Bug Title | CVE/Ref | Vendor/Software | Date |
Multiple Unauthenticated Stored Cross Site Scripting | CVE-2019-3769 / CVE-2019-3770 | Dell Wyse Management | Nov 2019 |
Sensitive Data Retrieval Possible Without Authentication | CVE-2019-2761 | Oracle e-Business Suite | Oct 2019 |
Unauthenticated Stored XSS | CVE-2019-3591 | McAfee ePolicy Orchestrator 11.2.x or earlier | Jul 2019 |
Multiple vulnerabilities (XSS, SSRF) | n/a | Microsoft PowerBI Report Server version 15 | Apr 2019 |
Multiple vulnerabilities (SQLi, LFI, XSS) | 612518, 612524, 612523, 612522 | Lansweeper 6.0.130.62, Lspush 6.0.100.32 | Feb 2018 |
SQL Injection Information Disclosure | ZDI-CAN-4409 | Trend Micro SafeSync for Enterprise | Mar 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4642/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4643/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4644/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4645/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4646/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4647/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4648/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4649/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4650/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4651/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4652/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4653/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4654/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4656/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4657/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4658/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4659/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4660/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4661/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4662/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4663/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4664/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4665/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4666/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4667/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4668/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4670/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4672/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4676/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4678/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4680/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4682/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4685/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4686/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4687/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4688/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4690/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4691/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4692/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4693/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
Unrestricted File Upload Remote Code Execution | ZDI-CAN-4780/CVE-2017-14079 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4781/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4782/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4783/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
Unrestricted File Upload Remote Code Execution | ZDI-CAN-4784/CVE-2017-14079 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
Unrestricted File Upload Remote Code Execution | ZDI-CAN-4785/CVE-2017-14079 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4786/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4786/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4788/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4790/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4791/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4792/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4793/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4794/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4796/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4797/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4801/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4803/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4804/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
Unrestricted File Upload Remote Code Execution | ZDI-CAN-4805/CVE-2017-14079 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4806/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4679/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
SQL Injection Remote Code Execution | ZDI-CAN-4683/CVE-2017-14078 | Trend Micro Mobile Security for Enterprise | Sep 2017 |
Remote Agent Configuration Settings Information Disclosure | ZDI-CAN-4283 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
dlpCrawlerServerInvoker Deserialization of Untrusted Data | ZDI-CAN-4284 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listLogDatas SQL Injection | ZDI-CAN-4141 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listEndPointDocScanResultLIs SQL Injection | ZDI-CAN-4142 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listReportDatas SQL Injection | ZDI-CAN-4143 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listRoleDatas SQL Injection | ZDI-CAN-4144 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
getSourceAcquisitionHistory SQL Injection | ZDI-CAN-4145 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listFingerprints SQL Injection | ZDI-CAN-4131 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listReportDefs SQL Injection | ZDI-CAN-4133 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listEndpoints SQL Injection | ZDI-CAN-4134 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listEntities SQL Injection | ZDI-CAN-4136 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
listKeywords SQL Injection | ZDI-CAN-4137 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
fileAttribList SQL Injection | ZDI-CAN-4146 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
importComplianceTemplate XXE Processing File Disclosure | ZDI-CAN-4138 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
dataManagementList Remote File Delete DoS | ZDI-CAN-4120 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
exportdatatojsp Directory Trevrsal File Disclosure | ZDI-CAN-4119 | Trend Micro Data Loss Prevention Management Server <= 5.6 | Apr 2017 |
Session Generation Authentication Bypass | CVE-2016-8584 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
Directory Traversal Authentication Bypass | CVE-2016-7552 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
Command Injection Remote Code Execution | CVE-2016-8586 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
Information Disclosure | CVE-2016-7547 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
Command Injection Remote Code Execution | CVE-2016-8585 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
dlp_policy_upload.cgi Remote Code Execution | CVE-2016-8587 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
hotfix_upload.cgi Command Injection Remote Code Execution | CVE-2016-8588 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
log_query_dlp.cgi Command Injection Remote Code Execution | CVE-2016-8589 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
log_query_dae.cgi Command Injection Remote Code Execution | CVE-2016-8590 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
log_query.cgi Command Injection Remote Code Execution | CVE-2016-8591 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
log_query_system.cgi Command Injection Remote Code Execution | CVE-2016-8592 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
upload.cgi Remote Code Execution Vulnerability | CVE-2016-8593 | Trend Micro Threat Discovery Appliance <= 2.6.1062r1 | Apr 2017 |
Reflected Cross Site Scripting | CVE-2017-5599 | eClinicalWorks Patient Portal 7.0 build 13 | Jan 2017 |
SQL Injection | CVE-2017-5598 | eClinicalWorks healow@work 8.0 build 8 | Jan 2017 |
SQL Injection | CVE-2017-5570 | eClinicalWorks Patient Portal 7.0 build 13 | Jan 2017 |
SQL Injection | CVE-2017-5569 | eClinicalWorks Patient Portal 7.0 build 13 | Jan 2017 |
UXSS | CVE-2016-8011 | McAfee Endpoint Security 10.2 and SiteAdvisor Enterprise 3.5 | Dec 2016 |
Unauthenticated Remote Code Execution | CVE-2016-9796 | Alcatel Lucent Omnivista 8770 2.0, 2.6, 3.0 and 3.1 | Dec 2016 |
Privilege Escalation | CVE-2016-2246 | HP ThinPro 4.4, 5.0, 5.1, 5.2, 5.2.1, 6.0, 6.1 | Oct 2016 |
PDF Library Information Disclosure | CVE-2016-3374 | Microsoft Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2, and Windows 10 | Oct 2016 |
Predictable Session | CVE-2015-3326 | Trend Micro SMEX 10 SP2 | May 2016 |
ReDoS | CVE-2015-2526 | Microsoft .NET Framework 4.5, 4.5.1, 4.5.2 and 4.6 | September 2015 |
External JAR Injection | CVE-2015-2630 | Oracle e-Business Suite 11.5.10.2, 12.0.6, 12.1.3 | July 2015 |
Multiple Vulnerabilities | CVE-2015-2159 / CVE-2015-2160 / CVE-2015-2161 / CVE-2015-2162 / CVE-2015-2163 / CVE-2015-2164 / CVE-2015-2240 | FootPrints Service Core 11.0, 11.1, 11.6, 11.5 | May 2015 |
Root shell access - Kiosk Bypass | n/a | HP Thin Pro OS - T6X44017 | Apr 2015 |
Remote Code Execution and multiple vulnerabilities | CVE-2014-5287/5288 | Kemp Load Master (load balancer) v.7.1-16 | Apr 2015 |
Multiple vulnerabilities | CVE-2014-0844, CVE-2014-0845 and CVE-2014-0846 | IBM Rational Doors Next Generation, Composer and Requirements | Feb 2014 |
Reflected Cross Site Scripting | CVE-2013-6956 | Juniper - Junos Pulse Secure Access Service - SA700, SA2000, SA2500, SA4000, FIPS SA4000, SA4500, FIPS SA4500, SA6000, FIPS SA6000, SA6500, FIPS SA6500, MAG2600, MAG4610, MAG6610, and MAG6611 | Apr 2014 |
Multiple vulnerabilities | CVE-2014-0844, CVE-2014-0845 and CVE-2014-0846 | IBM Rational Doors Next Generation, Composer and Requirements | Feb 2014 |
WAF Bypass | n/a | Barracuda Web Application Firewall | Oct 2013 |
Multiple Reflected XSS, 2 | ESRI - ArcGIS for Server 10.1, 10.2 | Sep 2013 | |
Unrestricted File Upload | CVE-2013-5221 | ESRI - ArcGIS for Server 10.1, 10.2 | Sep 2013 |
Cross Context Scripting (XCS) - about:history - Remote Code Execution | TBA | Maxthon | Dec 2012 |
Cross Context Scripting (XCS) - RSS - Remote Code Execution | TBA | Maxthon | Dec 2012 |
Privileged API Available On i.maxthon.com | TBA | Maxthon | Dec 2012 |
Cross Context Scripting (XCS) - Bookmark Toolbar and Bookmark Sidebar | TBA | Maxthon | Dec 2012 |
Incorrect Executable File Handling and Same Origin Policy Implementation | TBA | Maxthon | Dec 2012 |
Same of Origin Policy Bypass - browser:home | TBA | Avant Browser | Dec 2012 |
Cross Context Scripting - browser:home - Most Visited And History Tabs | TBA | Avant Browser | Dec 2012 |
Avant Browser - Stored Cross Site Scripting - Feed Reader (browser://localhost/lst?*) | TBA | Avant Browser | Dec 2012 |
CSRF | 2012-0550 | Oracle GlassFish Server | Apr 2012 |
Multiple Cross Site Scripting | 2012-0551 | Oracle GlassFish Server | Apr 2012 |
Use After Free | 2011-4152 | Opera | Oct 2011 |
DOM Cross Site Scripting | 2011-2133 | Adobe RoboHelp 9 | Aug 2011 |
ParanoidFragmentSink allows javascript: URLs in chrome documents | 2010-1585 | Mozilla Firefox / Thunderbird | Mar 2011 |
Session Fixation | 2010-4437 | Oracle WebLogic Server | Mar 2011 |
Multiple Cross Site Scripting Vulnerabilities | 2010-2406 | Oracle eBusiness Application | Oct 2010 |
HTTP Response Splitting | 2010-3514 | Oracle Sun Java System Web Server | Oct 2010 |
SOP Bypass | 2010-3573 | Oracle JRE java.net.URLConnection | Oct 2010 |
XML Entity and XML Injections | 2009-3960 | Multiple Adobe Products | Feb 2010 |
Chrome Privilege Code Execution | Update Scanner | Aug 2009 | |
Chrome Privilege Code Execution | Coolpreviews | Aug 2009 | |
Stored Cross Site Scripting | 2008-4725 | Opera | Oct 2008 |
Stored Cross Site Scripting | Google Analytics | Oct 2008 | |
Local File Disclosure | 2008-2045 | SugarCRM | Apr 2008 |
Reflected Cross Site Scripting | DotNetNuke | Aug 2006 |
It's time for another advisory ( CVE-2015-3326 ), a simple one, for a vulnerability which can be found quickly and trivially. For those of you who just want to give a glance at the post, I suggest to directly watch the picture which says it all! The following vulnerability was discovered on TrendMicro SMEX (ScanMail for Microsoft Exchange) 10 SP2 but it affects other versions as well. While surfing the SMEX web administrative interface using a web proxy, I have noticed something in the HTTP request - the session token itself and its format, a number. After observing a significant number of logins, the session token was always represented with an number composed of minimum 4 digits and maximum 5 digits, as shown in the screen shot below: Although the observed session tokens were never generated sequentially, the lack of a cryptographically strong PRNG for the session identifier, allows a malicious user to trivially guess the token. This attack can be easily ...
Comments