May 19, 2023 |
TRA-2023-20 |
Stored Cross-Site Scripting in Craft CMS |
Low |
CVE-2023-2817 |
May 19, 2023 |
TRA-2023-19 |
Multiple Vulnerabilities in Telstra Device |
High |
|
May 8, 2023 |
TRA-2023-18 |
Strikingly CMS Prototype Pollution |
Medium |
CVE-2023-2582 |
May 1, 2023 |
TRA-2023-17 |
Trend Micro Mobile Security for Enterprise Multiple Vulnerabilities |
Critical |
CVE-2023-32521 CVE-2023-32522 |
April 25, 2023 |
TRA-2023-16 |
Zoho ManageEngine Disclosure of Hardcoded Credentials |
High |
CVE-2023-2291 |
April 21, 2023 |
TRA-2023-15 |
Schneider Electric APC Easy UPS Online Monitoring Software Unauthenticated RMI Calls |
Critical |
CVE-2023-29411 |
March 31, 2023 |
TRA-2023-14 |
Contec CONPROSYS HMI System (CHS) Unauthenticated SQLi |
High |
CVE-2023-1658 |
March 21, 2023 |
TRA-2023-13 |
Rockwell Automation ThinManager ThinServer Multiple Vulnerabilities |
Critical |
CVE-2023-27855 CVE-2023-27856 CVE-2023-27857 |
March 14, 2023 |
TRA-2023-12 |
Netgear RAX30 Multiple Vulnerabilities |
High |
CVE-2023-28337 CVE-2023-28338 |
March 14, 2023 |
TRA-2023-11 |
Unauthenticated Command Injection in TP-Link Archer AX21 (AX1800) |
High |
CVE-2023-1389 |
March 10, 2023 |
TRA-2023-10 |
Authentication Bypass in Netgear RAX30 (AX2400) < 1.0.6.74 |
High |
CVE-2023-1327 |
March 8, 2023 |
TRA-2023-9 |
Netgear RAX30 Multiple Vulnerabilities |
High |
CVE-2023-27850 CVE-2023-27851 CVE-2023-27852 CVE-2023-27853 CVE-2023-1205 |
February 27, 2023 |
TRA-2023-8 |
Multiple Vulnerabilities in OpenCATS 0.9.6 |
High |
CVE-2023-27292 CVE-2023-27293 CVE-2023-27294 CVE-2023-27295 |
February 22, 2023 |
TRA-2023-7 |
Insecure Deserialization in Multiple WordPress Plugins |
High |
CVE-2023-26326 CVE-2023-28667 |
February 1, 2023 |
TRA-2023-6 |
Cross-Site Scripting in Multiple Microsoft Domains and Microsoft Teams |
Medium |
|
January 30, 2023 |
TRA-2023-5 |
Trend Micro Apex One fcgiOfcDDA.exe File Upload Vulnerability |
High |
CVE-2023-0587 |
January 23, 2023 |
TRA-2023-4 |
Delta Electronics InfraSuite Device Master Privilege Escalation |
High |
CVE-2023-0444 |
January 12, 2023 |
TRA-2023-3 |
Cross-Site Scripting vulnerabilities in Multiple WordPress Plugins |
Medium |
CVE-2023-23491 CVE-2023-23492 CVE-2023-0448 CVE-2023-28664 CVE-2023-28665 CVE-2023-28666 |
January 12, 2023 |
TRA-2023-2 |
SQL Injection in Multiple WordPress Plugins |
Critical |
CVE-2023-23488 CVE-2023-23489 CVE-2023-23490 CVE-2023-26325 CVE-2023-28659 CVE-2023-28660 CVE-2023-28661 CVE-2023-28662 CVE-2023-28663 |
January 9, 2023 |
TRA-2023-1 |
Command Injection in D-Link DWL-2600AP with firmware v4.2.0.17 |
Medium |
CVE-2023-0127 |
December 16, 2022 |
TRA-2022-37 |
NETGEAR Nighthawk WiFi6 Router Multiple Vulnerabilities |
Critical |
CVE-2022-47208 CVE-2022-47209 CVE-2022-47210 |
December 2, 2022 |
TRA-2022-36 |
NETGEAR Nighthawk WiFi6 Router Network Misconfiguration |
Medium |
CVE-2022-4390 |
November 21, 2022 |
TRA-2022-35 |
Denial of Service Vulnerability in Dropbox's JPEG Compression Tool, Lepton |
Low |
CVE-2022-4104 |
October 25, 2022 |
TRA-2022-33 |
Delta Electronics DIAEnergie Multiple Vulnerabilities |
Critical |
CVE-2022-43774 CVE-2022-43775 |
October 25, 2022 |
TRA-2022-34 |
SSRF in Metabase GeoJSON URL |
Medium |
CVE-2022-43776 |
September 26, 2022 |
TRA-2022-32 |
Advantech iView ConfigurationServlet setConfiguration SQL Injection |
Critical |
CVE-2022-3323 |
September 12, 2022 |
TRA-2022-31 |
VISAM VBASE v11.7.0.2 Credential Disclosure |
High |
CVE-2022-3217 |
September 1, 2022 |
TRA-2022-30 |
RStudio Connect Open Redirect |
Medium |
CVE-2022-38131 |
August 15, 2022 |
TRA-2022-29 |
Multiple Vulnerabilities in Eyes of Network Web version 5.3 |
High |
CVE-2022-38357 CVE-2022-38358 CVE-2022-38359 |
August 10, 2022 |
TRA-2022-28 |
Keysight Technologies Sensor Management Server Multiple RCE Vulnerabilities |
Critical |
CVE-2022-38129 CVE-2022-38130 |
July 15, 2022 |
TRA-2022-27 |
Microsoft Azure Arc Jumpstart Information Disclosure |
Medium |
CVE-2022-35798 |
July 12, 2022 |
TRA-2022-26 |
Microsoft Azure Site Recovery Privilege Escalation |
High |
CVE-2022-33675 |
July 6, 2022 |
TRA-2022-25 |
ManageEngine Multiple Products Remote Directory/File Creation |
Medium |
CVE-2022-35404 |
June 28, 2022 |
TRA-2022-24 |
Apple Safari Security Feature Bypass (Trusted Downloads) |
Low |
|
June 15, 2022 |
TRA-2022-23 |
Schneider Electric IGSS Data Server v15.0.0.22139 Project Report Directory File Manipulation |
High |
CVE-2022-32528 |
June 15, 2022 |
TRA-2022-22 |
Schneider Electric IGSS Data Server Multiple Vulnerabilities |
Critical |
CVE-2022-32522 CVE-2022-32523 CVE-2022-32524 CVE-2022-32525 CVE-2022-32526 CVE-2022-32527 CVE-2022-32529 |
June 8, 2022 |
TRA-2022-21 |
XSS in Rustici Software SCORM Engine |
Medium |
CVE-2022-2035 |
June 6, 2022 |
TRA-2022-19 |
Microsoft Azure Synapse Analytics Hosts File Poisoning |
Low |
|
June 6, 2022 |
TRA-2022-20 |
Microsoft Azure Synapse Analytics Privilege Escalation |
Critical |
|
June 1, 2022 |
TRA-2022-18 |
Windows Azure Guest Agent Privilege Escalation |
Low |
|
May 16, 2022 |
TRA-2022-17 |
Metasonic Doc WebClient SQL Injection |
Medium |
CVE-2022-1731 |
May 5, 2022 |
TRA-2022-16 |
Cross-site Scripting in webapp.kaiza.la and kaizala mobile app |
Medium |
|
May 5, 2022 |
TRA-2022-15 |
Reflected Cross-Site Scripting in businesscenter.kaiza.la |
Medium |
|
April 27, 2022 |
TRA-2022-14 |
ManageEngine Access Manager Plus REST API Restriction Bypass |
High |
CVE-2022-29081 |
April 19, 2022 |
TRA-2022-13 |
Schneider Electric IGSS Data Server v15.0.0.22073 Integer Overflow |
Critical |
CVE-2022-2329 |
April 14, 2022 |
TRA-2022-12 |
Information Disclosure in Gryphon Shepherd API |
Low |
|
April 12, 2022 |
TRA-2022-11 |
PositiveGrid Spark API Multiple Vulnerabilities |
Low |
|
April 6, 2022 |
TRA-2022-09 |
Command Injection Vulnerability in /bin/protest Binary on Multiple D-Link Routers |
Medium |
CVE-2022-1262 |
April 6, 2022 |
TRA-2022-10 |
Cross-Site Scripting in Odoo Apps via Prototype Pollution |
Medium |
|
March 23, 2022 |
TRA-2022-08 |
XSS via angular template injection in manage.kaiza.la |
Medium |
|
March 11, 2022 |
TRA-2022-07 |
Vulnerability in DVDFab Player Permits Attacker to Read Arbitrary Files in Windows Filesystem |
High |
CVE-2022-25216 |
February 28, 2022 |
TRA-2022-06 |
Zyxel Routers and Home WiFi Systems - Unprotected Root Access via UART Using Default Password |
High |
CVE-2021-35033 |
February 22, 2022 |
TRA-2022-05 |
Multiple Vulnerabilities in Trend Micro ServerProtect |
Critical |
CVE-2022-25329 CVE-2022-25330 CVE-2022-25331 |
February 14, 2022 |
TRA-2022-04 |
Microsoft Teams Session Token in URL (Zip Preview) |
Low |
|
February 7, 2022 |
TRA-2022-03 |
Schneider Electric IGSS Data Collector Multiple Vulnerabilities |
High |
CVE-2021-22823 CVE-2021-22824 |
February 7, 2022 |
TRA-2022-02 |
Schneider Electric IGSS Data Server Multiple Vulnerabilities |
Critical |
CVE-2022-24310 CVE-2022-24314 |
February 1, 2022 |
TRA-2022-01 |
Unpatchable Vulnerabilities in Phicomm Router Firmware |
High |
CVE-2022-25214 CVE-2022-25215 CVE-2022-25217 CVE-2022-25218 CVE-2022-25219 CVE-2022-25213 |
December 30, 2021 |
TRA-2021-58 |
Bitmask Riseup Local Privilege Escalation |
High |
CVE-2021-44466 |
December 30, 2021 |
TRA-2021-57 |
Netgear Nighthawk R6700 Multiple Vulnerabilities |
High |
CVE-2021-20173 CVE-2021-20174 CVE-2021-20175 CVE-2021-23147 CVE-2021-45732 CVE-2021-45077 |
December 30, 2021 |
TRA-2021-56 |
Netgear Genie MacOS Installer Privilege Escalation |
Medium |
CVE-2021-20172 |
December 30, 2021 |
TRA-2021-55 |
Netgear Nighthawk RAX43 Multiple Vulnerabilities |
Critical |
CVE-2021-20166 CVE-2021-20167 CVE-2021-20168 CVE-2021-20169 CVE-2021-20170 CVE-2021-20171 |
December 30, 2021 |
TRA-2021-54 |
Trendnet AC2600 TEW-827DRU Multiple Vulnerabilities |
Critical |
CVE-2021-20149 CVE-2021-20150 CVE-2021-20151 CVE-2021-20152 CVE-2021-20153 CVE-2021-20154 CVE-2021-20155 CVE-2021-20156 CVE-2021-20157 CVE-2021-20158 CVE-2021-20159 CVE-2021-20160 CVE-2021-20161 CVE-2021-20162 CVE-2021-20163 CVE-2021-20164 CVE-2021-20165 |
December 30, 2021 |
TRA-2021-53 |
AutoDesk Meshmixer macOS Installer Local Privilege Escalation |
Medium |
|
December 23, 2021 |
TRA-2021-52 |
ManageEngine SelfService Plus Multiple Vulnerabilities |
Medium |
CVE-2021-20147 CVE-2021-20148 |
December 7, 2021 |
TRA-2021-51 |
Multiple Vulnerabilities in Gryphon Tower Router |
Critical |
CVE-2021-20137 CVE-2021-20138 CVE-2021-20139 CVE-2021-20140 CVE-2021-20141 CVE-2021-20142 CVE-2021-20143 CVE-2021-20144 CVE-2021-20145 CVE-2021-20146 |
November 16, 2021 |
TRA-2021-50 |
Schneider Electric C-Gate Multiple Vulnerabilities |
High |
CVE-2021-22796 CVE-2021-22720 CVE-2021-22784 |
November 8, 2021 |
TRA-2021-49 |
Arris SurfBoard SB8200 Insecure Password Change Utility |
Medium |
CVE-2021-20119 |
October 29, 2021 |
TRA-2021-48 |
ManageEngine Log360 Database Configuration Overwrite Unauthenticated RCE |
Critical |
CVE-2021-20136 |
October 26, 2021 |
TRA-2021-47 |
CODESYS V2 Web Server Multiple Vulnerabilities |
Critical |
CVE-2021-34583 CVE-2021-34584 CVE-2021-34585 CVE-2021-34586 |
October 26, 2021 |
TRA-2021-46 |
Wishpond Connect.js Javascript Library Prototype Pollution |
Medium |
|
October 20, 2021 |
TRA-2021-45 |
Arris SurfBoard SB8200 Cross Site Request Forgery |
High |
CVE-2021-20120 |
October 19, 2021 |
TRA-2021-44 |
Critical Vulnerabilities on the D-Link DIR-2640 Router |
High |
CVE-2021-20132 CVE-2021-20133 CVE-2021-20134 |
October 13, 2021 |
TRA-2021-43 |
ManageEngine ADManager Plus Build 7111 Multiple Vulnerabilities |
High |
CVE-2021-20130 CVE-2021-20131 |
October 12, 2021 |
TRA-2021-42 |
Multiple Vulnerabilities in Draytek VigorConnect 1.60.0-B3 |
Critical |
CVE-2021-20123 CVE-2021-20124 CVE-2021-20125 CVE-2021-20126 CVE-2021-20127 CVE-2021-20128 CVE-2021-20129 |
October 11, 2021 |
TRA-2021-41 |
Multiple Vulnerabilities in Telus Wi-Fi Hub |
Medium |
CVE-2021-20121 CVE-2021-20122 |
October 8, 2021 |
TRA-2021-40 |
Johnson Controls exacqVision Multiple Vulnerabilities |
Critical |
CVE-2021-27664 CVE-2021-27665 |
September 14, 2021 |
TRA-2021-39 |
Multiple Vulnerabilities in Tracki / Trackimo GPS Platform and application |
Medium |
|
September 14, 2021 |
TRA-2021-38 |
Multiple Vulnerabilities in Optimus GPS Platform |
Medium |
|
September 14, 2021 |
TRA-2021-37 |
Multiple Vulnerabilities in Spytec GPS platform |
Medium |
|
September 14, 2021 |
TRA-2021-36 |
Multiple Vulnerabilities in LandAirSea SilverCloud GPS Platform |
Medium |
|
August 19, 2021 |
TRA-2021-35 |
User Enumeration in GSuite Okta Integration |
Low |
|
August 9, 2021 |
TRA-2021-34 |
Cisco Webex Universal Links Redirect |
Medium |
|
August 9, 2021 |
TRA-2021-33 |
HPE Edgeline Infrastructure Manager Unauthenticated Information Disclosure |
Medium |
CVE-2021-26586 |
July 21, 2021 |
TRA-2021-32 |
Multiple Vulnerabilities in TCExam |
Critical |
CVE-2021-20111 CVE-2021-20112 CVE-2021-20113 CVE-2021-20114 CVE-2021-20115 CVE-2021-20116 |
July 16, 2021 |
TRA-2021-31 |
Manage Engine Asset Explorer Agent - Integer Overflow |
High |
CVE-2021-20110 |
July 16, 2021 |
TRA-2021-30 |
Manage Engine Heap Overflow POST payload |
High |
CVE-2021-20109 |
July 16, 2021 |
TRA-2021-29 |
Manage Engine Asset Explorer Agent - Remote DoS |
High |
CVE-2021-20108 |
July 12, 2021 |
TRA-2021-28 |
Schneider Electric Modicon M340 / M580 Authentication Bypass Vulnerability |
High |
CVE-2021-22779 |
July 12, 2021 |
TRA-2021-27 |
AWS EC2 macOS Local Privilege Escalation |
Medium |
|
June 30, 2021 |
TRA-2021-26 |
Sloan Smart Faucet Unauthenticated BLE |
Medium |
CVE-2021-20107 |
June 28, 2021 |
TRA-2021-25 |
Machform Multiple Vulnerabilities |
High |
CVE-2021-20101 CVE-2021-20102 CVE-2021-20103 CVE-2021-20104 CVE-2021-20105 |
June 15, 2021 |
tra-2021-24 |
Multiple Vulnerabilities in Wibu-Systems CodeMeter |
Critical |
CVE-2021-20093 CVE-2021-20094 |
June 13, 2021 |
TRA-2021-23 |
Multiple vulnerabilities in Microsoft Power Apps (apps.powerapps.com, make.powerapps.com) |
Medium |
|
June 9, 2021 |
TRA-2021-22 |
ManageEngine ServiceDesk Plus Authenticated RCE |
High |
CVE-2021-20081 |
June 2, 2021 |
TRA-2021-21 |
macOS Gatekeeper Bypass / Local Privilege Escalation |
Medium |
|
June 2, 2021 |
TRA-2021-20 |
macOS Installer Local Privilege Escalation |
Medium |
|
June 2, 2021 |
TRA-2021-19 |
Microsoft Teams macOS Installer Local Privilege Escalation |
Medium |
|
May 21, 2021 |
TRA-2021-18 |
OpenOversight Multiple Vulnerabilities |
Medium |
CVE-2021-20096 |
May 19, 2021 |
TRA-2021-17 |
SecureDrop OSSEC Cross-Site Request Forgery |
Low |
|
May 11, 2021 |
TRA-2021-16 |
LINE Private IP Address and Platform information Disclosure via GIFMagazine |
Medium |
|
April 30, 2021 |
TRA-2021-15 |
HPE Edgeline Infrastructure Manager v1.21 Authentication Bypass |
Critical |
CVE-2021-29203 |
April 28, 2021 |
TRA-2021-14 |
Python-Babel/Babel Locale Directory Traversal / Arbitrary Code Execution |
Medium |
|
April 23, 2021 |
TRA-2021-13 |
Multiple Vulnerabilities in Buffalo and Arcadyan manufactured routers |
High |
CVE-2021-20090 CVE-2021-20091 CVE-2021-20092 |
April 21, 2021 |
TRA-2021-12 |
Stored XSS in make.powerapps.com |
Medium |
|
April 8, 2021 |
TRA-2021-11 |
ManageEngine ServiceDesk Plus and AssetExplorer - Unauthenticated Stored XSS |
Medium |
CVE-2021-20080 |
March 31, 2021 |
TRA-2021-10 |
ManageEngine OpManager Remote Directory Deletion |
Critical |
CVE-2021-20078 |
March 12, 2021 |
TRA-2021-09 |
Microsoft Teams services forwarding to untrusted domain |
Medium |
|
March 8, 2021 |
TRA-2021-08 |
LINE Debugging Interface Information Disclosure |
Medium |
|
March 1, 2021 |
TRA-2021-07 |
Dell EMC OpenManage Server Administrator Authentication Bypass |
Critical |
CVE-2021-21513 |
February 22, 2021 |
TRA-2021-06 |
Secomea GateManager Multiple Vulnerabilities |
High |
CVE-2020-29028 CVE-2020-29030 CVE-2020-29032 |
February 16, 2021 |
TRA-2021-05 |
JSDom Improper Loading of Local Resources |
Medium |
CVE-2021-20066 |
February 16, 2021 |
TRA-2021-04 |
Racom MIDGE Firmware Multiple Vulnerabilities |
High |
CVE-2021-20067 CVE-2021-20068 CVE-2021-20069 CVE-2021-20070 CVE-2021-20071 CVE-2021-20072 CVE-2021-20073 CVE-2021-20074 CVE-2021-20075 |
February 15, 2021 |
TRA-2021-03 |
IBM Spectrum Protect Operations Center 8.1.10 Multiple Vulnerabilities |
High |
CVE-2020-4954 CVE-2020-4955 CVE-2020-4956 |
February 4, 2021 |
TRA-2021-02 |
ManageEngine Applications Manager Authenticated SQLi |
High |
CVE-2020-35765 |
January 7, 2021 |
TRA-2021-01 |
Marvell QConvergeConsole GUI Multiple Vulnerabilities |
High |
CVE-2020-5804 CVE-2020-5805 |
December 28, 2020 |
TRA-2020-71 |
Rockwell Automation FactoryTalk Multiple Vulnerabilities |
High |
CVE-2020-5801 CVE-2020-5802 CVE-2020-5806 CVE-2020-5807 |
December 18, 2020 |
TRA-2020-70 |
Secomea GateManager Multiple Vulnerabilities |
Medium |
CVE-2020-29021 CVE-2020-29022 |
December 15, 2020 |
TRA-2020-69 |
Carbon Black Installer Multiple Vulnerabilities |
Medium |
CVE-2020-4008 |
December 6, 2020 |
TRA-2020-68 |
PsExec Local Privilege Escalation |
Medium |
|
December 4, 2020 |
TRA-2020-67 |
Druva inSync Installer Privilege Escalation |
High |
CVE-2020-5798 |
December 4, 2020 |
TRA-2020-66 |
IBM Spectrum Protect Plus Static Credential Vulnerability |
Critical |
CVE-2020-4854 |
December 3, 2020 |
TRA-2020-65 |
Eat Spray Love Mobile App Multiple Vulnerabilities |
High |
CVE-2020-5799 CVE-2020-5800 |
November 23, 2020 |
TRA-2020-64 |
Cross-site Scripting via WHOIS and DNS records on multiple lookup platforms |
High |
|
November 16, 2020 |
TRA-2020-63 |
Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities |
High |
CVE-2020-28578 CVE-2020-28579 CVE-2020-28580 CVE-2020-28581 |
November 16, 2020 |
TRA-2020-62 |
Trend Micro Worry-Free Business Security Unauthenticated Remote File Deletion |
High |
CVE-2020-28574 |
November 13, 2020 |
TRA-2020-61 |
Nagios XI Local Privilege Escalation |
High |
CVE-2020-5796 |
November 5, 2020 |
TRA-2020-60 |
TP-Link Archer Routers USB Symlink Following Vulnerabilities |
Medium |
CVE-2020-5795 CVE-2020-5797 |
October 21, 2020 |
TRA-2020-59 |
Umbraco Cloud CMS Multiple Vulnerabilities |
Medium |
CVE-2020-5809 CVE-2020-5810 CVE-2020-5811 |
October 20, 2020 |
TRA-2020-58 |
Nagios XI Multiple Vulnerabilities |
Medium |
CVE-2020-5790 CVE-2020-5791 CVE-2020-5792 |
October 1, 2020 |
TRA-2020-57 |
Teltonika Gateway TRB245 Multiple Vulnerabilities |
Medium |
CVE-2020-5784 CVE-2020-5785 CVE-2020-5786 CVE-2020-5787 CVE-2020-5788 CVE-2020-5789 |
September 25, 2020 |
TRA-2020-56 |
Marvell QConvergeConsole GUI Multiple Vulnerabilities |
High |
CVE-2020-15643 CVE-2020-15644 CVE-2020-15645 CVE-2020-5803 |
September 22, 2020 |
TRA-2020-55 |
IgniteNet HeliOS GLinq v2.2.1 r2961 Multiple Vulnerabilities |
Medium |
CVE-2020-5781 CVE-2020-5782 CVE-2020-5783 |
September 14, 2020 |
TRA-2020-54 |
IBM Spectrum Protect Plus 10.1.6-1974 Multiple Vulnerabilities |
High |
CVE-2020-4711 CVE-2020-4703 |
September 9, 2020 |
TRA-2020-53 |
Unauthenticated email forgery/spoofing in WordPress Email Subscribers plugin |
High |
CVE-2020-5780 |
September 2, 2020 |
TRA-2020-52 |
Trading Technologies Messaging Multiple Unauthenticated Remote DoS |
High |
CVE-2020-5778 CVE-2020-5779 |
September 1, 2020 |
TRA-2020-51 |
MAGMI Multiple Vulnerabilities |
Medium |
CVE-2020-5777 CVE-2020-5776 |
August 28, 2020 |
TRA-2020-50 |
IBM Spectrum Protect CertQryResp Unauthenticated Remote DoS |
High |
CVE-2020-4559 |
August 11, 2020 |
TRA-2020-49 |
Canvas LMS Unauthenticated Blind SSRF |
Medium |
CVE-2020-5775 |
August 3, 2020 |
TRA-2020-48 |
Teltonika Gateway TRB245 Multiple Vulnerabilities |
High |
CVE-2020-5770 CVE-2020-5771 CVE-2020-5772 CVE-2020-5773 |
July 29, 2020 |
TRA-2020-47 |
Grandstream ATA HT800 Series Multiple Vulnerabilities |
Critical |
CVE-2020-5760 CVE-2020-5761 CVE-2020-5762 CVE-2020-5763 |
July 22, 2020 |
TRA-2020-46 |
CODESYS V3 Unauthenticated Webserver Memory Leak DoS |
High |
CVE-2020-15806 |
July 17, 2020 |
TRA-2020-45 |
Ubiquiti UniFi Protect Username Discovery |
Medium |
CVE-2020-8213 |
July 16, 2020 |
TRA-2020-44 |
Multiple Vulnerabilities in Icegram Email Subscribers & Newsletters Plugin for WordPress |
Medium |
CVE-2020-5767 CVE-2020-5768 |
July 16, 2020 |
TRA-2020-43 |
Teltonika Gateway TRB245 Stored Cross-site Scripting |
Low |
CVE-2020-5769 |
July 10, 2020 |
TRA-2020-42 |
SQL Injection in SRS Simple Hits Counter Plugin for WordPress |
Medium |
CVE-2020-5766 |
July 7, 2020 |
TRA-2020-41 |
MX Player Android App Directory Traversal |
High |
CVE-2020-5764 |
June 23, 2020 |
TRA-2020-40 |
Grandstream UCM6200 Series Multiple Authenticated RCE |
Critical |
CVE-2020-5757 CVE-2020-5758 CVE-2020-5759 |
June 23, 2020 |
TRA-2020-39 |
Grandstream GWN7000 Authenticated Command Execution |
Critical |
CVE-2020-5756 |
June 19, 2020 |
TRA-2020-38 |
VMware Tools Denial of Service |
Medium |
CVE-2020-3972 |
June 15, 2020 |
TRA-2020-37 |
IBM Spectrum Protect Plus Multiple Vulnerabilities |
Critical |
CVE-2020-4469 CVE-2020-4470 CVE-2020-4471 |
June 15, 2020 |
TRA-2020-36 |
Webroot Multiple Vulnerabilities |
High |
CVE-2020-5754 CVE-2020-5755 |
June 15, 2020 |
TRA-2020-35 |
Plex Media Server Weak CORS Policy |
Medium |
CVE-2020-5742 |
May 21, 2020 |
TRA-2020-34 |
Druva inSync Windows Client Local Privilege Escalation (CVE-2019-3999 Patch Bypass) |
High |
CVE-2020-5752 |
May 19, 2020 |
TRA-2020-33 |
Signal App Information Disclosure |
Low |
CVE-2020-5753 |
May 7, 2020 |
TRA-2020-32 |
Plex Media Server Authenticated Python Deserialization / RCE (Windows) |
Medium |
CVE-2020-5741 |
May 7, 2020 |
TRA-2020-31 |
TCExam Multiple Vulnerabilities |
Medium |
CVE-2020-5743 CVE-2020-5744 CVE-2020-5745 CVE-2020-5746 CVE-2020-5747 CVE-2020-5748 CVE-2020-5749 CVE-2020-5750 CVE-2020-5751 |
May 4, 2020 |
TRA-2020-30 |
Instacart SMS Link Spoofing Vulnerability |
Medium |
|
May 1, 2020 |
TRA-2020-29 |
SimpliSafe SS3 PIN Add Using Rogue Keypad |
Low |
CVE-2020-5727 |
April 27, 2020 |
TRA-2020-28 |
Flexera FlexNet Publisher lmadmin Message 282 Remote DoS |
Medium |
CVE-2020-12080 |
April 22, 2020 |
TRA-2020-27 |
Ubiquiti UniFi Cloud Key - Unprotected root UART Access |
High |
CVE-2020-8157 |
April 22, 2020 |
TRA-2020-26 |
IBM Spectrum Protect Verb 134 Unauthenticated Remote Stack Overflow |
Critical |
CVE-2020-4415 |
April 21, 2020 |
TRA-2020-25 |
Plex Media Server Local Privilege Escalation (Windows) |
High |
CVE-2020-5740 |
April 15, 2020 |
TRA-2020-24 |
Cisco IP Phones Web Server Multiple Vulnerabilities |
Critical |
CVE-2020-3161 CVE-2016-1421 |
April 15, 2020 |
TRA-2020-23 |
MikroTik WinBox Cleartext Password Storage |
Low |
CVE-2020-5721 |
April 13, 2020 |
TRA-2020-22 |
Grandstream GXP1600 Series Multiple Issues |
Critical |
CVE-2020-5738 CVE-2020-5739 |
April 9, 2020 |
TRA-2020-21 |
Ubiquiti Unifi Cloud Key Gen2 Plus Unauthenticated Hostname Modification |
Medium |
CVE-2020-8148 |
April 7, 2020 |
TRA-2020-20 |
Amcrest Camera/NVR Multiple Vulnerabilities |
Critical |
CVE-2020-5735 CVE-2020-5736 |
April 6, 2020 |
TRA-2020-19 |
SolarWinds Dameware DoS |
High |
CVE-2020-5734 |
April 3, 2020 |
TRA-2020-18 |
OpenMRS Multiple Vulnerabilities |
Medium |
CVE-2020-5728 CVE-2020-5729 CVE-2020-5730 CVE-2020-5731 CVE-2020-5732 CVE-2020-5733 |
March 30, 2020 |
TRA-2020-17 |
Grandstream UCM62xx Multiple SQL Injections |
Medium |
CVE-2020-5723 CVE-2020-5724 CVE-2020-5725 CVE-2020-5726 |
March 25, 2020 |
TRA-2020-16 |
CODESYS V3 Unauthenticated Remote Heap Overflow |
Critical |
CVE-2020-10245 |
March 23, 2020 |
TRA-2020-15 |
Grandstream UCM62xx SQL Injection |
Critical |
CVE-2020-5722 |
March 12, 2020 |
TRA-2020-14 |
Kodi Multiple Issues |
High |
|
February 26, 2020 |
TRA-2020-13 |
Advantech WebAccess/SCADA Unauthenticated Remote Heap Buffer Overflow |
Critical |
|
February 25, 2020 |
TRA-2020-12 |
Druva inSync Client Multiple Vulnerabilities |
High |
CVE-2019-3999 CVE-2019-4000 CVE-2019-4001 |
February 19, 2020 |
TRA-2020-11 |
Palo Alto Expedition Migration Tool Insufficient XSRF Protection |
High |
CVE-2020-1977 |
February 18, 2020 |
TRA-2020-10 |
Siemens TIA Portal Denial of Service |
High |
CVE-2019-19282 |
February 13, 2020 |
TRA-2020-09 |
SimpliSafe SS3 Unauthenticated Wi-Fi Config Modification |
Low |
CVE-2019-3998 |
February 9, 2020 |
TRA-2020-08 |
Microsoft Windows User Group Policy Bypass |
Medium |
|
February 6, 2020 |
TRA-2020-07 |
MikroTik WinBox Path Traversal |
Medium |
CVE-2020-5720 |
February 3, 2020 |
TRA-2020-06 |
Atlassian Jira CSRF |
Medium |
CVE-2019-20100 |
February 3, 2020 |
TRA-2020-05 |
Atlassian Jira Multiple CSRF |
Medium |
CVE-2019-20098 CVE-2019-20099 |
January 23, 2020 |
TRA-2020-04 |
CODESYS V3 Denial of Service |
High |
CVE-2020-7052 |
January 16, 2020 |
TRA-2020-03 |
SimpliSafe SS3 Unauthenticated Keypad Pairing Vulnerability |
Low |
CVE-2019-3997 |
January 15, 2020 |
TRA-2020-02 |
HPE Smart Update Manager 8.4.5 Remote Unauthorized Access |
Critical |
|
January 14, 2020 |
TRA-2020-01 |
MikroTik WinBox Man-in-the-Middle Password Hash Disclosure |
Medium |
CVE-2019-3981 |
December 26, 2019 |
TRA-2019-54 |
Microsoft Teams Multiple Vulnerabilities |
Medium |
|
December 12, 2019 |
TRA-2019-53 |
ELOG Multiple Vulnerabilities |
High |
CVE-2019-3992 CVE-2019-3993 CVE-2019-3994 CVE-2019-3995 CVE-2019-3996 |
December 11, 2019 |
TRA-2019-52 |
Advantech WebAccess/SCADA Stack Buffer Overflow |
Critical |
CVE-2019-3951 |
December 5, 2019 |
TRA-2019-51 |
Blink XT2 Sync Module Multiple Vulnerabilities |
High |
CVE-2019-3983 CVE-2019-3984 CVE-2019-3985 CVE-2019-3986 CVE-2019-3987 CVE-2019-3988 CVE-2019-3989 |
December 3, 2019 |
TRA-2019-50 |
Harbor.io User Enumeration Vulnerability |
Medium |
CVE-2019-3990 |
November 20, 2019 |
TRA-2019-49 |
Schneider Electric FLM v2.3.1.0 / FlexNet Publisher 11.6.2 Multiple Vulnerabilities |
High |
|
November 20, 2019 |
TRA-2019-48 |
CODESYS V3 Unauthenticated Remote Heap Buffer Overflow |
Critical |
CVE-2019-18858 |
November 6, 2019 |
TRA-2019-47 |
Qualcomm Atheros Universal WLAN Kernel Memory Disclosure |
Medium |
CVE-2019-10618 |
October 28, 2019 |
TRA-2019-46 |
MikroTik RouterOS Multiple Vulnerabilities |
High |
CVE-2019-3976 CVE-2019-3977 CVE-2019-3978 CVE-2019-3979 |
October 17, 2019 |
TRA-2019-45 |
Cisco TelePresence Advanced Media Gateway 3610 Denial of Service |
Medium |
CVE-2019-15966 |
October 15, 2019 |
TRA-2019-44 |
Cisco SPA100 Series Multiple Vulnerabilities |
Critical |
CVE-2019-15240 CVE-2019-15241 CVE-2019-15242 CVE-2019-15243 CVE-2019-15244 CVE-2019-15245 CVE-2019-15246 CVE-2019-15247 CVE-2019-15248 CVE-2019-15249 CVE-2019-15250 CVE-2019-15251 CVE-2019-15252 CVE-2019-15257 CVE-2019-15258 CVE-2019-12702 CVE-2019-12703 CVE-2019-12704 CVE-2019-12708 |
September 30, 2019 |
TRA-2019-43 |
SolarWinds Dameware Mini Remote Control Unauthenticated RCE |
Critical |
CVE-2019-3980 |
September 25, 2019 |
TRA-2019-42 |
HPE iMC 7.3 E0703 Multiple Vulnerabilities |
Critical |
CVE-2019-5390 CVE-2019-5391 |
September 10, 2019 |
TRA-2019-41 |
Advantech WebAccess/SCADA 8.4.1 Unauthenticated Remote Stack Buffer Overflow |
Critical |
CVE-2019-3975 |
August 19, 2019 |
TRA-2019-40 |
OpenEMR Multiple Vulnerabilities |
High |
CVE-2019-3963 CVE-2019-3964 CVE-2019-3965 CVE-2019-3966 CVE-2019-3967 CVE-2019-3968 |
August 12, 2019 |
TRA-2019-39 |
Apple macOS / iOS UIFoundation Vulnerability |
Medium |
|
August 2, 2019 |
TRA-2019-38 |
macOS LaunchServices Denial of Service |
Medium |
|
July 30, 2019 |
TRA-2019-37 |
WallacePOS Multiple Vulnerabilities |
Medium |
CVE-2019-3958 CVE-2019-3959 CVE-2019-3960 |
July 29, 2019 |
TRA-2019-36 |
Amcrest IP Camera Multiple Vulnerabilities |
Medium |
CVE-2019-3948 |
July 17, 2019 |
TRA-2019-35 |
Jenkins Path Traversal / Arbitrary File Write |
Medium |
CVE-2019-10352 |
July 15, 2019 |
TRA-2019-34 |
Comodo Antivirus Multiple Vulnerabilities |
Medium |
CVE-2019-3969 CVE-2019-3970 CVE-2019-3971 CVE-2019-3972 CVE-2019-3973 |
July 8, 2019 |
TRA-2019-33 |
Siemens TIA Portal (STEP7) Remote Code Execution |
Critical |
CVE-2019-10915 |
July 2, 2019 |
TRA-2019-32 |
Citrix SD-WAN Appliance Multiple Vulnerabilities |
Critical |
CVE-2019-12989 CVE-2019-12991 |
July 2, 2019 |
TRA-2019-31 |
Citrix SD-WAN Center Multiple Vulnerabilities |
Critical |
CVE-2019-12985 CVE-2019-12986 CVE-2019-12987 CVE-2019-12988 CVE-2019-12990 CVE-2019-12992 |
July 1, 2019 |
TRA-2019-30 |
Arlo Basestation Firmware Multiple Vulnerabilities |
High |
CVE-2019-3949 CVE-2019-3950 |
June 19, 2019 |
TRA-2019-29 |
Cisco RV110W, RV130W, and RV215W Routers Multiple Vulnerabilities |
Medium |
CVE-2019-1897 CVE-2019-1898 CVE-2019-1899 |
June 18, 2019 |
TRA-2019-28 |
Multiple Advantech WebAccess Vulnerabilities |
Critical |
CVE-2019-3953 CVE-2019-3954 |
June 11, 2019 |
TRA-2019-27 |
Fuji Electric V-Server Denial of Service and Information Disclosure |
Medium |
CVE-2019-3946 CVE-2019-3947 |
June 6, 2019 |
TRA-2019-26 |
Dameware Remote Mini Controller Multiple Vulnerabilities |
High |
CVE-2019-3955 CVE-2019-3956 CVE-2019-3957 |
June 3, 2019 |
TRA-2019-25 |
Zsh Multiple Denial of Service Vulnerabilities |
Low |
|
May 29, 2019 |
TRA-2019-24 |
Chromium Dev Tools Crash |
Low |
|
May 7, 2019 |
TRA-2019-23 |
Slack Desktop Application for Windows Download Hijack |
Medium |
|
May 7, 2019 |
TRA-2019-22 |
Parrot ANAFI Drone Denial of Service |
Medium |
CVE-2019-3944 CVE-2019-3945 |
May 1, 2019 |
TRA-2019-21 |
Cisco Small Business Switch Security Feature Bypass |
High |
CVE-2019-1859 |
April 30, 2019 |
TRA-2019-20 |
OEM Presentation Platform Vulnerabilities |
Critical |
CVE-2019-3925 CVE-2019-3926 CVE-2019-3927 CVE-2019-3928 CVE-2019-3929 CVE-2019-3930 CVE-2019-3931 CVE-2019-3932 CVE-2019-3933 CVE-2019-3934 CVE-2019-3935 CVE-2019-3936 CVE-2019-3937 CVE-2019-3938 CVE-2019-3939 CVE-2017-16709 |
April 11, 2019 |
TRA-2019-19 |
Palo Alto Expedition Migration Tool 1.1.12 and earlier - XSS |
Low |
CVE-2019-1574 |
April 10, 2019 |
TRA-2019-18 |
Citrix SD-WAN Center and NetScaler SD-WAN Center Unauthenticated Remote Command Injection |
Critical |
CVE-2019-10883 |
April 9, 2019 |
TRA-2019-17 |
Verizon Fios Quantum Gateway Multiple Vulnerabilities |
High |
CVE-2019-3914 CVE-2019-3915 CVE-2019-3916 |
April 8, 2019 |
TRA-2019-16 |
MikroTik RouterOS Authenticated Directory Traversal |
High |
CVE-2019-3943 |
April 4, 2019 |
TRA-2019-15 |
Multiple Advantech WebAccess Vulnerabilities |
Critical |
CVE-2019-3940 CVE-2019-3941 CVE-2019-3942 |
March 27, 2019 |
TRA-2019-14 |
FileZilla 'fzsftp' Untrusted Search Path |
Medium |
CVE-2019-5429 |
March 22, 2019 |
TRA-2019-13 |
Palo Alto Expedition Migration Tool 1.1.8 and earlier - Multiple XSS |
Low |
CVE-2019-1569 CVE-2019-1570 CVE-2019-1571 |
March 20, 2019 |
TRA-2019-12 |
HPE iMC 7.3 E0605P06 Multiple Vulnerabilities |
Critical |
CVE-2019-5390 CVE-2019-5391 |
March 4, 2019 |
TRA-2019-11 |
RSLinx Classic Stack Buffer Overflow |
Critical |
CVE-2019-6553 |
March 1, 2019 |
TRA-2019-10 |
Palo Alto Expedition Migration Tool Stored XSS |
Low |
CVE-2019-1567 |
February 27, 2019 |
TRA-2019-09 |
Nokia GPON ONT Multiple Vulnerabilities |
Critical |
CVE-2019-3917 CVE-2019-3918 CVE-2019-3919 CVE-2019-3920 CVE-2019-3921 CVE-2019-3922 |
February 20, 2019 |
TRA-2019-08 |
SonicOS Improper Certificate Access |
Medium |
CVE-2018-9867 |
February 12, 2019 |
TRA-2019-07 |
MikroTik RouterOS Unauthenticated Intermediary |
Medium |
CVE-2019-3924 |
February 4, 2019 |
TRA-2019-06 |
Rockwell Automation EWEB SNMP Denial of Service |
Medium |
CVE-2018-19016 |
February 4, 2019 |
TRA-2019-05 |
Crestron DGE-100 Unauthenticated Remote Denial of Service |
High |
|
February 4, 2019 |
TRA-2019-04 |
Indusoft Web Studio and InTouch Edge HMI Remote Code Execution |
Critical |
CVE-2019-6545 CVE-2019-6543 |
January 24, 2019 |
TRA-2019-03 |
LabKey Server Community Edition Multiple Vulnerabilities |
Medium |
CVE-2019-3911 CVE-2019-3912 CVE-2019-3913 |
January 10, 2019 |
TRA-2019-02 |
[R1] Crestron AM-100 Authentication Bypass |
Critical |
CVE-2019-3910 |
January 8, 2019 |
TRA-2019-01 |
[R3] Multiple Premisys Identicard Vulnerabilities |
Critical |
CVE-2019-3906 CVE-2019-3907 CVE-2019-3908 CVE-2019-3909 |
December 20, 2018 |
TRA-2018-48 |
[R2] Netatalk Out-of-bounds Write |
Critical |
CVE-2018-1160 |
December 19, 2018 |
TRA-2018-47 |
[R2] Logitech Harmony Hub Multiple Vulnerabilities |
High |
CVE-2018-15720 CVE-2018-15721 CVE-2018-15722 CVE-2018-15723 |
December 19, 2018 |
TRA-2018-46 |
[R1] Cisco Adaptive Security Appliance HTTP Privilege Escalation |
High |
CVE-2018-15465 |
December 14, 2018 |
TRA-2018-45 |
[R2] Advantech WebAccess Stack Buffer Overflow |
Critical |
CVE-2018-18999 |
December 12, 2018 |
TRA-2018-44 |
[R1] Open Dental Multiple Vulnerabilities |
Critical |
CVE-2018-15717 CVE-2018-15718 CVE-2018-15719 |
December 5, 2018 |
TRA-2018-43 |
[R2] Jenkins Forced Migration of User Records |
Medium |
CVE-2018-1000863 |
December 5, 2018 |
TRA-2018-42 |
[R1] Cisco Energy Management Suite Default PostgreSQL Credentials |
Medium |
CVE-2018-0468 |
November 29, 2018 |
TRA-2018-41 |
[R1] NUUO NVRMini2 Authenticated Command Injection |
Critical |
CVE-2018-15716 |
November 29, 2018 |
TRA-2018-40 |
[R2] Zoom Message Spoofing |
Critical |
CVE-2018-15715 |
November 26, 2018 |
TRA-2018-39 |
[R1] Multiple HPE Moonshot Provisioning Manager Vulnerabilities |
High |
|
November 26, 2018 |
TRA-2018-38 |
[R1] Multiple Schneider Electric Modicon Quantum Vulnerabilities |
Critical |
CVE-2018-7809 CVE-2018-7810 CVE-2018-7811 CVE-2018-7830 CVE-2018-7831 |
November 13, 2018 |
TRA-2018-37 |
[R2] Nagios XI Multiple Vulnerabilities |
High |
CVE-2018-15708 CVE-2018-15709 CVE-2018-15710 CVE-2018-15711 CVE-2018-15712 CVE-2018-15713 CVE-2018-15714 |
November 9, 2018 |
TRA-2018-36 |
[R1] Cisco Energy Management Suite Multiple Vulnerabilities |
Critical |
CVE-2018-15444 CVE-2018-15445 |
October 31, 2018 |
TRA-2018-35 |
[R1] Multiple Advantech WebAccess Vulnerabilities |
Critical |
CVE-2018-15705 CVE-2018-15706 CVE-2018-15707 |
October 30, 2018 |
TRA-2018-34 |
[R1] Multiple Vulnerabilities in AVEVA Indusoft Web Studio and InTouch Edge HMI |
Critical |
CVE-2018-17914 CVE-2018-17916 |
October 18, 2018 |
TRA-2018-33 |
[R1] Multiple Advantech WebAccess Vulnerabilities |
High |
CVE-2018-15703 CVE-2018-15704 |
October 17, 2018 |
TRA-2018-32 |
[R1] Multiple Oracle WebLogic Docker Password Disclosures |
Medium |
CVE-2018-3213 |
October 17, 2018 |
TRA-2018-31 |
[R1] Multiple Oracle GoldenGate Manager Vulnerabilities |
Critical |
CVE-2018-2912 CVE-2018-2913 CVE-2018-2914 |
October 12, 2018 |
TRA-2018-30 |
[R1] IBM WebSphere Application Server Admin Console File Disclosure |
Medium |
CVE-2018-1770 |
October 10, 2018 |
TRA-2018-29 |
[R1] Multiple Jenkins Vulnerabilities |
Medium |
|
October 9, 2018 |
TRA-2018-28 |
[R3] HPE Intelligent Management Center Multiple Vulnerabilities |
Critical |
CVE-2018-7116 CVE-2018-7121 CVE-2018-7122 CVE-2018-7123 CVE-2019-5392 CVE-2019-5393 |
October 1, 2018 |
TRA-2018-27 |
[R1] TP-Link TL-WRN841N Multiple Vulnerabilities |
Critical |
CVE-2018-15700 CVE-2018-15701 CVE-2018-15702 |
September 20, 2018 |
TRA-2018-26 |
[R1] RSLinx Classic Buffer Overflows |
Critical |
CVE-2018-14821 CVE-2018-14829 |
September 17, 2018 |
TRA-2018-25 |
[R2] Multiple NUUO NVRMini2 Vulnerabilities |
Critical |
CVE-2018-1149 CVE-2018-1150 |
September 10, 2018 |
TRA-2018-24 |
[R1] HPE Intelligent Management Center Stack Buffer Overflow |
Critical |
CVE-2018-7115 |
September 10, 2018 |
TRA-2018-23 |
[R1] Advantech WebAccess Remote Code Execution |
Critical |
CVE-2017-16720 |
August 24, 2018 |
TRA-2018-22 |
[R1] Multiple ASUSTOR Data Master Vulnerabilities |
High |
CVE-2018-15694 CVE-2018-15695 CVE-2018-15696 CVE-2018-15697 CVE-2018-15698 CVE-2018-15699 |
August 22, 2018 |
TRA-2018-21 |
[R1] Mikrotik RouterOS Multiple Authenticated Vulnerabilities |
Critical |
CVE-2018-1156 CVE-2018-1157 CVE-2018-1158 CVE-2018-1159 |
August 21, 2018 |
TRA-2018-20 |
[R2] Cisco Data Center Network Manager Authenticated Path Traversal |
Medium |
CVE-2018-0464 |
July 18, 2018 |
TRA-2018-19 |
[R1] AVEVA InduSoft Web Studio and InTouch Machine Edition Remote Code Execution |
Critical |
CVE-2018-10620 |
June 15, 2018 |
TRA-2018-18 |
[R1] Burp Suite Community Edition Improper Certificate Validation |
Medium |
CVE-2018-1153 |
June 14, 2018 |
TRA-2018-17 |
[R1] libturbo-jpeg Denial of Service |
Medium |
CVE-2018-1152 |
June 12, 2018 |
TRA-2018-16 |
[R1] GlassFish 4.x Denial of Service |
High |
|
June 11, 2018 |
TRA-2018-15 |
[R2] HPE Moonshot Provisioning Manager Arbitrary File Move |
High |
CVE-2018-7072 CVE-2018-7073 |
June 11, 2018 |
TRA-2018-14 |
[R1] Western Digital TV Media Player and Live Hub Unauthenticated RCE |
Critical |
CVE-2018-1151 |
June 8, 2018 |
TRA-2018-13 |
[R2] IBM Netezza Appliance Local Privilege Escalation |
High |
CVE-2018-1460 |
May 4, 2018 |
TRA-2018-12 |
[R1] Cylance PROTECT Missing SSL Certificate Verification |
Medium |
|
May 4, 2018 |
TRA-2018-11 |
[R1] Cisco Prime Data Center Network Manager Remote Code Execution |
Critical |
CVE-2018-0258 |
May 4, 2018 |
TRA-2018-10 |
[R1] Trend Micro Smart Protection Server Denial of Service |
High |
CVE-2018-6237 |
May 4, 2018 |
TRA-2018-09 |
[R1] OpenVPN Windows Service Double Free |
High |
CVE-2018-9336 |
April 12, 2018 |
TRA-2018-08 |
[R1] Belkin N750 F9K1103 v1 Multiple Vulnerabilities |
Critical |
CVE-2018-1143 CVE-2018-1144 CVE-2018-1145 CVE-2018-1146 |
April 6, 2018 |
TRA-2018-07 |
[R3] Schneider Electric InduSoft Web Studio and InTouch Machine Edition Remote Code Execution |
Critical |
CVE-2018-8840 |
March 28, 2018 |
TRA-2018-06 |
[R1] Cisco IOS and IOS XE Multiple Memory Corruption Vulnerabilities |
High |
CVE-2018-0172 CVE-2018-0173 CVE-2018-0174 |
February 26, 2018 |
TRA-2018-05 |
[R1] Micro Focus Operations Orchestrations Information Disclosure and Remote Denial of Service |
High |
CVE-2018-6490 |
February 26, 2018 |
TRA-2018-04 |
[R3] Check Point Gaia OS Privilege Escalation |
Medium |
|
February 15, 2018 |
TRA-2018-03 |
[R2] EMC VASA Virtual Appliance Default Creds and Arbitrary File Upload |
Critical |
CVE-2018-1216 CVE-2018-1215 |
January 29, 2018 |
TRA-2018-02 |
[R1] NetGain Enterprise Manager Multiple Remote Vulnerabilities |
High |
CVE-2017-17406 CVE-2017-16610 CVE-2017-16607 CVE-2017-16609 CVE-2017-16608 |
January 29, 2018 |
TRA-2018-01 |
[R1] HPE Intelligent Management Center (iMC) PLAT Java RMI RCE |
High |
CVE-2017-5792 |
November 21, 2017 |
TRA-2017-37 |
[R1] gSOAP HTTP DIME Parsing Denial of Service |
Medium |
|
November 21, 2017 |
TRA-2017-36 |
[R1] Firebird fbudf Module Authenticated Remote Code Execution |
Critical |
CVE-2017-11509 |
November 20, 2017 |
TRA-2017-35 |
[R2] Verizon Fios Quantum Gateway G1100 Remote Information Disclosure |
Medium |
|
November 20, 2017 |
TRA-2017-34 |
[R1] Siemens SIMATIC Logon Denial of Service |
Medium |
CVE-2017-9938 |
November 10, 2017 |
TRA-2017-33 |
[R1] Wanscam Network Camera Multiple Vulnerabiltiies |
Medium |
CVE-2017-11510 |
November 9, 2017 |
TRA-2017-32 |
[R1] HPE Universal Configuration Management Database Multiple Vulnerabilities |
Critical |
CVE-2017-14351 CVE-2017-14353 CVE-2017-14354 |
November 8, 2017 |
TRA-2017-31 |
[R1] ManageEngine ServiceDesk Multiple Vulnerabilties |
High |
CVE-2017-11511 CVE-2017-11512 |
November 7, 2017 |
TRA-2017-30 |
[R1] HPE System Management Homepage Remote Denial of Service |
High |
CVE-2017-12545 |
November 7, 2017 |
TRA-2017-29 |
[R1] Advantech WebAccess SQL Injection |
Critical |
CVE-2017-12710 |
November 7, 2017 |
TRA-2017-28 |
[R1] HPE Operations Orchestration Central Remoting Java Deserialization Remote Code Execution |
High |
CVE-2017-8994 |
November 7, 2017 |
TRA-2017-27 |
[R1] HPE Intelligent Management Center SOM Module Remote File Disclosure |
Medium |
CVE-2017-12555 |
November 6, 2017 |
TRA-2017-26 |
[R1] HP Data Protector Multiple Remote Vulnerabilities |
High |
CVE-2017-5807, CVE-2017-5808 |
November 6, 2017 |
TRA-2017-25 |
[R2] HPE Operations Orchestration Incomplete Fix for CVE-2016-8519 |
High |
CVE-2017-8994 |
November 6, 2017 |
TRA-2017-24 |
[R1] Ecava IntegraXor SQL Injection Remote Code Execution |
High |
CVE-2017-6050 |
November 3, 2017 |
TRA-2017-23 |
[R1] Cisco Security Manager and Prime LMS Java Deserialization Remote Code Execution |
Critical |
CVE-2015-6420 |
November 2, 2017 |
TRA-2017-22 |
[R1] ReadyMedia HTTP Request Denial of Service |
High |
|
November 2, 2017 |
TRA-2017-21 |
[R1] Check_MK Multisite Web UI Reflected XSS |
Medium |
CVE-2017-9781 |
November 2, 2017 |
TRA-2017-20 |
[R2] Check_MK Multisite Web UI Stored and Reflected XSS |
Medium |
CVE-2017-11507 |
May 2, 2017 |
TRA-2017-19 |
[R1] Kaa IoT Platform SdkServlet / RecordServlet Java Object Deserialization Remote Code Execution |
High |
CVE-2017-7911 |
April 26, 2017 |
TRA-2017-18 |
[R1] HP Intelligent Management Center (iMC) Platform euplat RMI Registry Java Deserialization Remote Code Execution |
Critical |
CVE-2017-5792 |
April 19, 2017 |
TRA-2017-17 |
[R1] ManageEngine ServiceDesk Plus AuthError.jsp ErrorMsg Parameter Reflected XSS |
Medium |
|
April 18, 2017 |
TRA-2017-16 |
[R1] Oracle WebLogic Server Web Container Subcomponent Reflected PartItem File Manipulation Remote Code Execution |
Critical |
CVE-2017-3531 |
March 30, 2017 |
TRA-2017-15 |
[R2] NetIQ Sentinel Multiple Remote Vulnerabilities |
High |
CVE-2017-5184 CVE-2017-5185 |
March 25, 2017 |
TRA-2017-14 |
[R1] Cisco Unified Customer Voice Portal Java Deserialization Remote Code Execution |
Critical |
CVE-2015-6420 |
March 18, 2017 |
TRA-2017-13 |
[R1] HPE LoadRunner libxdrutil.dll mxdr_string() Function XDR String Handling Remote Heap Buffer Overflow |
Critical |
CVE-2017-5789 |
March 16, 2017 |
TRA-2017-12 |
[R1] HP Intelligent Management Center (iMC) Platform /imc/fault/accessMgrServlet Java Deserialization Remote Code Execution |
Critical |
CVE-2017-5790 |
March 15, 2017 |
TRA-2017-11 |
[R1] Sophos XG Firewall login.jsp utype Parameter Reflected XSS |
Medium |
|
March 13, 2017 |
TRA-2017-10 |
[R1] Debian MediaTomb (fork) Multiple Remote Vulnerabilities |
Critical |
CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2016-6255 CVE-2016-8863 |
February 1, 2017 |
TRA-2017-09 |
[R2] HP Intelligent Management Center (iMC) Platform /rptviewer/servlets/redirectviewer Multiple Remote Issues |
High |
CVE-2016-8525 CVE-2016-8530 |
January 26, 2017 |
TRA-2017-08 |
[R1] Portable SDK for UPnP Devices (libupnp) glibc Implementation getaddrinfo() Function Remote Stack Overflow |
Critical |
CVE-2015-7547 |
January 25, 2017 |
TRA-2017-07 |
[R1] Oracle WebLogic RMI Registry UnicastRef Object Java Deserialization Remote Code Execution |
Critical |
CVE-2017-3248 |
January 23, 2017 |
TRA-2017-06 |
[R1] ManageEngine ADAudit Plus Multiple Vulnerabilities |
High |
|
January 20, 2017 |
TRA-2017-05 |
[R1] HP Operations Orchestration (HP OO) /oo/backwards-compatibility/wsExecutionBridgeService Jaa Deserialization Remote Code Execution |
Critical |
CVE-2016-8519 |
January 19, 2017 |
TRA-2017-04 |
[R1] Advantech WebAccess Multiple Vulnerabilities |
High |
CVE-2017-5152 CVE-2017-5154 |
January 18, 2017 |
TRA-2017-03 |
[R2] Oracle Outside In Content Access vspdf.dll Multiple Remote DoS |
Medium |
CVE-2017-3294 CVE-2017-3295 |
January 11, 2017 |
TRA-2017-02 |
[R2] Sophos Web Protection Appliance ftp_redirect.php s Parameter Reflected XSS |
Medium |
CVE-2017-9523 |
January 9, 2017 |
TRA-2017-01 |
[R1] Liferay CE Portal /api/liferay Java Deserialization Blacklist Bypass Remote Code Execution |
Critical |
|
December 11, 2016 |
TRA-2016-39 |
[R1] Hewlett Packard Network Automation RPCServlet Arbitrary Code Execution |
High |
CVE-2016-8511 |
December 5, 2016 |
TRA-2016-38 |
[R1] Cisco Prime Collaboration Provisioning Restricted CLI Bypass Local Privilege Escalation |
Medium |
CVE-2016-1320 |
November 29, 2016 |
TRA-2016-37 |
[R2] Dell SonicWALL /appliance/license.jsp Serial Number Disclosure Remote Privilege Escalation |
Medium |
|
November 28, 2016 |
TRA-2016-36 |
[R1] ManageEngine OpManager NMS Server Multiple Vulnerabilities |
Critical |
|
November 25, 2016 |
TRA-2016-35 |
[R1] WISE Server Commons Collection / FileUpload Java Deserialization Remote Command Execution |
Critical |
|
November 16, 2016 |
TRA-2016-34 |
[R1] VMWare vRealize Operations Manager Appliance Multiple Vulnerabilities Chained Remote Code Execution |
High |
CVE-2016-7462 |
November 1, 2016 |
TRA-2016-33 |
[R1] Oracle WebLogic Server Commons DiskFileItem Remote File Manipulation |
Critical |
CVE-2016-5535 |
October 29, 2016 |
TRA-2016-32 |
[R1] HP System Management Homepage (SMH) Multiple Remote Stack Buffer Overflows |
High |
CVE-2016-4395 CVE-2016-4396 |
October 21, 2016 |
TRA-2016-31 |
[R1] ManageEngine ADAudit Plus Obfuscated Cookie Password Disclosure |
Low |
|
October 17, 2016 |
TRA-2016-30 |
[R1] Novell NetIQ Sentinel Commons DiskFileItem RMI Java Deserialization Remote File Creation / Manipulation |
Critical |
CVE-2016-1000031 |
October 6, 2016 |
TRA-2016-29 |
[R2] Citrix License Server / Flexera FlexNet Publisher lmadmin.exe 2F Packet Handling Remote DoS |
Medium |
CVE-2016-6273 |
September 26, 2016 |
TRA-2016-28 |
[R2] CloudView NMS Multiple Remote Vulnerabilities |
High |
|
September 22, 2016 |
TRA-2016-27 |
[R1] Hewlett Packard Network Automation RMI Registry Port Java Deserialization Remote Code Execution |
Critical |
CVE-2016-4385 |
September 21, 2016 |
TRA-2016-26 |
[R1] HP LoadRunner Multiple Remote DoS |
High |
CVE-2016-4384 CVE-2016-4361 |
September 14, 2016 |
TRA-2016-25 |
[R1] Red5 Server RMI Registry /red5 Java Deserialization Remote Code Execution |
Critical |
|
August 18, 2016 |
TRA-2016-24 |
[R1] PowerFolder Multiple Remote Vulnerabilities |
Critical |
|
August 12, 2016 |
TRA-2016-23 |
[R4] Apache Wicket DiskFileItem Java Deserialization Remote File Manipulation |
Medium |
CVE-2013-2186 CVE-2016-1000031 CVE-2016-6793 |
July 20, 2016 |
TRA-2016-22 |
[R2] Red Hat JBoss Operations Network /jboss-remoting-servlet-invoker/ServerInvokerServlet Jython Deserialization Remote Code Execution |
Critical |
CVE-2016-3737 CVE-2016-6330 |
July 19, 2016 |
TRA-2016-21 |
[R1] Oracle WebLogic Server weblogic.corba.utils.MarshallObject Java Deserialization Remote Code Execution |
Critical |
CVE-2016-3510 |
July 8, 2016 |
TRA-2016-20 |
[R2] Pivotal Spring Framework HttpInvokerServiceExporter readRemoteInvocation Method Untrusted Java Deserialization |
Critical |
CVE-2016-1000027 |
June 28, 2016 |
TRA-2016-19 |
[R1] Palo Alto Networks PAN-OS /api Multiple Parameter Handling Remote DoS |
Medium |
|
June 27, 2016 |
TRA-2016-18 |
[R1] IBM iAccess for Windows i Navigator Encoded Windows Admin Password Local Disclosure |
Low |
CVE-2016-0287 |
June 13, 2016 |
TRA-2016-17 |
[R2] HP Loadrunner / HP Performance Center Virtual Table Server (VTS) \web\admin\data.js Remote File Deletion |
High |
CVE-2016-4360 |
June 13, 2016 |
TRA-2016-16 |
[R2] HP LoadRunner mchan.dll Shared Memory Object Name Construction Remote Stack Buffer Overflow |
High |
CVE-2016-4359 |
May 17, 2016 |
TRA-2016-15 |
[R1] Ipswitch WhatsUp Gold WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection |
Medium |
CVE-2016-1000000 |
May 5, 2016 |
TRA-2016-14 |
[R1] HP System Management Homepage (SMH) mod_smh_config.so AddCertsToTrustCfgList() Function X.509 Certificate Subject Common Name Handling Remote DoS |
Low |
|
May 3, 2016 |
TRA-2016-13 |
[R1] Core FTP Server Path Traversal Arbitrary File/Directory Access |
Medium |
|
April 20, 2016 |
TRA-2016-12 |
[R3] Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution (LOBSTER) |
Critical |
CVE-2016-1000031 |
April 20, 2016 |
TRA-2016-11 |
[R1] Oracle MySQL Enterprise Monitor Multiple Library readObject() Function Java Object Deserialization Remote Code Execution |
High |
CVE-2016-3461 |
April 19, 2016 |
TRA-2016-10 |
[R2] ManageEngine OpManager / Service Desk Multiple Vulnerabilities |
High |
CVE-2016-82014 CVE-2016-82015 |
April 19, 2016 |
TRA-2016-09 |
[R1] Oracle WebLogic ClassFilter.class ServerChannelInputStream Bypass Java Deserialization Remote Code Execution |
Critical |
CVE-2016-0638 CVE-2015-4829 |
April 15, 2016 |
TRA-2016-08 |
[R1] Cisco Unified Computing System - Multiple Vulnerabilities |
Medium |
CVE-2016-1339 CVE-2016-1340 |
April 13, 2016 |
TRA-2016-07 |
[R1] Microsoft Windows 10 lsass.exe Empty SID Lookup Handling Remote DoS |
Medium |
CVE-2016-0135 |
April 5, 2016 |
TRA-2016-06 |
[R1] Cisco Multiple Routers Fragmented IKEv2 Packet Handling Remote Integer Overflow |
High |
CVE-2016-1344 |
March 29, 2016 |
TRA-2016-05 |
[R1] Barco ClickShare Multiple Script Remote Command Execution |
High |
CVE-2015-6532 CVE-2015-6533 |
March 28, 2016 |
TRA-2016-04 |
[R2] Cisco IOS Smart Install Client Feature Config / Boot Image File List Upload Remote Code Execution |
High |
CVE-2015-6264 CVE-2016-1349 |
March 24, 2016 |
TRA-2016-03 |
[R1] Microsoft Windows DNS Server dns.exe answerIQuery() Function Remote Buffer Overflow |
Medium |
CVE-2016-82007 |
March 14, 2016 |
TRA-2016-02 |
[R1] HP Operations Manager i flex-messaging-core.jar XML External Entity (XXE) Injection Remote Information Disclosure |
Medium |
CVE-2015-3269 |
February 17, 2016 |
TRA-2016-01 |
[R1] ManageEngine AssetExplorer /workorder/FileDownload.jsp fName Parameter Traversal Remote File Disclosure |
Medium |
CVE-2016-82002 |
December 14, 2015 |
TRA-2015-07 |
[R1] ManageEngine Desktop Central /statusUpdate fileName Parameter Traversal Multiple Extension File Upload Remote Code Execution |
Critical |
CVE-2015-82001 |
November 30, 2015 |
TRA-2014-04 |
[R1] NetMotion Mobility VPN nmdrv.sys TCP Connection Termination Handling Remote DoS |
High |
CVE-2014-82000 |
November 30, 2015 |
TRA-2015-06 |
[R1] HP Client Automation / Accelerite Endpoint Management Core Server HPCA Management Agent (nvdkit.exe) Cleartext Credentials MiTM Disclosure |
Low |
CVE-2015-82000 |
November 24, 2015 |
TRA-2015-05 |
[R1] FreeSWITCH parse_string() Function Multiple Vector Remote Heap Buffer Overflow |
Critical |
CVE-2015-8311 |
October 21, 2015 |
TRA-2015-04 |
[R1] NTP Autokey Functionality Multiple Remote DoS |
High |
CVE-2015-7691 CVE-2015-7692 CVE-2015-7701 |
October 15, 2015 |
TRA-2015-03 |
[R1] 3S CODESYS PLCWinNT Runtime Service NULL Pointer Dereference Remote DoS |
High |
CVE-2015-6482 |
September 15, 2015 |
TRA-2015-02 |
[R2] Palo Alto Networks Panorama VM Appliance PAN-OS Firmware Signature Verification Bypass Arbitrary Code Execution |
High |
CVE-2015-6531 |
August 24, 2015 |
TRA-2015-01 |
[R1] Microsoft Windows SMB v1 Service Principal Name Handling Remote Buffer Overflow |
High |
CVE-2015-2474 |
May 14, 2014 |
TRA-2014-01 |
Juniper Junos Space MySQL Server Unspecified Hardcoded Credentials |
High |
CVE-2014-3413 |
February 28, 2014 |
TRA-2014-02 |
Novell ZENworks Configuration Management (ZCM) PreBoot Service (novell-pbserv.exe) Remote Path Traversal File Access |
High |
CVE-2013-3706 |
January 30, 2014 |
TRA-2014-03 |
3S CoDeSys Runtime Toolkit Unspecified NULL Pointer Dereference Remote DoS |
High |
CVE-2014-0757 |
November 12, 2013 |
TRA-2013-08 |
Adobe ColdFusion CFIDE Directory Unspecified Reflected XSS |
Medium |
CVE-2013-5326 |
September 3, 2013 |
TRA-2013-07 |
[R1] Cisco Prime Network Control System (NCS) / Wireless Control System (WCS) login.jsp requestUrl Parameter Reflected XSS |
Medium |
CVE-2012-5990 |
July 24, 2013 |
TRA-2013-05 |
HP LoadRunner magentproc.exe SSL Connection Handling Buffer Overflow Remote Code Execution |
High |
CVE-2013-4800 |
July 24, 2013 |
TRA-2013-06 |
HP LoadRunner XDR-encoded Data Handling Remote Buffer Overflow |
High |
CVE-2013-4799 |
May 22, 2013 |
TRA-2013-10 |
3S CoDeSys Gateway Unspecified Use-after-free Arbitrary Code Execution |
Critical |
CVE-2013-2781 |
May 14, 2013 |
TRA-2013-04 |
Adobe ColdFusion Unspecified Remote Code Execution |
Critical |
CVE-2013-1389 |
April 19, 2013 |
TRA-2013-09 |
[R1] IBM InfoSphere Products /rdweb/getUsers.do Remote Account Information Remote Disclosure |
Medium |
CVE-2013-0584 |
March 27, 2013 |
TRA-2013-03 |
Cisco IOS Smart Install Client Feature Malformed Config / Boot Image File Upload Remote Code Execution |
Critical |
CVE-2013-1146 |
January 23, 2013 |
TRA-2013-02 |
[R1] WebYaST /host Configuration Path Handling Unauthenticated Host List Manipulation |
Medium |
CVE-2012-0435 |
January 9, 2013 |
TRA-2013-01 |
Dell OpenManage Server Administrator /help/sm/en/Output/wwhelp/wwhimpl/js/html/index_main.htm topic Parameter DOM-based XSS |
Medium |
CVE-2012-6272 |
August 29, 2012 |
TRA-2012-18 |
Novell File Reporter NFRAgent.exe VOL Element Tag Parsing Remote Overflow |
High |
|
August 22, 2012 |
TRA-2012-17 |
[R1] McAfee Email and Web Security / Email Gateway Multiple Vulnerabilities |
Critical |
CVE-2012-4595 CVE-2012-4596 CVE-2012-4597 |
July 20, 2012 |
TRA-2012-16 |
[R1] Symantec Web Gateway (SWG) Multiple Vulnerabilities #2 |
Critical |
CVE-2012-2953 CVE-2012-2957 CVE-2012-2961 CVE-2012-2977 |
June 10, 2012 |
TRA-2012-05 |
Rocket U2 UniData unidata72 RPC Interface Call Parsing Arbitrary Command Execution |
Critical |
|
May 19, 2012 |
TRA-2012-04 |
[R1] Symantec LiveUpdate Administrator Installation Directory Permission Weakness Local Privilege Escalation |
High |
CVE-2012-0304 |
May 17, 2012 |
TRA-2012-03 |
[R1] Symantec Web Gateway (SWG) Multiple Vulnerabilities #1 |
Critical |
CVE-2012-0297 CVE-2012-0298 CVE-2012-0299 CVE-2012-0296 |
May 9, 2012 |
TRA-2012-02 |
Apple Mac OS X SRP-Based Authentication Credential Verification Time Capsule Credential Information Disclosure |
Medium |
CVE-2012-0675 |
May 3, 2012 |
TRA-2012-19 |
[R1] CiscoWorks Prime LAN Management Solution (LMS) Autologin.jsp URL Parameter HTTP Header Response Splitting |
Medium |
CVE-2011-4237 |
January 10, 2012 |
TRA-2012-01 |
PHP Timezone Functionality php_date_parse_tzfile Cache strtotime Function Call Saturation Remote DoS |
Medium |
CVE-2012-0789 |
November 11, 2011 |
TRA-2011-12 |
HP StorageWorks P4000 Virtual SAN Appliance Software Management Service Authentication Bypass Remote Command Execution |
High |
CVE-2012-4361 CVE-2012-2986 |
November 3, 2011 |
TRA-2011-08 |
[R1] Dell KACE K2000 System Deployment Appliance Read-Only Account Default Credentials Remote Information Disclosure |
Medium |
CVE-2011-4048 |
November 3, 2011 |
TRA-2011-09 |
[R1] Dell KACE K2000 System Deployment Appliance Task Processor Database Write Access Remote Privilege Escalation |
High |
CVE-2011-4047 |
November 3, 2011 |
TRA-2011-10 |
[R1] Dell KACE K2000 System Deployment Appliance Multiple Reflected XSS |
Medium |
CVE-2011-4436 |
November 3, 2011 |
TRA-2011-11 |
[R2] Dell KACE K2000 System Deployment Appliance Backdoor Admin Account |
Critical |
CVE-2011-4046 |
October 11, 2011 |
TRA-2011-07 |
[R1] Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities |
Medium |
CVE-2011-1895 CVE-2011-1896 CVE-2011-1897 |
August 8, 2011 |
TRA-2011-06 |
[R2] HP OpenView Performance Insight sendEmail.jsp bgcolor Parameter Reflected XSS |
Medium |
CVE-2011-2410 |
July 19, 2011 |
TRA-2011-05 |
[R1] Oracle Secure Backup /apache/htdocts/php/common.php username Parameter Remote Code Execution |
Critical |
CVE-2011-2261 |
May 31, 2011 |
TRA-2011-04 |
[R1] IBM Tivoli Management Framework Endpoint lcfd.exe opts Field Handling Remote Buffer Overflow |
High |
CVE-2011-1220 |
April 26, 2011 |
TRA-2011-03 |
IBM solidDB rpc_test_svc Commands Handling NULL Dereference Remote DoS |
High |
CVE-2011-1208 |
April 1, 2011 |
TRA-2011-02 |
IBM solidDB Password Hash Verification Bypass Remote Code Execution |
High |
CVE-2011-1560 |
February 8, 2011 |
TRA-2011-01 |
[R1] Adobe ColdFusion Administrator Console login.cfm URI Handling Reflected XSS |
Medium |
CVE-2011-0580 |
December 15, 2010 |
TRA-2010-05 |
HP Power Manager Management Server Login Form URL Parameter Buffer Overflow |
High |
CVE-2010-4113 |
November 6, 2010 |
TRA-2010-04 |
[R1] FreeNAS exec_raw.php cmd Parameter Remote Command Execution |
Critical |
|
October 13, 2010 |
TRA-2010-03 |
[R1] HP Multiple Products switchFWInstallStatus.jsp logfile Parameter Arbitrary File Access |
High |
CVE-2010-3286 CVE-2010-3986 CVE-2010-4100 CVE-2010-4103 CVE-2010-4102 |
September 8, 2010 |
TRA-2010-02 |
[R1] phpMyAdmin Setup Script setup/frames/index.inc.php Verbose Server Name Stored XSS |
Medium |
CVE-2010-3263 |
May 5, 2010 |
TRA-2010-01 |
HP Mercury LoadRunner Agent magentproc.exe Remote Arbitrary Code Execution |
Critical |
CVE-2010-1549 |
December 16, 2009 |
TRA-2009-04 |
HP Storage OpenView Data Protector Backup Client Service MSG_PROTOCOL Command Remote Overflow |
Critical |
CVE-2007-2280 |
November 10, 2009 |
TRA-2009-03 |
Movable Type /mt/mt-check.cgi System Information Disclosure |
Medium |
|
April 14, 2009 |
TRA-2009-02 |
[R1] phpMyAdmin < 3.1.3.2 Multiple Vulnerabilities |
Critical |
CVE-2009-1285 |
March 19, 2009 |
TRA-2009-01 |
Adobe Acrobat getIcon() Function PDF Handling Overflow |
High |
CVE-2009-0927 |
August 14, 2008 |
TRA-2008-01 |
Symantec Veritas Storage Foundation Scheduler Service (VxSchedService.exe) NULL NTLMSSP Authentication Bypass |
Critical |
CVE-2008-3703 |
December 14, 2007 |
TRA-2007-12 |
HP-UX Software Distributor (SD) swagentd sw_rpc_agent_init Function Crafted DCE RPC Request Remote Overflow |
Critical |
CVE-2007-6195 |
December 11, 2007 |
TRA-2007-11 |
Microsoft Windows Message Queuing MSMQ Message Handling Arbitrary Code Execution |
High |
CVE-2007-3039 |
December 7, 2007 |
TRA-2007-10 |
Novell NetMail AntiVirus Agent (avirus.exe) Unspecified ASCII Iinteger Handling Remote Overflow |
Medium |
CVE-2007-6302 |
December 6, 2007 |
TRA-2007-09 |
HP OpenView Network Node Manager (OV NNM) Multiple Remote Overflow |
Critical |
CVE-2007-6204 |
October 10, 2007 |
TRA-2007-08 |
CA BrightStor ARCServe Backup Message Engine RPC Service Arbitrary Code Execution |
Critical |
CVE-2007-5328 |
September 4, 2007 |
TRA-2007-07 |
MIT Kerberos 5 RPCSEC_GSS RPC Library (librpcsecgss) lib/rpc/svc_auth_gss.c svcauth_gss_validate Function Remote Overflow |
Critical |
CVE-2007-3999 |
August 20, 2007 |
TRA-2007-06 |
EMC NetWorker Remote Exec Service (nsrexecd.exe) Remote Overflow |
High |
CVE-2007-3618 |
July 25, 2007 |
TRA-2007-05 |
BakBone NetVault Reporter Manager Scheduler Client Multiple Remote Overflow |
Critical |
CVE-2007-3911 |
July 20, 2007 |
TRA-2007-04 |
Panda AdminSecure Agent Crafted Packet Remote Overflow |
High |
CVE-2007-3026 |
May 9, 2007 |
TRA-2007-03 |
CA Multiple Products inoweb Console Server Authentication Remote Overflow |
Critical |
CVE-2007-2522 |
April 24, 2007 |
TRA-2007-02 |
CA BrightStor ARCserve Backup Media Server SUN RPC Service Remote Overflows |
Critical |
CVE-2007-2139 |
April 18, 2007 |
TRA-2007-01 |
Novell GroupWise WebAccess GWINTER.exe Basic Authentication Base64 Decoding Overflow |
Critical |
CVE-2007-2171 |
July 11, 2006 |
TRA-2006-01 |
Microsoft Windows Server Service SRV.SYS Crafted Request SMB Information Disclosure |
Medium |
CVE-2006-1315 |