March 21, 2023
|
TRA-2023-13
|
Rockwell Automation ThinManager ThinServer Multiple Vulnerabilities
|
Critical
|
CVE-2023-28755
CVE-2023-28756
CVE-2023-28757
|
March 14, 2023
|
TRA-2023-12
|
Netgear RAX30 Multiple Vulnerabilities
|
High
|
CVE-2023-28337
CVE-2023-28338
|
March 14, 2023
|
TRA-2023-11
|
Unauthenticated Command Injection in TP-Link Archer AX21 (AX1800)
|
High
|
CVE-2023-1389
|
March 10, 2023
|
TRA-2023-10
|
Authentication Bypass in Netgear RAX30 (AX2400) < 1.0.6.74
|
High
|
CVE-2023-1327
|
March 8, 2023
|
TRA-2023-9
|
Netgear RAX30 Multiple Vulnerabilities
|
High
|
CVE-2023-27850
CVE-2023-27851
CVE-2023-27852
CVE-2023-27853
CVE-2023-1205
|
February 27, 2023
|
TRA-2023-8
|
Multiple Vulnerabilities in OpenCATS 0.9.6
|
High
|
CVE-2023-27292
CVE-2023-27293
CVE-2023-27294
CVE-2023-27295
|
February 22, 2023
|
TRA-2023-7
|
Insecure Deserialization in Multiple WordPress Plugins
|
High
|
CVE-2023-26326
CVE-2023-28667
|
February 1, 2023
|
TRA-2023-6
|
Cross-Site Scripting in Multiple Microsoft Domains and Microsoft Teams
|
Medium
|
|
January 30, 2023
|
TRA-2023-5
|
Trend Micro Apex One fcgiOfcDDA.exe File Upload Vulnerability
|
High
|
CVE-2023-0587
|
January 23, 2023
|
TRA-2023-4
|
Delta Electronics InfraSuite Device Master Privilege Escalation
|
High
|
CVE-2023-0444
|
January 12, 2023
|
TRA-2023-3
|
Cross-Site Scripting vulnerabilities in Multiple WordPress Plugins
|
Medium
|
CVE-2023-23491
CVE-2023-23492
CVE-2023-0448
CVE-2023-28664
CVE-2023-28665
CVE-2023-28666
|
January 12, 2023
|
TRA-2023-2
|
SQL Injection in Multiple WordPress Plugins
|
Critical
|
CVE-2023-23488
CVE-2023-23489
CVE-2023-23490
CVE-2023-26325
CVE-2023-28659
CVE-2023-28660
CVE-2023-28661
CVE-2023-28662
CVE-2023-28663
|
January 9, 2023
|
TRA-2023-1
|
Command Injection in D-Link DWL-2600AP with firmware v4.2.0.17
|
Medium
|
CVE-2023-0127
|
December 16, 2022
|
TRA-2022-37
|
NETGEAR Nighthawk WiFi6 Router Multiple Vulnerabilities
|
Critical
|
CVE-2022-47208
CVE-2022-47209
CVE-2022-47210
|
December 2, 2022
|
TRA-2022-36
|
NETGEAR Nighthawk WiFi6 Router Network Misconfiguration
|
Medium
|
CVE-2022-4390
|
November 21, 2022
|
TRA-2022-35
|
Denial of Service Vulnerability in Dropbox's JPEG Compression Tool, Lepton
|
Low
|
CVE-2022-4104
|
October 25, 2022
|
TRA-2022-33
|
Delta Electronics DIAEnergie Multiple Vulnerabilities
|
Critical
|
CVE-2022-43774
CVE-2022-43775
|
October 25, 2022
|
TRA-2022-34
|
SSRF in Metabase GeoJSON URL
|
Medium
|
CVE-2022-43776
|
September 26, 2022
|
TRA-2022-32
|
Advantech iView ConfigurationServlet setConfiguration SQL Injection
|
Critical
|
CVE-2022-3323
|
September 12, 2022
|
TRA-2022-31
|
VISAM VBASE v11.7.0.2 Credential Disclosure
|
High
|
CVE-2022-3217
|
September 1, 2022
|
TRA-2022-30
|
RStudio Connect Open Redirect
|
Medium
|
CVE-2022-38131
|
August 15, 2022
|
TRA-2022-29
|
Multiple Vulnerabilities in Eyes of Network Web version 5.3
|
High
|
CVE-2022-38357
CVE-2022-38358
CVE-2022-38359
|
August 10, 2022
|
TRA-2022-28
|
Keysight Technologies Sensor Management Server Multiple RCE Vulnerabilities
|
Critical
|
CVE-2022-38129
CVE-2022-38130
|
July 15, 2022
|
TRA-2022-27
|
Microsoft Azure Arc Jumpstart Information Disclosure
|
Medium
|
CVE-2022-35798
|
July 12, 2022
|
TRA-2022-26
|
Microsoft Azure Site Recovery Privilege Escalation
|
High
|
CVE-2022-33675
|
July 6, 2022
|
TRA-2022-25
|
ManageEngine Multiple Products Remote Directory/File Creation
|
Medium
|
CVE-2022-35404
|
June 28, 2022
|
TRA-2022-24
|
Apple Safari Security Feature Bypass (Trusted Downloads)
|
Low
|
|
June 15, 2022
|
TRA-2022-23
|
Schneider Electric IGSS Data Server v15.0.0.22139 Project Report Directory File Manipulation
|
High
|
CVE-2022-32528
|
June 15, 2022
|
TRA-2022-22
|
Schneider Electric IGSS Data Server Multiple Vulnerabilities
|
Critical
|
CVE-2022-32522
CVE-2022-32523
CVE-2022-32524
CVE-2022-32525
CVE-2022-32526
CVE-2022-32527
CVE-2022-32529
|
June 8, 2022
|
TRA-2022-21
|
XSS in Rustici Software SCORM Engine
|
Medium
|
CVE-2022-2035
|
June 6, 2022
|
TRA-2022-19
|
Microsoft Azure Synapse Analytics Hosts File Poisoning
|
Low
|
|
June 6, 2022
|
TRA-2022-20
|
Microsoft Azure Synapse Analytics Privilege Escalation
|
Critical
|
|
June 1, 2022
|
TRA-2022-18
|
Windows Azure Guest Agent Privilege Escalation
|
Low
|
|
May 16, 2022
|
TRA-2022-17
|
Metasonic Doc WebClient SQL Injection
|
Medium
|
CVE-2022-1731
|
May 5, 2022
|
TRA-2022-16
|
Cross-site Scripting in webapp.kaiza.la and kaizala mobile app
|
Medium
|
|
May 5, 2022
|
TRA-2022-15
|
Reflected Cross-Site Scripting in businesscenter.kaiza.la
|
Medium
|
|
April 27, 2022
|
TRA-2022-14
|
ManageEngine Access Manager Plus REST API Restriction Bypass
|
High
|
CVE-2022-29081
|
April 19, 2022
|
TRA-2022-13
|
Schneider Electric IGSS Data Server v15.0.0.22073 Integer Overflow
|
Critical
|
CVE-2022-2329
|
April 14, 2022
|
TRA-2022-12
|
Information Disclosure in Gryphon Shepherd API
|
Low
|
|
April 12, 2022
|
TRA-2022-11
|
PositiveGrid Spark API Multiple Vulnerabilities
|
Low
|
|
April 6, 2022
|
TRA-2022-09
|
Command Injection Vulnerability in /bin/protest Binary on Multiple D-Link Routers
|
Medium
|
CVE-2022-1262
|
April 6, 2022
|
TRA-2022-10
|
Cross-Site Scripting in Odoo Apps via Prototype Pollution
|
Medium
|
|
March 23, 2022
|
TRA-2022-08
|
XSS via angular template injection in manage.kaiza.la
|
Medium
|
|
March 11, 2022
|
TRA-2022-07
|
Vulnerability in DVDFab Player Permits Attacker to Read Arbitrary Files in Windows Filesystem
|
High
|
CVE-2022-25216
|
February 28, 2022
|
TRA-2022-06
|
Zyxel Routers and Home WiFi Systems - Unprotected Root Access via UART Using Default Password
|
High
|
CVE-2021-35033
|
February 22, 2022
|
TRA-2022-05
|
Multiple Vulnerabilities in Trend Micro ServerProtect
|
Critical
|
CVE-2022-25329
CVE-2022-25330
CVE-2022-25331
|
February 14, 2022
|
TRA-2022-04
|
Microsoft Teams Session Token in URL (Zip Preview)
|
Low
|
|
February 7, 2022
|
TRA-2022-03
|
Schneider Electric IGSS Data Collector Multiple Vulnerabilities
|
High
|
CVE-2021-22823
CVE-2021-22824
|
February 7, 2022
|
TRA-2022-02
|
Schneider Electric IGSS Data Server Multiple Vulnerabilities
|
Critical
|
CVE-2022-24310
CVE-2022-24314
|
February 1, 2022
|
TRA-2022-01
|
Unpatchable Vulnerabilities in Phicomm Router Firmware
|
High
|
CVE-2022-25214
CVE-2022-25215
CVE-2022-25217
CVE-2022-25218
CVE-2022-25219
CVE-2022-25213
|
December 30, 2021
|
TRA-2021-58
|
Bitmask Riseup Local Privilege Escalation
|
High
|
CVE-2021-44466
|
December 30, 2021
|
TRA-2021-57
|
Netgear Nighthawk R6700 Multiple Vulnerabilities
|
High
|
CVE-2021-20173
CVE-2021-20174
CVE-2021-20175
CVE-2021-23147
CVE-2021-45732
CVE-2021-45077
|
December 30, 2021
|
TRA-2021-56
|
Netgear Genie MacOS Installer Privilege Escalation
|
Medium
|
CVE-2021-20172
|
December 30, 2021
|
TRA-2021-55
|
Netgear Nighthawk RAX43 Multiple Vulnerabilities
|
Critical
|
CVE-2021-20166
CVE-2021-20167
CVE-2021-20168
CVE-2021-20169
CVE-2021-20170
CVE-2021-20171
|
December 30, 2021
|
TRA-2021-54
|
Trendnet AC2600 TEW-827DRU Multiple Vulnerabilities
|
Critical
|
CVE-2021-20149
CVE-2021-20150
CVE-2021-20151
CVE-2021-20152
CVE-2021-20153
CVE-2021-20154
CVE-2021-20155
CVE-2021-20156
CVE-2021-20157
CVE-2021-20158
CVE-2021-20159
CVE-2021-20160
CVE-2021-20161
CVE-2021-20162
CVE-2021-20163
CVE-2021-20164
CVE-2021-20165
|
December 30, 2021
|
TRA-2021-53
|
AutoDesk Meshmixer macOS Installer Local Privilege Escalation
|
Medium
|
|
December 23, 2021
|
TRA-2021-52
|
ManageEngine SelfService Plus Multiple Vulnerabilities
|
Medium
|
CVE-2021-20147
CVE-2021-20148
|
December 7, 2021
|
TRA-2021-51
|
Multiple Vulnerabilities in Gryphon Tower Router
|
Critical
|
CVE-2021-20137
CVE-2021-20138
CVE-2021-20139
CVE-2021-20140
CVE-2021-20141
CVE-2021-20142
CVE-2021-20143
CVE-2021-20144
CVE-2021-20145
CVE-2021-20146
|
November 16, 2021
|
TRA-2021-50
|
Schneider Electric C-Gate Multiple Vulnerabilities
|
High
|
CVE-2021-22796
CVE-2021-22720
CVE-2021-22784
|
November 8, 2021
|
TRA-2021-49
|
Arris SurfBoard SB8200 Insecure Password Change Utility
|
Medium
|
CVE-2021-20119
|
October 29, 2021
|
TRA-2021-48
|
ManageEngine Log360 Database Configuration Overwrite Unauthenticated RCE
|
Critical
|
CVE-2021-20136
|
October 26, 2021
|
TRA-2021-47
|
CODESYS V2 Web Server Multiple Vulnerabilities
|
Critical
|
CVE-2021-34583
CVE-2021-34584
CVE-2021-34585
CVE-2021-34586
|
October 26, 2021
|
TRA-2021-46
|
Wishpond Connect.js Javascript Library Prototype Pollution
|
Medium
|
|
October 20, 2021
|
TRA-2021-45
|
Arris SurfBoard SB8200 Cross Site Request Forgery
|
High
|
CVE-2021-20120
|
October 19, 2021
|
TRA-2021-44
|
Critical Vulnerabilities on the D-Link DIR-2640 Router
|
High
|
CVE-2021-20132
CVE-2021-20133
CVE-2021-20134
|
October 13, 2021
|
TRA-2021-43
|
ManageEngine ADManager Plus Build 7111 Multiple Vulnerabilities
|
High
|
CVE-2021-20130
CVE-2021-20131
|
October 12, 2021
|
TRA-2021-42
|
Multiple Vulnerabilities in Draytek VigorConnect 1.60.0-B3
|
Critical
|
CVE-2021-20123
CVE-2021-20124
CVE-2021-20125
CVE-2021-20126
CVE-2021-20127
CVE-2021-20128
CVE-2021-20129
|
October 11, 2021
|
TRA-2021-41
|
Multiple Vulnerabilities in Telus Wi-Fi Hub
|
Medium
|
CVE-2021-20121
CVE-2021-20122
|
October 8, 2021
|
TRA-2021-40
|
Johnson Controls exacqVision Multiple Vulnerabilities
|
Critical
|
CVE-2021-27664
CVE-2021-27665
|
September 14, 2021
|
TRA-2021-39
|
Multiple Vulnerabilities in Tracki / Trackimo GPS Platform and application
|
Medium
|
|
September 14, 2021
|
TRA-2021-38
|
Multiple Vulnerabilities in Optimus GPS Platform
|
Medium
|
|
September 14, 2021
|
TRA-2021-37
|
Multiple Vulnerabilities in Spytec GPS platform
|
Medium
|
|
September 14, 2021
|
TRA-2021-36
|
Multiple Vulnerabilities in LandAirSea SilverCloud GPS Platform
|
Medium
|
|
August 19, 2021
|
TRA-2021-35
|
User Enumeration in GSuite Okta Integration
|
Low
|
|
August 9, 2021
|
TRA-2021-34
|
Cisco Webex Universal Links Redirect
|
Medium
|
|
August 9, 2021
|
TRA-2021-33
|
HPE Edgeline Infrastructure Manager Unauthenticated Information Disclosure
|
Medium
|
CVE-2021-26586
|
July 21, 2021
|
TRA-2021-32
|
Multiple Vulnerabilities in TCExam
|
Critical
|
CVE-2021-20111
CVE-2021-20112
CVE-2021-20113
CVE-2021-20114
CVE-2021-20115
CVE-2021-20116
|
July 16, 2021
|
TRA-2021-31
|
Manage Engine Asset Explorer Agent - Integer Overflow
|
High
|
CVE-2021-20110
|
July 16, 2021
|
TRA-2021-30
|
Manage Engine Heap Overflow POST payload
|
High
|
CVE-2021-20109
|
July 16, 2021
|
TRA-2021-29
|
Manage Engine Asset Explorer Agent - Remote DoS
|
High
|
CVE-2021-20108
|
July 12, 2021
|
TRA-2021-28
|
Schneider Electric Modicon M340 / M580 Authentication Bypass Vulnerability
|
High
|
CVE-2021-22779
|
July 12, 2021
|
TRA-2021-27
|
AWS EC2 macOS Local Privilege Escalation
|
Medium
|
|
June 30, 2021
|
TRA-2021-26
|
Sloan Smart Faucet Unauthenticated BLE
|
Medium
|
CVE-2021-20107
|
June 28, 2021
|
TRA-2021-25
|
Machform Multiple Vulnerabilities
|
High
|
CVE-2021-20101
CVE-2021-20102
CVE-2021-20103
CVE-2021-20104
CVE-2021-20105
|
June 15, 2021
|
tra-2021-24
|
Multiple Vulnerabilities in Wibu-Systems CodeMeter
|
Critical
|
CVE-2021-20093
CVE-2021-20094
|
June 13, 2021
|
TRA-2021-23
|
Multiple vulnerabilities in Microsoft Power Apps (apps.powerapps.com, make.powerapps.com)
|
Medium
|
|
June 9, 2021
|
TRA-2021-22
|
ManageEngine ServiceDesk Plus Authenticated RCE
|
High
|
CVE-2021-20081
|
June 2, 2021
|
TRA-2021-21
|
macOS Gatekeeper Bypass / Local Privilege Escalation
|
Medium
|
|
June 2, 2021
|
TRA-2021-20
|
macOS Installer Local Privilege Escalation
|
Medium
|
|
June 2, 2021
|
TRA-2021-19
|
Microsoft Teams macOS Installer Local Privilege Escalation
|
Medium
|
|
May 21, 2021
|
TRA-2021-18
|
OpenOversight Multiple Vulnerabilities
|
Medium
|
CVE-2021-20096
|
May 19, 2021
|
TRA-2021-17
|
SecureDrop OSSEC Cross-Site Request Forgery
|
Low
|
|
May 11, 2021
|
TRA-2021-16
|
LINE Private IP Address and Platform information Disclosure via GIFMagazine
|
Medium
|
|
April 30, 2021
|
TRA-2021-15
|
HPE Edgeline Infrastructure Manager v1.21 Authentication Bypass
|
Critical
|
CVE-2021-29203
|
April 28, 2021
|
TRA-2021-14
|
Python-Babel/Babel Locale Directory Traversal / Arbitrary Code Execution
|
Medium
|
|
April 23, 2021
|
TRA-2021-13
|
Multiple Vulnerabilities in Buffalo and Arcadyan manufactured routers
|
High
|
CVE-2021-20090
CVE-2021-20091
CVE-2021-20092
|
April 21, 2021
|
TRA-2021-12
|
Stored XSS in make.powerapps.com
|
Medium
|
|
April 8, 2021
|
TRA-2021-11
|
ManageEngine ServiceDesk Plus and AssetExplorer - Unauthenticated Stored XSS
|
Medium
|
CVE-2021-20080
|
March 31, 2021
|
TRA-2021-10
|
ManageEngine OpManager Remote Directory Deletion
|
Critical
|
CVE-2021-20078
|
March 12, 2021
|
TRA-2021-09
|
Microsoft Teams services forwarding to untrusted domain
|
Medium
|
|
March 8, 2021
|
TRA-2021-08
|
LINE Debugging Interface Information Disclosure
|
Medium
|
|
March 1, 2021
|
TRA-2021-07
|
Dell EMC OpenManage Server Administrator Authentication Bypass
|
Critical
|
CVE-2021-21513
|
February 22, 2021
|
TRA-2021-06
|
Secomea GateManager Multiple Vulnerabilities
|
High
|
CVE-2020-29028
CVE-2020-29030
CVE-2020-29032
|
February 16, 2021
|
TRA-2021-05
|
JSDom Improper Loading of Local Resources
|
Medium
|
CVE-2021-20066
|
February 16, 2021
|
TRA-2021-04
|
Racom MIDGE Firmware Multiple Vulnerabilities
|
High
|
CVE-2021-20067
CVE-2021-20068
CVE-2021-20069
CVE-2021-20070
CVE-2021-20071
CVE-2021-20072
CVE-2021-20073
CVE-2021-20074
CVE-2021-20075
|
February 15, 2021
|
TRA-2021-03
|
IBM Spectrum Protect Operations Center 8.1.10 Multiple Vulnerabilities
|
High
|
CVE-2020-4954
CVE-2020-4955
CVE-2020-4956
|
February 4, 2021
|
TRA-2021-02
|
ManageEngine Applications Manager Authenticated SQLi
|
High
|
CVE-2020-35765
|
January 7, 2021
|
TRA-2021-01
|
Marvell QConvergeConsole GUI Multiple Vulnerabilities
|
High
|
CVE-2020-5804
CVE-2020-5805
|
December 28, 2020
|
TRA-2020-71
|
Rockwell Automation FactoryTalk Multiple Vulnerabilities
|
High
|
CVE-2020-5801
CVE-2020-5802
CVE-2020-5806
CVE-2020-5807
|
December 18, 2020
|
TRA-2020-70
|
Secomea GateManager Multiple Vulnerabilities
|
Medium
|
CVE-2020-29021
CVE-2020-29022
|
December 15, 2020
|
TRA-2020-69
|
Carbon Black Installer Multiple Vulnerabilities
|
Medium
|
CVE-2020-4008
|
December 6, 2020
|
TRA-2020-68
|
PsExec Local Privilege Escalation
|
Medium
|
|
December 4, 2020
|
TRA-2020-67
|
Druva inSync Installer Privilege Escalation
|
High
|
CVE-2020-5798
|
December 4, 2020
|
TRA-2020-66
|
IBM Spectrum Protect Plus Static Credential Vulnerability
|
Critical
|
CVE-2020-4854
|
December 3, 2020
|
TRA-2020-65
|
Eat Spray Love Mobile App Multiple Vulnerabilities
|
High
|
CVE-2020-5799
CVE-2020-5800
|
November 23, 2020
|
TRA-2020-64
|
Cross-site Scripting via WHOIS and DNS records on multiple lookup platforms
|
High
|
|
November 16, 2020
|
TRA-2020-63
|
Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities
|
High
|
CVE-2020-28578
CVE-2020-28579
CVE-2020-28580
CVE-2020-28581
|
November 16, 2020
|
TRA-2020-62
|
Trend Micro Worry-Free Business Security Unauthenticated Remote File Deletion
|
High
|
CVE-2020-28574
|
November 13, 2020
|
TRA-2020-61
|
Nagios XI Local Privilege Escalation
|
High
|
CVE-2020-5796
|
November 5, 2020
|
TRA-2020-60
|
TP-Link Archer Routers USB Symlink Following Vulnerabilities
|
Medium
|
CVE-2020-5795
CVE-2020-5797
|
October 21, 2020
|
TRA-2020-59
|
Umbraco Cloud CMS Multiple Vulnerabilities
|
Medium
|
CVE-2020-5809
CVE-2020-5810
CVE-2020-5811
|
October 20, 2020
|
TRA-2020-58
|
Nagios XI Multiple Vulnerabilities
|
Medium
|
CVE-2020-5790
CVE-2020-5791
CVE-2020-5792
|
October 1, 2020
|
TRA-2020-57
|
Teltonika Gateway TRB245 Multiple Vulnerabilities
|
Medium
|
CVE-2020-5784
CVE-2020-5785
CVE-2020-5786
CVE-2020-5787
CVE-2020-5788
CVE-2020-5789
|
September 25, 2020
|
TRA-2020-56
|
Marvell QConvergeConsole GUI Multiple Vulnerabilities
|
High
|
CVE-2020-15643
CVE-2020-15644
CVE-2020-15645
CVE-2020-5803
|
September 22, 2020
|
TRA-2020-55
|
IgniteNet HeliOS GLinq v2.2.1 r2961 Multiple Vulnerabilities
|
Medium
|
CVE-2020-5781
CVE-2020-5782
CVE-2020-5783
|
September 14, 2020
|
TRA-2020-54
|
IBM Spectrum Protect Plus 10.1.6-1974 Multiple Vulnerabilities
|
High
|
CVE-2020-4711
CVE-2020-4703
|
September 9, 2020
|
TRA-2020-53
|
Unauthenticated email forgery/spoofing in WordPress Email Subscribers plugin
|
High
|
CVE-2020-5780
|
September 2, 2020
|
TRA-2020-52
|
Trading Technologies Messaging Multiple Unauthenticated Remote DoS
|
High
|
CVE-2020-5778
CVE-2020-5779
|
September 1, 2020
|
TRA-2020-51
|
MAGMI Multiple Vulnerabilities
|
Medium
|
CVE-2020-5777
CVE-2020-5776
|
August 28, 2020
|
TRA-2020-50
|
IBM Spectrum Protect CertQryResp Unauthenticated Remote DoS
|
High
|
CVE-2020-4559
|
August 11, 2020
|
TRA-2020-49
|
Canvas LMS Unauthenticated Blind SSRF
|
Medium
|
CVE-2020-5775
|
August 3, 2020
|
TRA-2020-48
|
Teltonika Gateway TRB245 Multiple Vulnerabilities
|
High
|
CVE-2020-5770
CVE-2020-5771
CVE-2020-5772
CVE-2020-5773
|
July 29, 2020
|
TRA-2020-47
|
Grandstream ATA HT800 Series Multiple Vulnerabilities
|
Critical
|
CVE-2020-5760
CVE-2020-5761
CVE-2020-5762
CVE-2020-5763
|
July 22, 2020
|
TRA-2020-46
|
CODESYS V3 Unauthenticated Webserver Memory Leak DoS
|
High
|
CVE-2020-15806
|
July 17, 2020
|
TRA-2020-45
|
Ubiquiti UniFi Protect Username Discovery
|
Medium
|
CVE-2020-8213
|
July 16, 2020
|
TRA-2020-44
|
Multiple Vulnerabilities in Icegram Email Subscribers & Newsletters Plugin for WordPress
|
Medium
|
CVE-2020-5767
CVE-2020-5768
|
July 16, 2020
|
TRA-2020-43
|
Teltonika Gateway TRB245 Stored Cross-site Scripting
|
Low
|
CVE-2020-5769
|
July 10, 2020
|
TRA-2020-42
|
SQL Injection in SRS Simple Hits Counter Plugin for WordPress
|
Medium
|
CVE-2020-5766
|
July 7, 2020
|
TRA-2020-41
|
MX Player Android App Directory Traversal
|
High
|
CVE-2020-5764
|
June 23, 2020
|
TRA-2020-40
|
Grandstream UCM6200 Series Multiple Authenticated RCE
|
Critical
|
CVE-2020-5757
CVE-2020-5758
CVE-2020-5759
|
June 23, 2020
|
TRA-2020-39
|
Grandstream GWN7000 Authenticated Command Execution
|
Critical
|
CVE-2020-5756
|
June 19, 2020
|
TRA-2020-38
|
VMware Tools Denial of Service
|
Medium
|
CVE-2020-3972
|
June 15, 2020
|
TRA-2020-37
|
IBM Spectrum Protect Plus Multiple Vulnerabilities
|
Critical
|
CVE-2020-4469
CVE-2020-4470
CVE-2020-4471
|
June 15, 2020
|
TRA-2020-36
|
Webroot Multiple Vulnerabilities
|
High
|
CVE-2020-5754
CVE-2020-5755
|
June 15, 2020
|
TRA-2020-35
|
Plex Media Server Weak CORS Policy
|
Medium
|
CVE-2020-5742
|
May 21, 2020
|
TRA-2020-34
|
Druva inSync Windows Client Local Privilege Escalation (CVE-2019-3999 Patch Bypass)
|
High
|
CVE-2020-5752
|
May 19, 2020
|
TRA-2020-33
|
Signal App Information Disclosure
|
Low
|
CVE-2020-5753
|
May 7, 2020
|
TRA-2020-32
|
Plex Media Server Authenticated Python Deserialization / RCE (Windows)
|
Medium
|
CVE-2020-5741
|
May 7, 2020
|
TRA-2020-31
|
TCExam Multiple Vulnerabilities
|
Medium
|
CVE-2020-5743
CVE-2020-5744
CVE-2020-5745
CVE-2020-5746
CVE-2020-5747
CVE-2020-5748
CVE-2020-5749
CVE-2020-5750
CVE-2020-5751
|
May 4, 2020
|
TRA-2020-30
|
Instacart SMS Link Spoofing Vulnerability
|
Medium
|
|
May 1, 2020
|
TRA-2020-29
|
SimpliSafe SS3 PIN Add Using Rogue Keypad
|
Low
|
CVE-2020-5727
|
April 27, 2020
|
TRA-2020-28
|
Flexera FlexNet Publisher lmadmin Message 282 Remote DoS
|
Medium
|
CVE-2020-12080
|
April 22, 2020
|
TRA-2020-27
|
Ubiquiti UniFi Cloud Key - Unprotected root UART Access
|
High
|
CVE-2020-8157
|
April 22, 2020
|
TRA-2020-26
|
IBM Spectrum Protect Verb 134 Unauthenticated Remote Stack Overflow
|
Critical
|
CVE-2020-4415
|
April 21, 2020
|
TRA-2020-25
|
Plex Media Server Local Privilege Escalation (Windows)
|
High
|
CVE-2020-5740
|
April 15, 2020
|
TRA-2020-24
|
Cisco IP Phones Web Server Multiple Vulnerabilities
|
Critical
|
CVE-2020-3161
CVE-2016-1421
|
April 15, 2020
|
TRA-2020-23
|
MikroTik WinBox Cleartext Password Storage
|
Low
|
CVE-2020-5721
|
April 13, 2020
|
TRA-2020-22
|
Grandstream GXP1600 Series Multiple Issues
|
Critical
|
CVE-2020-5738
CVE-2020-5739
|
April 9, 2020
|
TRA-2020-21
|
Ubiquiti Unifi Cloud Key Gen2 Plus Unauthenticated Hostname Modification
|
Medium
|
CVE-2020-8148
|
April 7, 2020
|
TRA-2020-20
|
Amcrest Camera/NVR Multiple Vulnerabilities
|
Critical
|
CVE-2020-5735
CVE-2020-5736
|
April 6, 2020
|
TRA-2020-19
|
SolarWinds Dameware DoS
|
High
|
CVE-2020-5734
|
April 3, 2020
|
TRA-2020-18
|
OpenMRS Multiple Vulnerabilities
|
Medium
|
CVE-2020-5728
CVE-2020-5729
CVE-2020-5730
CVE-2020-5731
CVE-2020-5732
CVE-2020-5733
|
March 30, 2020
|
TRA-2020-17
|
Grandstream UCM62xx Multiple SQL Injections
|
Medium
|
CVE-2020-5723
CVE-2020-5724
CVE-2020-5725
CVE-2020-5726
|
March 25, 2020
|
TRA-2020-16
|
CODESYS V3 Unauthenticated Remote Heap Overflow
|
Critical
|
CVE-2020-10245
|
March 23, 2020
|
TRA-2020-15
|
Grandstream UCM62xx SQL Injection
|
Critical
|
CVE-2020-5722
|
March 12, 2020
|
TRA-2020-14
|
Kodi Multiple Issues
|
High
|
|
February 26, 2020
|
TRA-2020-13
|
Advantech WebAccess/SCADA Unauthenticated Remote Heap Buffer Overflow
|
Critical
|
|
February 25, 2020
|
TRA-2020-12
|
Druva inSync Client Multiple Vulnerabilities
|
High
|
CVE-2019-3999
CVE-2019-4000
CVE-2019-4001
|
February 19, 2020
|
TRA-2020-11
|
Palo Alto Expedition Migration Tool Insufficient XSRF Protection
|
High
|
CVE-2020-1977
|
February 18, 2020
|
TRA-2020-10
|
Siemens TIA Portal Denial of Service
|
High
|
CVE-2019-19282
|
February 13, 2020
|
TRA-2020-09
|
SimpliSafe SS3 Unauthenticated Wi-Fi Config Modification
|
Low
|
CVE-2019-3998
|
February 9, 2020
|
TRA-2020-08
|
Microsoft Windows User Group Policy Bypass
|
Medium
|
|
February 6, 2020
|
TRA-2020-07
|
MikroTik WinBox Path Traversal
|
Medium
|
CVE-2020-5720
|
February 3, 2020
|
TRA-2020-06
|
Atlassian Jira CSRF
|
Medium
|
CVE-2019-20100
|
February 3, 2020
|
TRA-2020-05
|
Atlassian Jira Multiple CSRF
|
Medium
|
CVE-2019-20098
CVE-2019-20099
|
January 23, 2020
|
TRA-2020-04
|
CODESYS V3 Denial of Service
|
High
|
CVE-2020-7052
|
January 16, 2020
|
TRA-2020-03
|
SimpliSafe SS3 Unauthenticated Keypad Pairing Vulnerability
|
Low
|
CVE-2019-3997
|
January 15, 2020
|
TRA-2020-02
|
HPE Smart Update Manager 8.4.5 Remote Unauthorized Access
|
Critical
|
|
January 14, 2020
|
TRA-2020-01
|
MikroTik WinBox Man-in-the-Middle Password Hash Disclosure
|
Medium
|
CVE-2019-3981
|
December 26, 2019
|
TRA-2019-54
|
Microsoft Teams Multiple Vulnerabilities
|
Medium
|
|
December 12, 2019
|
TRA-2019-53
|
ELOG Multiple Vulnerabilities
|
High
|
CVE-2019-3992
CVE-2019-3993
CVE-2019-3994
CVE-2019-3995
CVE-2019-3996
|
December 11, 2019
|
TRA-2019-52
|
Advantech WebAccess/SCADA Stack Buffer Overflow
|
Critical
|
CVE-2019-3951
|
December 5, 2019
|
TRA-2019-51
|
Blink XT2 Sync Module Multiple Vulnerabilities
|
High
|
CVE-2019-3983
CVE-2019-3984
CVE-2019-3985
CVE-2019-3986
CVE-2019-3987
CVE-2019-3988
CVE-2019-3989
|
December 3, 2019
|
TRA-2019-50
|
Harbor.io User Enumeration Vulnerability
|
Medium
|
CVE-2019-3990
|
November 20, 2019
|
TRA-2019-49
|
Schneider Electric FLM v2.3.1.0 / FlexNet Publisher 11.6.2 Multiple Vulnerabilities
|
High
|
|
November 20, 2019
|
TRA-2019-48
|
CODESYS V3 Unauthenticated Remote Heap Buffer Overflow
|
Critical
|
CVE-2019-18858
|
November 6, 2019
|
TRA-2019-47
|
Qualcomm Atheros Universal WLAN Kernel Memory Disclosure
|
Medium
|
CVE-2019-10618
|
October 28, 2019
|
TRA-2019-46
|
MikroTik RouterOS Multiple Vulnerabilities
|
High
|
CVE-2019-3976
CVE-2019-3977
CVE-2019-3978
CVE-2019-3979
|
October 17, 2019
|
TRA-2019-45
|
Cisco TelePresence Advanced Media Gateway 3610 Denial of Service
|
Medium
|
CVE-2019-15966
|
October 15, 2019
|
TRA-2019-44
|
Cisco SPA100 Series Multiple Vulnerabilities
|
Critical
|
CVE-2019-15240
CVE-2019-15241
CVE-2019-15242
CVE-2019-15243
CVE-2019-15244
CVE-2019-15245
CVE-2019-15246
CVE-2019-15247
CVE-2019-15248
CVE-2019-15249
CVE-2019-15250
CVE-2019-15251
CVE-2019-15252
CVE-2019-15257
CVE-2019-15258
CVE-2019-12702
CVE-2019-12703
CVE-2019-12704
CVE-2019-12708
|
September 30, 2019
|
TRA-2019-43
|
SolarWinds Dameware Mini Remote Control Unauthenticated RCE
|
Critical
|
CVE-2019-3980
|
September 25, 2019
|
TRA-2019-42
|
HPE iMC 7.3 E0703 Multiple Vulnerabilities
|
Critical
|
CVE-2019-5390
CVE-2019-5391
|
September 10, 2019
|
TRA-2019-41
|
Advantech WebAccess/SCADA 8.4.1 Unauthenticated Remote Stack Buffer Overflow
|
Critical
|
CVE-2019-3975
|
August 19, 2019
|
TRA-2019-40
|
OpenEMR Multiple Vulnerabilities
|
High
|
CVE-2019-3963
CVE-2019-3964
CVE-2019-3965
CVE-2019-3966
CVE-2019-3967
CVE-2019-3968
|
August 12, 2019
|
TRA-2019-39
|
Apple macOS / iOS UIFoundation Vulnerability
|
Medium
|
|
August 2, 2019
|
TRA-2019-38
|
macOS LaunchServices Denial of Service
|
Medium
|
|
July 30, 2019
|
TRA-2019-37
|
WallacePOS Multiple Vulnerabilities
|
Medium
|
CVE-2019-3958
CVE-2019-3959
CVE-2019-3960
|
July 29, 2019
|
TRA-2019-36
|
Amcrest IP Camera Multiple Vulnerabilities
|
Medium
|
CVE-2019-3948
|
July 17, 2019
|
TRA-2019-35
|
Jenkins Path Traversal / Arbitrary File Write
|
Medium
|
CVE-2019-10352
|
July 15, 2019
|
TRA-2019-34
|
Comodo Antivirus Multiple Vulnerabilities
|
Medium
|
CVE-2019-3969
CVE-2019-3970
CVE-2019-3971
CVE-2019-3972
CVE-2019-3973
|
July 8, 2019
|
TRA-2019-33
|
Siemens TIA Portal (STEP7) Remote Code Execution
|
Critical
|
CVE-2019-10915
|
July 2, 2019
|
TRA-2019-32
|
Citrix SD-WAN Appliance Multiple Vulnerabilities
|
Critical
|
CVE-2019-12989
CVE-2019-12991
|
July 2, 2019
|
TRA-2019-31
|
Citrix SD-WAN Center Multiple Vulnerabilities
|
Critical
|
CVE-2019-12985
CVE-2019-12986
CVE-2019-12987
CVE-2019-12988
CVE-2019-12990
CVE-2019-12992
|
July 1, 2019
|
TRA-2019-30
|
Arlo Basestation Firmware Multiple Vulnerabilities
|
High
|
CVE-2019-3949
CVE-2019-3950
|
June 19, 2019
|
TRA-2019-29
|
Cisco RV110W, RV130W, and RV215W Routers Multiple Vulnerabilities
|
Medium
|
CVE-2019-1897
CVE-2019-1898
CVE-2019-1899
|
June 18, 2019
|
TRA-2019-28
|
Multiple Advantech WebAccess Vulnerabilities
|
Critical
|
CVE-2019-3953
CVE-2019-3954
|
June 11, 2019
|
TRA-2019-27
|
Fuji Electric V-Server Denial of Service and Information Disclosure
|
Medium
|
CVE-2019-3946
CVE-2019-3947
|
June 6, 2019
|
TRA-2019-26
|
Dameware Remote Mini Controller Multiple Vulnerabilities
|
High
|
CVE-2019-3955
CVE-2019-3956
CVE-2019-3957
|
June 3, 2019
|
TRA-2019-25
|
Zsh Multiple Denial of Service Vulnerabilities
|
Low
|
|
May 29, 2019
|
TRA-2019-24
|
Chromium Dev Tools Crash
|
Low
|
|
May 7, 2019
|
TRA-2019-23
|
Slack Desktop Application for Windows Download Hijack
|
Medium
|
|
May 7, 2019
|
TRA-2019-22
|
Parrot ANAFI Drone Denial of Service
|
Medium
|
CVE-2019-3944
CVE-2019-3945
|
May 1, 2019
|
TRA-2019-21
|
Cisco Small Business Switch Security Feature Bypass
|
High
|
CVE-2019-1859
|
April 30, 2019
|
TRA-2019-20
|
OEM Presentation Platform Vulnerabilities
|
Critical
|
CVE-2019-3925
CVE-2019-3926
CVE-2019-3927
CVE-2019-3928
CVE-2019-3929
CVE-2019-3930
CVE-2019-3931
CVE-2019-3932
CVE-2019-3933
CVE-2019-3934
CVE-2019-3935
CVE-2019-3936
CVE-2019-3937
CVE-2019-3938
CVE-2019-3939
CVE-2017-16709
|
April 11, 2019
|
TRA-2019-19
|
Palo Alto Expedition Migration Tool 1.1.12 and earlier - XSS
|
Low
|
CVE-2019-1574
|
April 10, 2019
|
TRA-2019-18
|
Citrix SD-WAN Center and NetScaler SD-WAN Center Unauthenticated Remote Command Injection
|
Critical
|
CVE-2019-10883
|
April 9, 2019
|
TRA-2019-17
|
Verizon Fios Quantum Gateway Multiple Vulnerabilities
|
High
|
CVE-2019-3914
CVE-2019-3915
CVE-2019-3916
|
April 8, 2019
|
TRA-2019-16
|
MikroTik RouterOS Authenticated Directory Traversal
|
High
|
CVE-2019-3943
|
April 4, 2019
|
TRA-2019-15
|
Multiple Advantech WebAccess Vulnerabilities
|
Critical
|
CVE-2019-3940
CVE-2019-3941
CVE-2019-3942
|
March 27, 2019
|
TRA-2019-14
|
FileZilla 'fzsftp' Untrusted Search Path
|
Medium
|
CVE-2019-5429
|
March 22, 2019
|
TRA-2019-13
|
Palo Alto Expedition Migration Tool 1.1.8 and earlier - Multiple XSS
|
Low
|
CVE-2019-1569
CVE-2019-1570
CVE-2019-1571
|
March 20, 2019
|
TRA-2019-12
|
HPE iMC 7.3 E0605P06 Multiple Vulnerabilities
|
Critical
|
CVE-2019-5390
CVE-2019-5391
|
March 4, 2019
|
TRA-2019-11
|
RSLinx Classic Stack Buffer Overflow
|
Critical
|
CVE-2019-6553
|
March 1, 2019
|
TRA-2019-10
|
Palo Alto Expedition Migration Tool Stored XSS
|
Low
|
CVE-2019-1567
|
February 27, 2019
|
TRA-2019-09
|
Nokia GPON ONT Multiple Vulnerabilities
|
Critical
|
CVE-2019-3917
CVE-2019-3918
CVE-2019-3919
CVE-2019-3920
CVE-2019-3921
CVE-2019-3922
|
February 20, 2019
|
TRA-2019-08
|
SonicOS Improper Certificate Access
|
Medium
|
CVE-2018-9867
|
February 12, 2019
|
TRA-2019-07
|
MikroTik RouterOS Unauthenticated Intermediary
|
Medium
|
CVE-2019-3924
|
February 4, 2019
|
TRA-2019-06
|
Rockwell Automation EWEB SNMP Denial of Service
|
Medium
|
CVE-2018-19016
|
February 4, 2019
|
TRA-2019-05
|
Crestron DGE-100 Unauthenticated Remote Denial of Service
|
High
|
|
February 4, 2019
|
TRA-2019-04
|
Indusoft Web Studio and InTouch Edge HMI Remote Code Execution
|
Critical
|
CVE-2019-6545
CVE-2019-6543
|
January 24, 2019
|
TRA-2019-03
|
LabKey Server Community Edition Multiple Vulnerabilities
|
Medium
|
CVE-2019-3911
CVE-2019-3912
CVE-2019-3913
|
January 10, 2019
|
TRA-2019-02
|
[R1] Crestron AM-100 Authentication Bypass
|
Critical
|
CVE-2019-3910
|
January 8, 2019
|
TRA-2019-01
|
[R3] Multiple Premisys Identicard Vulnerabilities
|
Critical
|
CVE-2019-3906
CVE-2019-3907
CVE-2019-3908
CVE-2019-3909
|
December 20, 2018
|
TRA-2018-48
|
[R2] Netatalk Out-of-bounds Write
|
Critical
|
CVE-2018-1160
|
December 19, 2018
|
TRA-2018-47
|
[R2] Logitech Harmony Hub Multiple Vulnerabilities
|
High
|
CVE-2018-15720
CVE-2018-15721
CVE-2018-15722
CVE-2018-15723
|
December 19, 2018
|
TRA-2018-46
|
[R1] Cisco Adaptive Security Appliance HTTP Privilege Escalation
|
High
|
CVE-2018-15465
|
December 14, 2018
|
TRA-2018-45
|
[R2] Advantech WebAccess Stack Buffer Overflow
|
Critical
|
CVE-2018-18999
|
December 12, 2018
|
TRA-2018-44
|
[R1] Open Dental Multiple Vulnerabilities
|
Critical
|
CVE-2018-15717
CVE-2018-15718
CVE-2018-15719
|
December 5, 2018
|
TRA-2018-43
|
[R2] Jenkins Forced Migration of User Records
|
Medium
|
CVE-2018-1000863
|
December 5, 2018
|
TRA-2018-42
|
[R1] Cisco Energy Management Suite Default PostgreSQL Credentials
|
Medium
|
CVE-2018-0468
|
November 29, 2018
|
TRA-2018-41
|
[R1] NUUO NVRMini2 Authenticated Command Injection
|
Critical
|
CVE-2018-15716
|
November 29, 2018
|
TRA-2018-40
|
[R2] Zoom Message Spoofing
|
Critical
|
CVE-2018-15715
|
November 26, 2018
|
TRA-2018-39
|
[R1] Multiple HPE Moonshot Provisioning Manager Vulnerabilities
|
High
|
|
November 26, 2018
|
TRA-2018-38
|
[R1] Multiple Schneider Electric Modicon Quantum Vulnerabilities
|
Critical
|
CVE-2018-7809
CVE-2018-7810
CVE-2018-7811
CVE-2018-7830
CVE-2018-7831
|
November 13, 2018
|
TRA-2018-37
|
[R2] Nagios XI Multiple Vulnerabilities
|
High
|
CVE-2018-15708
CVE-2018-15709
CVE-2018-15710
CVE-2018-15711
CVE-2018-15712
CVE-2018-15713
CVE-2018-15714
|
November 9, 2018
|
TRA-2018-36
|
[R1] Cisco Energy Management Suite Multiple Vulnerabilities
|
Critical
|
CVE-2018-15444
CVE-2018-15445
|
October 31, 2018
|
TRA-2018-35
|
[R1] Multiple Advantech WebAccess Vulnerabilities
|
Critical
|
CVE-2018-15705
CVE-2018-15706
CVE-2018-15707
|
October 30, 2018
|
TRA-2018-34
|
[R1] Multiple Vulnerabilities in AVEVA Indusoft Web Studio and InTouch Edge HMI
|
Critical
|
CVE-2018-17914
CVE-2018-17916
|
October 18, 2018
|
TRA-2018-33
|
[R1] Multiple Advantech WebAccess Vulnerabilities
|
High
|
CVE-2018-15703
CVE-2018-15704
|
October 17, 2018
|
TRA-2018-32
|
[R1] Multiple Oracle WebLogic Docker Password Disclosures
|
Medium
|
CVE-2018-3213
|
October 17, 2018
|
TRA-2018-31
|
[R1] Multiple Oracle GoldenGate Manager Vulnerabilities
|
Critical
|
CVE-2018-2912
CVE-2018-2913
CVE-2018-2914
|
October 12, 2018
|
TRA-2018-30
|
[R1] IBM WebSphere Application Server Admin Console File Disclosure
|
Medium
|
CVE-2018-1770
|
October 10, 2018
|
TRA-2018-29
|
[R1] Multiple Jenkins Vulnerabilities
|
Medium
|
|
October 9, 2018
|
TRA-2018-28
|
[R3] HPE Intelligent Management Center Multiple Vulnerabilities
|
Critical
|
CVE-2018-7116
CVE-2018-7121
CVE-2018-7122
CVE-2018-7123
CVE-2019-5392
CVE-2019-5393
|
October 1, 2018
|
TRA-2018-27
|
[R1] TP-Link TL-WRN841N Multiple Vulnerabilities
|
Critical
|
CVE-2018-15700
CVE-2018-15701
CVE-2018-15702
|
September 20, 2018
|
TRA-2018-26
|
[R1] RSLinx Classic Buffer Overflows
|
Critical
|
CVE-2018-14821
CVE-2018-14829
|
September 17, 2018
|
TRA-2018-25
|
[R2] Multiple NUUO NVRMini2 Vulnerabilities
|
Critical
|
CVE-2018-1149
CVE-2018-1150
|
September 10, 2018
|
TRA-2018-24
|
[R1] HPE Intelligent Management Center Stack Buffer Overflow
|
Critical
|
CVE-2018-7115
|
September 10, 2018
|
TRA-2018-23
|
[R1] Advantech WebAccess Remote Code Execution
|
Critical
|
CVE-2017-16720
|
August 24, 2018
|
TRA-2018-22
|
[R1] Multiple ASUSTOR Data Master Vulnerabilities
|
High
|
CVE-2018-15694
CVE-2018-15695
CVE-2018-15696
CVE-2018-15697
CVE-2018-15698
CVE-2018-15699
|
August 22, 2018
|
TRA-2018-21
|
[R1] Mikrotik RouterOS Multiple Authenticated Vulnerabilities
|
Critical
|
CVE-2018-1156
CVE-2018-1157
CVE-2018-1158
CVE-2018-1159
|
August 21, 2018
|
TRA-2018-20
|
[R2] Cisco Data Center Network Manager Authenticated Path Traversal
|
Medium
|
CVE-2018-0464
|
July 18, 2018
|
TRA-2018-19
|
[R1] AVEVA InduSoft Web Studio and InTouch Machine Edition Remote Code Execution
|
Critical
|
CVE-2018-10620
|
June 15, 2018
|
TRA-2018-18
|
[R1] Burp Suite Community Edition Improper Certificate Validation
|
Medium
|
CVE-2018-1153
|
June 14, 2018
|
TRA-2018-17
|
[R1] libturbo-jpeg Denial of Service
|
Medium
|
CVE-2018-1152
|
June 12, 2018
|
TRA-2018-16
|
[R1] GlassFish 4.x Denial of Service
|
High
|
|
June 11, 2018
|
TRA-2018-15
|
[R2] HPE Moonshot Provisioning Manager Arbitrary File Move
|
High
|
CVE-2018-7072
CVE-2018-7073
|
June 11, 2018
|
TRA-2018-14
|
[R1] Western Digital TV Media Player and Live Hub Unauthenticated RCE
|
Critical
|
CVE-2018-1151
|
June 8, 2018
|
TRA-2018-13
|
[R2] IBM Netezza Appliance Local Privilege Escalation
|
High
|
CVE-2018-1460
|
May 4, 2018
|
TRA-2018-12
|
[R1] Cylance PROTECT Missing SSL Certificate Verification
|
Medium
|
|
May 4, 2018
|
TRA-2018-11
|
[R1] Cisco Prime Data Center Network Manager Remote Code Execution
|
Critical
|
CVE-2018-0258
|
May 4, 2018
|
TRA-2018-10
|
[R1] Trend Micro Smart Protection Server Denial of Service
|
High
|
CVE-2018-6237
|
May 4, 2018
|
TRA-2018-09
|
[R1] OpenVPN Windows Service Double Free
|
High
|
CVE-2018-9336
|
April 12, 2018
|
TRA-2018-08
|
[R1] Belkin N750 F9K1103 v1 Multiple Vulnerabilities
|
Critical
|
CVE-2018-1143
CVE-2018-1144
CVE-2018-1145
CVE-2018-1146
|
April 6, 2018
|
TRA-2018-07
|
[R3] Schneider Electric InduSoft Web Studio and InTouch Machine Edition Remote Code Execution
|
Critical
|
CVE-2018-8840
|
March 28, 2018
|
TRA-2018-06
|
[R1] Cisco IOS and IOS XE Multiple Memory Corruption Vulnerabilities
|
High
|
CVE-2018-0172
CVE-2018-0173
CVE-2018-0174
|
February 26, 2018
|
TRA-2018-05
|
[R1] Micro Focus Operations Orchestrations Information Disclosure and Remote Denial of Service
|
High
|
CVE-2018-6490
|
February 26, 2018
|
TRA-2018-04
|
[R3] Check Point Gaia OS Privilege Escalation
|
Medium
|
|
February 15, 2018
|
TRA-2018-03
|
[R2] EMC VASA Virtual Appliance Default Creds and Arbitrary File Upload
|
Critical
|
CVE-2018-1216
CVE-2018-1215
|
January 29, 2018
|
TRA-2018-02
|
[R1] NetGain Enterprise Manager Multiple Remote Vulnerabilities
|
High
|
CVE-2017-17406
CVE-2017-16610
CVE-2017-16607
CVE-2017-16609
CVE-2017-16608
|
January 29, 2018
|
TRA-2018-01
|
[R1] HPE Intelligent Management Center (iMC) PLAT Java RMI RCE
|
High
|
CVE-2017-5792
|
November 21, 2017
|
TRA-2017-37
|
[R1] gSOAP HTTP DIME Parsing Denial of Service
|
Medium
|
|
November 21, 2017
|
TRA-2017-36
|
[R1] Firebird fbudf Module Authenticated Remote Code Execution
|
Critical
|
CVE-2017-11509
|
November 20, 2017
|
TRA-2017-35
|
[R2] Verizon Fios Quantum Gateway G1100 Remote Information Disclosure
|
Medium
|
|
November 20, 2017
|
TRA-2017-34
|
[R1] Siemens SIMATIC Logon Denial of Service
|
Medium
|
CVE-2017-9938
|
November 10, 2017
|
TRA-2017-33
|
[R1] Wanscam Network Camera Multiple Vulnerabiltiies
|
Medium
|
CVE-2017-11510
|
November 9, 2017
|
TRA-2017-32
|
[R1] HPE Universal Configuration Management Database Multiple Vulnerabilities
|
Critical
|
CVE-2017-14351
CVE-2017-14353
CVE-2017-14354
|
November 8, 2017
|
TRA-2017-31
|
[R1] ManageEngine ServiceDesk Multiple Vulnerabilties
|
High
|
CVE-2017-11511
CVE-2017-11512
|
November 7, 2017
|
TRA-2017-30
|
[R1] HPE System Management Homepage Remote Denial of Service
|
High
|
CVE-2017-12545
|
November 7, 2017
|
TRA-2017-29
|
[R1] Advantech WebAccess SQL Injection
|
Critical
|
CVE-2017-12710
|
November 7, 2017
|
TRA-2017-28
|
[R1] HPE Operations Orchestration Central Remoting Java Deserialization Remote Code Execution
|
High
|
CVE-2017-8994
|
November 7, 2017
|
TRA-2017-27
|
[R1] HPE Intelligent Management Center SOM Module Remote File Disclosure
|
Medium
|
CVE-2017-12555
|
November 6, 2017
|
TRA-2017-26
|
[R1] HP Data Protector Multiple Remote Vulnerabilities
|
High
|
CVE-2017-5807, CVE-2017-5808
|
November 6, 2017
|
TRA-2017-25
|
[R2] HPE Operations Orchestration Incomplete Fix for CVE-2016-8519
|
High
|
CVE-2017-8994
|
November 6, 2017
|
TRA-2017-24
|
[R1] Ecava IntegraXor SQL Injection Remote Code Execution
|
High
|
CVE-2017-6050
|
November 3, 2017
|
TRA-2017-23
|
[R1] Cisco Security Manager and Prime LMS Java Deserialization Remote Code Execution
|
Critical
|
CVE-2015-6420
|
November 2, 2017
|
TRA-2017-22
|
[R1] ReadyMedia HTTP Request Denial of Service
|
High
|
|
November 2, 2017
|
TRA-2017-21
|
[R1] Check_MK Multisite Web UI Reflected XSS
|
Medium
|
CVE-2017-9781
|
November 2, 2017
|
TRA-2017-20
|
[R2] Check_MK Multisite Web UI Stored and Reflected XSS
|
Medium
|
CVE-2017-11507
|
May 2, 2017
|
TRA-2017-19
|
[R1] Kaa IoT Platform SdkServlet / RecordServlet Java Object Deserialization Remote Code Execution
|
High
|
CVE-2017-7911
|
April 26, 2017
|
TRA-2017-18
|
[R1] HP Intelligent Management Center (iMC) Platform euplat RMI Registry Java Deserialization Remote Code Execution
|
Critical
|
CVE-2017-5792
|
April 19, 2017
|
TRA-2017-17
|
[R1] ManageEngine ServiceDesk Plus AuthError.jsp ErrorMsg Parameter Reflected XSS
|
Medium
|
|
April 18, 2017
|
TRA-2017-16
|
[R1] Oracle WebLogic Server Web Container Subcomponent Reflected PartItem File Manipulation Remote Code Execution
|
Critical
|
CVE-2017-3531
|
March 30, 2017
|
TRA-2017-15
|
[R2] NetIQ Sentinel Multiple Remote Vulnerabilities
|
High
|
CVE-2017-5184
CVE-2017-5185
|
March 25, 2017
|
TRA-2017-14
|
[R1] Cisco Unified Customer Voice Portal Java Deserialization Remote Code Execution
|
Critical
|
CVE-2015-6420
|
March 18, 2017
|
TRA-2017-13
|
[R1] HPE LoadRunner libxdrutil.dll mxdr_string() Function XDR String Handling Remote Heap Buffer Overflow
|
Critical
|
CVE-2017-5789
|
March 16, 2017
|
TRA-2017-12
|
[R1] HP Intelligent Management Center (iMC) Platform /imc/fault/accessMgrServlet Java Deserialization Remote Code Execution
|
Critical
|
CVE-2017-5790
|
March 15, 2017
|
TRA-2017-11
|
[R1] Sophos XG Firewall login.jsp utype Parameter Reflected XSS
|
Medium
|
|
March 13, 2017
|
TRA-2017-10
|
[R1] Debian MediaTomb (fork) Multiple Remote Vulnerabilities
|
Critical
|
CVE-2012-5958
CVE-2012-5959
CVE-2012-5960
CVE-2016-6255
CVE-2016-8863
|
February 1, 2017
|
TRA-2017-09
|
[R2] HP Intelligent Management Center (iMC) Platform /rptviewer/servlets/redirectviewer Multiple Remote Issues
|
High
|
CVE-2016-8525
CVE-2016-8530
|
January 26, 2017
|
TRA-2017-08
|
[R1] Portable SDK for UPnP Devices (libupnp) glibc Implementation getaddrinfo() Function Remote Stack Overflow
|
Critical
|
CVE-2015-7547
|
January 25, 2017
|
TRA-2017-07
|
[R1] Oracle WebLogic RMI Registry UnicastRef Object Java Deserialization Remote Code Execution
|
Critical
|
CVE-2017-3248
|
January 23, 2017
|
TRA-2017-06
|
[R1] ManageEngine ADAudit Plus Multiple Vulnerabilities
|
High
|
|
January 20, 2017
|
TRA-2017-05
|
[R1] HP Operations Orchestration (HP OO) /oo/backwards-compatibility/wsExecutionBridgeService Jaa Deserialization Remote Code Execution
|
Critical
|
CVE-2016-8519
|
January 19, 2017
|
TRA-2017-04
|
[R1] Advantech WebAccess Multiple Vulnerabilities
|
High
|
CVE-2017-5152
CVE-2017-5154
|
January 18, 2017
|
TRA-2017-03
|
[R2] Oracle Outside In Content Access vspdf.dll Multiple Remote DoS
|
Medium
|
CVE-2017-3294
CVE-2017-3295
|
January 11, 2017
|
TRA-2017-02
|
[R2] Sophos Web Protection Appliance ftp_redirect.php s Parameter Reflected XSS
|
Medium
|
CVE-2017-9523
|
January 9, 2017
|
TRA-2017-01
|
[R1] Liferay CE Portal /api/liferay Java Deserialization Blacklist Bypass Remote Code Execution
|
Critical
|
|
December 11, 2016
|
TRA-2016-39
|
[R1] Hewlett Packard Network Automation RPCServlet Arbitrary Code Execution
|
High
|
CVE-2016-8511
|
December 5, 2016
|
TRA-2016-38
|
[R1] Cisco Prime Collaboration Provisioning Restricted CLI Bypass Local Privilege Escalation
|
Medium
|
CVE-2016-1320
|
November 29, 2016
|
TRA-2016-37
|
[R2] Dell SonicWALL /appliance/license.jsp Serial Number Disclosure Remote Privilege Escalation
|
Medium
|
|
November 28, 2016
|
TRA-2016-36
|
[R1] ManageEngine OpManager NMS Server Multiple Vulnerabilities
|
Critical
|
|
November 25, 2016
|
TRA-2016-35
|
[R1] WISE Server Commons Collection / FileUpload Java Deserialization Remote Command Execution
|
Critical
|
|
November 16, 2016
|
TRA-2016-34
|
[R1] VMWare vRealize Operations Manager Appliance Multiple Vulnerabilities Chained Remote Code Execution
|
High
|
CVE-2016-7462
|
November 1, 2016
|
TRA-2016-33
|
[R1] Oracle WebLogic Server Commons DiskFileItem Remote File Manipulation
|
Critical
|
CVE-2016-5535
|
October 29, 2016
|
TRA-2016-32
|
[R1] HP System Management Homepage (SMH) Multiple Remote Stack Buffer Overflows
|
High
|
CVE-2016-4395
CVE-2016-4396
|
October 21, 2016
|
TRA-2016-31
|
[R1] ManageEngine ADAudit Plus Obfuscated Cookie Password Disclosure
|
Low
|
|
October 17, 2016
|
TRA-2016-30
|
[R1] Novell NetIQ Sentinel Commons DiskFileItem RMI Java Deserialization Remote File Creation / Manipulation
|
Critical
|
CVE-2016-1000031
|
October 6, 2016
|
TRA-2016-29
|
[R2] Citrix License Server / Flexera FlexNet Publisher lmadmin.exe 2F Packet Handling Remote DoS
|
Medium
|
CVE-2016-6273
|
September 26, 2016
|
TRA-2016-28
|
[R2] CloudView NMS Multiple Remote Vulnerabilities
|
High
|
|
September 22, 2016
|
TRA-2016-27
|
[R1] Hewlett Packard Network Automation RMI Registry Port Java Deserialization Remote Code Execution
|
Critical
|
CVE-2016-4385
|
September 21, 2016
|
TRA-2016-26
|
[R1] HP LoadRunner Multiple Remote DoS
|
High
|
CVE-2016-4384
CVE-2016-4361
|
September 14, 2016
|
TRA-2016-25
|
[R1] Red5 Server RMI Registry /red5 Java Deserialization Remote Code Execution
|
Critical
|
|
August 18, 2016
|
TRA-2016-24
|
[R1] PowerFolder Multiple Remote Vulnerabilities
|
Critical
|
|
August 12, 2016
|
TRA-2016-23
|
[R4] Apache Wicket DiskFileItem Java Deserialization Remote File Manipulation
|
Medium
|
CVE-2013-2186
CVE-2016-1000031
CVE-2016-6793
|
July 20, 2016
|
TRA-2016-22
|
[R2] Red Hat JBoss Operations Network /jboss-remoting-servlet-invoker/ServerInvokerServlet Jython Deserialization Remote Code Execution
|
Critical
|
CVE-2016-3737
CVE-2016-6330
|
July 19, 2016
|
TRA-2016-21
|
[R1] Oracle WebLogic Server weblogic.corba.utils.MarshallObject Java Deserialization Remote Code Execution
|
Critical
|
CVE-2016-3510
|
July 8, 2016
|
TRA-2016-20
|
[R2] Pivotal Spring Framework HttpInvokerServiceExporter readRemoteInvocation Method Untrusted Java Deserialization
|
Critical
|
CVE-2016-1000027
|
June 28, 2016
|
TRA-2016-19
|
[R1] Palo Alto Networks PAN-OS /api Multiple Parameter Handling Remote DoS
|
Medium
|
|
June 27, 2016
|
TRA-2016-18
|
[R1] IBM iAccess for Windows i Navigator Encoded Windows Admin Password Local Disclosure
|
Low
|
CVE-2016-0287
|
June 13, 2016
|
TRA-2016-17
|
[R2] HP Loadrunner / HP Performance Center Virtual Table Server (VTS) \web\admin\data.js Remote File Deletion
|
High
|
CVE-2016-4360
|
June 13, 2016
|
TRA-2016-16
|
[R2] HP LoadRunner mchan.dll Shared Memory Object Name Construction Remote Stack Buffer Overflow
|
High
|
CVE-2016-4359
|
May 17, 2016
|
TRA-2016-15
|
[R1] Ipswitch WhatsUp Gold WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection
|
Medium
|
CVE-2016-1000000
|
May 5, 2016
|
TRA-2016-14
|
[R1] HP System Management Homepage (SMH) mod_smh_config.so AddCertsToTrustCfgList() Function X.509 Certificate Subject Common Name Handling Remote DoS
|
Low
|
|
May 3, 2016
|
TRA-2016-13
|
[R1] Core FTP Server Path Traversal Arbitrary File/Directory Access
|
Medium
|
|
April 20, 2016
|
TRA-2016-12
|
[R3] Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution (LOBSTER)
|
Critical
|
CVE-2016-1000031
|
April 20, 2016
|
TRA-2016-11
|
[R1] Oracle MySQL Enterprise Monitor Multiple Library readObject() Function Java Object Deserialization Remote Code Execution
|
High
|
CVE-2016-3461
|
April 19, 2016
|
TRA-2016-10
|
[R2] ManageEngine OpManager / Service Desk Multiple Vulnerabilities
|
High
|
CVE-2016-82014
CVE-2016-82015
|
April 19, 2016
|
TRA-2016-09
|
[R1] Oracle WebLogic ClassFilter.class ServerChannelInputStream Bypass Java Deserialization Remote Code Execution
|
Critical
|
CVE-2016-0638
CVE-2015-4829
|
April 15, 2016
|
TRA-2016-08
|
[R1] Cisco Unified Computing System - Multiple Vulnerabilities
|
Medium
|
CVE-2016-1339
CVE-2016-1340
|
April 13, 2016
|
TRA-2016-07
|
[R1] Microsoft Windows 10 lsass.exe Empty SID Lookup Handling Remote DoS
|
Medium
|
CVE-2016-0135
|
April 5, 2016
|
TRA-2016-06
|
[R1] Cisco Multiple Routers Fragmented IKEv2 Packet Handling Remote Integer Overflow
|
High
|
CVE-2016-1344
|
March 29, 2016
|
TRA-2016-05
|
[R1] Barco ClickShare Multiple Script Remote Command Execution
|
High
|
CVE-2015-6532
CVE-2015-6533
|
March 28, 2016
|
TRA-2016-04
|
[R2] Cisco IOS Smart Install Client Feature Config / Boot Image File List Upload Remote Code Execution
|
High
|
CVE-2015-6264
CVE-2016-1349
|
March 24, 2016
|
TRA-2016-03
|
[R1] Microsoft Windows DNS Server dns.exe answerIQuery() Function Remote Buffer Overflow
|
Medium
|
CVE-2016-82007
|
March 14, 2016
|
TRA-2016-02
|
[R1] HP Operations Manager i flex-messaging-core.jar XML External Entity (XXE) Injection Remote Information Disclosure
|
Medium
|
CVE-2015-3269
|
February 17, 2016
|
TRA-2016-01
|
[R1] ManageEngine AssetExplorer /workorder/FileDownload.jsp fName Parameter Traversal Remote File Disclosure
|
Medium
|
CVE-2016-82002
|
December 14, 2015
|
TRA-2015-07
|
[R1] ManageEngine Desktop Central /statusUpdate fileName Parameter Traversal Multiple Extension File Upload Remote Code Execution
|
Critical
|
CVE-2015-82001
|
November 30, 2015
|
TRA-2014-04
|
[R1] NetMotion Mobility VPN nmdrv.sys TCP Connection Termination Handling Remote DoS
|
High
|
CVE-2014-82000
|
November 30, 2015
|
TRA-2015-06
|
[R1] HP Client Automation / Accelerite Endpoint Management Core Server HPCA Management Agent (nvdkit.exe) Cleartext Credentials MiTM Disclosure
|
Low
|
CVE-2015-82000
|
November 24, 2015
|
TRA-2015-05
|
[R1] FreeSWITCH parse_string() Function Multiple Vector Remote Heap Buffer Overflow
|
Critical
|
CVE-2015-8311
|
October 21, 2015
|
TRA-2015-04
|
[R1] NTP Autokey Functionality Multiple Remote DoS
|
High
|
CVE-2015-7691
CVE-2015-7692
CVE-2015-7701
|
October 15, 2015
|
TRA-2015-03
|
[R1] 3S CODESYS PLCWinNT Runtime Service NULL Pointer Dereference Remote DoS
|
High
|
CVE-2015-6482
|
September 15, 2015
|
TRA-2015-02
|
[R2] Palo Alto Networks Panorama VM Appliance PAN-OS Firmware Signature Verification Bypass Arbitrary Code Execution
|
High
|
CVE-2015-6531
|
August 24, 2015
|
TRA-2015-01
|
[R1] Microsoft Windows SMB v1 Service Principal Name Handling Remote Buffer Overflow
|
High
|
CVE-2015-2474
|
May 14, 2014
|
TRA-2014-01
|
Juniper Junos Space MySQL Server Unspecified Hardcoded Credentials
|
High
|
CVE-2014-3413
|
February 28, 2014
|
TRA-2014-02
|
Novell ZENworks Configuration Management (ZCM) PreBoot Service (novell-pbserv.exe) Remote Path Traversal File Access
|
High
|
CVE-2013-3706
|
January 30, 2014
|
TRA-2014-03
|
3S CoDeSys Runtime Toolkit Unspecified NULL Pointer Dereference Remote DoS
|
High
|
CVE-2014-0757
|
November 12, 2013
|
TRA-2013-08
|
Adobe ColdFusion CFIDE Directory Unspecified Reflected XSS
|
Medium
|
CVE-2013-5326
|
September 3, 2013
|
TRA-2013-07
|
[R1] Cisco Prime Network Control System (NCS) / Wireless Control System (WCS) login.jsp requestUrl Parameter Reflected XSS
|
Medium
|
CVE-2012-5990
|
July 24, 2013
|
TRA-2013-05
|
HP LoadRunner magentproc.exe SSL Connection Handling Buffer Overflow Remote Code Execution
|
High
|
CVE-2013-4800
|
July 24, 2013
|
TRA-2013-06
|
HP LoadRunner XDR-encoded Data Handling Remote Buffer Overflow
|
High
|
CVE-2013-4799
|
May 22, 2013
|
TRA-2013-10
|
3S CoDeSys Gateway Unspecified Use-after-free Arbitrary Code Execution
|
Critical
|
CVE-2013-2781
|
May 14, 2013
|
TRA-2013-04
|
Adobe ColdFusion Unspecified Remote Code Execution
|
Critical
|
CVE-2013-1389
|
April 19, 2013
|
TRA-2013-09
|
[R1] IBM InfoSphere Products /rdweb/getUsers.do Remote Account Information Remote Disclosure
|
Medium
|
CVE-2013-0584
|
March 27, 2013
|
TRA-2013-03
|
Cisco IOS Smart Install Client Feature Malformed Config / Boot Image File Upload Remote Code Execution
|
Critical
|
CVE-2013-1146
|
January 23, 2013
|
TRA-2013-02
|
[R1] WebYaST /host Configuration Path Handling Unauthenticated Host List Manipulation
|
Medium
|
CVE-2012-0435
|
January 9, 2013
|
TRA-2013-01
|
Dell OpenManage Server Administrator /help/sm/en/Output/wwhelp/wwhimpl/js/html/index_main.htm topic Parameter DOM-based XSS
|
Medium
|
CVE-2012-6272
|
August 29, 2012
|
TRA-2012-18
|
Novell File Reporter NFRAgent.exe VOL Element Tag Parsing Remote Overflow
|
High
|
|
August 22, 2012
|
TRA-2012-17
|
[R1] McAfee Email and Web Security / Email Gateway Multiple Vulnerabilities
|
Critical
|
CVE-2012-4595
CVE-2012-4596
CVE-2012-4597
|
July 20, 2012
|
TRA-2012-16
|
[R1] Symantec Web Gateway (SWG) Multiple Vulnerabilities #2
|
Critical
|
CVE-2012-2953
CVE-2012-2957
CVE-2012-2961
CVE-2012-2977
|
June 10, 2012
|
TRA-2012-05
|
Rocket U2 UniData unidata72 RPC Interface Call Parsing Arbitrary Command Execution
|
Critical
|
|
May 19, 2012
|
TRA-2012-04
|
[R1] Symantec LiveUpdate Administrator Installation Directory Permission Weakness Local Privilege Escalation
|
High
|
CVE-2012-0304
|
May 17, 2012
|
TRA-2012-03
|
[R1] Symantec Web Gateway (SWG) Multiple Vulnerabilities #1
|
Critical
|
CVE-2012-0297
CVE-2012-0298
CVE-2012-0299
CVE-2012-0296
|
May 9, 2012
|
TRA-2012-02
|
Apple Mac OS X SRP-Based Authentication Credential Verification Time Capsule Credential Information Disclosure
|
Medium
|
CVE-2012-0675
|
May 3, 2012
|
TRA-2012-19
|
[R1] CiscoWorks Prime LAN Management Solution (LMS) Autologin.jsp URL Parameter HTTP Header Response Splitting
|
Medium
|
CVE-2011-4237
|
January 10, 2012
|
TRA-2012-01
|
PHP Timezone Functionality php_date_parse_tzfile Cache strtotime Function Call Saturation Remote DoS
|
Medium
|
CVE-2012-0789
|
November 11, 2011
|
TRA-2011-12
|
HP StorageWorks P4000 Virtual SAN Appliance Software Management Service Authentication Bypass Remote Command Execution
|
High
|
CVE-2012-4361
CVE-2012-2986
|
November 3, 2011
|
TRA-2011-08
|
[R1] Dell KACE K2000 System Deployment Appliance Read-Only Account Default Credentials Remote Information Disclosure
|
Medium
|
CVE-2011-4048
|
November 3, 2011
|
TRA-2011-09
|
[R1] Dell KACE K2000 System Deployment Appliance Task Processor Database Write Access Remote Privilege Escalation
|
High
|
CVE-2011-4047
|
November 3, 2011
|
TRA-2011-10
|
[R1] Dell KACE K2000 System Deployment Appliance Multiple Reflected XSS
|
Medium
|
CVE-2011-4436
|
November 3, 2011
|
TRA-2011-11
|
[R2] Dell KACE K2000 System Deployment Appliance Backdoor Admin Account
|
Critical
|
CVE-2011-4046
|
October 11, 2011
|
TRA-2011-07
|
[R1] Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities
|
Medium
|
CVE-2011-1895
CVE-2011-1896
CVE-2011-1897
|
August 8, 2011
|
TRA-2011-06
|
[R2] HP OpenView Performance Insight sendEmail.jsp bgcolor Parameter Reflected XSS
|
Medium
|
CVE-2011-2410
|
July 19, 2011
|
TRA-2011-05
|
[R1] Oracle Secure Backup /apache/htdocts/php/common.php username Parameter Remote Code Execution
|
Critical
|
CVE-2011-2261
|
May 31, 2011
|
TRA-2011-04
|
[R1] IBM Tivoli Management Framework Endpoint lcfd.exe opts Field Handling Remote Buffer Overflow
|
High
|
CVE-2011-1220
|
April 26, 2011
|
TRA-2011-03
|
IBM solidDB rpc_test_svc Commands Handling NULL Dereference Remote DoS
|
High
|
CVE-2011-1208
|
April 1, 2011
|
TRA-2011-02
|
IBM solidDB Password Hash Verification Bypass Remote Code Execution
|
High
|
CVE-2011-1560
|
February 8, 2011
|
TRA-2011-01
|
[R1] Adobe ColdFusion Administrator Console login.cfm URI Handling Reflected XSS
|
Medium
|
CVE-2011-0580
|
December 15, 2010
|
TRA-2010-05
|
HP Power Manager Management Server Login Form URL Parameter Buffer Overflow
|
High
|
CVE-2010-4113
|
November 6, 2010
|
TRA-2010-04
|
[R1] FreeNAS exec_raw.php cmd Parameter Remote Command Execution
|
Critical
|
|
October 13, 2010
|
TRA-2010-03
|
[R1] HP Multiple Products switchFWInstallStatus.jsp logfile Parameter Arbitrary File Access
|
High
|
CVE-2010-3286
CVE-2010-3986
CVE-2010-4100
CVE-2010-4103
CVE-2010-4102
|
September 8, 2010
|
TRA-2010-02
|
[R1] phpMyAdmin Setup Script setup/frames/index.inc.php Verbose Server Name Stored XSS
|
Medium
|
CVE-2010-3263
|
May 5, 2010
|
TRA-2010-01
|
HP Mercury LoadRunner Agent magentproc.exe Remote Arbitrary Code Execution
|
Critical
|
CVE-2010-1549
|
December 16, 2009
|
TRA-2009-04
|
HP Storage OpenView Data Protector Backup Client Service MSG_PROTOCOL Command Remote Overflow
|
Critical
|
CVE-2007-2280
|
November 10, 2009
|
TRA-2009-03
|
Movable Type /mt/mt-check.cgi System Information Disclosure
|
Medium
|
|
April 14, 2009
|
TRA-2009-02
|
[R1] phpMyAdmin < 3.1.3.2 Multiple Vulnerabilities
|
Critical
|
CVE-2009-1285
|
March 19, 2009
|
TRA-2009-01
|
Adobe Acrobat getIcon() Function PDF Handling Overflow
|
High
|
CVE-2009-0927
|
August 14, 2008
|
TRA-2008-01
|
Symantec Veritas Storage Foundation Scheduler Service (VxSchedService.exe) NULL NTLMSSP Authentication Bypass
|
Critical
|
CVE-2008-3703
|
December 14, 2007
|
TRA-2007-12
|
HP-UX Software Distributor (SD) swagentd sw_rpc_agent_init Function Crafted DCE RPC Request Remote Overflow
|
Critical
|
CVE-2007-6195
|
December 11, 2007
|
TRA-2007-11
|
Microsoft Windows Message Queuing MSMQ Message Handling Arbitrary Code Execution
|
High
|
CVE-2007-3039
|
December 7, 2007
|
TRA-2007-10
|
Novell NetMail AntiVirus Agent (avirus.exe) Unspecified ASCII Iinteger Handling Remote Overflow
|
Medium
|
CVE-2007-6302
|
December 6, 2007
|
TRA-2007-09
|
HP OpenView Network Node Manager (OV NNM) Multiple Remote Overflow
|
Critical
|
CVE-2007-6204
|
October 10, 2007
|
TRA-2007-08
|
CA BrightStor ARCServe Backup Message Engine RPC Service Arbitrary Code Execution
|
Critical
|
CVE-2007-5328
|
September 4, 2007
|
TRA-2007-07
|
MIT Kerberos 5 RPCSEC_GSS RPC Library (librpcsecgss) lib/rpc/svc_auth_gss.c svcauth_gss_validate Function Remote Overflow
|
Critical
|
CVE-2007-3999
|
August 20, 2007
|
TRA-2007-06
|
EMC NetWorker Remote Exec Service (nsrexecd.exe) Remote Overflow
|
High
|
CVE-2007-3618
|
July 25, 2007
|
TRA-2007-05
|
BakBone NetVault Reporter Manager Scheduler Client Multiple Remote Overflow
|
Critical
|
CVE-2007-3911
|
July 20, 2007
|
TRA-2007-04
|
Panda AdminSecure Agent Crafted Packet Remote Overflow
|
High
|
CVE-2007-3026
|
May 9, 2007
|
TRA-2007-03
|
CA Multiple Products inoweb Console Server Authentication Remote Overflow
|
Critical
|
CVE-2007-2522
|
April 24, 2007
|
TRA-2007-02
|
CA BrightStor ARCserve Backup Media Server SUN RPC Service Remote Overflows
|
Critical
|
CVE-2007-2139
|
April 18, 2007
|
TRA-2007-01
|
Novell GroupWise WebAccess GWINTER.exe Basic Authentication Base64 Decoding Overflow
|
Critical
|
CVE-2007-2171
|
July 11, 2006
|
TRA-2006-01
|
Microsoft Windows Server Service SRV.SYS Crafted Request SMB Information Disclosure
|
Medium
|
CVE-2006-1315
|