invisibleCISO

Vulnerability Summary for the Week of May 31, 2010

Vulnerability Summary for the Week of May 23, 2022

Vulnerability Summary for the Week of April 30, 2007

"> High Vulnerabilities PrimaryVendor -- Product Description Discovered Published CVSS Score Source & Patch Info Adobe -- PhotoshopAdobe -- Photoshop Elements Buffer overflow in Adobe Photoshop CS2 and CS3, and Photoshop Elements 5.0, allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. unknown 2007-04-30 8.0 CVE-2007-2365MILW0RMBIDFRSIRTSECUNIAXF AFFLIB -- AFFLIB Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers t

Summary of Security Items from February 2 through February 8, 2006

/*-->*/ /*-->*/ /*-->*/ /*-->*/ The US-CERT Cyber Security Bulletin provides a summary of new and updated vulnerabilities, exploits, trends, and malicious code that have recently been openly reported. Information in the Cyber Security Bulletin is a compilation of open source and US-CERT vulnerability information. As such, the Cyber Security Bulletin includes information published by sources outside of US-CERT and should not be considered the result of US-CERT analysis or as an offici

Vulnerability Summary for the Week of January 31, 2011

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info automatedsolutions -- modbus/tcp_master_opc_server Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field. 2011-01-28 7.6 CVE-2010-4709CERT-VNVUPENMISCBIDEXPLOIT-DBSECUNIACONFIRM cisco -- ios Unspecifie

Vulnerability Summary for the Week of June 3, 2013

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info apple -- mac_os_x Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message. 2013-06-05 9.3 CVE-2013-0984 google -- chrome Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cau

Vulnerability Summary for the Week of October 11, 2021

4-20 VB Low TAble

Vulnerability Summary for the Week of December 16, 2019

Vulnerability Summary for the Week of December 30, 2013

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info emc -- replication_manager Unquoted Windows search path vulnerability in EMC Replication Manager before 5.5 allows local users to gain privileges via a crafted application in a parent directory of an intended directory. 2013-12-27 7.2 CVE-2013-6182 esri -- arcgis SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 allows remote attackers to execute arbitrary SQL commands via un

Vulnerability Summary for the Week of December 10, 2007

"> High Vulnerabilities PrimaryVendor -- Product Description Discovered Published CVSS Score Source & Patch Info Aurora -- Aurora Framework SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information. unknown 2007-12-13 7.5 CVE-2007-6345OTHER-REF

Vulnerability Summary for the Week of October 22, 2012

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info 2daybiz -- video_community_portal_script SQL injection vulnerability in index.php in Video Community Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. 2012-10-25 7.5 CVE-2011-5215 adobe -- shockwave_player Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerabilit

Vulnerability Summary for the Week of August 21, 2017

Vulnerability Summary for the Week of February 6, 2017

Vulnerability Summary for the Week of June 25, 2012

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info alexis_wilke -- protected_node The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not properly "protect node access when nodes are accessed outside of the standard node view," which allows remote attackers to bypass intended access restrictions. 2012-06-26 7.5 CVE-2012-2730 apache -- roller Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor cons

Vulnerability Summary for the Week of October 24, 2022

Vulnerability Summary for the Week of July 27, 2020

Vulnerability Summary for the Week of September 18, 2006

"> High Vulnerabilities PrimaryVendor -- Product Description Discovered Published CVSS Score Source & Patch Info AEwebworks -- aeDating Multiple PHP remote file inclusion vulnerabilities in AEDating 4.1, and possibly earlier versions, allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) inc/design.inc.php or (2) inc/admin_design.inc.php. unknown 2006-09-19 7.0 CVE-2006-4870OTHER-REFBIDFRSIRTSECUNIAXF All Enthusiast Inc -- ReviewPost PHP Pro P

Vulnerability Summary for the Week of August 11, 2014

Vulnerability Summary for the Week of March 1, 2021