Vulnerability Summary for the Week of August 21, 2017

Vulnerability Summary for the Week of September 18, 2006

"> High Vulnerabilities PrimaryVendor -- Product Description Discovered Published CVSS Score Source & Patch Info AEwebworks -- aeDating Multiple PHP remote file inclusion vulnerabilities in AEDating 4.1, and possibly earlier versions, allow remote attackers to execute arbitrary PHP code via a URL in the dir[inc] parameter in (1) inc/design.inc.php or (2) inc/admin_design.inc.php. unknown 2006-09-19 7.0 CVE-2006-4870OTHER-REFBIDFRSIRTSECUNIAXF All Enthusiast Inc -- ReviewPost PHP Pro P

Vulnerability Summary for the Week of October 17, 2011

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info apple -- iphone_os The Settings component in Apple iOS before 5, when a configuration profile is used for a locale other than English, does not properly implement localization, which makes it easier for attackers to have an unspecified impact by leveraging incorrect configuration display. 2011-10-14 9.3 CVE-2011-3430 atcom -- netvolution SQL injection vulnerability in default.asp in ATCOM N

Vulnerability Summary for the Week of December 10, 2007

"> High Vulnerabilities PrimaryVendor -- Product Description Discovered Published CVSS Score Source & Patch Info Aurora -- Aurora Framework SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from third party information. unknown 2007-12-13 7.5 CVE-2007-6345OTHER-REF

Summary of Security Items from February 2 through February 8, 2006

/*-->*/ /*-->*/ /*-->*/ /*-->*/ The US-CERT Cyber Security Bulletin provides a summary of new and updated vulnerabilities, exploits, trends, and malicious code that have recently been openly reported. Information in the Cyber Security Bulletin is a compilation of open source and US-CERT vulnerability information. As such, the Cyber Security Bulletin includes information published by sources outside of US-CERT and should not be considered the result of US-CERT analysis or as an offici

Vulnerability Summary for the Week of January 31, 2011

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info automatedsolutions -- modbus/tcp_master_opc_server Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a MODBUS response packet with a crafted length field. 2011-01-28 7.6 CVE-2010-4709CERT-VNVUPENMISCBIDEXPLOIT-DBSECUNIACONFIRM cisco -- ios Unspecifie

Vulnerability Summary for the Week of April 30, 2007

"> High Vulnerabilities PrimaryVendor -- Product Description Discovered Published CVSS Score Source & Patch Info Adobe -- PhotoshopAdobe -- Photoshop Elements Buffer overflow in Adobe Photoshop CS2 and CS3, and Photoshop Elements 5.0, allows user-assisted remote attackers to execute arbitrary code via a crafted .PNG file. unknown 2007-04-30 8.0 CVE-2007-2365MILW0RMBIDFRSIRTSECUNIAXF AFFLIB -- AFFLIB Multiple stack-based buffer overflows in AFFLIB before 2.2.6 allow remote attackers t

Vulnerability Summary for the Week of December 30, 2013

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info emc -- replication_manager Unquoted Windows search path vulnerability in EMC Replication Manager before 5.5 allows local users to gain privileges via a crafted application in a parent directory of an intended directory. 2013-12-27 7.2 CVE-2013-6182 esri -- arcgis SQL injection vulnerability in ESRI ArcGIS for Server through 10.2 allows remote attackers to execute arbitrary SQL commands via un

Vulnerability Summary for the Week of July 21, 2008

"> High Vulnerabilities PrimaryVendor -- Product Description Discovered Published CVSS Score Source & Patch Info alphadmin -- alphadmin_cms AlphAdmin CMS 1.0.5/03 allows remote attackers to bypass authentication and gain administrative access by setting the aa_login cookie value to 1. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. unknown 2008-07-25 7.5 CVE-2008-3300BID AlstraSoft -- Affiliate Network Pro SQL injecti

Vulnerability Summary for the Week of May 23, 2022

4-20 VB Low TAble

Vulnerability Summary for the Week of October 22, 2012

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info 2daybiz -- video_community_portal_script SQL injection vulnerability in index.php in Video Community Portal allows remote attackers to execute arbitrary SQL commands via the id parameter. 2012-10-25 7.5 CVE-2011-5215 adobe -- shockwave_player Buffer overflow in Adobe Shockwave Player before 11.6.8.638 allows attackers to execute arbitrary code via unspecified vectors, a different vulnerabilit

Vulnerability Summary for the Week of June 25, 2012

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info alexis_wilke -- protected_node The Protected Node module 6.x-1.x before 6.x-1.6 for Drupal does not properly "protect node access when nodes are accessed outside of the standard node view," which allows remote attackers to bypass intended access restrictions. 2012-06-26 7.5 CVE-2012-2730 apache -- roller Multiple cross-site request forgery (CSRF) vulnerabilities in the admin/editor cons

Vulnerability Summary for the Week of June 3, 2013

High Vulnerabilities PrimaryVendor -- Product Description Published CVSS Score Source & Patch Info apple -- mac_os_x Directory Service in Apple Mac OS X through 10.6.8 allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted message. 2013-06-05 9.3 CVE-2013-0984 google -- chrome Google Chrome before 27.0.1453.110 on Windows provides an incorrect handle to a renderer process in unspecified circumstances, which allows remote attackers to cau

Summary of Security Items from June 15 through June 21, 2005

Vulnerability Summary for the Week of May 31, 2010

Summary of Security Items from November 3 through November 9, 2004

Vulnerability Summary for the Week of October 11, 2021

Vulnerability Summary for the Week of July 27, 2020

Vulnerability Summary for the Week of June 17, 2019