scip AG

VulDB: Products

Operating Systems

Microsoft Windows (639 Total)

14.05.2013 Microsoft Windows XP win32k.sys privilege escalation
14.05.2013 Microsoft Windows 7 win32k.sys buffer overflow
14.05.2013 Microsoft Windows 7/8/Server 2008/Server 2012 DirectX Graphics Kernel Subsystem privilege escalation
14.05.2013 Microsoft Windows Essentials Windows Writer information disclosure
14.05.2013 Microsoft Windows HTTP.sys denial of service
09.04.2013 Microsoft Windows ntfs.sys denial of service
09.04.2013 Microsoft Windows win32k.sys race condition
09.04.2013 Microsoft Windows win32k.sys denial of service
09.04.2013 Microsoft Windows win32k.sys race condition
09.04.2013 Microsoft Windows Defender Registry Path Value misconfiguration

Sun Solaris (243 Total)

16.04.2013 Oracle Solaris Network Configuration unknown vulnerability [CVE-2013-1499]
16.04.2013 Oracle Solaris Utility unknown vulnerability [CVE-2013-0403]
16.04.2013 Oracle Solaris Utility/fdformat unknown vulnerability [CVE-2012-0568]
16.04.2013 Oracle Solaris Libraries/Libc unknown vulnerability [CVE-2012-0570]
16.04.2013 Oracle Solaris Utility/pax unknown vulnerability [CVE-2013-0412]
16.04.2013 Oracle Solaris Kernel/Boot unknown vulnerability [CVE-2013-0404]
16.04.2013 Oracle Solaris Kernel unknown vulnerability [CVE-2013-1530]
16.04.2013 Oracle Solaris Kernel/IPsec unknown vulnerability [CVE-2013-0406]
16.04.2013 Oracle Solaris Remote Execution Service unknown vulnerability
16.04.2013 Oracle Solaris CPU Performance Counters Drivers unknown vulnerability

Linux (378 Total)

25.04.2013 Linux Kernel QEMU Addresse Validator privilege escalation [CVE-2013-2016]
20.04.2013 Linux Kernel include/net/scm.h scm_set_cred unknown vulnerability
18.04.2013 Linux Xen Grant Table Hypercall denial of service [CVE-2013-1964]
18.04.2013 Linux Xen EFLAGS Register SYSENTER denial of service
18.04.2013 Linux Xen Access Control Handler denial of service [CVE-2013-1919]
14.04.2013 Linux Kernel file_ns_capable() privilege escalation
12.04.2013 Linux Kernel kernel/events/core.c perf_swevent_init privilege escalation
12.04.2013 Linux Kernel CAP_SYS_ADMIN set_ftrace_pid/set_graph_function denial of service
12.04.2013 Linux Kernel Function/Stack Tracer set_ftrace_pid/set_graph_function denial of service
07.04.2013 Linux Kernel Crypto Handler crypto/algif_hash.c hash_recvmsg information disclosure

Apple MacOS X (151 Total)

14.03.2013 Apple Mac OS X Software Update spoofing [CVE-2013-0973]
14.03.2013 Apple Mac OS X PDFKit buffer overflow [CVE-2013-0971]
14.03.2013 Apple Mac OS X Messages FaceTime:// misconfiguration
14.03.2013 Apple Mac OS X VoiceOver spoofing [CVE-2013-0969]
14.03.2013 Apple Mac OS X IOAcceleratorFamily buffer overflow [CVE-2013-0976]
14.03.2013 Apple Mac OS X Java Web Start misconfiguration [CVE-2013-0967]
14.03.2013 Apple Mac OS X Unicode Character URI Handler weak authentication
12.03.2013 Microsoft Office for Mac 2011 HTML5 Mail Message Parser information disclosure
01.02.2013 Apple Mac OS X NSSpellCheckerCheckString denial of service
26.11.2012 Apple Mac OS X GPU Driver unknown vulnerability [CVE-2012-5131]

Cisco IOS (60 Total)

29.09.2011 Cisco IOS IP Service Level Agreement Handler denial of service
29.09.2011 Cisco IOS Smart Install unknown vulnerability [CVE-2011-3271]
23.08.2011 Cisco IOS SSH2 Session Handler denial of service [CVE-2011-1624]
13.08.2010 Cisco IOS TCP Connection Handler denial of service [CVE-2010-2827]
25.03.2010 Cisco IOS TCP Options Handler denial of service [CVE-2010-0577]
25.03.2010 Cisco IOS H.323 denial of service [CVE-2010-0582]
25.03.2010 Cisco IOS SIP Handler buffer overflow [CVE-2010-0579]
25.03.2010 Cisco IOS Label Distribution Protocol denial of service [CVE-2010-0576]
25.03.2010 Cisco IOS NAT SCCP Fragmentation Handler denial of service [CVE-2010-0584]
25.03.2010 Cisco IOS IKE Packet Handler denial of service [CVE-2010-0578]

Web Server

Apache Webserver (107 Total)

13.05.2013 Apache HTTP Server Log File Terminal Escape Sequence Filtering modules/mappers/mod_rewrite.c do_rewritelog() privilege escalation
10.05.2013 Apache Tomcat AsyncListener information disclosure [CVE-2013-2071]
10.05.2013 Apache Tomcat Chunked Transfer Encoding Extension Size denial of service
10.05.2013 Apache Tomcat FORM Authentication Handler weak authentication
10.04.2013 Apache Tomcat Session Transaction Handler weak authentication
05.03.2013 Apache Subversion mod_dav_svn()/svn_fs_file_length() denial of service
04.03.2013 Apache HTTP Server apachectl privilege escalation
22.02.2013 Apache Tomcat Log Directory Permissions information disclosure
08.02.2013 Apache CXF WSS4JInterceptor weak authentication [CVE-2012-5633]
08.02.2013 Apache CXF Token Handler weak authentication [CVE-2013-0239]

Microsoft IIS (30 Total)

13.11.2012 Microsoft IIS FTP Command information disclosure [CVE-2012-2532]
13.11.2012 Microsoft IIS Log File Permission information disclosure [CVE-2012-2531]
30.06.2012 Microsoft IIS File Name Tilde Handler privilege escalation
22.12.2010 Microsoft IIS FTP Server denial of service [CVE-2010-3972]
14.09.2010 Microsoft IIS denial of service [CVE-2010-1899]
14.09.2010 Microsoft IIS FastCGI buffer overflow [CVE-2010-2730]
24.12.2009 Microsoft IIS ASP Handler Umgehungs-Angriff [CVE-2009-4444]
04.09.2009 Microsoft IIS FTP Server denial of service [CVE-2009-2521]
31.08.2009 Microsoft Internet Explorer FTP Server buffer overflow
11.07.2006 Microsoft IIS ASP Code Handler buffer overflow [CVE-2006-0026]

Mail Server

Sendmail (8 Total)

26.06.2012 IBM Sendmail $HOME/.forward privilege escalation
24.04.2007 HP HP-UX Sendmail denial of service [CVE-2007-2246]
28.08.2006 Sendmail Mail Header Handler denial of service [CVE-2006-4434]
15.06.2006 Sendmail MIME Message Handler mime8to7() denial of service
23.03.2006 Sendmail Email Receiver buffer overflow [CVE-2006-0058]
14.12.2004 Sun Solaris Sendmail buffer overflow
17.09.2003 Sendmail prescan() buffer overflow
29.03.2003 Sendmail buffer overflow [CVE-2003-0161]

Microsoft Exchange (26 Total)

12.02.2013 Microsoft Exchange Server Outlook Web Access privilege escalation
11.12.2012 Microsoft Exchange Server RSS Feed Handler denial of service
14.12.2010 Microsoft Exchange RPC store.exe denial of service
08.07.2008 Microsoft Exchange Outlook Web Access cross site scripting [CVE-2008-2247]
13.06.2006 Microsoft Exchange Outlook Web Access cross site scripting [CVE-2006-1193]
01.06.2006 F-Secure Internet Gatekeeper bis 6.60 Web-Konsole Authentisierung Pufferüberlauf
01.06.2006 F-Secure Anti-Virus for Microsoft Exchange bis 6.40 Web-Konsole Authentisierung Pufferüberlauf
09.05.2006 Microsoft Exchange Server Calender Collaboration Data Object Handler Designfehler
10.01.2006 Microsoft Exchange Server Email buffer overflow
02.11.2005 F-Secure Anti-Virus for Microsoft Exchange bis 6.40 Web-Konsole Directory Traversal

ALT-N Mdaemon (22 Total)

20.02.2013 ALT-N Technologies Mdaemon Free-Busy Schedule FBData.vfb information disclosure
20.02.2013 ALT-N Technologies Mdaemon Input Validation Handler cross site scripting
20.02.2013 ALT-N Technologies Mdaemon WorldClient.dll weak authentication
20.02.2013 ALT-N Mdaemon WorldClient.dll Cross Site Request Forgery
20.02.2013 ALT-N Mdaemon HTTP Requests Sanitizer WorldClient.dll information disclosure
20.02.2013 ALT-N Mdaemon User Account Import Facility privilege escalation
15.01.2013 ALT-N Technologies Mdaemon Header Parser Strip X-Headers denial of service
24.10.2012 ALT-N Mdaemon IMAP Server STARTTLS Cross Site Request Forgery
08.08.2012 ALT-N MDaemon Email Handler cross site scripting [CVE-2012-2584]
16.11.2006 Alt-N MDaemon Fehlerhafte Schreibrechte [CVE-2006-5968]

Qmail (4 Total)

31.05.2005 Qmail commands.c commands() buffer overflow
05.04.2004 Qmail Non-Delivery Notification Handler denial of service
15.01.2004 Qmail SMTP Session Handler buffer overflow
15.07.2003 Qmail AUTH Configuration Handler Konfigurationsfehler

Data Bases

Oracle MySQL (138 Total)

16.04.2013 Oracle MySQL Server Server Partition unknown vulnerability [CVE-2013-1502]
16.04.2013 Oracle MySQL Server Server Locking unknown vulnerability [CVE-2013-1506]
16.04.2013 Oracle MySQL Server Server Install unknown vulnerability [CVE-2013-2391]
16.04.2013 Oracle MySQL Server Server Types unknown vulnerability [CVE-2013-1548]
16.04.2013 Oracle MySQL Server Server Privileges unknown vulnerability [CVE-2013-2381]
16.04.2013 Oracle MySQL Server InnoDB unknown vulnerability [CVE-2013-1566]
16.04.2013 Oracle MySQL Server InnoDB unknown vulnerability [CVE-2013-1511]
16.04.2013 Oracle MySQL Server Data Manipulation Language unknown vulnerability
16.04.2013 Oracle MySQL Server Stored Procedure unknown vulnerability [CVE-2013-2376]
16.04.2013 Oracle MySQL Server Server XML unknown vulnerability [CVE-2012-5614]

Web Browser

Microsoft Internet Explorer (340 Total)

14.05.2013 Microsoft Internet Explorer buffer overflow [CVE-2013-2551]
14.05.2013 Microsoft Internet Explorer buffer overflow [CVE-2013-1313]
14.05.2013 Microsoft Internet Explorer buffer overflow [CVE-2013-1312]
14.05.2013 Microsoft Internet Explorer buffer overflow [CVE-2013-1311]
14.05.2013 Microsoft Internet Explorer buffer overflow [CVE-2013-1310]
14.05.2013 Microsoft Internet Explorer buffer overflow [CVE-2013-1309]
14.05.2013 Microsoft Internet Explorer buffer overflow [CVE-2013-1308]
14.05.2013 Microsoft Internet Explorer buffer overflow [CVE-2013-1307]
14.05.2013 Microsoft Internet Explorer buffer overflow [CVE-2013-1306]
14.05.2013 Microsoft Internet Explorer buffer overflow [CVE-2013-0811]

Mozilla Firefox (473 Total)

14.05.2013 Mozilla Firefox/Thunderbird nsContentUtils::RemoveScriptBlocker buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird nsFrameList::FirstChild buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird mozilla::plugins::child::_geturlnotify buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird _cairo_xlib_surface_add_glyph() buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird SelectionIterator::GetNextSegment buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird User Input Sanitizer _cairo_xlib_surface_add_glyph() buffer overflow
14.05.2013 Mozilla Firefox User Input Sanitizer _cairo_xlib_surface_add_glyph() buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird Chrome Object Wrappers _cairo_xlib_surface_add_glyph() cross site scripting
14.05.2013 Mozilla Firefox input information disclosure
14.05.2013 Mozilla Firefox/Thunderbird _cairo_xlib_surface_add_glyph() privilege escalation

Google Chrome (353 Total)

24.04.2013 Google Chrome unknown vulnerability
15.04.2013 Google Chrome OS core/cross/buffer.cc Buffer::Set’ information disclosure
15.04.2013 Google Chrome OS O3D Plugin o3d/core/cross/element.cc Element Destructor buffer overflow
15.04.2013 Google Chrome OS O3D Plug-in o3d/ppapi_plugin/cross/whitelist.cc misconfiguration
15.04.2013 Google Chrome OS Google Talk Plugin weak authentication [CVE-2013-2834]
08.04.2013 Google Chrome OS .pangorc pango-utils.c misconfiguration
26.03.2013 Google Chrome content/renderer/render_view_impl.cc RenderViewImpl::decidePolicyForNavigation() unknown vulnerability
26.03.2013 Google Chrome extensions/api/bookmarks/bookmarks_api.cc BookmarksIOFunction::ShowSelectFileDialog() buffer overflow
26.03.2013 Google Chrome Web Store misconfiguration [CVE-2013-0921]
26.03.2013 Google Chrome loader/resource_dispatcher_host_impl.cc ResourceDispatcherHostImpl::AcceptAuthRequest() misconfiguration

Opera (80 Total)

04.04.2013 Opera Browser Third-Party App Search Bar Service privilege escalation
27.02.2013 Opera Browser HTML5 Engine localStorage denial of service
30.01.2013 Opera unknown vulnerability
30.01.2013 Opera CORS Request Parser Cross Site Request Forgery
30.01.2013 Opera DOM Handler buffer overflow
30.01.2013 Opera SVG Document Handler buffer overflow
08.01.2013 Microsoft System Center Operations Manager Input Validation Handler InternalPages/ViewTypeManager.aspx cross site scripting
08.01.2013 Microsoft System Center Operations Manager Input Validation Handler cross site scripting
08.01.2013 Microsoft System Center Operations Manager Input Validation Handler cross site scripting
20.12.2012 Opera Browser WebView Class information disclosure

Apple Safari (115 Total)

14.03.2013 Apple Safari User Input Sanitizer buffer overflow [CVE-2013-0960]
14.03.2013 Apple Safari User Input Sanitizer buffer overflow [CVE-2013-0961]
27.02.2013 Apple Safari HTML5 Engine localStorage denial of service
01.11.2012 Apple Safari Javascript Array Handler race condition [CVE-2012-3748]
02.08.2012 Apple Safari parser/XSSAuditor.cpp cross site scripting
25.07.2012 Apple Safari information disclosure [CVE-2012-0679]
25.07.2012 Apple Safari feed URL Handler cross site scripting [CVE-2012-0678]
25.07.2012 Apple Safari WebKit buffer overflow [CVE-2012-0683]
25.07.2012 Apple Safari WebKit buffer overflow [CVE-2012-0682]
25.07.2012 Apple Safari information disclosure [CVE-2012-3650]

Mail Clients

Microsoft Outlook (40 Total)

02.07.2012 Microsoft Outlook Web App owa/redir.aspx spoofing
14.09.2010 Microsoft Outlook Content Parser buffer overflow [CVE-2010-2728]
13.07.2010 Microsoft Outlook SMB Attachment Handler PR_ATTACH_METHOD buffer overflow
11.03.2008 Microsoft Outlook mailto URI Handler buffer overflow [CVE-2008-0110]
12.06.2007 Microsoft Outlook Express/Windows Mail MHTML Ressource Handler Umgehungs-Angriff
12.06.2007 Microsoft Outlook Express/Windows Mail MHTML Protocol Handler Umgehungs-Angriff
12.06.2007 Microsoft Outlook Express/Windows Mail UNC Path Handler buffer overflow
09.01.2007 Microsoft Outlook Office Saved Search Handler buffer overflow
09.01.2007 Microsoft Outlook Header Handler denial of service [CVE-2006-1305]
09.01.2007 Microsoft Outlook Meeting Handler buffer overflow [CVE-2006-1305]

Mozilla Thunderbird (141 Total)

14.05.2013 Mozilla Firefox/Thunderbird nsContentUtils::RemoveScriptBlocker buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird nsFrameList::FirstChild buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird mozilla::plugins::child::_geturlnotify buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird _cairo_xlib_surface_add_glyph() buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird SelectionIterator::GetNextSegment buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird User Input Sanitizer _cairo_xlib_surface_add_glyph() buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird Chrome Object Wrappers _cairo_xlib_surface_add_glyph() cross site scripting
14.05.2013 Mozilla Firefox/Thunderbird _cairo_xlib_surface_add_glyph() privilege escalation
14.05.2013 Mozilla Firefox/Thunderbird _cairo_xlib_surface_add_glyph() buffer overflow
14.05.2013 Mozilla Firefox/Thunderbird DOMSVGZoomEvent information disclosure

Document Applications

Adobe Acrobat (105 Total)

14.05.2013 Adobe Acrobat/Reader buffer overflow [CVE-2013-3342]
14.05.2013 Adobe Acrobat/Reader buffer overflow [CVE-2013-2729]
14.05.2013 Adobe Acrobat/Reader buffer overflow [CVE-2013-2727]
14.05.2013 Adobe Acrobat/Reader buffer overflow [CVE-2013-2733]
14.05.2013 Adobe Acrobat/Reader buffer overflow [CVE-2013-2730]
14.05.2013 Adobe Acrobat/Reader buffer overflow [CVE-2013-2724]
14.05.2013 Adobe Acrobat/Reader Javascript API buffer overflow [CVE-2013-2737]
14.05.2013 Adobe Acrobat/Reader buffer overflow [CVE-2013-3341]
14.05.2013 Adobe Acrobat/Reader buffer overflow [CVE-2013-3340]
14.05.2013 Adobe Acrobat/Reader buffer overflow [CVE-2013-3339]

Microsoft Office (111 Total)

13.12.2011 Microsoft Excel Record Parser buffer overflow [CVE-2011-3403]
13.12.2011 Microsoft Office OfficeArt Record Parser buffer overflow [CVE-2011-3413]
13.12.2011 Microsoft Office Word Document Parser buffer overflow [CVE-2011-1983]
13.09.2011 Microsoft SharePoint XML/XLS Handler Designfehler [CVE-2011-1892]
13.09.2011 Microsoft Office Library Loader Designfehler [CVE-2011-1980]
10.05.2011 Microsoft Office Presentation File Parser buffer overflow [CVE-2011-1269]
08.02.2011 Microsoft Excel Shape Data Parser buffer overflow
14.12.2010 Microsoft SharePoint Document Conversion Launcher Service Eingabeungültigkeit
12.10.2010 Microsoft Word buffer overflow [CVE-2010-3214]
14.09.2010 Microsoft Outlook Content Parser buffer overflow [CVE-2010-2728]

Firewalls/IDS

Checkpoint Firewall-1 (8 Total)

27.07.2006 Check Point Firewall-1 Web Server Directory Traversal [CVE-2006-3885]
14.11.2005 Check Point Firewall-1 IKEv1 Handler denial of service [CVE-2005-3673]
26.09.2005 Check Point Firewall-1 CIFS Group Rule Handler Umgehungs-Angriff
20.07.2005 Check Point Firewall-1 SecureClient/SecuRemote Fehlerhafte Leserechte
10.01.2005 Check Point Firewall-1 NG SmartDefense Umgehungs-Angriff
28.07.2004 Check Point VPN-1/Firewall-1 ASN.1 Decoder buffer overflow [CVE-2004-0699]
16.06.2004 Check Point Firewall-1 IKE Handler Designfehler [CVE-2004-2679]
04.05.2004 Check Point VPN-1/FireWall-1 VSX NG ISAKMP Handler buffer overflow
04.02.2004 Check Point Firewall-1 HTTP Handler Format String [CVE-2004-0039]
22.08.2003 Check Point Firewall-1 SecuRemote Designfehler

Cisco PIX/ASA (12 Total)

24.01.2008 Cisco PIX/ASA Time-To-Live Handler denial of service [CVE-2008-0028]
18.10.2007 Cisco PIX/ASA MGCP Packet Handler denial of service [CVE-2007-5568]
18.10.2007 Cisco PIX/ASA TLS Packet Handler denial of service [CVE-2007-5568]
15.02.2007 Cisco PIX SIP Inspector denial of service [CVE-2007-0960]
24.08.2006 Cisco PIX Configuration Password Handler weak authentication
09.05.2006 Cisco PIX HTTP Fragmentation Filter Umgehungs-Angriff [CVE-2006-0515]
14.11.2005 Cisco PIX IPsec IKEv1 Handler denial of service
12.04.2005 Cisco IOS ICMP Error Message Handler denial of service
15.12.2003 Cisco PIX 4.x bis 6.3.1 SNMPv3 und VPNC Denial of Service
03.10.2003 Cisco PIX NAT IP-Pool Handler denial of service

Snort (10 Total)

17.01.2013 SourceFire Snort netbios_kb961501-smb-printss-reponse.c rule20275eval() buffer overflow
06.02.2012 Snort DB.php Directory Traversal
20.02.2007 Snort DCE/RPC Pre-Processor buffer overflow [CVE-2006-5276]
11.01.2007 Snort Rule Matching Algorithm denial of service [CVE-2006-6931]
02.06.2006 Snort http_inspect Pre-Processor Umgehungs-Angriff [CVE-2006-2769]
27.02.2006 Snort frag3 Preprocessor Umgehungs-Angriff [CVE-2006-0839]
18.10.2005 Snort Back Orifice Pre-Processor unknown vulnerability [CVE-2005-3252]
13.09.2005 Snort Verbose Mode PrintTcpOptions() denial of service
15.04.2003 Snort TCP Reassembly Preprocessor buffer overflow [CVE-2003-0209]
28.03.2003 Snort Packet Handler Designfehler

Antivirus

TrendMicro (11 Total)

11.12.2006 Trend Micro ServerProtect RAR Archive Header Handler denial of service
11.12.2006 Trend Micro OfficeScan RAR Archive Header Handler denial of service
11.12.2006 Trend Micro PC Cillin Internet Security 2006 RAR Archive Handler denial of service
03.10.2006 Trend Micro OfficeScan CGI Handler Eingabeungültigkeit [CVE-2006-5211]
02.10.2006 Trend Micro OfficeScan ATXCONSOLE.OCX Format String
15.12.2005 TrendMicro PC-Cillin Internet Security 2005 bis 12.00 Build 1244 fehlerhafte Dateirechte
25.02.2005 Trend Micro Norton AntiVirus ARJ Archive Handler buffer overflow
02.06.2004 Trend Micro OfficeScan Windows Help Handler Designfehler [CVE-2004-2430]
07.05.2004 TrendMicro OfficeScan Corporate Edition 3.x und 5.x bis 5.58 fehlerhafte Dateirechte
24.03.2004 Trend Micro VirusWall /ishttpd/localweb/java/ Directory Traversal

McAfee (47 Total)

26.04.2013 McAfee ePolicy Orchestrator Input Validation Handler Directory Traversal
26.04.2013 McAfee ePolicy Orchestrator Agent Handler SQL Injection [CVE-2013-0140]
05.04.2013 McAfee E-Mail Gateway Attachment Handler buffer overflow
26.03.2013 McAfee ePolicy Orchestrator McHealthCheck.dll Save() misconfiguration
19.03.2013 McAfee Policy Auditor Search Path Handler misconfiguration
08.03.2013 McAfee Vulnerability Manager cross site scripting
26.02.2013 McAfee VirusScan Enterprise Access Protection privilege escalation
11.02.2013 McAfee VirusScan Enterprise privilege escalation
10.01.2013 McAfee Application Control Engine File Header Validation Handler race condition
30.11.2012 McAfee Gateway Secure Web Delivery Client denial of service

F-Secure (23 Total)

24.04.2013 F-Secure AntiVirus ActiveX Handler weak authentication
12.12.2012 F-Secure Anti-Virus misconfiguration
13.03.2012 F-Secure Secure Linux RedirFS misconfiguration
28.06.2006 F-Secure Anti-Virus Scan Network Devices Umgehungs-Angriff
28.06.2006 F-Secure Anti-Virus File Name Handler Umgehungs-Angriff [CVE-2006-3489]
01.06.2006 F-Secure Internet Gatekeeper bis 6.60 Web-Konsole Authentisierung Pufferüberlauf
01.06.2006 F-Secure Anti-Virus for Microsoft Exchange bis 6.40 Web-Konsole Authentisierung Pufferüberlauf
19.01.2006 F-Secure Anti-Virus RAR Archive Handler Umgehungs-Angriff
19.01.2006 F-Secure Anti-Virus ZIP Archive Handler Umgehungs-Angriff
19.01.2006 F-Secure Anti-Virus ZIP Archive Handler buffer overflow [CVE-2006-0337]

Kaspersky (13 Total)

04.03.2013 Kaspersky Internet Security NDIS 6 Filter denial of service
19.03.2012 Kaspersky Anti-Virus CAB File Parser privilege escalation
19.03.2012 Kaspersky Anti-Virus ELF File Handler privilege escalation
19.03.2012 Kaspersky Anti-Virus TAR File Parser privilege escalation
04.06.2008 Kaspersky Anti-Virus Driver kl1.sys buffer overflow
24.09.2007 Kaspersky Anti-Virus klif.sys denial of service
03.08.2007 Kaspersky Anti-Spam Fehlerhafte Schreibrechte [CVE-2007-4206]
12.06.2007 Kaspersky Anti-Virus klif.sys denial of service
05.03.2007 Kaspersky Anti-Virus UPX Handler denial of service [CVE-2007-1281]
06.01.2007 Kaspersky Anti-Virus PE File Handler denial of service [CVE-2007-0125]

Sophos (34 Total)

03.04.2013 Sophos Web Appliance rss.php cross site scripting
03.04.2013 Sophos Web Appliance end-user-/errdoc.php cross site scripting
03.04.2013 Sophos Web Appliance end-user/ftp_redirect.php cross site scripting
03.04.2013 Sophos Web Appliance index.php cross site scripting
03.04.2013 Sophos Web Appliance cgi-bin/patience.cgi denial of service
05.11.2012 Sophos Anti-Virus Document Scan denial of service
05.11.2012 Sophos Anti-Virus PDF Document Handler buffer overflow
05.11.2012 Sophos Anti-Virus RAR Archive Handler rarvm.hpp buffer overflow
05.11.2012 Sophos Anti-Virus CAB Archive Handler SARCcabStart() buffer overflow
05.11.2012 Sophos Anti-Virus Internet Explorer Protected Mode Handler privilege escalation

Web Applications

WordPress (28 Total)

14.05.2013 WordPress Newsletter Plugin cross site scripting
24.01.2013 WordPress Shortcodes/Post Content Handler cross site scripting
24.01.2012 WordPress wp-admin/setup-config.php cross site scripting
02.01.2012 WordPress wp-includes/functions.php wp_guess_url() cross site scripting
04.05.2011 WordPress File Upload Umgehungs-Angriff
21.01.2011 WordPress StatPressCN Plugin cross site scripting [CVE-2011-0641]
12.11.2010 WordPress convert_all_confirm() cross site scripting
22.10.2010 WordPress Comment privilege escalation
05.08.2009 WordPress Designfehler
26.11.2008 WordPress RSS Feed Handler cross site scripting [CVE-2008-5278]

TYPO3 (16 Total)

15.08.2012 TYPO3 Install Tool cross site scripting
15.08.2012 TYPO3 Backend Help System view_help.php unserialize() cross site scripting
15.08.2012 TYPO3 HTML Sanitizing API t3lib_div RemoveXSS() cross site scripting
03.06.2012 TYPO3 File Upload tce_file.php Cross Site Request Forgery
28.03.2012 TYPO3 HTML Sanitizing t3lib_div::RemoveXSS() cross site scripting
28.03.2012 TYPO3 Command Line Interface information disclosure [CVE-2012-1607]
28.03.2012 TYPO3 Backend cross site scripting [CVE-2012-1606]
28.03.2012 TYPO3 Extbase Framework unknown vulnerability [CVE-2012-1605]
16.12.2011 TYPO3 AbstractController.php Remote File Inclusion
15.02.2011 TYPO3 cross site scripting

Joomla (9 Total)

02.04.2012 Joomla! Update Manager cross site scripting
27.03.2012 Joomla! Administrative Back End information disclosure
15.03.2012 Joomla! Password Generator Authentisierung umgehen
15.03.2012 Joomla! index.php privilege escalation
05.03.2012 Joomla! Redirect Plugin SQL Injection [CVE-2012-1116]
05.03.2012 Joomla! Highlight Plugin cross site scripting [CVE-2012-1117]
19.01.2011 Joomla! allCineVid SQL Injection [CVE-2011-0511]
12.10.2007 Joomla! cross site scripting [CVE-2007-5427]
19.09.2007 Joomla! Joomla!12Pictures Eingabeungültigkeit [CVE-2007-4954]

phpMyAdmin (51 Total)

25.04.2013 phpMyAdmin export.php buffer overflow
25.04.2013 phpMyAdmin Input Validation Handler Directory Traversal [CVE-2013-3240]
25.04.2013 phpMyAdmin Replace table prefix preg_replace() privilege escalation
25.04.2013 phpMyAdmin File Handler misconfiguration [CVE-2013-3239]
25.09.2012 phpMyAdmin server_synch.php/cross_framing_protection.js privilege escalation
16.08.2012 phpMyAdmin Database Structure Page CREATE TABLE cross site scripting
16.08.2012 phpMyAdmin Database Structure Page EMPTY/DROP Link cross site scripting
16.08.2012 phpMyAdmin GIS Data Handler cross site scripting [CVE-2012-4579]
16.08.2012 phpMyAdmin Trigger Handler cross site scripting [CVE-2012-4579]
16.08.2012 phpMyAdmin Trigger Handler Add Trigger cross site scripting

Vulnerabilities Overview

• Latest Entries
  • EMC RSA Authentication API Encryption Key information disclosure
  • Cisco Secure Access Control System Web Interface weak authentication
  • Python ssl.match_hostname() denial of service
  • Mozilla Firefox/Thunderbird nsContentUtils::RemoveScriptBlocker buffer overflow
  • Mozilla Firefox/Thunderbird nsFrameList::FirstChild buffer overflow
• Statistics
  • Overview
  • Products
  • Timespans
  • Digest
• Archive
  • 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 |

• Reference Maps
  • 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 |

• CVSS Maps
  • 2013 | 2012 | 2011 | 2010 | 2009 | 2008 | 2007 | 2006 | 2005 | 2004 | 2003 |

• Syndication
  • Alert System
  • RSS
  • Twitter