
15 Apr 2013 | VULN147 | IBM : DoS Vulnerability in IBM QRadar Security Information and Event Manager and QRadar Risk Manager | Linux, RedHat 6 running QRadar SIEM,
|
|
12 Apr 2013 | STAT15 | |
|
|
11 Apr 2013 | VULN146 | Cisco : Cisco Prime Network Control Systems Database Default Credentials Vulnerability | Cisco Prime NCS software versions prior to 1.1.1.24.
|
|
11 Apr 2013 | VULN145 | Cisco : Multiple Vulnerabilities in Cisco IOS XE Software for 1000 Series Aggregation Services Routers | Cisco IOS XE Software for 1000 Series ASR.
|
|
11 Apr 2013 | VULN144 | Cisco : Multiple Vulnerabilities in Cisco Unified MeetingPlace Solution | Cisco Unified MeetingPlace Application Server
|
|
11 Apr 2013 | VULN143 | Cisco : Multiple Vulnerabilities in Cisco Firewall Services Module Software | Cisco Firewall Services Module Software.
|
|
11 Apr 2013 | VULN142 | Cisco : Multiple Vulnerabilities in Cisco ASA Software | Cisco ASA Software,
|
|
10 Apr 2013 | VULN141 | Adobe : Security updates available for Adobe Flash Player | -
|
|
10 Apr 2013 | VULN140 | Microsoft : Important Vulnerabilities in Kernel-Mode Driver Could Allow Elevation Of Privilege | Windows versions XP, Server 2003, Vista, 7,
|
|
10 Apr 2013 | VULN139 | Microsoft : Important Vulnerability in HTML Sanitization Component Could Allow Elevation of Privilege | Systems running
|
|
10 Apr 2013 | VULN138 | Microsoft : Important Vulnerability in SharePoint Could Allow Information Disclosure | Systems running Microsoft SharePoint Server
|
|
10 Apr 2013 | VULN137 | Microsoft : Important Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation | Windows versions 8, RT running Windows Defender.
|
|
10 Apr 2013 | VULN136 | Microsoft : Important Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation | Windows versions XP, Server 2003, Vista,
|
|
10 Apr 2013 | VULN135 | Microsoft : Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege | Windows versions XP, Server 2003, Vista, 7,
|
|
10 Apr 2013 | VULN134 | Microsoft : Important Vulnerability in Active Directory Could Lead to Denial of Service | Systems running Active Directory,
|
|
10 Apr 2013 | VULN133 | Microsoft : Critical Vulnerability in Remote Desktop Client Could Allow Remote Code Execution | Systems running Remote Desktop Connection Client
|
|
10 Apr 2013 | VULN132 | Microsoft : Critical Cumulative Security Update for Internet Explorer | Systems running Internet Explorer versions 6, 7,
|
|
10 Apr 2013 | VULN131 | Adobe : Security update available for Adobe Shockwave Player | Systems running Adobe Shockwave Player versions
|
|
10 Apr 2013 | VULN130 | Adobe : Hotfix available for ColdFusion | Systems running ColdFusion versions 10, 9.0.2,
|
|
8 Apr 2013 | VULN129 | Xen : Potential use of freed memory in event channel operations | Systems running Xen versions since 3.2.
|
|
8 Apr 2013 | VULN128 | Apache Subversion : Several Vulnerabilities fixed in Apache Subversion HTTP servers | Systems running Apache Subversion HTTP servers
|
|
8 Apr 2013 | VULN127 | OTRS : Vulnerabilities fixed in OTRS Help Desk and associated products | Systems running OTRS Help Desk versions prior to
|
|
5 Apr 2013 | VULN126 | Samba : A writable configured share might get read only | Systems running Samba versions 3.6.0 up to and
|
|
5 Apr 2013 | VULN125 | Opera : Vulnerabilities fixed in Opera 12.15 | Systems running Opera versions prior to 12.15.
|
|
5 Apr 2013 | VULN124 | PostgreSQL : PostgreSQL 9.2.4, 9.1.9, 9.0.13 and 8.4.17 released | Systems running PostgreSQL versions
|
|
5 Apr 2013 | VULN123 | VMware : VMware vFabric Postgres security updates | Systems running VMware vFabric Postgres versions
|
|
5 Apr 2013 | STAT14 | |
|
|
5 Apr 2013 | VULN122 | Globus Toolkit : Delegation failures due to modification to wrong authinfo object in ,globus-ftp-control | Systems running Globus Toolkit versions 5.2.4.
|
|
5 Apr 2013 | VULN121 | GSI-OpenSSH : GSI-OpenSSH Security Advisory: pamuserchange-2013-01.adv | Systems running GSI-OpenSSH versions 4.7 up to
|
|
29 Mar 2013 | STAT13 | |
|
|
29 Mar 2013 | VULN119 | IP.Board : IP.Board 3.1.x, 3.2.x, 3.3.x & 3.4.x Critical Security Update | Systems running IP.Board versions up to and
|
|
25 Mar 2013 | VULN118 | Moodle : Vulnerabilities fixed in Moodle | Systems running Moodle versions prior to 2.4.2,
|
|
22 Mar 2013 | STAT12 | |
|
|
15 Mar 2013 | STAT11 | |
|
|
15 Mar 2013 | VULN117 | APPLE : APPLE-SA-2013-03-14-2 Safari 6.0.3 | Systems running Safari versions prior to 6.0.3.
|
|
15 Mar 2013 | VULN116 | APPLE : APPLE-SA-2013-03-14-1 OS X Mountain Lion v10.8.3 and Security Update,2013-001 | Mac OS X Mountain Lion versions prior to 10.8.3.
|
|
13 Mar 2013 | VULN115 | Microsoft : Des vulnérabilités dans les pilotes en mode noyau pourraient permettre une élévation de privilèges (2807986) | Windows XP, Windows Server 2003, Windows Vista,
|
|
13 Mar 2013 | VULN114 | Microsoft : Une vulnérabilité dans Office Outlook pour Mac pourrait permettre la divulgation d'informations (2813682) | Mac OS X utilisant Office Outlook
|
|
13 Mar 2013 | VULN113 | Microsoft : Une vulnérabilité dans Microsoft OneNote pourrait permettre la divulgation d'informations (2816264) | Système utilisant Microsoft OneNote
|
|
13 Mar 2013 | VULN112 | Microsoft : Des vulnérabilités dans SharePoint pourraient permettre une élévation de privilèges (2780176) | Système utilisant SharePoint Server 2010
|
|
13 Mar 2013 | VULN111 | Microsoft : Une vulnérabilité dans Microsoft Visio Viewer 2010 pourrait permettre l'exécution de code à distance (2801261) | Windows, Mac OS X utilisant Viso Viewer 2010
|
|
13 Mar 2013 | VULN110 | Microsoft : Une vulnérabilité dans Silverlight pourrait permettre l'exécution de code à distance (2814124) | Windows, Mac OS X utilisant Silverlight 5
|
|
8 Mar 2013 | STAT10 | |
|
|
8 Mar 2013 | VULN109 | Google Chrome : Google Chrome 25.0.1364.160 fixes important vulnerability in Webkit | Windows, Mac OS X, Linux running
|
|
8 Mar 2013 | VULN108 | CISCO : Cisco Small Business Switches SSH Packet Processing Denial of Service Vulnerability | Cisco Small Business Switches firmware,
|
|
8 Mar 2013 | VULN107 | Mozilla : Use-after-free in HTML Editor | Systems running
|
|
8 Mar 2013 | VULN106 | NetBSD : RNG Bug May Result in Weak Cryptographic Keys | NetBSD versions 6.0.x, current.
|
|
7 Mar 2013 | VULN105 | HP : Certain HP LaserJet Pro Printers, Unauthorized Access to Data | HP LaserJet Pro Printers firmware.
|
|
7 Mar 2013 | VULN104 | IBM : Vulnerabilities in Content Classification Version 8.8 due to security vulnerabilities in IBM JRE 6 | AIX, Linux, Solaris, Windows
|
|
7 Mar 2013 | VULN103 | APPLE : APPLE-SA-2013-03-06-1 OS X Java Web plug-in blocked | Mac OS X running Java.
|
|
7 Mar 2013 | VULN102 | Kerberos : krb5-1.10.4 fixes null PKINIT pointer dereference vulnerabilities | Systems running MIT Kerberos versions 5 prior to
|
|
7 Mar 2013 | VULN101 | Wireshark : New versions of Wireshark fix several security vulnerabilities | Systems running Wireshark versions 1.8.x, 1.6.x
|
|
7 Mar 2013 | VULN100 | TYPO3 : SQL Injection and Open Redirection in TYPO3 Core | Systems running TYPO3-CORE versions 4.5.x, 4.6.x,
|
|
6 Mar 2013 | VULN099 | Citrix : Vulnerability in Citrix Access Gateway Standard Edition 5.0 Could Result in Unauthorized Access to Network | Systems running Citrix Access Gateway Standard
|
|
6 Mar 2013 | VULN098 | OpenAFS : Buffer overflow in OpenAFS fileserver and ptserver | Systems running OpenAFS versions prior to 1.6.2.
|
|
6 Mar 2013 | VULN097 | MediaWiki : MediaWiki 1.20.3 and 1.19.4 fix 3 security issues | Systems running MediaWiki versions prior to
|
|
5 Mar 2013 | VULN096 | APPLE : APPLE-SA-2013-03-04-1 Java for OS X 2013-002 and Mac OS X v10.6 Update 14 | Mac OS X running Java versions prior to 1.6.0_43.
|
|
5 Mar 2013 | VULN095 | Google Chrome : Stable Channel 25.0.1364.152 fixes several vulnerabilities | Systems running Google Chrome versions prior to
|
|
5 Mar 2013 | VULN094 | Oracle : Actively exploited vulnerability fixed in Java | Systems running JAVA SE versions prior to 7u17,
|
|
4 Mar 2013 | VULN093 | RSA : RSA Authentication Agent 7.1.1 for Microsoft Windows Access Control Vulnerability | Windows version XP, 2003 running
|
|
4 Mar 2013 | VULN092 | Stunnel : Buffer overflow vulnerability fixed in Stunnel 4.55 | Systems running
|
|
1 Mar 2013 | STAT09 | |
|
|
1 Mar 2013 | VULN091 | IBM : IBM TS3500 Tape Library Update for Security Vulnerability in Web User Interface | Systems running
|
|
1 Mar 2013 | VULN090 | Dragonfly : Important Security Update - Dragonfly 0.9.14 released [CVE-2013-1756] | Systems running
|
|
28 Feb 2013 | VULN089 | Cisco : Cisco Prime Central for Hosted Collaboration Solution Assurance Excessive CPU Utilization Vulnerability | Systems running
|
|
28 Feb 2013 | VULN088 | Cisco : Cisco Unified Presence Server Denial of Service Vulnerability | Systems running Cisco Unified Presence Server
|
|
28 Feb 2013 | VULN087 | Cisco : Cisco Unified Communications Manager Multiple Denial of Service Vulnerabilities | Cisco Unified Communications Manager software
|
|
28 Feb 2013 | VULN086 | IBM : Multiple GSKit Vulnerabilities in IBM DB2 | AIX, HP-UX, Linux iSeries, Linux pSeries,
|
|
28 Feb 2013 | VULN085 | IBM : Multiple OpenSSL vulnerabilities | AIX versions 5.3, 6.1, 7.1, VIOS 2.X
|
|
27 Feb 2013 | VULN084 | Django : multiple security issues fixed in Django 1.3.6, 1.4.4, and 1.5 release candidate 2 | Systems running Django versions 1.3.6, 1.4.4,
|
|
27 Feb 2013 | VULN083 | Debian : multiple privilege escalation vulnerabilities fixed in FusionForge | Debian versions squeeze, wheezy, sid running
|
|
27 Feb 2013 | VULN082 | Debian : linux-2.6 security update | Debian versions squeeze, running linux-2.6,
|
|
27 Feb 2013 | VULN081 | Red Hat : Important kernel security update | Red Hat Enterprise Linux version 6.
|
|
27 Feb 2013 | VULN080 | Citrix : Citrix XenServer Multiple Security Updates | Systems running Citrix XenServer versions up to
|
|
27 Feb 2013 | VULN079 | NetBSD : Vulnerabilities in grep | NetBSD versions current, 6.0.*, 5.2.*, 5.1.*, 5.0.*.
|
|
27 Feb 2013 | VULN078 | NetBSD : Pseudo-Random bits weaker than expected | NetBSD versions current, 6.0.*.
|
|
27 Feb 2013 | VULN077 | NetBSD : kqueue related kernel panic triggered from userland | NetBSD versions current, 6.0.
|
|
27 Feb 2013 | VULN076 | Adobe : Fix for actively exploited vulnerability in Adobe Flash Player | OPERATING SYSTEM(S) :
|
|
26 Feb 2013 | VULN075 | Apache : Apache HTTP Server 2.4.4 fix XSS vulnerabilities | Systems running Apache HTTP Server versions 2.4
|
|
25 Feb 2013 | VULN074 | Apache : CVE-2013-0253 Apache Maven 3.0.4 | Systems running Apache Maven versions 3.0.4,
|
|
25 Feb 2013 | VULN073 | US-CERT : Dell PowerConnect 6248P series switch denial of service vulnerability | Dell PowerConnect 6248P series switch software.
|
|
25 Feb 2013 | VULN072 | Atlassian : JIRA Security Advisory 2013-02-21 | Systems running Atlassian JIRA versions up to
|
|
25 Feb 2013 | VULN071 | (Ruby : Entity expansion DoS vulnerability in REXML (XML bomb)) | Systems running ruby versions 1.9, 2.0
|
|
25 Feb 2013 | VULN070 | KERBEROS : KERBEROS 5 RELEASE 1.11.1 fixes null pointer dereference in the KDC PKINIT code | Systems running KERBEROS versions 5 prior to
|
|
22 Feb 2013 | STAT08 | |
|
|
22 Feb 2013 | VULN069 | Google Chrome : Chrome 25.0.1364.97 and 25.0.1364.99 fixes multiple security holes | Windows, Linux running Google Chrome versions
|
|
22 Feb 2013 | STAT07 | |
|
|
22 Feb 2013 | VULN068 | VMware : VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library | Systems running
|
|
21 Feb 2013 | VULN067 | Adobe : Security updates available for Adobe Reader and Acrobat | Systems running Adobe Reader, Acrobat versions
|
|
21 Feb 2013 | VULN066 | Mozilla : Mozilla : Several new vulnerabilities fixed in Firefox, Thunderbird, SeaMonkey | Systems running
|
|
21 Feb 2013 | VULN065 | Red Hat : Important JBoss Enterprise SOA Platform 5.3.1 update | Systems running JBoss Enterprise SOA Platform
|
|
21 Feb 2013 | VULN064 | DRUPAL : SA-CORE-2013-002 - Drupal core - Denial of service | Systems running Drupal core versions 7.x prior
|
|
21 Feb 2013 | VULN063 | APPLE : APPLE-SA-2013-02-19-1 Java for OS X 2013-001 and Mac OS X v10.6,Update 13 | Mac OS X running Java versions prior to 1.6.0_41.
|
|
21 Feb 2013 | VULN062 | Bugzilla : 4.4rc1, 4.2.4, 4.0.9, and 3.6.12 Security Advisory | Systems running Bugzilla versions prior to
|
|
21 Feb 2013 | VULN061 | Oracle : Updated February 2013 Critical Patch Update for Java SE Released | Systems running Oracle Java SE.
|
|
13 Feb 2013 | VULN060 | Microsoft : Important Vulnerability in Windows Client/Server Run-time Subsystem (CSRSS) Could Allow Elevation | Windows version 7, Server 2008 R2.
|
|
13 Feb 2013 | VULN059 | Microsoft : Important Vulnerability in TCP/IP Could Allow Denial of Service | Windows version Vista, 7, 8, RT, Server 2008,
|
|
13 Feb 2013 | VULN058 | Microsoft : Important Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege | Windows version XP, Server 2003, Vista, 7, 8, RT,
|
|
13 Feb 2013 | VULN057 | Microsoft : Important Vulnerabilities in Windows Kernel-Mode Driver Could Allow Elevation of Privilege | Windows version XP, Server 2003, Vista, 7, 8, RT,
|
|
13 Feb 2013 | VULN056 | Adobe : Security updates available for Adobe Shockwave Player | Windows, Mac OS X running Adobe Shockwave Player
|
|
13 Feb 2013 | VULN055 | Adobe : Security updates available for Adobe Flash Player | Windows, Mac OS X running Adobe Flash Player
|
|
13 Feb 2013 | VULN054 | Microsoft : Important Vulnerability in NFS Server Could Allow Denial of Service | Windows version Server 2008, Server 2012
|
|
13 Feb 2013 | VULN053 | Microsoft : Important Vulnerability in .NET Framework Could Allow Elevation of Privilege | Systems running Microsoft .NET Framework
|
|
13 Feb 2013 | VULN052 | Microsoft : Important Vulnerabilities in FAST Search Server 2010 for SharePoint Parsing Could Allow Remote Code | Systems running
|
|
13 Feb 2013 | VULN051 | Microsoft : Critical Vulnerabilities in Microsoft Exchange Server Could Allow Remote Code Execution | Systems running Microsoft Exchange Server
|
|
13 Feb 2013 | VULN050 | Microsoft : Critical Vulnerability in OLE Automation Could Allow Remote Code Execution | Windows version XP running
|
|
13 Feb 2013 | VULN049 | Microsoft : Critical Vulnerability in Media Decompression Could Allow Remote Code Execution | Windows version XP, Server 2003, Vista,
|
|
13 Feb 2013 | VULN048 | Microsoft : Critical Security Updates for Internet Explorer | Systems running Internet Explorer versions 6, 7,
|
|
11 Feb 2013 | VULN047 | IP.Board : Security Update: 7th February 2013 | Systems running IP.Gallery versions 4.2.x, 5.0.x.
|
|
8 Feb 2013 | STAT06 | |
|
|
8 Feb 2013 | VULN046 | (Ruby : XSS exploit of RDoc documentation generated by rdoc (CVE-2013-0256))
|
|
8 Feb 2013 | VULN045 | Cisco : Cisco ATA 187 Analog Telephone Adaptor Remote Access Vulnerability | Cisco ATA 187 Analog Telephone Adaptor firmware
|
|
8 Feb 2013 | VULN044 | GnuTLS : GNUTLS-SA-2013-1 TLS CBC padding timing attack CVE-2013-1619 | Systems running GnuTLS versions prior to 3.1.7,
|
|
8 Feb 2013 | VULN043 | libcurl : libcurl SASL buffer overflow vulnerability | Systems running libcurl versions 7.26.0 up to and
|
|
8 Feb 2013 | VULN042 | Joomla! : Joomla! Core - Information Disclosures | Systems running Joomla! versions prior to 3.0.3,
|
|
8 Feb 2013 | VULN041 | VMware : VMware ESX, Workstation, Fusion, and View VMCI privilege,escalation vulnerability | Systems running VMware Workstation versions 9,8,
|
|
8 Feb 2013 | VULN040 | OpenSSL : OpenSSL Security Advisory [05 Feb 2013] | Systems running OpenSSL versions prior to 1.0.1d,
|
|
8 Feb 2013 | VULN039 | Adobe : Security updates available for Adobe Flash Player | Windows, Mac OS X running Adobe Flash Player
|
|
6 Feb 2013 | VULN038 | APPLE : APPLE-SA-2013-02-04-1 OS X Server v2.2.1 | OS X Server versions prior to 2.2.1.
|
|
4 Feb 2013 | VULN037 | Oracle : February 2013 Critical Patch Update for Java SE Released | Systems running Oracle Java version 7.
|
|
1 Feb 2013 | STAT05 | |
|
|
25 Jan 2013 | STAT04 | |
|
|
24 Jan 2013 | VULN036 | Cisco : Multiple Vulnerabilities in Cisco Wireless LAN Controllers | Systems running
|
|
22 Jan 2013 | VULN035 | Moodle : Multiple vulnerabilities in Moodle | Systems running
|
|
18 Jan 2013 | STAT03 | |
|
|
17 Jan 2013 | VULN034 | Apache : Apache Archiva affected by Struts2 remote commands execution | Systems running apache Archiva versions 1.3, 1.2.
|
|
17 Jan 2013 | VULN033 | Apache : Apache Continuum affected by Struts2 remote commands execution | Systems running
|
|
17 Jan 2013 | VULN032 | DRUPAL : SA-CORE-2013-001 - Drupal core - Multiple vulnerabilities | Systems running
|
|
17 Jan 2013 | VULN031 | Cisco : Cisco ASA 1000V Cloud Firewall H.323 Inspection,Denial of Service Vulnerability | Systems running Cisco ASA 1000V Cloud Firewall.
|
|
16 Jan 2013 | VULN030 | Samba : A Samba AD DC may provide authenticated users with write access to LDAP directory objects | Systems running Samba version 4.0.0.
|
|
16 Jan 2013 | VULN029 | Oracle : January 2013 Critical Patch Update Released | Systems running
|
|
16 Jan 2013 | VULN028 | Microsoft : Critical Security Update for Internet Explorer | Systems running
|
|
14 Jan 2013 | VULN027 | Siemens : Buffer overflow in Simatic RF Manager | Systems running
|
|
11 Jan 2013 | STAT02 | |
|
|
11 Jan 2013 | VULN026 | DRUPAL : Search API - Cross Site Scripting | Systems running
|
|
11 Jan 2013 | VULN025 | phpCAS : phpCAS 1.3.2 fixes one security issue | Systems running
|
|
11 Jan 2013 | VULN024 | TYPO3 : TYPO3-EXT-SA-2013-001 Several vulnerabilities in third party extensions | Systems running
|
|
11 Jan 2013 | VULN023 | IBM : IBM Tivoli Directory Integrator can be affected by a vulnerability in IBM Java Runtime Environment | Systems running
|
|
11 Jan 2013 | VULN022 | Google Chrome : Chrome 24.0.1312.52 fixes multiple security vulnerabilities | Systems running
|
|
11 Jan 2013 | VULN021 | Red Hat : Critical Ruby on Rails security update | Systems running Red Hat OpenShift Enterprise.
|
|
11 Jan 2013 | VULN020 | Shibboleth : Shibboleth Service Provider Security Advisory [10 January 2013] | Systems running Shibboleth SP version 2.5.x prior
|
|
11 Jan 2013 | VULN019 | US-CERT : Oracle Java 7 Security Manager Bypass Vulnerability | Systems running Oracle Java version 7,
|
|
10 Jan 2013 | VULN018 | Mozilla : Multiple vulnerabilities fixed in Firefox, Thunderbird, SeaMonkey | Systems running
|
|
10 Jan 2013 | VULN017 | EMC : EMC NetWorker Buffer Overflow vulnerability | Systems running EMC NetWorker 7.5.x, 7.6.x, 8.0.x.
|
|
10 Jan 2013 | VULN016 | US-CERT : Dell OpenManage Server Administrator version 7.1.0.1 DOM-based XSS vulnerability | Systems running
|
|
10 Jan 2013 | VULN015 | Red Hat : Important jbossweb security update | Systems running
|
|
10 Jan 2013 | VULN014 | Ruby On Rails : Rails 3.2.11, 3.1.10, 3.0.19, and 2.3.15 fix 2 critical security vulnerabilities | Systems running Rails versions prior to 3.2.11,
|
|
10 Jan 2013 | VULN013 | Cisco : Cisco Unified IP Phone Local Kernel System Call Input Validation,Vulnerability | Cisco Unified IP Phone 7900 Series software.
|
|
10 Jan 2013 | VULN012 | Cisco : Cisco Prime LAN Management Solution Command Execution Vulnerability | Linux running
|
|
9 Jan 2013 | VULN011 | Adobe : Security updates for AdobeFlash Player | Systems running Adobe Flash Player
|
|
9 Jan 2013 | VULN010 | Adobe : Security updates for Adobe Reader and Acrobat | Systems running Adobe Flash Player
|
|
9 Jan 2013 | VULN009 | Microsoft : Important Vulnerability in Open Data Protocol Could Allow Denial of Service | Systems running
|
|
9 Jan 2013 | VULN008 | Microsoft : Important Vulnerability in Microsoft Windows Could Allow Security Feature Bypass | Windows version Vista, 7, 8, Server 2008,
|
|
9 Jan 2013 | VULN007 | Microsoft : Important Vulnerability in Windows Kernel-Mode Driver Could Allow Elevation of Privilege | Windows version Vista, 7, 8, Server 2008,
|
|
9 Jan 2013 | VULN006 | Microsoft : Important Vulnerabilities in .NET Framework Could Allow Elevation of Privilege | Systems running
|
|
9 Jan 2013 | VULN005 | Microsoft : Important Vulnerabilities in System Center Operations Manager Could Allow Elevation of ,Privilege | Systems running
|
|
9 Jan 2013 | VULN004 | Microsoft : Critical Vulnerabilities in Microsoft XML Core Services Could Allow Remote Code Execution | Windows version XP, Server 2003, Vista, 7, 8,
|
|
9 Jan 2013 | VULN003 | Microsoft : Critical Vulnerability in Windows Print Spooler Components Could Allow Remote Code Execution | Windows 7, Windows Server 2008
|
|
8 Jan 2013 | VULN002 | Asterisk : DoS fixed in Asterisk | Systems running Asterisk Open Source versions
|
|
7 Jan 2013 | VULN001 | Adobe : Security Advisory for ColdFusion | Systems running ColdFusion versions 10, 9.0.2,
|
|
4 Jan 2013 | STAT01 | |
|