29 Dec 2017 | STAT52 | |
|
28 Dec 2017 | VULN411 | Drupal : me aliases - Highly critical - Arbitrary code execution - SA-CONTRIB-2017-097 | Systems running me aliases for Drupal versions
|
28 Dec 2017 | VULN410 | OTRS : Security Update for OTRS Framework | Systems running OTRS versions prior to 6.0.3,
|
28 Dec 2017 | VULN409 | Enigmail : Enigmail v1.9.9 addresses a number of security vulnerabilities | Systems running Enigmail versions prior to 1.9.9.
|
27 Dec 2017 | VULN408 | WebKitGTK+ : WebKitGTK+ Security Advisory WSA-2017-0010 | Systems running WebKitGTK+ versions prior to
|
18 Dec 2017 | VULN407 | Qnap : Security Advisory for Buffer Overflow Vulnerabilities in QTS | QTS versions prior to 4.2.6 build 20171208,
|
22 Dec 2017 | STAT51 | |
|
15 Dec 2017 | STAT50 | |
|
15 Dec 2017 | VULN406 | Ruby : CVE-2017-17405 Command injection vulnerability in Net::FTP | Systems running Ruby.
|
14 Dec 2017 | VULN405 | Palo Alto : Remote code execution vulnerabilities fixed in PAN-OS | PAN-OS versions prior to 6.1.19, 7.0.19, 7.1.14,
|
14 Dec 2017 | VULN404 | Jenkins : Random failures to initialize the setup wizard on startup | Systems running Jenkins versions 2.81 up to and
|
14 Dec 2017 | VULN399 | APPLE : APPLE-SA-2017-12-13-4 iTunes 12.7.2 for Windows | Windows versions 7 and later running iTunes
|
14 Dec 2017 | VULN403 | Asterisk : Asterisk Project Security Advisory - AST-2017-012 | Systems running Asterisk Open Source versions
|
14 Dec 2017 | VULN402 | APPLE : APPLE-SA-2017-12-12-2 -1 AirPort Base Station Firmware Update 7.6.9 and 7.7.9 | AirPort Base Station Firmware versions prior to
|
14 Dec 2017 | VULN401 | APPLE : APPLE-SA-2017-12-13-3 iCloud for Windows 7.2 | Windows versions 7 and later running iCloud
|
14 Dec 2017 | VULN400 | APPLE : APPLE-SA-2017-12-13-1 iOS 11.2.1 | iOS versions prior to 11.2.1.
|
14 Dec 2017 | VULN398 | APPLE : APPLE-SA-2017-12-13-5 Safari 11.0.2 | Systems Safari versions prior to 11.0.2.
|
13 Dec 2017 | VULN397 | US-CERT : TLS implementations may disclose side channel information | Systems running TLS implementations.
|
13 Dec 2017 | VULN396 | Adobe : Security updates available for Flash Player APSB17-42 | Systems running Adobe Flash Player versions prior
|
13 Dec 2017 | VULN395 | Citrix : Vulnerabilities in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway | Systems running Citrix NetScaler, Citrix NetScaler
|
13 Dec 2017 | VULN394 | VMware : VMware AirWatch Console updates address Broken Access Control | Systems running VMware AirWatch Console versions
|
13 Dec 2017 | VULN393 | Microsoft : Microsoft Security Update Summary for December 2017 | Windows versions 7, 8.1, RT 8.1, 10,
|
12 Dec 2017 | VULN392 | Xen : Multiple security vulnerabilities fixed in Xen | Systems running Xen.
|
12 Dec 2017 | VULN391 | Jenkins : Arbitrary file read vulnerability in Script Security Plugin | Systems running Script Security Plugin for Jenkins
|
12 Dec 2017 | VULN390 | Cisco : Bleichenbacher Attack on TLS Affecting Cisco Products December 2017 | Cisco products running TLS stack implementations.
|
11 Dec 2017 | VULN389 | PowerDNS : Crafted CNAME answer can cause a denial of service | Systems running PowerDNS versions 4.0.x prior to
|
11 Dec 2017 | VULN388 | GraphicsMagick : GraphicsMagick 1.3.27 fixes multiple security vulnerabilities | Systems running GraphicsMagick versions prior to
|
11 Dec 2017 | VULN387 | Apache Synapse : CVE-2017-15708 Apache Synapse Remote Code Execution Vulnerability | Systems running Apache Synapse versions prior to
|
8 Dec 2017 | STAT49 | |
|
8 Dec 2017 | VULN386 | Google Chrome : Google Chrome 63.0.3239.84 fixes multiple security vulnerabilities | Systems running Google Chrome versions prior to
|
8 Dec 2017 | VULN385 | Mozilla : Security vulnerabilities fixed in Firefox ESR 52.5.2 and Firefox 57.0.2 | Systems running Firefox versions prior to 57.0.2,
|
8 Dec 2017 | VULN384 | OpenSSL : Vulnerabilities fixed in OpenSSL 1.0.2n | Systems running OpenSSL versions prior to 1.0.2n.
|
7 Dec 2017 | VULN383 | Jenkins : EC2 Plugin Arbitrary shell command execution | Systems running EC2 Plugin for Jenkins versions
|
7 Dec 2017 | VULN382 | Microsoft : CVE-2017-11937 Microsoft Malware Protection Engine Remote Code Execution Vulnerability | Windows running Microsoft Malware Protection
|
7 Dec 2017 | VULN381 | APPLE : APPLE-SA-2017-12-6-4 tvOS 11.2 | tvOS versions prior to 11.2.
|
7 Dec 2017 | VULN380 | APPLE : APPLE-SA-2017-12-6-3 watchOS 4.2 | watchOS versions prior to 4.2.
|
7 Dec 2017 | VULN379 | APPLE : APPLE-SA-2017-12-6-2 iOS 11.2 | iOS versions prior to 11.2.
|
7 Dec 2017 | VULN378 | APPLE : APPLE-SA-2017-12-6-1 macOS High Sierra 10.13.2, Security Update 2017-002 Sierra, and Security Update 2017-005 El Capitan | macOS X versions prior to 10.13.2.
|
5 Dec 2017 | VULN377 | Jenkins : Jenkins Security Advisory 2017-12-05 | Systems running Jenkins versions 2 prior to
|
5 Dec 2017 | VULN376 | Wireshark : Multiple Vulnerabilities fixed in Wireshark | Systems running Wireshark versions 2 prior to
|
5 Dec 2017 | VULN375 | Mozilla : Security vulnerabilities fixed in Firefox 57.0.1 | Systems running Firefox versions prior to 57.0.1.
|
4 Dec 2017 | VULN374 | Asterisk : DOS Vulnerability in Asterisk chan_skinny | Systems running Asterisk Open Source versions
|
4 Dec 2017 | VULN373 | Citrix XenServer : Citrix XenServer Multiple Security Updates | Systems running Citrix XenServer versions up to
|
4 Dec 2017 | VULN372 | Apache Struts : Vulnerabilities fixed in Apache Struts | Systems running Apache Struts versions prior to
|
1 Dec 2017 | STAT48 | |
|
30 Nov 2017 | VULN371 | WordPress : WordPress 4.9.1 Security and Maintenance Release | Systems running WordPress versions prior to 4.9.1.
|
30 Nov 2017 | VULN370 | APPLE : Administrator authentication bypass vulnerability in macOS fixed | macOS versions 10.12.6 and later prior to 10.13.1.
|
29 Nov 2017 | VULN369 | Cisco : Multiple Vulnerabilities in Cisco WebEx Recording Format and Advanced Recording Format Players | Systems running Cisco WebEx Business Suite,
|
29 Nov 2017 | VULN368 | curl : buffer overflow, out of bounds reads vulnerabilities fixed | Systems running libcurl versions 7.21.0 up to and
|
28 Nov 2017 | VULN367 | Xen : DoS, information leak or full privilege escalation vulnerabilities fixed in Xen | Systems running Xen versions from 3.4.x onwards.
|
28 Nov 2017 | VULN366 | PowerDNS : Multiple vulnerabilities fixed in PowerDNS | Systems running PowerDNS Authoritative Server
|
27 Nov 2017 | VULN365 | Exim : Critical Exim Security Vulnerability disable chunking | Systems running Exim.
|
27 Nov 2017 | VULN364 | Mozilla : Security vulnerabilities fixed in Thunderbird 52.5 | Systems running Mozilla Thunderbird versions prior
|
24 Nov 2017 | VULN363 | Atlassian : Hipchat Server Security Advisory 2017-11-22 | Systems running Hipchat Server,
|
24 Nov 2017 | STAT47 | |
|
24 Nov 2017 | VULN362 | US-CERT : Install Norton Security for Mac does not verify SSL certificates | Systems running Install Norton Security for Mac
|
24 Nov 2017 | VULN361 | OTRS : Security Advisory 2017-07 Security Update for OTRS Framework | Systems running OTRS version prior to 5.0.24,
|
23 Nov 2017 | VULN360 | Cacti : Cacti 1.1.28 fixes multiple security vulnerabilities | Systems running Cacti version prior to 1.1.28.
|
22 Nov 2017 | VULN359 | Samba : Server heap memory information leak and Use-after-free vulnerability | Systems running Samba version prior to 4.7.3,
|
22 Nov 2017 | VULN358 | Moodle : Students can find out email addresses of other students in the same course | Systems running Moodle versions prior to 3.4,
|
21 Nov 2017 | VULN357 | US-CERT : Microsoft Windows 8 non-DYNAMICBASE applications relocation vulnerability | Microsoft Windows version 8.
|
21 Nov 2017 | VULN356 | US-CERT : Microsoft Office Equation Editor stack buffer overflow | Microsoft Windows version 8 and later.
|
20 Nov 2017 | VULN355 | BIG-IP : BIG-IP SSL vulnerability CVE-2017-6168 | Systems running F5 BIG-IP software.
|
17 Nov 2017 | STAT46 | |
|
17 Nov 2017 | VULN354 | Oracle : Oracle Security Alert Advisory - CVE-2017-10269 | Systems running Oracle Tuxedo.
|
17 Nov 2017 | VULN352 | VMware : NSX for vSphere update addresses NSX Edge Cross-Site Scripting (XSS) issue | Systems running VMware NSX for vSphere versions
|
17 Nov 2017 | VULN353 | VMware : VMware AirWatch Console and Launcher for Android updates resolve multiple vulnerabilities | Systems running VMware AirWatch Console versions
|
17 Nov 2017 | VULN351 | VMware : VMware Workstation, Fusion and Horizon View Client updates resolve multiple security vulnerabilities | Systems running VMware Workstation versions 12.x
|
16 Nov 2017 | VULN350 | Jenkins : Reflected Cross-Site Scripting vulnerability in Delivery Pipeline plugin | Systems running Delivery Pipeline for Jenkins
|
16 Nov 2017 | VULN349 | Shibboleth : Shibboleth Service Provider Security Advisory [15 November 2017] | Systems running Shibboleth versions prior to
|
16 Nov 2017 | VULN348 | MediaWiki : Security release 1.29.2 / 1.28.3 / 1.27.4 | Systems running MediaWiki versions prior to
|
15 Nov 2017 | VULN347 | Mozilla : Security vulnerabilities fixed in Firefox 57 | Systems running Firefox versions prior to 57, ESR
|
15 Nov 2017 | VULN346 | Microsoft : Microsoft Security Update Summary for November 2017 | Windows versions 7, 8.1, RT 8.1, 10,
|
15 Nov 2017 | VULN345 | Apache Camel : New security advisory CVE-2017-12634 released for Apache Camel | Systems running Apache Camel versions prior to
|
15 Nov 2017 | VULN344 | Apache CouchDB : Apache CouchDB CVE-2017-12635 and CVE-2017-12636 | Systems running CouchDB versions prior to 2.1.1,
|
15 Nov 2017 | VULN343 | Cisco : Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability | Cisco Voice Operating System-Based Products.
|
14 Nov 2017 | VULN342 | Roundcube : Security updates 1.3.3, 1.2.7 and 1.1.10 released | Systems running Roundcube versions prior to
|
13 Nov 2017 | VULN341 | WebKitGTK+ : WebKitGTK+ Security Advisory WSA-2017-0009 | Systems running WebKitGTK+ versions prior to
|
10 Nov 2017 | STAT45 | |
|
10 Nov 2017 | VULN340 | Joomla! : Information Disclosure and Two-Factor Authentication Bypass vulnerabilities fixed | Systems running Joomla! versions prior to 3.8.2.
|
10 Nov 2017 | VULN339 | Asterisk : Multiple vulnerabilities fixed in Asterisk | Systems running Asterisk Open Source versions
|
10 Nov 2017 | VULN338 | PostgreSQL : PostgreSQL 10.1, 9.6.6, 9.5.10, 9.4.15, 9.3.20, and 9.2.24 released! | Systems running PostgreSQL versions prior to
|
10 Nov 2017 | VULN337 | TYPO3 : Vulnerabilities in multiple third party TYPO3 CMS extensions | Systems running File manager for TYPO3,
|
10 Nov 2017 | VULN336 | DRUPAL : Vulnerabilities fixed in Custom Permissions, Permissions by Term, Automated Logout | Systems running Custom Permissions for DRUPAL
|
10 Nov 2017 | VULN335 | VMware : VMware vCenter Server update resolves LDAP DoS, SSRF,and CRLF injection issues | Systems running VMware vCenter Server.
|
8 Nov 2017 | VULN334 | Apache Hadoop : CVE-2017-3166 Apache Hadoop Privilege escalation vulnerability | Systems running Apache Hadoop versions prior to
|
7 Nov 2017 | VULN333 | OpenSSL : OpenSSL Security Advisory [02 Nov 2017] | Systems running OpenSSL versions prior to 1.1.0g,
|
7 Nov 2017 | VULN332 | Google : Updates for Chrome, Chrome OS fix security vulnerabilities | Systems running Google Chrome versions prior to
|
6 Nov 2017 | VULN331 | US-CERT : IEEE P1735 implementations may have weak cryptographic protections | Systems running IEEE P1735 implementations.
|
6 Nov 2017 | VULN330 | LibreOffice : CVE-2017-12608 Out-of-Bounds Write vulnerabilitiesfixed in 5.0.2/5.1.0 | Systems running LibreOffice versions prior to
|
3 Nov 2017 | STAT44 | |
|
2 Nov 2017 | VULN329 | Apache Hive : CVE-2017-12625 Apache Hive information disclosure vulnerability for column masking | Systems running Apache Hive versions 2.1.0 up to
|
2 Nov 2017 | VULN328 | Splunk : Splunk response to Potential Local Privilege Escalation through instructions to run Splunk as non-root user | Systems running Splunk.
|
2 Nov 2017 | VULN327 | Cisco : Cisco Application Policy Infrastructure Controller Enterprise Module Unauthorized Access Vulnerability | Cisco Application Policy Infrastructure Controller
|
2 Nov 2017 | VULN326 | Cisco : Cisco Prime Collaboration Provisioning Authenticated SQL Injection Vulnerability | Cisco Prime Collaboration Provisioning Software
|
2 Nov 2017 | VULN325 | Cisco : Cisco Firepower 4100 Series NGFW and Firepower 9300 Security Appliance Smart Licensing Command Injection Vulnerability | FX-OS versions 1.1.3, 1.1.4, 2.0.1.
|
2 Nov 2017 | VULN324 | Cisco : Cisco Identity Services Engine Privilege Escalation Vulnerability | Cisco Identity Services Engine software versions
|
2 Nov 2017 | VULN323 | Cisco : Cisco Wireless LAN Controller 802.11v Basic Service Set Transition Management Denial of Service Vulnerability | Cisco Wireless LAN Controller Software versions
|
2 Nov 2017 | VULN322 | Cisco : Cisco Aironet 1560, 2800, and 3800 Series Access Point Platforms 802.11 Denial of Service Vulnerability | Cisco Aironet Series Access Point Software.
|
2 Nov 2017 | VULN321 | APPLE : APPLE-SA-2017-10-31-7 iCloud for Windows 7.1 | Windows running iCloud versions prior to 7.1.
|
2 Nov 2017 | VULN320 | APPLE : APPLE-SA-2017-10-31-3 tvOS 11.1 | tvOS versions prior to 11.1.
|
2 Nov 2017 | VULN319 | APPLE : APPLE-SA-2017-10-31-6 iTunes 12.7.1 for Windows | Windows running iTunes versions prior to 12.7.1.
|
2 Nov 2017 | VULN318 | APPLE : APPLE-SA-2017-10-31-5 Safari 11.1 | Systems running Safari versions prior to 11.1.
|
2 Nov 2017 | VULN317 | APPLE : APPLE-SA-2017-10-31-2 macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, Security Update 2017-004 El Capitan | macOS X versions prior to 10.13.1.
|
2 Nov 2017 | VULN316 | APPLE : APPLE-SA-2017-10-31-1 iOS 11.1 | iOS versions prior to 11.1.
|
2 Nov 2017 | VULN315 | WordPress : Important WordPress 4.8.3 Security Release | Systems running wordpress versions prior to 4.8.3.
|
31 Oct 2017 | VULN313 | Oracle : Oracle Security Alert Advisory - CVE-2017-10151 | Systems running Oracle Identity Manager.
|
30 Oct 2017 | VULN312 | NCSC-FI : Two vulnerabilities patched in GNU Wget CVE-2017-13089, CVE-2017-13090 | Systems running GNU Wget versions prior to 1.19.2.
|
27 Oct 2017 | STAT43 | |
|
24 Oct 2017 | VULN311 | Jenkins : Jenkins Security Advisory 2017-10-23 | Systems running Build-Publisher for Jenkins,
|
24 Oct 2017 | VULN310 | Xen : pin count / page reference race in grant table code | Systems running Xen versions 4.2 and newer.
|
24 Oct 2017 | VULN309 | curl : IMAP FETCH response out of bounds read | Systems running curl versions prior to 7.56.1.
|
20 Oct 2017 | STAT42 | |
|
19 Oct 2017 | VULN308 | Cisco : Cisco Cloud Services Platform 2100 Unauthorized Access Vulnerability | Cisco Cloud Services Platform software prior to
|
19 Oct 2017 | VULN307 | Cisco : Cisco FXOS and NX-OS System Software Authentication, Authorization, and Accounting Denial of Service Vulnerability | Cisco FXOS, Cisco NX-OS System Software.
|
19 Oct 2017 | VULN306 | WebKitGTK+ : WebKitGTK+ Security Advisory WSA-2017-0008 | Systems running WebKitGTK+ versions prior to
|
19 Oct 2017 | VULN305 | Webmin : Webmin 1.860 fixes XSS vulnerability and Upload and Download security issue | Systems running webmin versions prior to 1.860.
|
18 Oct 2017 | VULN304 | Oracle : October 2017 Critical Patch Update Released | Systems running Oracle Database Server,
|
16 Oct 2017 | VULN303 | Cisco : Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II | Cisco wireless products software.
|
16 Oct 2017 | VULN302 | Apache Solr : CVE-2017-12629 Please secure your Apache Solr servers since a zero-day exploit has been reported on a public mailing list | Systems running Apache Solr.
|
16 Oct 2017 | VULN301 | Jenkins : Important security updates for Jenkins core and plugins | Systems running Jenkins versions prior to 2.84,
|
13 Oct 2017 | STAT41 | |
|
13 Oct 2017 | VULN300 | Xen : Multiple vulnerabilities fixed in Xen | Systems running Xen.
|
11 Oct 2017 | VULN299 | Microsoft : Microsoft Security Update Summary for October 2017 | Windows versions 7, 8.1, RT 8.1, 10,
|
10 Oct 2017 | VULN298 | EMC : RSA Archer® GRC Platform Multiple Vulnerabilities | Systems running RSA Archer versions prior to
|
10 Oct 2017 | VULN297 | RubyGems : RubyGems 2.6.14 fixes an unsafe object deserialization vulnerability | Systems running RubyGems versions prior to 2.6.14.
|
10 Oct 2017 | VULN296 | Apache NiFi : CVE-2017-12623 Apache NiFi XXE issue in template XML upload | Systems running Apache NiFi versions 1.x prior to
|
10 Oct 2017 | VULN295 | X.Org : X server fixes for CVE-2017-13721 & CVE-2017-13723 | Systems running xorg-server versions prior to
|
9 Oct 2017 | VULN294 | Apache OpenNLP : CVE-2017-12620 Apache OpenNLP XXE vulnerability | Systems running Apache OpenNLP versions prior to
|
6 Oct 2017 | STAT40 | |
|
6 Oct 2017 | VULN293 | Shibboleth IdP : Shibboleth Identity Provider Security Advisory [4 October 2017] | Systems running Shibboleth IdP versions prior to
|
6 Oct 2017 | VULN292 | Apache httpd : Apache httpd 2.4.28 fix Corrupted or freed memory access vulnerability | Systems running Apache httpd versions prior to
|
6 Oct 2017 | VULN291 | APPLE : APPLE-SA-2017-10-05-1 macOS High Sierra 10.13 Supplemental Update | macOS High versions Sierra 10.13.
|
5 Oct 2017 | VULN290 | Project curl : FTP PWD response parser out of bounds read | Systems running libcurl versions 7.7 up to and
|
5 Oct 2017 | VULN289 | OpenVPN : OpenVPN 2.4.4 and 2.3.18 fix out of bounds write in key-method 1 | Systems running OpenVPN versions prior to 2.4.4,
|
5 Oct 2017 | VULN288 | Cisco : Cisco License Manager Directory Traversal Information Disclosure Vulnerability | Systems running Cisco License Manager.
|
5 Oct 2017 | VULN287 | Cisco : Cisco Firepower Detection Engine SSL Decryption Memory Consumption Denial of Service Vulnerability | Cisco Firepower Threat Defense Software versions
|
5 Oct 2017 | VULN286 | Cisco : Cisco Firepower Denial of Service Vulnerabilities | Cisco Firepower System Software versions 6.0 and
|
5 Oct 2017 | VULN285 | Cisco : Cisco Adaptive Security Appliance Software Direct Authentication Denial of Service Vulnerability | Cisco Adaptive Security Appliance Software.
|
4 Oct 2017 | VULN284 | Apache Tomcat : CVE-2017-12617 Apache Tomcat Remote Code Execution via JSP Upload | Systems running Apache Tomcat versions prior to
|
3 Oct 2017 | VULN283 | dnsmasq : dnsmasq-2.78 fixes multiple vulnerabilities | Systems running dnsmasq versions prior to 2.78.
|
3 Oct 2017 | VULN282 | Xen : ARM: Some memory not scrubbed at boot | Systems running Xen versions since 4.5.
|
29 Sep 2017 | STAT39 | |
|
28 Sep 2017 | VULN281 | Cisco : Cisco IOS and IOS XE Software multiple vulnerabilities | Cisco IOS, Cisco IOS XE Software.
|
26 Sep 2017 | VULN280 | Google Chrome : Stable channel 61.0.3163.100 fix Out-of-bounds access in V8 | Systems running Google Chrome versions prior to
|
26 Sep 2017 | VULN279 | Citrix : Authentication Bypass Vulnerability in Citrix NetScaler ADC and NetScaler Gateway Management Interface | Systems running Citrix NetScaler, NetScaler Gateway
|
26 Sep 2017 | VULN278 | APPLE : APPLE-SA-2017-09-25-2 iCloud for Windows 7 | Windows running iCloud for Windows 7.
|
26 Sep 2017 | VULN277 | APPLE : APPLE-SA-2017-09-25-7 iTunes 12.7 | Systems running iTunes versions prior to 12.7.
|
26 Sep 2017 | VULN276 | APPLE : APPLE-SA-2017-09-25-9 macOS Server 5.4 | macOS Server versions prior to 5.4.
|
26 Sep 2017 | VULN275 | APPLE : APPLE-SA-2017-09-25-1 macOS High Sierra 10.13 | macOS versions prior to High Sierra 10.13.
|
22 Sep 2017 | STAT38 | |
|
22 Sep 2017 | VULN274 | DRUPAL : Skype Status - Moderately Critical - Cross Site Scripting - DRUPAL-SA-CONTRIB-2017-076 | Systems running Skype Status for DRUPAL versions
|
22 Sep 2017 | VULN273 | DRUPAL : Page Access - Unsupported - SA-CONTRIB-2017-75 | Systems running Page Access for DRUPAL.
|
21 Sep 2017 | VULN272 | Cisco : Cisco Unified Customer Voice Portal Operations Console Privilege Escalation Vulnerability | Systems running Cisco Unified Customer Voice Portal
|
21 Sep 2017 | VULN271 | Cisco : Cisco Small Business Managed Switches Denial of Service Vulnerability | Cisco Small Business Managed Switches software.
|
21 Sep 2017 | VULN270 | Cisco : Cisco Email Security Appliance Denial of Service Vulnerability | Cisco AsyncOS Software for Cisco Email Security
|
21 Sep 2017 | VULN269 | Joomla! : Information Disclosure vulnerabilities fixed | Systems running Joomla! versions prior to 3.8.0.
|
21 Sep 2017 | VULN268 | WordPress : WordPress 4.8.2 Security and Maintenance Release | Systems running WordPress versions prior to 4.8.2.
|
20 Sep 2017 | VULN267 | APPLE : APPLE-SA-2017-09-19-3 Xcode 9 | Systems running Xcode versions prior to 9.
|
20 Sep 2017 | VULN266 | APPLE : APPLE-SA-2017-09-19-2 Safari 11 | Systems running Safari versions prior to 11.
|
20 Sep 2017 | VULN265 | APPLE : APPLE-SA-2017-09-19-1 iOS 11 | iOS versions prior to 11.
|
20 Sep 2017 | VULN264 | Apache Tomcat : Apache Tomcat Remote Code Execution and Information Disclosure | Systems running Apache Tomcat versions 7 prior to
|
20 Sep 2017 | VULN263 | Samba : Security vulnerabilities fixed in Samba 4.6.8, 4.5.14 and 4.4.16 | Systems running Samba versions prior to 4.6.8,
|
19 Sep 2017 | VULN262 | Apache Solr : Security vulnerability in kerberos delegation token functionality | Systems running Apache Solr versions 6.x prior to
|
18 Sep 2017 | VULN261 | Moodle : Multiple vulnerabilities fixed | Systems running Moodle versions prior to 3.3.2,
|
15 Sep 2017 | STAT37 | |
|
15 Sep 2017 | VULN260 | US-CERT : Multiple Bluetooth implementation vulnerabilities affect many devices | Systems running Bluetooth implementations.
|
15 Sep 2017 | VULN259 | Ruby : Multiple vulnerabilities fixed in Ruby | Systems running Ruby versions 2.2, 2.3, 2.4 prior
|
15 Sep 2017 | VULN258 | VMware : VMware ESXi, vCenter Server, Fusion & Workstation updates resolve multiple security vulnerabilities | Systems running VMware ESXi versions 6.5, 5.5, 5.0,
|
14 Sep 2017 | VULN257 | Foxit : Security updates available in Foxit PhantomPDF and Foxit Reader | Systems running Foxit Reader versions prior to
|
14 Sep 2017 | VULN256 | Xen : Multiple DoS ans Privilege escalation vulnerabilities fixed | Systems running Xen.
|
14 Sep 2017 | VULN254 | Cisco : Cisco Meeting Server TURN Server Unauthorized Access and Information Disclosure Vulnerability | Systems running Cisco Meeting Server TURN Server.
|
14 Sep 2017 | VULN255 | DRUPAL : Flag clear - Moderately Critical - CSRF - DRUPAL-SA-CONTRIB-2017-074 | Systems running Flag clear for DRUPAL versions
|
13 Sep 2017 | VULN253 | Adobe RoboHelp : Security update available for RoboHelp | APSB17-25 | Systems running Adobe RoboHelp versions prior to
|
13 Sep 2017 | VULN252 | Adobe ColdFusion : Security updates available for ColdFusion | APSB17-30 | Systems running Adobe ColdFusion versions 11,
|
13 Sep 2017 | VULN251.1 | Adobe ColdFusion : Security updates available for ColdFusion | APSB17-30 | Systems running Adobe ColdFusion versions 11,
|
13 Sep 2017 | VULN251 | Adobe Flash Player : Security updates available for Flash Player | APSB17-28 | Systems running Adobe Flash Player versions prior
|
13 Sep 2017 | VULN250 | Microsoft : Microsoft Security Update Summary for September 2017 | Windows versions 7, 8.1, RT 8.1, 10,
|
8 Sep 2017 | STAT36 | |
|
8 Sep 2017 | VULN249 | (Atlassian : Security Warning (Git,Mercurial,SVN)) | Systems running Atlassian versions products using
|
8 Sep 2017 | VULN248 | Cisco : Multiple Vulnerabilities in Apache Struts 2 Affecting Cisco Products | Cisco products incorporating Apache Struts 2.
|
7 Sep 2017 | VULN247 | DRUPAL : Clientside Validation - Critical - Arbitary PHP Execution | Systems running Clientside Validation versions 7.x
|
7 Sep 2017 | VULN246 | DRUPAL : CAPTCHA - Moderately Critical - Denial of Service | Systems running CAPTCHA for DRUPAL versions 7.x
|
7 Sep 2017 | VULN245 | Google Chrome : Multiple vulnerabilities fixed in Google Chrome | Systems running Google Chrome versions prior to
|
7 Sep 2017 | VULN244 | TYPO3-CORE : TYPO3-CORE-SA-2017 Multiple vulnerabilities fixed in TYPO3 CMS | Systems running TYPO3 CMS versions 7, 8 prior to
|
7 Sep 2017 | VULN243 | Cisco : Cisco IoT Field Network Director Memory Exhaustion Denial of Service Vulnerability | Systems running Cisco IoT Field Network Director.
|
6 Sep 2017 | VULN242 | Apache Struts : Remote Code Execution vulnerability (and others) fixed in Apache Struts | Systems running Apache Struts versions 2 prior to
|
6 Sep 2017 | VULN241 | Django : Django security releases issued 1.11.5 and 1.10.8 | Systems running Django versions prior to
|
4 Sep 2017 | VULN240 | Wireshark : Multiple vulnerabilities fixed in Wireshark | Systems running Wireshark versions 2 prior to
|
4 Sep 2017 | VULN239 | Ruby : Multiple vulnerabilities in RubyGems | Systems running Ruby versions 2.2, 2.3, 2.4 prior
|
1 Sep 2017 | STAT35 | |
|
25 Aug 2017 | STAT34 | |
|
24 Aug 2017 | VULN238 | Xen : add-to-physmap error paths fail to release lock on ARM | Systems running Xen versions 4.4 and later.
|
23 Aug 2017 | VULN237 | Apache Log4j : CVE-2017-5645 Apache Log4j socket receiver deserialization vulnerability | Systems running Apache Log4j versions prior to
|
23 Aug 2017 | VULN236 | ZDI : Foxit Reader Remote Code Execution Vulnerabilities | Systems running Foxit Reader.
|
22 Aug 2017 | VULN235 | Apache Struts : DoS attack is available for Spring secured actions | Systems running Apache Struts versions 2 prior to
|
21 Aug 2017 | STAT33 | |
|
18 Aug 2017 | VULN234 | (Juniper : Junos OS buffer overflow vulnerability in Junos CLI (CVE-2017-10602)) | Junos OS versions 14.1X53, 14.2, 15.1, 15.1X49,
|
18 Aug 2017 | VULN233 | Git : New Git versions contain a security fix for CVE-2017-1000117 | Systems running Git versions 8.x prior to 2.14.1,
|
17 Aug 2017 | VULN232 | Drupal Core : Multiple Vulnerabilities - SA-CORE-2017-004 | Systems running Drupal Core versions 8.x prior to
|
17 Aug 2017 | VULN231.1 | Drupal Core : Multiple Vulnerabilities - SA-CORE-2017-004 | Systems running Drupal Core versions 8.x prior to
|
17 Aug 2017 | VULN231 | Cisco : Cisco Virtual Network Function Element Manager Arbitrary Command Execution Vulnerability | Systems running Drupal Core versions 8.x prior to
|
17 Aug 2017 | VULN230 | Cisco : Cisco Application Policy Infrastructure Controller Privilege Escalation Vulnerabilities | Systems running Cisco Application Policy
|
16 Aug 2017 | VULN228 | Xen : Multiple vulnerabilities fixed in Xen | Systems running Xen.
|
16 Aug 2017 | VULN229 | VMware : VMware NSX-V Edge updates address OSPF Protocol LSA DoS | Systems running VMware NSX-V Edge versions prior
|
16 Aug 2017 | VULN227 | Apache Subversion : Arbitrary code execution on clients through malicious svn+ssh URLs in svn:externals and svn:sync-from-url | Systems running Apache Subversion clients versions
|
16 Aug 2017 | VULN226 | PostgreSQL : 2017-08-10 Security Update Release | Systems running PostgreSQL.
|
14 Aug 2017 | STAT32 | |
|
11 Aug 2017 | VULN225 | Mozilla : Security vulnerabilities fixed in Firefox 55 | Systems running Firefox versions prior to 55,
|
10 Aug 2017 | VULN224 | Adobe: Security Update Available for Adobe Acrobat and Reader APSB17-24 | Systems running Adobe Acrobat and Reader versions
|
10 Aug 2017 | VULN223 | Adobe : Security updates available for Flash Player APSB17-23 | Systems running Adobe Flash Player versions prior
|
10 Aug 2017 | VULN222 | Microsoft : Microsoft Security Update Summary for August 2017 | Windows versions 7, 8.1, RT 8.1, 10,
|
4 Aug 2017 | STAT31 | |
|
28 Jul 2017 | STAT30 | |
|
21 Jul 2017 | STAT29 | |
|
20 Jul 2017 | VULN221 | APPLE : tvOS 10.2.2 | Systems running tvOS 10.2.2
|
20 Jul 2017 | VULN220 | APPLE : iTunes 12.6.2 for Windows | Systems running iTunes 12.6.2 for Windows
|
20 Jul 2017 | VULN219 | APPLE : iCloud for Windows 6.2.2 | Systems running iCloud for Windows 6.2.2
|
20 Jul 2017 | VULN218 | APPLE : watchOS 3.2.3 | Systems running watchOS 3.2.3
|
20 Jul 2017 | VULN216 | APPLE : macOS Sierra 10.12.6, Security Update 2017-003 El Capitan, and Security Update 2017-003 Yosemite | Systems running macOS Sierra 10.12.5, OS X El
|
20 Jul 2017 | VULN215 | APPLE : About the security content of Safari 10.1.2 | Systems running Safari versions prior to 10.1.2.
|
20 Jul 2017 | VULN217 | APPLE : iOS 10.3.3 | Systems running iOS 10.3.3
|
19 Jul 2017 | VULN214 | Oracle : Critical Patch Update de Oracle pour Juillet 2017 | Systems running
|
17 Jul 2017 | VULN213 | Moodle : Multiple vulnerabilities fixed in Moodle | Systems running Moodle versions prior to 3.3.1,
|
13 Jul 2017 | VULN212 | (nginx : nginx security advisory (CVE-2017-7529)) | Systems running nginx versions prior to 1.13.3,
|
13 Jul 2017 | VULN211.1 | Samba : Orpheus' Lyre mutual authentication validation bypass | Systems running Samba versions 4 prior to 4.6.6,
|
13 Jul 2017 | VULN211 | Samba : Orpheus' Lyre mutual authentication validation bypass | Systems running Samba versions 4 prior to 4.6.6,
|
13 Jul 2017 | STAT28 | |
|
12 Jul 2017 | VULN209 | Adobe : Security updates available for Flash Player | APSB17-21 | Systems running Flash Player.
|
12 Jul 2017 | VULN210 | Microsoft : Microsoft Security Update for July 2017 | Windows versions 7, 8.1, RT 8.1, 10,
|
10 Jul 2017 | VULN208 | Apache Struts : possible RCE in the Struts Showcase app in the Struts 1 plugin example in the Struts 2.3.x series | Systems running Apache Struts versions 2.3.x with
|
3 Jul 2017 | VULN199 | Kaspersky : Vulnerabilities fixed in Kaspersky Anti-Virus for Linux File Server 8 | Systems running Kaspersky Anti-Virus for Linux
|
7 Jul 2017 | STAT27 | |
|
7 Jul 2017 | VULN207 | Drupal : Security vulnerabilities fixed in multiple Drupal plugins | Systems running DrupalChat versions prior to
|
7 Jul 2017 | VULN206 | PHP : PHP versions 7.1.7, 7.0.21, 5.6.31 fix security vulnerabilities | Systems running PHP versions prior to 7.1.7,
|
6 Jul 2017 | VULN205 | Cisco : Cisco Ultra Services Framework Staging Server Arbitrary Command Execution Vulnerability | Systems running Cisco Ultra Services Framework
|
6 Jul 2017 | VULN203 | Cisco : Cisco Ultra Services Framework Vulnerabilities fixed | Systems running Cisco Ultra Services Framework.
|
6 Jul 2017 | VULN204 | Cisco : Cisco Elastic Services Vulnerabilities fixed | Systems running Cisco Elastic Services Controller.
|
6 Jul 2017 | VULN202 | Cisco : Cisco StarOS CLI Command Injection Vulnerability | Cisco StarOS, systems running Cisco Virtualized
|
5 Jul 2017 | VULN201 | RSA Archer GRC : RSA Archer GRC Platform Multiple Vulnerabilities | Systems running RSA Archer GRC versions 5 prior to
|
5 Jul 2017 | VULN200 | Joomla! : XSS and Information Disclosure Vulnerabilities fixed in Joomla! 3.7.3 | Systems running Joomla! versions prior to 3.7.3.
|
30 Jun 2017 | STAT26 | |
|
30 Jun 2017 | VULN198 | Cisco : SNMP Remote Code Execution Vulnerabilities in Cisco IOS and IOS XE Software | Cisco IOS, CISCO IOS XE.
|
30 Jun 2017 | VULN197 | ISC BIND : CVE-2017-3142 An error in TSIG authentication can permit unauthorized zone transfers | Windows running ISC BIND versions 9 prior to
|
26 Jun 2017 | VULN196 | OCaml : Local privilege escalation Vulnerability fixed in OCaml | Windows running OCaml versions 4.04.0, 4.04.1.
|
26 Jun 2017 | VULN195 | Microsoft : Arbitrary Code Execution Vulnerability fixed in Malware Protection Engine | Windows running Malware Protection Engine versions
|
23 Jun 2017 | VULN194 | Horde : Vulnerabilities fixed in Horde Groupware | Systems running Horde Groupware, Horde Groupware
|
23 Jun 2017 | VULN193 | Horde_Image : RCE and DOS vulnerabilities in Horde_Image | Systems running Horde_Image versions 2 prior to
|
23 Jun 2017 | STAT25 | |
|
23 Jun 2017 | VULN192 | Drupal Core : Multiple Vulnerabilities - SA-CORE-2017-003 | Systems running Drupal Core versions prior to
|
21 Jun 2017 | VULN191 | Cisco : Cisco Virtualized Packet Core Distributed Instance Denial of Service Vulnerability | Systems running Cisco Virtualized Packet
|
21 Jun 2017 | VULN190 | Cisco : Cisco WebEx Network Recording Player Multiple Buffer Overflow Vulnerabilities | Systems running Cisco WebEx Network Recording
|
21 Jun 2017 | VULN189 | Cisco : Cisco Prime Infrastructure and Evolved Programmable Network Manager XML Injection Vulnerability | Systems running Cisco Prime Infrastructure and
|
21 Jun 2017 | VULN188 | EMC Avamar : EMC Avamar Multiple Vulnerabilities | Systems running EMC Avamar.
|
21 Jun 2017 | VULN187 | Xen : Multiple Security vulnerabilities fixed in Xen | Systems running Xen.
|
20 Jun 2017 | VULN186.1 | Glibc : Local privilege escalation vulnerability fixed in Glibc | Systems running glibc.
|
20 Jun 2017 | VULN186 | Apache HTTP Server : Multiple Security vulnerabilities fixed in Apache HTTP Server | Systems running Apache HTTP Server versions 2
|
16 Jun 2017 | STAT24 | |
|
16 Jun 2017 | VULN185 | RT : Security vulnerabilities in RT | Systems running RT versions 4.0.x, 4.2.x, 4.4.x,
|
15 Jun 2017 | VULN184 | Project curl : URL file scheme drive letter buffer overflow | Systems running curl, libcurl versions prior to
|
15 Jun 2017 | VULN183 | Bind : Vulnerabilities fixed in Bind | Systems running Bind versions 9 prior to 9.9.10-P1,
|
14 Jun 2017 | VULN182 | Apache NiFi : CVE-2017-7667 Apache NiFi XFS issue due to insufficient response headers | Systems running Apache NiFi versions prior to
|
14 Jun 2017 | VULN181 | Adobe : Security updates available for Adobe Captivate APSB17-19 | Systems running Adobe Captivate versions prior to
|
14 Jun 2017 | VULN180 | Adobe : Security updates available for Adobe Digital Editions APSB17-20 | Systems running Adobe Digital Editions versions
|
14 Jun 2017 | VULN179 | Mozilla : Security vulnerabilities fixed in Firefox 54 and ESR 52.2 | Systems running Firefox versions prior to 54,
|
14 Jun 2017 | VULN178 | Adobe : Security update available for Shockwave Player APSB17-18 | Systems running Adobe Shockwave Player.
|
14 Jun 2017 | VULN177 | Adobe : Security updates available for Flash Player APSB17-17 | Systems running Adobe Flash Player.
|
14 Jun 2017 | VULN176 | Microsoft : Microsoft Security Update Summary for June 2017 | Windows versions 7, 8.1, RT 8.1, 10,
|
9 Jun 2017 | STAT23 | |
|
9 Jun 2017 | VULN175 | VMware : Horizon View Client update addresses a command injection vulnerability | Systems running VMware Horizon View Client
|
8 Jun 2017 | VULN174 | Cisco : Cisco TelePresence Endpoint Denial of Service Vulnerability | Systems running Cisco TelePresence Endpoint
|
8 Jun 2017 | VULN172 | Cisco : Cisco AnyConnect Local Privilege Escalation Vulnerability | Windows running Cisco AnyConnect Secure Mobility
|
8 Jun 2017 | VULN173 | Cisco : Cisco Prime DCNM Debug Remote Code Execution and Static Credential Vulnerabilities | Systems running Cisco Prime Data Center Network
|
2 Jun 2017 | STAT22 | |
|
1 Jun 2017 | VULN168 | Veritas : Use-After-Free Vulnerability in Multiple Veritas Backup Exec Agents | Systems running Veritas Backup Exec Agents
|
1 Jun 2017 | VULN167 | Trend Micro : Trend Micro InterScan Web Security Virtual Appliance 6.5 Multiple Vulnerabilities | Cisco Firepower System Software.
|
1 Jun 2017 | VULN166 | Freeradius : freeradius Erroneous Session Resumption | Systems running Freeradius versions prior to
|
1 Jun 2017 | VULN165 | Cisco : Cisco Firepower System Software URL Filtering Bypass Vulnerability | Cisco Firepower System Software.
|
1 Jun 2017 | VULN164 | Sudo : Potential overwrite of arbitrary files on Linux | Systems running sudo versions prior to 1.8.20p1.
|
31 May 2017 | VULN163 | Cisco : Vulnerability in Samba Affecting Cisco Products May 2017 | Cisco OS running Samba.
|
30 May 2017 | VULN162 | Shibboleth IdP : Default Kerberos configurations are unsafe | Systems running Shibboleth Identity Provider.
|
29 May 2017 | VULN161 | Microsoft : Microsoft Malware Protection Engine multiple vulnerabilities | Systems running Microsoft Malware Protection
|
29 May 2017 | VULN160 | Samba : Symlink race allows access outside share definition | Systems running Samba versions prior to 4.6.1,
|
29 May 2017 | VULN159 | Puppet : Puppet Server Remote Code Execution Via YAML Deserialization | Systems running Puppet versions prior to 4.10.1,
|
26 May 2017 | STAT21 | |
|
19 May 2017 | STAT20 | |
|
19 May 2017 | VULN158 | VMware : VMware Workstation update addresses multiple security issues | Systems running VMware Workstation Pro versions
|
18 May 2017 | VULN157 | APPLE : APPLE-SA-2017-05-15-7 Safari 10.1.1 | Systems running Safari versions prior to 10.1.1.
|
18 May 2017 | VULN155 | APPLE : APPLE-SA-2017-05-15-2 iOS 10.3.2 | iOS versions prior to 10.3.2.
|
18 May 2017 | VULN154 | APPLE : APPLE-SA-2017-05-15-1 macOS 10.12.5 | macOS X versions prior to 10.12.5.
|
18 May 2017 | VULN153 | Joomla! : [20170501] - Core - SQL Injection | Systems running Joomla! versions 3.7.0.
|
18 May 2017 | VULN152 | WordPress : WordPress 4.7.5 Security and Maintenance Release | Systems running WordPress versions prior to 4.7.5.
|
18 May 2017 | VULN151 | KDE : kauth Local privilege escalation | Systems running kauth versions prior to 5.34,
|
18 May 2017 | VULN150 | Cisco : Cisco TelePresence IX5000 Series Directory Traversal Vulnerability | Systems running Cisco TelePresence IX5000 Series
|
18 May 2017 | VULN149 | Cisco : Cisco Prime Collaboration Provisioning Vulnerabilities | Systems running Cisco Prime Collaboration
|
18 May 2017 | VULN148 | Cisco : Cisco Policy Suite Privilege Escalation Vulnerability | Systems running Cisco Policy Suite (CPS) Software
|
12 May 2017 | STAT19 | |
|
11 May 2017 | VULN147 | Cisco : Cisco WebEx Meetings Server Information Disclosure Vulnerability | Systems running Cisco WebEx Meetings Server8.
|
10 May 2017 | VULN146 | Adobe : Security updates available for Adobe Experience Manager Forms | Systems running Adobe Experience Manager Forms
|
10 May 2017 | VULN145 | Adobe : Security updates available for Adobe Flash Player | Systems running Adobe Flash Player versions prior
|
10 May 2017 | VULN144 | Microsoft : Microsoft Security Update Summary for May 2017 | Windows versions 7, 8.1, RT, RT 8.1, 10,
|
10 May 2017 | VULN143 | Microsoft : Security Update for Microsoft Malware Protection Engine | Systems running Microsoft Forefront Endpoint
|
2 May 2017 | VULN130 | Intel : Intel Active Management Technology, Intel Small Business Technology, and Intel Standard Manageability Escalation of Privilege | Intel® Active Management Technology firmware,
|
5 May 2017 | STAT18 | |
|
5 May 2017 | VULN142 | Apache Hadoop : Apache Hadoop NameNode XSS and DataNode web UI vulnerability | Systems running Apache Hadoop versions prior to
|
5 May 2017 | VULN141 | MediaWiki : Security release 1.27.3 and 1.28.2 | Systems running MediaWiki versions prior to
|
5 May 2017 | VULN140 | EMC : EMC Data Domain Privilege Escalation Vulnerability | EMC Data Domain OS versions 5.2, 5.4, 5.5, 5.6,
|
5 May 2017 | VULN139 | QNAP NAS : Security Advisory for XMR Mining Program | QTS.
|
4 May 2017 | VULN138 | Citrix XenServer : Citrix XenServer Multiple Security Updates | Systems running XenServer versions 7.1, 7.0,
|
4 May 2017 | VULN137 | DRUPAL : shib_auth Moderately Critical - Multiple vulnerabilities - SA-CONTRIB-2017-043 | Systems running Shibboleth authentication for
|
4 May 2017 | VULN136 | Cisco : Cisco TelePresence ICMP Denial of Service Vulnerability | Systems running Cisco TelePresence Collaboration
|
4 May 2017 | VULN135 | Cisco : Cisco CVR100W Wireless-N VPN Router Universal Plug-and-Play Buffer Overflow Vulnerability | Cisco CVR100W Wireless-N VPN Router firmware.
|
4 May 2017 | VULN134 | Cisco : Cisco IOS XR Software Denial of Service Vulnerability | Cisco IOS XR.
|
4 May 2017 | VULN133 | Cisco : Cisco Aironet 1800, 2800, and 3800 Series Access Points Plug-and-Play Arbitrary Code Execution Vulnerability | Cisco Aironet Series Access Points firmware.
|
3 May 2017 | VULN132 | Google : Vulnerabilities fixed in Google Chrome and Chrome OS | Systems running Chrome versions prior to
|
3 May 2017 | VULN131 | Xen : Multiple Vulnerabilities fixed in Xen | Systems running Xen.
|
28 Apr 2017 | STAT17 | |
|
28 Apr 2017 | VULN129 | Joomla! : Multiple vulnerabilities fixed in Joomla! | Systems running Joomla! versions prior to 3.7.0.
|
28 Apr 2017 | VULN128 | LibreOffice : CVE-2017-7870 Heap-buffer-overflow in WMF polygon processing | Systems running LibreOffice versions prior to
|
27 Apr 2017 | VULN127 | Atlassian Confluence : Unauthenticated users can view the content of Confluence blogs and pages | Systems running Atlassian Confluence versions
|
27 Apr 2017 | VULN126 | Jenkins : multiple vulnerabilities fixed in Jenkins | Systems running Jenkins versions prior to 2.57,
|
26 Apr 2017 | VULN125 | Adobe : Security Update Hotfixes available for ColdFusion | Systems running Adobe ColdFusion versions 10, 11,
|
21 Apr 2017 | STAT16 | |
|
21 Apr 2017 | VULN124 | Drupal Core : Drupal Core Critical Access Bypass - SA-CORE-2017-002 | Systems running Drupal Core versions 8.x prior to
|
21 Apr 2017 | VULN123 | (IBM : IBM Domino server IMAP EXAMINE command stack buffer,overflow (CVE-2017-1274)) | Systems running IBM Domino server versions 8.5.3,
|
21 Apr 2017 | VULN122 | (curl : TLS session resumption client cert bypass (again)) | Systems running curl versions 7.52.0 up to and
|
20 Apr 2017 | VULN121 | Google chrome : Chrome 58.0.3029.81 fixes Multiple Security vulnerabilities | Systems running Google chrome versions prior to
|
20 Apr 2017 | VULN120 | Mozilla : Multiple Security vulnerabilities fixed in Firefox 53 | Systems running Firefox versions prior to 53,
|
20 Apr 2017 | VULN119 | Cisco : Cisco Unified Communications Manager Denial of Service Vulnerability | Systems running Cisco Unified Communications
|
20 Apr 2017 | VULN118 | Cisco : Cisco IOS and IOS XE Software EnergyWise,Denial of Service Vulnerabilities | Cisco IOS, Cisco IOS XE.
|
20 Apr 2017 | VULN117 | Cisco : Cisco ASA Software Denial of Service Vulnerabilities | Cisco ASA Software.
|
20 Apr 2017 | VULN116 | Cisco : Cisco Firepower Detection Engine Pragmatic General Multicast Protocol Decoding Denial of Service Vulnerability | Systems running Cisco Firepower Detection Engine.
|
19 Apr 2017 | VULN115 | US-CERT : IBM Lotus Domino server mailbox name stack buffer overflow | Systems running IBM Lotus Domino server.
|
19 Apr 2017 | VULN114 | Apache CXF : Apache CXF JAX-RS XML Security streaming clients do not validate that the service response was signed or encrypted | Systems running Apache CXF versions prior to
|
19 Apr 2017 | VULN113 | Oracle : Critical Patch Update de Oracle pour Avril 2017 | Systems running Oracle Database Server,
|
19 Apr 2017 | VULN112 | VMware : VMware Unified Access Gateway, Horizon View and Workstation updates resolve multiple security | Systems running VMware Unified Access Gateway,
|
19 Apr 2017 | VULN111 | VMware : VMware vCenter Server updates resolve a remote code execution vulnerability via BlazeDS | Systems running VMware vCenter Server.
|
14 Apr 2017 | STAT15 | |
|
14 Apr 2017 | VULN110 | ISC BIND : Multiple vulnerabilities fixed in BIND | Systems running ISC Bind versions 9 prior to
|
14 Apr 2017 | VULN109 | Microsoft : Microsoft Security Update Summary for April 2017 | Windows running Internet Explorer, Microsoft Edge,
|
12 Apr 2017 | VULN108 | Adobe : Security updates available for Adobe Flash Player | Systems running Adobe Flash Player versions prior
|
11 Apr 2017 | VULN106 | Apache Tomcat : Information Disclosure and Denial of Service Vulnerabilities fixed | Systems running Apache Tomcat versions 6, 7, 8, 9
|
7 Apr 2017 | STAT14 | |
|
7 Apr 2017 | VULN105 | MyBB : MyBB 1.8.11 Security & Merge System 1.8.11 Releases | Systems running MyBB versions prior to 1.8.11,
|
6 Apr 2017 | VULN104 | Cisco : Cisco Aironet 1830 Series and 1850 Series Access Points Mobility Express Default Credential Vulnerability | Systems running Cisco Mobility Express Software.
|
6 Apr 2017 | VULN103 | Cisco : Cisco Wireless LAN Controller Multiple Denial of Service Vulnerabilities | Cisco Wireless LAN Controller (WLC) Software.
|
5 Apr 2017 | VULN102 | Xen : x86 broken check in memory_exchange() permits PV guest breakout | Systems running Xen.
|
5 Apr 2017 | VULN101 | Apache Geode : Apache Geode information disclosure vulnerability | Systems running Apache Geode versions 1.1.0.
|
5 Apr 2017 | VULN099 | Asterisk : Buffer overflow in CDR's set user | Systems running Asterisk versions 13.x, 14.x prior
|
5 Apr 2017 | VULN098 | Django : Django security releases issued: 1.10.7, 1.9.13, and 1.8.18 | Systems running Django versions prior to 1.10.7,
|
4 Apr 2017 | VULN097 | APPLE : APPLE-SA-2017-04-03-1 iOS 10.3.1 | iOS versions prior to 10.3.1.
|
3 Apr 2017 | VULN096 | Splunk : Splunk Enterprise 6.5.3, 6.2.13.1 and Splunk Light 6.5.2 address multiple vulnerabilities | Systems running Splunk Enterprise versions
|
31 Mar 2017 | STAT13 | |
|
31 Mar 2017 | VULN095 | DRUPAL : Office Hours XSS and Linkit Access Bypass | Systems running Office Hours for DRUPAL versions
|
31 Mar 2017 | VULN094 | Xen : xenstore denial of service via repeated update | Systems running Xen.
|
30 Mar 2017 | VULN093 | Phpmyadmin : Bypass $cfg['Servers'][$i]['AllowNoPassword'] | Systems running phpmyadmin versions 4 prior to
|
29 Mar 2017 | VULN092 | VMware : VMware ESXi, Workstation and Fusion updates address critical and moderate security issues | Systems running VMware ESXi, VMware Workstation,
|
28 Mar 2017 | VULN090 | APPLE : APPLE-SA-2017-03-27-5 watchOS 3.2 | watchOS versions prior to 3.2.
|
28 Mar 2017 | VULN089 | APPLE : APPLE-SA-2017-03-27-7 macOS Server 5.3 | Systems running macOS Server versions prior to 5.3.
|
28 Mar 2017 | VULN088 | APPLE : APPLE-SA-2017-03-27-4 iOS 10.3 | iOS versions prior to 10.3.
|
28 Mar 2017 | VULN087 | APPLE : APPLE-SA-2017-03-27-3 macOS Sierra 10.12.4, Security Update 2017-001 El Capitan, and Security Update 2017-001 Yosemite | macOS X versions prior to 10.12.4.
|
28 Mar 2017 | VULN086 | APPLE : APPLE-SA-2017-03-27-2 Safari 10.1 | Systems running Safari versions prior to 10.1.
|
27 Mar 2017 | VULN085 | Cisco : Cisco IOx Data in Motion Stack Overflow Vulnerability | Systems running Cisco IOx application environment.
|
27 Mar 2017 | VULN084 | Cisco : Cisco Application-Hosting Framework Vulnerabilities | Systems running Cisco Application-Hosting
|
27 Mar 2017 | VULN083 | NTP : March 2017 ntp-4.2.8p10 NTP Security Vulnerability Announcement | Systems running NTP versions prior to 4.2.8p10.
|
27 Mar 2017 | VULN082 | Samba : Symlink race allows access outside share definition | Systems running Samba versions prior to 4.6.1,
|
24 Mar 2017 | STAT12 | |
|
23 Mar 2017 | VULN081 | Cisco : Denial of Service Vulnerabilities fixed in Cisco IOS and IOS XE | Cisco IOS, Cisco IOS XE.
|
22 Mar 2017 | VULN080 | QNAP : Security Vulnerabilities Addressed in QTS 4.2.4 Build 2017031 | QTS versions prior to 4.2.4 Build 20170313.
|
21 Mar 2017 | VULN079 | Moodle : Multiple vulnerabilities fixed in Moodle | Systems running Moodle versions prior to 3.2.2,
|
21 Mar 2017 | VULN078 | OpenSSH : OpenSSH 7.5 released | Systems running OpenSSH versions prior to 7.5.
|
21 Mar 2017 | VULN077 | Jenkins : Vulnerabilities fixed in several Jenkins plugins | Systems running Active Directory Plugin for
|
20 Mar 2017 | VULN076.1 | (Mozilla : integer overflow in createImageBitmap()) | Systems running Firefox versions prior to 52.0.1,
|
20 Mar 2017 | VULN075.1 | Cisco : Cisco IOS and IOS XE Software Cluster Management Protocol Remote Code Execution Vulnerability | Cisco IOS, Cisco IOS XE.
|
17 Mar 2017 | STAT11 | |
|
17 Mar 2017 | VULN076 | Cisco : Cisco Workload Automation and Tidal Enterprise Scheduler Client Manager Server Arbitrary File Read Vulnerability | Systems running Client Manager Server of Cisco
|
17 Mar 2017 | VULN075 | Cisco : Cisco Meshed Wireless LAN Controller Impersonation Vulnerability | Cisco Meshed Wireless LAN Controller software.
|
17 Mar 2017 | VULN074 | Roundcube : Updates 1.2.4 and 1.1.8 released | Systems running Roundcube versions prior to
|
17 Mar 2017 | VULN073 | Drupal : Private - Critical - Access bypass | Systems running Private for Drupal versions
|
16 Mar 2017 | VULN072 | Drupal Core : Drupal Core - Multiple Vulnerabilities - SA-CORE-2017-001 | Systems running Drupal Core versions 8.x prior to
|
15 Mar 2017 | VULN071 | (Microsoft : Critical Security Update for Microsoft Graphics Component (4013075)) | Windows versions Vista, 7, Server 2008, 8.1, 10,
|
15 Mar 2017 | VULN070 | (Microsoft : Critical Security Update for Microsoft Uniscribe (4013076)) | Windows versions Vista, 7, Server 2008, 8.1,
|
15 Mar 2017 | VULN069 | (Microsoft : Critical Security Update for Microsoft Windows PDF Library (4010319)) | Windows versions 8.1, Server 2012, RT 8.1, 10,
|
15 Mar 2017 | VULN068 | Microsoft : Important Security Update for Microsoft Office | Systems running Microsoft Office versions 2007,
|
15 Mar 2017 | VULN067 | Cisco : Cisco Mobility Express 1800 Access Point Series Authentication Bypass Vulnerability | Cisco Mobility Express 1800 software.
|
15 Mar 2017 | VULN066 | Cisco : Cisco StarOS SSH Privilege Escalation Vulnerability | Cisco StarOS.
|
15 Mar 2017 | VULN065 | (Microsoft : Critical Security Update for Windows SMB Server (4013389)) | Windows versions Vista, 7, 8, Server 2008, 8.1,
|
15 Mar 2017 | VULN064 | (Microsoft : Critical Security Update for Windows Hyper-V (4013082)) | Windows versions Vista, 7, 8, Server 2008, 8.1,
|
15 Mar 2017 | VULN063 | (Microsoft : Critical Security Update for Windows SMB Server (4013389)) | Windows versions Vista, 7, 8, Server 2008, 8.1,
|
15 Mar 2017 | VULN062 | Microsoft : Critical Security Update for Microsoft Edge | Windows versions 10, Server 2016 running Edge.
|
15 Mar 2017 | VULN061 | Microsoft : Critical Cumulative Security Update for Internet Explorer | Systems running Internet Explorer versions 11, 10,
|
15 Mar 2017 | VULN060 | Apache Tomcat : CVE-2016-8747 Apache Tomcat Information Disclosure | Systems running Apache Tomcat versions prior
|
15 Mar 2017 | VULN057 | Xen : Cirrus VGA Heap overflow via display refresh | Systems running Xen.
|
15 Mar 2017 | VULN059 | Adobe : Security updates available for Adobe Flash Player | Systems running Adobe Flash Player versions prior
|
15 Mar 2017 | VULN058 | Adobe : Security update available for Adobe Shockwave Player | Systems running Adobe Shockwave Player versions
|
14 Mar 2017 | VULN056 | VMware : VMware Workstation and Fusion updates address out-of-bounds memory access vulnerability | Systems running VMware Workstation Pro,
|
14 Mar 2017 | VULN055 | VMware : VMware product updates resolve remote code execution vulnerability via Apache Struts 2 | Systems running Horizon DaaS, vCenter Server,
|
10 Mar 2017 | VULN054 | VMware : VMware Workstation update addresses multiple security issues | Systems running VMware Workstation versions 12.x
|
10 Mar 2017 | VULN053 | Drupal : Services - Highly Critical - Arbitrary Code Execution | Systems running Drupal versions 7.x prior to
|
10 Mar 2017 | VULN052 | SPIP : Mise à jour de sécurité : sortie de SPIP 3.1.4, SPIP 3.0.25 et SPIP 2.1.30 | Systems running SPIP versions prior to 3.1.4,
|
10 Mar 2017 | STAT10 | |
|
9 Mar 2017 | VULN051 | Apache Struts : Possible Remote Code Execution when performing file upload | Systems running Apache Struts versions 2 prior to
|
7 Mar 2017 | VULN050 | WordPress : WordPress 4.7.3 Security and Maintenance Release | Systems running WordPress versions prior to 4.7.3.
|
7 Mar 2017 | VULN049 | TYPO3 : Authentication Bypass and XSS fixed in TYPO3 | Systems running TYPO3 CMS versions 8, 7 prior to
|
7 Mar 2017 | VULN048 | US-CERT : dotCMS contains multiple vulnerabilities | Systems running dotCMS.
|
7 Mar 2017 | VULN047 | VMware : Horizon DaaS update addresses an insecure data validation issue | Systems running VMware Horizon DaaS versions 6.1.x.
|
3 Mar 2017 | STAT09 | |
|
24 Feb 2017 | STAT08 | |
|
23 Feb 2017 | VULN046 | Microsoft : Critical Security Update for Adobe Flash Player | Windows running Adobe Flash Player.
|
22 Feb 2017 | VULN045 | Xen : cirrus_bitblt_cputovideo does not check if memory region is safe | Systems running Xen.
|
22 Feb 2017 | VULN044 | curl : SSL_VERIFYSTATUS ignored | Systems running curl versions 7.52.x.
|
15 Feb 2017 | VULN040 | Adobe : Security update available for Adobe Campaign | Systems running Adobe Campaign versions 6.11 prior
|
17 Feb 2017 | STAT07 | |
|
17 Feb 2017 | VULN042 | OpenSSL : OpenSSL Security Advisory [16 Feb 2017] | Systems running openssl versions 1.1.0 prior to
|
15 Feb 2017 | VULN041 | Cisco : Cisco UCS Director Privilege Escalation Vulnerability | Systems running Cisco UCS Director.
|
15 Feb 2017 | VULN039 | Adobe : Security update available for Adobe Digital Editions | Systems running Adobe Digital Editions versions
|
15 Feb 2017 | VULN038 | Adobe : Security updates available for Adobe Flash Player | Systems running Adobe Flash Player versions
|
15 Feb 2017 | VULN037 | Fortiguard : FortiManager TLS certificate validation failure | Systems running FortiManager versions prior to
|
15 Feb 2017 | VULN036 | Cisco : Cisco Smart Install Protocol Misuse | Systems running Cisco Smart Install.
|
13 Feb 2017 | VULN035 | Xen : oob access in cirrus bitblt copy | Systems running Xen.
|
10 Feb 2017 | VULN034 | PostfixAdmin : PostfixAdmin 3.0.2 SECURITY FIX | Systems running PostfixAdmin versions 3, 2.9 prior
|
10 Feb 2017 | STAT06 | |
|
9 Feb 2017 | VULN033 | Bind : CVE-2017-3135 Combination of DNS64 and RPZ Can Lead to Crash | Systems running Bind versions 9 prior to 9.9.9-P6,
|
8 Feb 2017 | VULN032 | Citrix : Vulnerability in Citrix NetScaler Application Delivery Controller and NetScaler Gateway GCM nonce generation | Systems running Citrix NetScaler ADC, Citrix
|
8 Feb 2017 | VULN031 | Cisco : Cisco ASA Clientless SSL VPN CIFS Heap Overflow Vulnerability | Systems running Cisco ASA Clientless SSL VPN.
|
8 Feb 2017 | VULN030 | Cisco : Cisco AnyConnect Secure Mobility Client for Windows SBL Privileges Escalation Vulnerability | Systems running Cisco AnyConnect Secure Mobility
|
8 Feb 2017 | VULN029 | Google Android : Android Security Bulletin―February 2017 | Android.
|
3 Feb 2017 | STAT05 | |
|
3 Feb 2017 | VULN028 | US-CERT : Microsoft Windows SMB Tree Connect Response memory corruption vulnerability | Microsoft Windows.
|
2 Feb 2017 | VULN027 | Jenkins : Jenkins Security Advisory 2017-02-01 Multiple Vulnerabilities fixed in Jenkins | Systems running Jenkins versions prior to 2.44,
|
2 Feb 2017 | VULN026 | Cisco : Cisco Prime Home Authentication Bypass Vulnerability | Systems running Cisco Prime Home.
|
27 Jan 2017 | STAT04 | |
|
27 Jan 2017 | VULN025 | Google Chrome : Google Chrome 56.0.2924.76 fix multiple vulnerabilities | Systems running Chrome versions prior to
|
26 Jan 2017 | VULN024 | Cisco : Cisco TelePresence Multipoint Control Unit Remote Code Execution Vulnerability | Cisco TelePresence Multipoint Control Unit
|
26 Jan 2017 | VULN023 | Cisco : Cisco Expressway Series and TelePresence VCS Denial of Service Vulnerability | Cisco Expressway Series software,
|
26 Jan 2017 | VULN022 | Cisco Security Advisory: Cisco Adaptive Security Appliance CX Context-Aware Security Denial of Service Vulnerability | Cisco Adaptive Security Appliance CX Context-Aware
|
25 Jan 2017 | VULN021 | Wireshark : ASTERIX and DHCPv6 loops | Systems running Wireshark versions 2 prior to
|
25 Jan 2017 | VULN020 | Mozilla : Multiple Security vulnerabilities fixed in Firefox 51 and ESR 45.7 | Systems running Firefox versions prior to 51,
|
25 Jan 2017 | VULN019 | Cisco : Cisco WebEx Browser Extension Remote Code Execution Vulnerability | Systems running Cisco WebEx Browser Extension.
|
24 Jan 2017 | VULN018 | Phpmyadmin : PMASA-2017-1 Open redirect | Systems running phpmyadmin versions 4.6.x, 4.4.x,
|
20 Jan 2017 | STAT03 | |
|
18 Jan 2017 | VULN017 | Citrix : Citrix Provisioning Services Multiple Security Updates | Systems running Citrix Provisioning Services
|
18 Jan 2017 | VULN016 | Plone : Hotfix to patch XSS and sandbox escape vulnerability | Systems running Plone prior to 4.3.12, 5.0.7.
|
18 Jan 2017 | VULN015 | Oracle : January 2017 Critical Patch Update Released | Systems running Oracle Database Server,
|
17 Jan 2017 | VULN014 | Drupal : Vulnerabilities fixed in Mailjet, OpenLucius, Autocomplete Deluxe | Systems running Mailjet versions 7.x prior to
|
17 Jan 2017 | VULN013 | Apache : Apache HTTP Server 2.2.32 security and bug fix maintenance release | Systems running Apache HTTP Server versions prior
|
17 Jan 2017 | VULN012 | Moodle : Multiple vulnerabilities fixed in Moodle | Systems running Moodle versions prior to 3.2.1,
|
16 Jan 2017 | VULN011 | GNUTLS : Memory corruption vulnerabilities fixed in GNUTLS | Systems running GNUTLS versions prior to 3.3.26,
|
16 Jan 2017 | VULN010 | TYPO3-CORE : Remote Code Execution in third party library swiftmailer | Systems running swiftmailer for TYPO3 CMS versions
|
16 Jan 2017 | VULN009 | ikiwiki : Authentication bypass via repeated parameters | Systems running ikiwiki versions prior to
|
13 Jan 2017 | STAT02 | |
|
13 Jan 2017 | VULN008 | Computer Associates : Security Notice for CA Service Desk Manager | Systems running CA Service Desk Manager versions
|
13 Jan 2017 | VULN007 | Foxit : Security updates available for Foxit Reader, Foxit PhantomPDF, Foxit PDF Toolkit | Windows, Linux running Foxit Reader,
|
13 Jan 2017 | VULN006 | WordPress : WordPress 4.7.1 Security and Maintenance Release | Systems running WordPress versions prior to 4.7.1.
|
12 Jan 2017 | VULN005 | BIND : A malformed response to an ANY query can cause an assertion failure during recursion | Systems running BIND versions 9 prior to 9.9.9-P5,
|
11 Jan 2017 | VULN004 | (Microsoft :Security Update for Local Security Authority Subsystem Service (3216771)) | Windows Vista, Windows Server 2008, Windows 7,
|
11 Jan 2017 | VULN003 | (Microsoft : Security Update for Adobe Flash Player (3214628)) | Windows running Adobe Flash Player
|
11 Jan 2017 | VULN002 | (Microsoft : Security Update for Microsoft Office (3214291)) | Microsoft Office 2016, Microsoft SharePoint
|
11 Jan 2017 | VULN001 | (Microsoft : Security Update for Microsoft Edge (3214288)) | Windows versions 10, Server 2016
|
6 Jan 2017 | STAT01 | |
|
|