Advisories

Bug Title View CVE Vendor/Software Date Released
Reflected Cross Site Scripting html CVE-2017-5599 eClinicalWorks Patient Portal 7.0 build 13 Jan 2017
SQL Injection html CVE-2017-5598 eClinicalWorks healow@work 8.0 build 8 Jan 2017
SQL Injection html CVE-2017-5570 eClinicalWorks Patient Portal 7.0 build 13 Jan 2017
SQL Injection html CVE-2017-5569 eClinicalWorks Patient Portal 7.0 build 13 Jan 2017
UXSS html CVE-2016-8011 McAfee Endpoint Security 10.2 and SiteAdvisor Enterprise 3.5 Dec 2016
Unauthenticated Remote Code Execution html CVE-2016-9796 Alcatel Lucent Omnivista 8770 2.0, 2.6, 3.0 and 3.1 Dec 2016
Privilege Escalation html CVE-2016-2246 HP ThinPro 4.4, 5.0, 5.1, 5.2, 5.2.1, 6.0, 6.1 Oct 2016
PDF Library Information Disclosure html CVE-2016-3374 Microsoft Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 2012 R2, and Windows 10 Oct 2016
Predictable Session html CVE-2015-3326 TrendMicro SMEX 10 SP2 May 2016
ReDoS html CVE-2015-2526 .NET Framework 4.5, 4.5.1, 4.5.2 and 4.6 September 2015
External JAR Injection html CVE-2015-2630 Oracle e-Business Suite 11.5.10.2, 12.0.6, 12.1.3 July 2015
Multiple Vulnerabilities html CVE-2015-2159 / CVE-2015-2160 / CVE-2015-2161 / CVE-2015-2162 / CVE-2015-2163 / CVE-2015-2164 / CVE-2015-2240 FootPrints Service Core 11.0, 11.1, 11.6, 11.5 May 2015
Root shell access - Kiosk Bypass html n/a HP Thin Pro OS - T6X44017 Apr 2015
Remote Code Execution and multiple vulnerabilities html CVE-2014-5287/5288 Kemp Load Master (load balancer) v.7.1-16 Apr 2015
WAF Bypass html n/a Barracuda Web Application Firewall Oct 2013
Multiple Reflected XSS html, html CVE-2013-5222 ESRI - ArcGIS for Server 10.1, 10.2 Sep 2013
Unrestricted File Upload html CVE-2013-5221 ESRI - ArcGIS for Server 10.1, 10.2 Sep 2013
Cross Context Scripting (XCS) - about:history - Remote Code Execution html TBA Maxthon Dec 2012
Cross Context Scripting (XCS) - RSS - Remote Code Execution html TBA Maxthon Dec 2012
Privileged API Available On i.maxthon.com html TBA Maxthon Dec 2012
Cross Context Scripting (XCS) - Bookmark Toolbar and Bookmark Sidebar html TBA Maxthon Dec 2012
Incorrect Executable File Handling and Same Origin Policy Implementation html TBA Maxthon Dec 2012
Same of Origin Policy Bypass - browser:home html TBA Avant Browser Dec 2012
Cross Context Scripting - browser:home - Most Visited And History Tabs html TBA Avant Browser Dec 2012
Avant Browser - Stored Cross Site Scripting - Feed Reader (browser://localhost/lst?*) html TBA Avant Browser Dec 2012
CSRF html 2012-0550 Oracle GlassFish Server Apr 2012
Multiple Cross Site Scripting html 2012-0551 Oracle GlassFish Server Apr 2012
Use After Free html 2011-4152 Opera Oct 2011
DOM Cross Site Scripting html . pdf 2011-2133 Adobe RoboHelp 9 Aug 2011
ParanoidFragmentSink allows javascript: URLs in chrome documents pdf (section 2.8) 2010-1585 Mozilla Firefox / Thunderbird Mar 2011
Session Fixation html . pdf 2010-4437 Oracle WebLogic Server Mar 2011
Multiple Cross Site Scripting Vulnerabilities html . pdf 2010-2406 Oracle eBusiness Application Oct 2010
HTTP Response Splitting html . pdf 2010-3514 Oracle Sun Java System Web Server Oct 2010
SOP Bypass html . pdf 2010-3573 Oracle JRE java.net.URLConnection Oct 2010
XML Entity and XML Injections html . pdf 2009-3960 Multiple Adobe Products Feb 2010
Chrome Privilege Code Execution html . pdf Update Scanner Aug 2009
Chrome Privilege Code Execution html . pdf Coolpreviews Aug 2009
Stored Cross Site Scripting html . pdf 2008-4725 Opera Oct 2008
Stored Cross Site Scripting html . pdf Google Analytics Oct 2008
Local File Disclosure html . pdf 2008-2045 SugarCRM Apr 2008
Reflected Cross Site Scripting html DotNetNuke Aug 2006

No comments: