November 5, 2024
TRA-2024-45
GCP 1st Gen Cloud Functions Cross Account Code Execution
Medium
November 5, 2024
TRA-2024-44
SQL Injection in SureCart WordPress Plugin
High
CVE-2024-10859
October 25, 2024
TRA-2024-43
Rockwell Automation ThinManager ThinServer.exe Monitor Thread Multiple Vulnerabilities
Critical
CVE-2024-10386 CVE-2024-10387
October 10, 2024
TRA-2024-42
Ivanti Avalanche WLAvalancheService.exe v6.4.4.0 Multiple Denial of Service Vulnerabilities
High
CVE-2024-47007
October 4, 2024
TRA-2024-41
Ada.cx SSRF via Sentry Misconfiguration
Low
CVE-2024-9410
September 24, 2024
TRA-2024-40
Flowise Stored Cross-Site Scripting
Critical
CVE-2024-9148
September 12, 2024
TRA-2024-39
Siemens Automation License Manager almsrv64x.exe int64 Overflow Unauthenticated DoS
High
CVE-2024-44087
September 12, 2024
TRA-2024-38
WebIQ 2.15.9 Runtime on Windows - Directory Traversal Vulnerability
High
CVE-2024-8752
September 6, 2024
TRA-2024-37
Siemens SINEC NMS UMC Unauthenticated Heap-based Buffer Overflow
Critical
CVE-2024-33698
August 30, 2024
TRA-2024-36
OPA SMB Force-Authentication
Medium
CVE-2024-8260
August 27, 2024
TRA-2024-35
Fortra FileCatalyst Workflow Static HSQLDB Password
Critical
CVE-2024-6633
August 27, 2024
TRA-2024-34
Flowise Denial of Service
High
CVE-2024-8182
August 27, 2024
TRA-2024-33
Flowise Authentication Bypass
Critical
CVE-2024-8181
August 19, 2024
TRA-2024-32
Microsoft Copilot Studio SSRF
Critical
CVE-2024-38206
August 14, 2024
TRA-2024-31
DevikaAI Stored Cross-Site Scripting
Medium
CVE-2024-7790
August 13, 2024
TRA-2024-30
Ivanti Avalanche WLInfoRailService.exe Off-By-One Unauthenticated DoS
High
CVE-2024-36136
August 13, 2024
TRA-2024-27
Microsoft Azure Health Bot Server-Side Request Forgery (Data Connection Endpoints)
Critical
CVE-2024-38109
August 13, 2024
TRA-2024-28
Microsoft Azure Health Bot Server-Side Request Forgery (FHIR Endpoint Validation)
High
August 13, 2024
TRA-2024-29
Schneider Electric Accutech Manager RFManagerService.exe Denial of Service
High
CVE-2024-6918
July 30, 2024
TRA-2024-26
Langflow Privilege Escalation through Mass Assignment
High
CVE-2024-7297
June 25, 2024
TRA-2024-25
Fortra FileCatalyst Workflow Unauthenticated SQLi
Critical
CVE-2024-5276
June 25, 2024
TRA-2024-24
Rockwell Automation ThinManager ThinServer Multiple Vulnerabilities
Critical
CVE-2024-5988 CVE-2024-5989 CVE-2024-5990
June 25, 2024
TRA-2024-23
NextChat Server-Side Request Forgery / Cross-Site Scripting
High
CVE-2024-38514
June 17, 2024
TRA-2024-22
SSRF Security Feature Bypass in Azure AI and ML Studios
High
June 6, 2024
TRA-2024-21
Multiple Vulnerabilities in Adobe FrameMaker Publishing Server (FMPS) December 2022 release Update 2
Critical
CVE-2024-30299 CVE-2024-30300
June 4, 2024
TRA-2024-20
Google Cloud Platform (GCP) Privilege Escalation Vulnerability In Cloud Functions
Medium
June 3, 2024
TRA-2024-19
Microsoft Azure Firewall Bypass Vulnerability
High
June 2, 2024
TRA-2024-18
Google Cloud Platform Remote Code Execution Vulnerability in GCP Composer
Critical
May 17, 2024
TRA-2024-17
Fluent Bit Memory Corruption Vulnerability
Critical
CVE-2024-4323
May 14, 2024
TRA-2024-16
Cross-Site Scripting in WordPress RSS Aggregator Plugin
Medium
CVE-2024-4860
May 14, 2024
TRA-2024-15
Solidus Stored Cross-Site Scripting
Medium
CVE-2024-4859
May 9, 2024
TRA-2024-14
CyberPower PowerPanel Enterprise Power Device Network Utility Multiple Vulnerabilities
Critical
CVE-2024-32735 CVE-2024-32736 CVE-2024-32737 CVE-2024-32738 CVE-2024-32739
May 6, 2024
TRA-2024-13
Delta Electronics DIAEnergie CEBC.exe Multiple Vulnerabilities
Critical
CVE-2024-4547 CVE-2024-4548 CVE-2024-4549
April 19, 2024
TRA-2024-12
Approach.App Multiple Vulnerabilities
High
April 19, 2024
TRA-2024-11
Karros Technologies Authentication Bypass
Critical
April 17, 2024
TRA-2024-10
Ivanti Avalanche WLAvalancheService.exe Unauthenticated Heap-based Buffer Overflow
Critical
CVE-2024-29204
April 5, 2024
TRA-2024-09
Path Traversal Affecting Multiple CData Products
Critical
CVE-2024-31848 CVE-2024-31849 CVE-2024-31850 CVE-2024-31851
March 28, 2024
TRA-2024-08
LG LED Assistant v2.1.65 Multiple Vulnerabilities
Critical
CVE-2024-2862 CVE-2024-2863
March 13, 2024
TRA-2024-07
Arcserve Unified Data Protection 9.2 Multiple Vulnerabilities
Critical
CVE-2024-0799 CVE-2024-0800 CVE-2024-0801
March 6, 2024
TRA-2024-06
Microsoft Azure Synapse Analytics - Privilege Escalation via Vegas Caching Service
Medium
February 26, 2024
TRA-2024-05
Showdownjs Denial of Service
Medium
CVE-2024-1899
February 13, 2024
TRA-2024-04
Missing Authentication for Critical Function in Adobe FrameMaker Publishing Server (FMPS)
Critical
CVE-2024-20738
January 30, 2024
TRA-2024-03
Appwrite Blind SSRF
Medium
CVE-2024-1063
January 30, 2024
TRA-2024-02
SQL Injection in HTML5 Video Player WordPress Plugin
High
CVE-2024-1061
January 10, 2024
TRA-2024-01
Pimcore Multiple Vulnerabilities
Medium
CVE-2024-21665 CVE-2024-21666 CVE-2024-21667
December 28, 2023
TRA-2023-43
D-Link D-View 8 Unauthenticated Probe-Core Server Communication
Critical
CVE-2023-7163
December 18, 2023
TRA-2023-42
Ivanti Avalanche Multiple Vulnerabilities
Critical
CVE-2023-46216 CVE-2023-46217 CVE-2023-41727
December 12, 2023
TRA-2023-41
Edulog Parent Portal Products Improper Access Controls
Critical
November 30, 2023
TRA-2023-40
SQL Injection in My Calendar WordPress Plugin
High
CVE-2023-6360
November 28, 2023
TRA-2023-39
NETGEAR ProSAFE Network Management System (NMS300) Multiple Vulnerabilities
Critical
CVE-2023-49693 CVE-2023-49694
November 27, 2023
TRA-2023-38
LG LED Assistant Multiple Vulnerabilities
Critical
November 27, 2023
TRA-2023-37
Arcserve Unified Data Protection Multiple Vulnerabilities
Critical
CVE-2023-41998 CVE-2023-41999 CVE-2023-42000
November 27, 2023
TRA-2023-36
Control iD iDSecure passwordCustom Authentication Bypass
Critical
CVE-2023-6329
November 15, 2023
TRA-2023-35
ManageEngine Information Disclosure
Medium
CVE-2023-6105
October 18, 2023
TRA-2023-34
Cacti Privilege Escalation
High
CVE-2023-31132
October 18, 2023
TRA-2023-33
Advantech R-SeeNet snmpmon.ini Unauthenticated Read Write
Critical
CVE-2023-5642
September 19, 2023
TRA-2023-32
Authentication Bypass in D-Link D-View 8
Critical
CVE-2023-5074
September 13, 2023
TRA-2023-31
PaperCut NG Unauthenticated XMLRPC Functionality
Medium
CVE-2023-4568
September 5, 2023
TRA-2023-30
Moxa MXsecurity Unauthenticated Device Registration
Medium
CVE-2023-39983
August 28, 2023
TRA-2023-29
Citrix ShareFile Reflected XSS on Login Page
Medium
August 17, 2023
TRA-2023-28
Rockwell Automation ThinManager ThinServer Multiple Vulnerabilities
Critical
CVE-2023-2914 CVE-2023-2915 CVE-2023-2917
August 14, 2023
TRA-2023-27
Unauthenticated Stack Buffer Overflows in Ivanti Avalanche
Critical
CVE-2023-32560
August 3, 2023
TRA-2023-26
Reflected Cross-Site Scripting in AYS Popup Box WordPress Plugin
Medium
CVE-2023-4137
July 31, 2023
TRA-2023-25
Unauthorized Access to Cross-Tenant Applications in Microsoft Power Platform
Critical
July 27, 2023
TRA-2023-24
Authenticated SQL Injection in Advantech iView
High
CVE-2023-3983
July 25, 2023
TRA-2023-23
PaperCut NG Unauthenticated File Upload
High
CVE-2023-3486
July 17, 2023
TRA-2023-22
Cross-Site Scripting in Microsoft Teams via Dynamics and Microsoft Stream Domains
Medium
May 31, 2023
TRA-2023-21
Contec CONPROSYS HMI System Login DoS
Medium
CVE-2023-2758
May 19, 2023
TRA-2023-20
Stored Cross-Site Scripting in Craft CMS
Low
CVE-2023-2817
May 19, 2023
TRA-2023-19
Multiple Vulnerabilities in Telstra Device
High
May 8, 2023
TRA-2023-18
Strikingly CMS Prototype Pollution
Medium
CVE-2023-2582
May 1, 2023
TRA-2023-17
Trend Micro Mobile Security for Enterprise Multiple Vulnerabilities
Critical
CVE-2023-32521 CVE-2023-32522
April 25, 2023
TRA-2023-16
Zoho ManageEngine Disclosure of Hardcoded Credentials
High
CVE-2023-2291
April 21, 2023
TRA-2023-15
Schneider Electric APC Easy UPS Online Monitoring Software Unauthenticated RMI Calls
Critical
CVE-2023-29411
March 31, 2023
TRA-2023-14
Contec CONPROSYS HMI System (CHS) Unauthenticated SQLi
High
CVE-2023-1658
March 21, 2023
TRA-2023-13
Rockwell Automation ThinManager ThinServer Multiple Vulnerabilities
Critical
CVE-2023-27855 CVE-2023-27856 CVE-2023-27857
March 14, 2023
TRA-2023-12
Netgear RAX30 Multiple Vulnerabilities
High
CVE-2023-28337 CVE-2023-28338
March 14, 2023
TRA-2023-11
Unauthenticated Command Injection in TP-Link Archer AX21 (AX1800)
High
CVE-2023-1389
March 10, 2023
TRA-2023-10
Authentication Bypass in Netgear RAX30 (AX2400) < 1.0.6.74
High
CVE-2023-1327
March 8, 2023
TRA-2023-9
Netgear RAX30 Multiple Vulnerabilities
High
CVE-2023-27850 CVE-2023-27851 CVE-2023-27852 CVE-2023-27853 CVE-2023-1205
February 27, 2023
TRA-2023-8
Multiple Vulnerabilities in OpenCATS 0.9.6
High
CVE-2023-27292 CVE-2023-27293 CVE-2023-27294 CVE-2023-27295
February 22, 2023
TRA-2023-7
Insecure Deserialization in Multiple WordPress Plugins
High
CVE-2023-26326 CVE-2023-28667
February 1, 2023
TRA-2023-6
Cross-Site Scripting in Multiple Microsoft Domains and Microsoft Teams
Medium
January 30, 2023
TRA-2023-5
Trend Micro Apex One fcgiOfcDDA.exe File Upload Vulnerability
High
CVE-2023-0587
January 23, 2023
TRA-2023-4
Delta Electronics InfraSuite Device Master Privilege Escalation
High
CVE-2023-0444
January 12, 2023
TRA-2023-3
Cross-Site Scripting vulnerabilities in Multiple WordPress Plugins
Medium
CVE-2023-23491 CVE-2023-23492 CVE-2023-0448 CVE-2023-28664 CVE-2023-28665 CVE-2023-28666
January 12, 2023
TRA-2023-2
SQL Injection in Multiple WordPress Plugins
Critical
CVE-2023-23488 CVE-2023-23489 CVE-2023-23490 CVE-2023-26325 CVE-2023-28659 CVE-2023-28660 CVE-2023-28661 CVE-2023-28662 CVE-2023-28663
January 9, 2023
TRA-2023-1
Command Injection in D-Link DWL-2600AP with firmware v4.2.0.17
Medium
CVE-2023-0127
December 16, 2022
TRA-2022-37
NETGEAR Nighthawk WiFi6 Router Multiple Vulnerabilities
Critical
CVE-2022-47208 CVE-2022-47209 CVE-2022-47210
December 2, 2022
TRA-2022-36
NETGEAR Nighthawk WiFi6 Router Network Misconfiguration
Medium
CVE-2022-4390
November 21, 2022
TRA-2022-35
Denial of Service Vulnerability in Dropbox's JPEG Compression Tool, Lepton
Low
CVE-2022-4104
October 25, 2022
TRA-2022-33
Delta Electronics DIAEnergie Multiple Vulnerabilities
Critical
CVE-2022-43774 CVE-2022-43775
October 25, 2022
TRA-2022-34
SSRF in Metabase GeoJSON URL
Medium
CVE-2022-43776
September 26, 2022
TRA-2022-32
Advantech iView ConfigurationServlet setConfiguration SQL Injection
Critical
CVE-2022-3323
September 12, 2022
TRA-2022-31
VISAM VBASE v11.7.0.2 Credential Disclosure
High
CVE-2022-3217
September 1, 2022
TRA-2022-30
RStudio Connect Open Redirect
Medium
CVE-2022-38131
August 15, 2022
TRA-2022-29
Multiple Vulnerabilities in Eyes of Network Web version 5.3
High
CVE-2022-38357 CVE-2022-38358 CVE-2022-38359
August 10, 2022
TRA-2022-28
Keysight Technologies Sensor Management Server Multiple RCE Vulnerabilities
Critical
CVE-2022-38129 CVE-2022-38130
July 15, 2022
TRA-2022-27
Microsoft Azure Arc Jumpstart Information Disclosure
Medium
CVE-2022-35798
July 12, 2022
TRA-2022-26
Microsoft Azure Site Recovery Privilege Escalation
High
CVE-2022-33675
July 6, 2022
TRA-2022-25
ManageEngine Multiple Products Remote Directory/File Creation
Medium
CVE-2022-35404
June 28, 2022
TRA-2022-24
Apple Safari Security Feature Bypass (Trusted Downloads)
Low
June 15, 2022
TRA-2022-23
Schneider Electric IGSS Data Server v15.0.0.22139 Project Report Directory File Manipulation
High
CVE-2022-32528
June 15, 2022
TRA-2022-22
Schneider Electric IGSS Data Server Multiple Vulnerabilities
Critical
CVE-2022-32522 CVE-2022-32523 CVE-2022-32524 CVE-2022-32525 CVE-2022-32526 CVE-2022-32527 CVE-2022-32529
June 8, 2022
TRA-2022-21
XSS in Rustici Software SCORM Engine
Medium
CVE-2022-2035
June 6, 2022
TRA-2022-19
Microsoft Azure Synapse Analytics Hosts File Poisoning
Low
June 6, 2022
TRA-2022-20
Microsoft Azure Synapse Analytics Privilege Escalation
Critical
June 1, 2022
TRA-2022-18
Windows Azure Guest Agent Privilege Escalation
Low
May 16, 2022
TRA-2022-17
Metasonic Doc WebClient SQL Injection
Medium
CVE-2022-1731
May 5, 2022
TRA-2022-16
Cross-site Scripting in webapp.kaiza.la and kaizala mobile app
Medium
May 5, 2022
TRA-2022-15
Reflected Cross-Site Scripting in businesscenter.kaiza.la
Medium
April 27, 2022
TRA-2022-14
ManageEngine Access Manager Plus REST API Restriction Bypass
High
CVE-2022-29081
April 19, 2022
TRA-2022-13
Schneider Electric IGSS Data Server v15.0.0.22073 Integer Overflow
Critical
CVE-2022-2329
April 14, 2022
TRA-2022-12
Information Disclosure in Gryphon Shepherd API
Low
April 12, 2022
TRA-2022-11
PositiveGrid Spark API Multiple Vulnerabilities
Low
April 6, 2022
TRA-2022-09
Command Injection Vulnerability in /bin/protest Binary on Multiple D-Link Routers
Medium
CVE-2022-1262
April 6, 2022
TRA-2022-10
Cross-Site Scripting in Odoo Apps via Prototype Pollution
Medium
March 23, 2022
TRA-2022-08
XSS via angular template injection in manage.kaiza.la
Medium
March 11, 2022
TRA-2022-07
Vulnerability in DVDFab Player Permits Attacker to Read Arbitrary Files in Windows Filesystem
High
CVE-2022-25216
February 28, 2022
TRA-2022-06
Zyxel Routers and Home WiFi Systems - Unprotected Root Access via UART Using Default Password
High
CVE-2021-35033
February 22, 2022
TRA-2022-05
Multiple Vulnerabilities in Trend Micro ServerProtect
Critical
CVE-2022-25329 CVE-2022-25330 CVE-2022-25331
February 14, 2022
TRA-2022-04
Microsoft Teams Session Token in URL (Zip Preview)
Low
February 7, 2022
TRA-2022-03
Schneider Electric IGSS Data Collector Multiple Vulnerabilities
High
CVE-2021-22823 CVE-2021-22824
February 7, 2022
TRA-2022-02
Schneider Electric IGSS Data Server Multiple Vulnerabilities
Critical
CVE-2022-24310 CVE-2022-24314
February 1, 2022
TRA-2022-01
Unpatchable Vulnerabilities in Phicomm Router Firmware
High
CVE-2022-25214 CVE-2022-25215 CVE-2022-25217 CVE-2022-25218 CVE-2022-25219 CVE-2022-25213
December 30, 2021
TRA-2021-58
Bitmask Riseup Local Privilege Escalation
High
CVE-2021-44466
December 30, 2021
TRA-2021-57
Netgear Nighthawk R6700 Multiple Vulnerabilities
High
CVE-2021-20173 CVE-2021-20174 CVE-2021-20175 CVE-2021-23147 CVE-2021-45732 CVE-2021-45077
December 30, 2021
TRA-2021-56
Netgear Genie MacOS Installer Privilege Escalation
Medium
CVE-2021-20172
December 30, 2021
TRA-2021-55
Netgear Nighthawk RAX43 Multiple Vulnerabilities
Critical
CVE-2021-20166 CVE-2021-20167 CVE-2021-20168 CVE-2021-20169 CVE-2021-20170 CVE-2021-20171
December 30, 2021
TRA-2021-54
Trendnet AC2600 TEW-827DRU Multiple Vulnerabilities
Critical
CVE-2021-20149 CVE-2021-20150 CVE-2021-20151 CVE-2021-20152 CVE-2021-20153 CVE-2021-20154 CVE-2021-20155 CVE-2021-20156 CVE-2021-20157 CVE-2021-20158 CVE-2021-20159 CVE-2021-20160 CVE-2021-20161 CVE-2021-20162 CVE-2021-20163 CVE-2021-20164 CVE-2021-20165
December 30, 2021
TRA-2021-53
AutoDesk Meshmixer macOS Installer Local Privilege Escalation
Medium
December 23, 2021
TRA-2021-52
ManageEngine SelfService Plus Multiple Vulnerabilities
Medium
CVE-2021-20147 CVE-2021-20148
December 7, 2021
TRA-2021-51
Multiple Vulnerabilities in Gryphon Tower Router
Critical
CVE-2021-20137 CVE-2021-20138 CVE-2021-20139 CVE-2021-20140 CVE-2021-20141 CVE-2021-20142 CVE-2021-20143 CVE-2021-20144 CVE-2021-20145 CVE-2021-20146
November 16, 2021
TRA-2021-50
Schneider Electric C-Gate Multiple Vulnerabilities
High
CVE-2021-22796 CVE-2021-22720 CVE-2021-22784
November 8, 2021
TRA-2021-49
Arris SurfBoard SB8200 Insecure Password Change Utility
Medium
CVE-2021-20119
October 29, 2021
TRA-2021-48
ManageEngine Log360 Database Configuration Overwrite Unauthenticated RCE
Critical
CVE-2021-20136
October 26, 2021
TRA-2021-47
CODESYS V2 Web Server Multiple Vulnerabilities
Critical
CVE-2021-34583 CVE-2021-34584 CVE-2021-34585 CVE-2021-34586
October 26, 2021
TRA-2021-46
Wishpond Connect.js Javascript Library Prototype Pollution
Medium
October 20, 2021
TRA-2021-45
Arris SurfBoard SB8200 Cross Site Request Forgery
High
CVE-2021-20120
October 19, 2021
TRA-2021-44
Critical Vulnerabilities on the D-Link DIR-2640 Router
High
CVE-2021-20132 CVE-2021-20133 CVE-2021-20134
October 13, 2021
TRA-2021-43
ManageEngine ADManager Plus Build 7111 Multiple Vulnerabilities
High
CVE-2021-20130 CVE-2021-20131
October 12, 2021
TRA-2021-42
Multiple Vulnerabilities in Draytek VigorConnect 1.60.0-B3
Critical
CVE-2021-20123 CVE-2021-20124 CVE-2021-20125 CVE-2021-20126 CVE-2021-20127 CVE-2021-20128 CVE-2021-20129
October 11, 2021
TRA-2021-41
Multiple Vulnerabilities in Telus Wi-Fi Hub
Medium
CVE-2021-20121 CVE-2021-20122
October 8, 2021
TRA-2021-40
Johnson Controls exacqVision Multiple Vulnerabilities
Critical
CVE-2021-27664 CVE-2021-27665
September 14, 2021
TRA-2021-39
Multiple Vulnerabilities in Tracki / Trackimo GPS Platform and application
Medium
September 14, 2021
TRA-2021-38
Multiple Vulnerabilities in Optimus GPS Platform
Medium
September 14, 2021
TRA-2021-37
Multiple Vulnerabilities in Spytec GPS platform
Medium
September 14, 2021
TRA-2021-36
Multiple Vulnerabilities in LandAirSea SilverCloud GPS Platform
Medium
August 19, 2021
TRA-2021-35
User Enumeration in GSuite Okta Integration
Low
August 9, 2021
TRA-2021-34
Cisco Webex Universal Links Redirect
Medium
August 9, 2021
TRA-2021-33
HPE Edgeline Infrastructure Manager Unauthenticated Information Disclosure
Medium
CVE-2021-26586
July 21, 2021
TRA-2021-32
Multiple Vulnerabilities in TCExam
Critical
CVE-2021-20111 CVE-2021-20112 CVE-2021-20113 CVE-2021-20114 CVE-2021-20115 CVE-2021-20116
July 16, 2021
TRA-2021-31
Manage Engine Asset Explorer Agent - Integer Overflow
High
CVE-2021-20110
July 16, 2021
TRA-2021-30
Manage Engine Heap Overflow POST payload
High
CVE-2021-20109
July 16, 2021
TRA-2021-29
Manage Engine Asset Explorer Agent - Remote DoS
High
CVE-2021-20108
July 12, 2021
TRA-2021-28
Schneider Electric Modicon M340 / M580 Authentication Bypass Vulnerability
High
CVE-2021-22779
July 12, 2021
TRA-2021-27
AWS EC2 macOS Local Privilege Escalation
Medium
June 30, 2021
TRA-2021-26
Sloan Smart Faucet Unauthenticated BLE
Medium
CVE-2021-20107
June 28, 2021
TRA-2021-25
Machform Multiple Vulnerabilities
High
CVE-2021-20101 CVE-2021-20102 CVE-2021-20103 CVE-2021-20104 CVE-2021-20105
June 15, 2021
tra-2021-24
Multiple Vulnerabilities in Wibu-Systems CodeMeter
Critical
CVE-2021-20093 CVE-2021-20094
June 13, 2021
TRA-2021-23
Multiple vulnerabilities in Microsoft Power Apps (apps.powerapps.com, make.powerapps.com)
Medium
June 9, 2021
TRA-2021-22
ManageEngine ServiceDesk Plus Authenticated RCE
High
CVE-2021-20081
June 2, 2021
TRA-2021-21
macOS Gatekeeper Bypass / Local Privilege Escalation
Medium
June 2, 2021
TRA-2021-20
macOS Installer Local Privilege Escalation
Medium
June 2, 2021
TRA-2021-19
Microsoft Teams macOS Installer Local Privilege Escalation
Medium
May 21, 2021
TRA-2021-18
OpenOversight Multiple Vulnerabilities
Medium
CVE-2021-20096
May 19, 2021
TRA-2021-17
SecureDrop OSSEC Cross-Site Request Forgery
Low
May 11, 2021
TRA-2021-16
LINE Private IP Address and Platform information Disclosure via GIFMagazine
Medium
April 30, 2021
TRA-2021-15
HPE Edgeline Infrastructure Manager v1.21 Authentication Bypass
Critical
CVE-2021-29203
April 28, 2021
TRA-2021-14
Python-Babel/Babel Locale Directory Traversal / Arbitrary Code Execution
Medium
April 23, 2021
TRA-2021-13
Multiple Vulnerabilities in Buffalo and Arcadyan manufactured routers
High
CVE-2021-20090 CVE-2021-20091 CVE-2021-20092
April 21, 2021
TRA-2021-12
Stored XSS in make.powerapps.com
Medium
April 8, 2021
TRA-2021-11
ManageEngine ServiceDesk Plus and AssetExplorer - Unauthenticated Stored XSS
Medium
CVE-2021-20080
March 31, 2021
TRA-2021-10
ManageEngine OpManager Remote Directory Deletion
Critical
CVE-2021-20078
March 12, 2021
TRA-2021-09
Microsoft Teams services forwarding to untrusted domain
Medium
March 8, 2021
TRA-2021-08
LINE Debugging Interface Information Disclosure
Medium
March 1, 2021
TRA-2021-07
Dell EMC OpenManage Server Administrator Authentication Bypass
Critical
CVE-2021-21513
February 22, 2021
TRA-2021-06
Secomea GateManager Multiple Vulnerabilities
High
CVE-2020-29028 CVE-2020-29030 CVE-2020-29032
February 16, 2021
TRA-2021-05
JSDom Improper Loading of Local Resources
Medium
CVE-2021-20066
February 16, 2021
TRA-2021-04
Racom MIDGE Firmware Multiple Vulnerabilities
High
CVE-2021-20067 CVE-2021-20068 CVE-2021-20069 CVE-2021-20070 CVE-2021-20071 CVE-2021-20072 CVE-2021-20073 CVE-2021-20074 CVE-2021-20075
February 15, 2021
TRA-2021-03
IBM Spectrum Protect Operations Center 8.1.10 Multiple Vulnerabilities
High
CVE-2020-4954 CVE-2020-4955 CVE-2020-4956
February 4, 2021
TRA-2021-02
ManageEngine Applications Manager Authenticated SQLi
High
CVE-2020-35765
January 7, 2021
TRA-2021-01
Marvell QConvergeConsole GUI Multiple Vulnerabilities
High
CVE-2020-5804 CVE-2020-5805
December 28, 2020
TRA-2020-71
Rockwell Automation FactoryTalk Multiple Vulnerabilities
High
CVE-2020-5801 CVE-2020-5802 CVE-2020-5806 CVE-2020-5807
December 18, 2020
TRA-2020-70
Secomea GateManager Multiple Vulnerabilities
Medium
CVE-2020-29021 CVE-2020-29022
December 15, 2020
TRA-2020-69
Carbon Black Installer Multiple Vulnerabilities
Medium
CVE-2020-4008
December 6, 2020
TRA-2020-68
PsExec Local Privilege Escalation
Medium
December 4, 2020
TRA-2020-67
Druva inSync Installer Privilege Escalation
High
CVE-2020-5798
December 4, 2020
TRA-2020-66
IBM Spectrum Protect Plus Static Credential Vulnerability
Critical
CVE-2020-4854
December 3, 2020
TRA-2020-65
Eat Spray Love Mobile App Multiple Vulnerabilities
High
CVE-2020-5799 CVE-2020-5800
November 23, 2020
TRA-2020-64
Cross-site Scripting via WHOIS and DNS records on multiple lookup platforms
High
November 16, 2020
TRA-2020-63
Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities
High
CVE-2020-28578 CVE-2020-28579 CVE-2020-28580 CVE-2020-28581
November 16, 2020
TRA-2020-62
Trend Micro Worry-Free Business Security Unauthenticated Remote File Deletion
High
CVE-2020-28574
November 13, 2020
TRA-2020-61
Nagios XI Local Privilege Escalation
High
CVE-2020-5796
November 5, 2020
TRA-2020-60
TP-Link Archer Routers USB Symlink Following Vulnerabilities
Medium
CVE-2020-5795 CVE-2020-5797
October 21, 2020
TRA-2020-59
Umbraco Cloud CMS Multiple Vulnerabilities
Medium
CVE-2020-5809 CVE-2020-5810 CVE-2020-5811
October 20, 2020
TRA-2020-58
Nagios XI Multiple Vulnerabilities
Medium
CVE-2020-5790 CVE-2020-5791 CVE-2020-5792
October 1, 2020
TRA-2020-57
Teltonika Gateway TRB245 Multiple Vulnerabilities
Medium
CVE-2020-5784 CVE-2020-5785 CVE-2020-5786 CVE-2020-5787 CVE-2020-5788 CVE-2020-5789
September 25, 2020
TRA-2020-56
Marvell QConvergeConsole GUI Multiple Vulnerabilities
High
CVE-2020-15643 CVE-2020-15644 CVE-2020-15645 CVE-2020-5803
September 22, 2020
TRA-2020-55
IgniteNet HeliOS GLinq v2.2.1 r2961 Multiple Vulnerabilities
Medium
CVE-2020-5781 CVE-2020-5782 CVE-2020-5783
September 14, 2020
TRA-2020-54
IBM Spectrum Protect Plus 10.1.6-1974 Multiple Vulnerabilities
High
CVE-2020-4711 CVE-2020-4703
September 9, 2020
TRA-2020-53
Unauthenticated email forgery/spoofing in WordPress Email Subscribers plugin
High
CVE-2020-5780
September 2, 2020
TRA-2020-52
Trading Technologies Messaging Multiple Unauthenticated Remote DoS
High
CVE-2020-5778 CVE-2020-5779
September 1, 2020
TRA-2020-51
MAGMI Multiple Vulnerabilities
Medium
CVE-2020-5777 CVE-2020-5776
August 28, 2020
TRA-2020-50
IBM Spectrum Protect CertQryResp Unauthenticated Remote DoS
High
CVE-2020-4559
August 11, 2020
TRA-2020-49
Canvas LMS Unauthenticated Blind SSRF
Medium
CVE-2020-5775
August 3, 2020
TRA-2020-48
Teltonika Gateway TRB245 Multiple Vulnerabilities
High
CVE-2020-5770 CVE-2020-5771 CVE-2020-5772 CVE-2020-5773
July 29, 2020
TRA-2020-47
Grandstream ATA HT800 Series Multiple Vulnerabilities
Critical
CVE-2020-5760 CVE-2020-5761 CVE-2020-5762 CVE-2020-5763
July 22, 2020
TRA-2020-46
CODESYS V3 Unauthenticated Webserver Memory Leak DoS
High
CVE-2020-15806
July 17, 2020
TRA-2020-45
Ubiquiti UniFi Protect Username Discovery
Medium
CVE-2020-8213
July 16, 2020
TRA-2020-44
Multiple Vulnerabilities in Icegram Email Subscribers & Newsletters Plugin for WordPress
Medium
CVE-2020-5767 CVE-2020-5768
July 16, 2020
TRA-2020-43
Teltonika Gateway TRB245 Stored Cross-site Scripting
Low
CVE-2020-5769
July 10, 2020
TRA-2020-42
SQL Injection in SRS Simple Hits Counter Plugin for WordPress
Medium
CVE-2020-5766
July 7, 2020
TRA-2020-41
MX Player Android App Directory Traversal
High
CVE-2020-5764
June 23, 2020
TRA-2020-40
Grandstream UCM6200 Series Multiple Authenticated RCE
Critical
CVE-2020-5757 CVE-2020-5758 CVE-2020-5759
June 23, 2020
TRA-2020-39
Grandstream GWN7000 Authenticated Command Execution
Critical
CVE-2020-5756
June 19, 2020
TRA-2020-38
VMware Tools Denial of Service
Medium
CVE-2020-3972
June 15, 2020
TRA-2020-37
IBM Spectrum Protect Plus Multiple Vulnerabilities
Critical
CVE-2020-4469 CVE-2020-4470 CVE-2020-4471
June 15, 2020
TRA-2020-36
Webroot Multiple Vulnerabilities
High
CVE-2020-5754 CVE-2020-5755
June 15, 2020
TRA-2020-35
Plex Media Server Weak CORS Policy
Medium
CVE-2020-5742
May 21, 2020
TRA-2020-34
Druva inSync Windows Client Local Privilege Escalation (CVE-2019-3999 Patch Bypass)
High
CVE-2020-5752
May 19, 2020
TRA-2020-33
Signal App Information Disclosure
Low
CVE-2020-5753
May 7, 2020
TRA-2020-32
Plex Media Server Authenticated Python Deserialization / RCE (Windows)
Medium
CVE-2020-5741
May 7, 2020
TRA-2020-31
TCExam Multiple Vulnerabilities
Medium
CVE-2020-5743 CVE-2020-5744 CVE-2020-5745 CVE-2020-5746 CVE-2020-5747 CVE-2020-5748 CVE-2020-5749 CVE-2020-5750 CVE-2020-5751
May 4, 2020
TRA-2020-30
Instacart SMS Link Spoofing Vulnerability
Medium
May 1, 2020
TRA-2020-29
SimpliSafe SS3 PIN Add Using Rogue Keypad
Low
CVE-2020-5727
April 27, 2020
TRA-2020-28
Flexera FlexNet Publisher lmadmin Message 282 Remote DoS
Medium
CVE-2020-12080
April 22, 2020
TRA-2020-27
Ubiquiti UniFi Cloud Key - Unprotected root UART Access
High
CVE-2020-8157
April 22, 2020
TRA-2020-26
IBM Spectrum Protect Verb 134 Unauthenticated Remote Stack Overflow
Critical
CVE-2020-4415
April 21, 2020
TRA-2020-25
Plex Media Server Local Privilege Escalation (Windows)
High
CVE-2020-5740
April 15, 2020
TRA-2020-24
Cisco IP Phones Web Server Multiple Vulnerabilities
Critical
CVE-2020-3161 CVE-2016-1421
April 15, 2020
TRA-2020-23
MikroTik WinBox Cleartext Password Storage
Low
CVE-2020-5721
April 13, 2020
TRA-2020-22
Grandstream GXP1600 Series Multiple Issues
Critical
CVE-2020-5738 CVE-2020-5739
April 9, 2020
TRA-2020-21
Ubiquiti Unifi Cloud Key Gen2 Plus Unauthenticated Hostname Modification
Medium
CVE-2020-8148
April 7, 2020
TRA-2020-20
Amcrest Camera/NVR Multiple Vulnerabilities
Critical
CVE-2020-5735 CVE-2020-5736
April 6, 2020
TRA-2020-19
SolarWinds Dameware DoS
High
CVE-2020-5734
April 3, 2020
TRA-2020-18
OpenMRS Multiple Vulnerabilities
Medium
CVE-2020-5728 CVE-2020-5729 CVE-2020-5730 CVE-2020-5731 CVE-2020-5732 CVE-2020-5733
March 30, 2020
TRA-2020-17
Grandstream UCM62xx Multiple SQL Injections
Medium
CVE-2020-5723 CVE-2020-5724 CVE-2020-5725 CVE-2020-5726
March 25, 2020
TRA-2020-16
CODESYS V3 Unauthenticated Remote Heap Overflow
Critical
CVE-2020-10245
March 23, 2020
TRA-2020-15
Grandstream UCM62xx SQL Injection
Critical
CVE-2020-5722
March 12, 2020
TRA-2020-14
Kodi Multiple Issues
High
February 26, 2020
TRA-2020-13
Advantech WebAccess/SCADA Unauthenticated Remote Heap Buffer Overflow
Critical
February 25, 2020
TRA-2020-12
Druva inSync Client Multiple Vulnerabilities
High
CVE-2019-3999 CVE-2019-4000 CVE-2019-4001
February 19, 2020
TRA-2020-11
Palo Alto Expedition Migration Tool Insufficient XSRF Protection
High
CVE-2020-1977
February 18, 2020
TRA-2020-10
Siemens TIA Portal Denial of Service
High
CVE-2019-19282
February 13, 2020
TRA-2020-09
SimpliSafe SS3 Unauthenticated Wi-Fi Config Modification
Low
CVE-2019-3998
February 9, 2020
TRA-2020-08
Microsoft Windows User Group Policy Bypass
Medium
February 6, 2020
TRA-2020-07
MikroTik WinBox Path Traversal
Medium
CVE-2020-5720
February 3, 2020
TRA-2020-06
Atlassian Jira CSRF
Medium
CVE-2019-20100
February 3, 2020
TRA-2020-05
Atlassian Jira Multiple CSRF
Medium
CVE-2019-20098 CVE-2019-20099
January 23, 2020
TRA-2020-04
CODESYS V3 Denial of Service
High
CVE-2020-7052
January 16, 2020
TRA-2020-03
SimpliSafe SS3 Unauthenticated Keypad Pairing Vulnerability
Low
CVE-2019-3997
January 15, 2020
TRA-2020-02
HPE Smart Update Manager 8.4.5 Remote Unauthorized Access
Critical
CVE-2020-7136
January 14, 2020
TRA-2020-01
MikroTik WinBox Man-in-the-Middle Password Hash Disclosure
Medium
CVE-2019-3981
December 26, 2019
TRA-2019-54
Microsoft Teams Multiple Vulnerabilities
Medium
December 12, 2019
TRA-2019-53
ELOG Multiple Vulnerabilities
High
CVE-2019-3992 CVE-2019-3993 CVE-2019-3994 CVE-2019-3995 CVE-2019-3996
December 11, 2019
TRA-2019-52
Advantech WebAccess/SCADA Stack Buffer Overflow
Critical
CVE-2019-3951
December 5, 2019
TRA-2019-51
Blink XT2 Sync Module Multiple Vulnerabilities
High
CVE-2019-3983 CVE-2019-3984 CVE-2019-3985 CVE-2019-3986 CVE-2019-3987 CVE-2019-3988 CVE-2019-3989
December 3, 2019
TRA-2019-50
Harbor.io User Enumeration Vulnerability
Medium
CVE-2019-3990
November 20, 2019
TRA-2019-49
Schneider Electric FLM v2.3.1.0 / FlexNet Publisher 11.6.2 Multiple Vulnerabilities
High
CVE-2019-8960 CVE-2019-8961
November 20, 2019
TRA-2019-48
CODESYS V3 Unauthenticated Remote Heap Buffer Overflow
Critical
CVE-2019-18858
November 6, 2019
TRA-2019-47
Qualcomm Atheros Universal WLAN Kernel Memory Disclosure
Medium
CVE-2019-10618
October 28, 2019
TRA-2019-46
MikroTik RouterOS Multiple Vulnerabilities
High
CVE-2019-3976 CVE-2019-3977 CVE-2019-3978 CVE-2019-3979
October 17, 2019
TRA-2019-45
Cisco TelePresence Advanced Media Gateway 3610 Denial of Service
Medium
CVE-2019-15966
October 15, 2019
TRA-2019-44
Cisco SPA100 Series Multiple Vulnerabilities
Critical
CVE-2019-15240 CVE-2019-15241 CVE-2019-15242 CVE-2019-15243 CVE-2019-15244 CVE-2019-15245 CVE-2019-15246 CVE-2019-15247 CVE-2019-15248 CVE-2019-15249 CVE-2019-15250 CVE-2019-15251 CVE-2019-15252 CVE-2019-15257 CVE-2019-15258 CVE-2019-12702 CVE-2019-12703 CVE-2019-12704 CVE-2019-12708
September 30, 2019
TRA-2019-43
SolarWinds Dameware Mini Remote Control Unauthenticated RCE
Critical
CVE-2019-3980
September 25, 2019
TRA-2019-42
HPE iMC 7.3 E0703 Multiple Vulnerabilities
Critical
CVE-2019-5390 CVE-2019-5391
September 10, 2019
TRA-2019-41
Advantech WebAccess/SCADA 8.4.1 Unauthenticated Remote Stack Buffer Overflow
Critical
CVE-2019-3975
August 19, 2019
TRA-2019-40
OpenEMR Multiple Vulnerabilities
High
CVE-2019-3963 CVE-2019-3964 CVE-2019-3965 CVE-2019-3966 CVE-2019-3967 CVE-2019-3968
August 12, 2019
TRA-2019-39
Apple macOS / iOS UIFoundation Vulnerability
Medium
August 2, 2019
TRA-2019-38
macOS LaunchServices Denial of Service
Medium
July 30, 2019
TRA-2019-37
WallacePOS Multiple Vulnerabilities
Medium
CVE-2019-3958 CVE-2019-3959 CVE-2019-3960
July 29, 2019
TRA-2019-36
Amcrest IP Camera Multiple Vulnerabilities
Medium
CVE-2019-3948
July 17, 2019
TRA-2019-35
Jenkins Path Traversal / Arbitrary File Write
Medium
CVE-2019-10352
July 15, 2019
TRA-2019-34
Comodo Antivirus Multiple Vulnerabilities
Medium
CVE-2019-3969 CVE-2019-3970 CVE-2019-3971 CVE-2019-3972 CVE-2019-3973
July 8, 2019
TRA-2019-33
Siemens TIA Portal (STEP7) Remote Code Execution
Critical
CVE-2019-10915
July 2, 2019
TRA-2019-32
Citrix SD-WAN Appliance Multiple Vulnerabilities
Critical
CVE-2019-12989 CVE-2019-12991
July 2, 2019
TRA-2019-31
Citrix SD-WAN Center Multiple Vulnerabilities
Critical
CVE-2019-12985 CVE-2019-12986 CVE-2019-12987 CVE-2019-12988 CVE-2019-12990 CVE-2019-12992
July 1, 2019
TRA-2019-30
Arlo Basestation Firmware Multiple Vulnerabilities
High
CVE-2019-3949 CVE-2019-3950
June 19, 2019
TRA-2019-29
Cisco RV110W, RV130W, and RV215W Routers Multiple Vulnerabilities
Medium
CVE-2019-1897 CVE-2019-1898 CVE-2019-1899
June 18, 2019
TRA-2019-28
Multiple Advantech WebAccess Vulnerabilities
Critical
CVE-2019-3953 CVE-2019-3954
June 11, 2019
TRA-2019-27
Fuji Electric V-Server Denial of Service and Information Disclosure
Medium
CVE-2019-3946 CVE-2019-3947
June 6, 2019
TRA-2019-26
Dameware Remote Mini Controller Multiple Vulnerabilities
High
CVE-2019-3955 CVE-2019-3956 CVE-2019-3957
June 3, 2019
TRA-2019-25
Zsh Multiple Denial of Service Vulnerabilities
Low
May 29, 2019
TRA-2019-24
Chromium Dev Tools Crash
Low
May 7, 2019
TRA-2019-23
Slack Desktop Application for Windows Download Hijack
Medium
May 7, 2019
TRA-2019-22
Parrot ANAFI Drone Denial of Service
Medium
CVE-2019-3944 CVE-2019-3945
May 1, 2019
TRA-2019-21
Cisco Small Business Switch Security Feature Bypass
High
CVE-2019-1859
April 30, 2019
TRA-2019-20
OEM Presentation Platform Vulnerabilities
Critical
CVE-2019-3925 CVE-2019-3926 CVE-2019-3927 CVE-2019-3928 CVE-2019-3929 CVE-2019-3930 CVE-2019-3931 CVE-2019-3932 CVE-2019-3933 CVE-2019-3934 CVE-2019-3935 CVE-2019-3936 CVE-2019-3937 CVE-2019-3938 CVE-2019-3939 CVE-2017-16709
April 11, 2019
TRA-2019-19
Palo Alto Expedition Migration Tool 1.1.12 and earlier - XSS
Low
CVE-2019-1574
April 10, 2019
TRA-2019-18
Citrix SD-WAN Center and NetScaler SD-WAN Center Unauthenticated Remote Command Injection
Critical
CVE-2019-10883
April 9, 2019
TRA-2019-17
Verizon Fios Quantum Gateway Multiple Vulnerabilities
High
CVE-2019-3914 CVE-2019-3915 CVE-2019-3916
April 8, 2019
TRA-2019-16
MikroTik RouterOS Authenticated Directory Traversal
High
CVE-2019-3943
April 4, 2019
TRA-2019-15
Multiple Advantech WebAccess Vulnerabilities
Critical
CVE-2019-3940 CVE-2019-3941 CVE-2019-3942
March 27, 2019
TRA-2019-14
FileZilla 'fzsftp' Untrusted Search Path
Medium
CVE-2019-5429
March 22, 2019
TRA-2019-13
Palo Alto Expedition Migration Tool 1.1.8 and earlier - Multiple XSS
Low
CVE-2019-1569 CVE-2019-1570 CVE-2019-1571
March 20, 2019
TRA-2019-12
HPE iMC 7.3 E0605P06 Multiple Vulnerabilities
Critical
CVE-2019-5390 CVE-2019-5391
March 4, 2019
TRA-2019-11
RSLinx Classic Stack Buffer Overflow
Critical
CVE-2019-6553
March 1, 2019
TRA-2019-10
Palo Alto Expedition Migration Tool Stored XSS
Low
CVE-2019-1567
February 27, 2019
TRA-2019-09
Nokia GPON ONT Multiple Vulnerabilities
Critical
CVE-2019-3917 CVE-2019-3918 CVE-2019-3919 CVE-2019-3920 CVE-2019-3921 CVE-2019-3922
February 20, 2019
TRA-2019-08
SonicOS Improper Certificate Access
Medium
CVE-2018-9867
February 12, 2019
TRA-2019-07
MikroTik RouterOS Unauthenticated Intermediary
Medium
CVE-2019-3924
February 4, 2019
TRA-2019-06
Rockwell Automation EWEB SNMP Denial of Service
Medium
CVE-2018-19016
February 4, 2019
TRA-2019-05
Crestron DGE-100 Unauthenticated Remote Denial of Service
High
February 4, 2019
TRA-2019-04
Indusoft Web Studio and InTouch Edge HMI Remote Code Execution
Critical
CVE-2019-6545 CVE-2019-6543
January 24, 2019
TRA-2019-03
LabKey Server Community Edition Multiple Vulnerabilities
Medium
CVE-2019-3911 CVE-2019-3912 CVE-2019-3913
January 10, 2019
TRA-2019-02
[R1] Crestron AM-100 Authentication Bypass
Critical
CVE-2019-3910
January 8, 2019
TRA-2019-01
[R3] Multiple Premisys Identicard Vulnerabilities
Critical
CVE-2019-3906 CVE-2019-3907 CVE-2019-3908 CVE-2019-3909
December 20, 2018
TRA-2018-48
[R2] Netatalk Out-of-bounds Write
Critical
CVE-2018-1160
December 19, 2018
TRA-2018-47
[R2] Logitech Harmony Hub Multiple Vulnerabilities
High
CVE-2018-15720 CVE-2018-15721 CVE-2018-15722 CVE-2018-15723
December 19, 2018
TRA-2018-46
[R1] Cisco Adaptive Security Appliance HTTP Privilege Escalation
High
CVE-2018-15465
December 14, 2018
TRA-2018-45
[R2] Advantech WebAccess Stack Buffer Overflow
Critical
CVE-2018-18999
December 12, 2018
TRA-2018-44
[R1] Open Dental Multiple Vulnerabilities
Critical
CVE-2018-15717 CVE-2018-15718 CVE-2018-15719
December 5, 2018
TRA-2018-43
[R2] Jenkins Forced Migration of User Records
Medium
CVE-2018-1000863
December 5, 2018
TRA-2018-42
[R1] Cisco Energy Management Suite Default PostgreSQL Credentials
Medium
CVE-2018-0468
November 29, 2018
TRA-2018-41
[R1] NUUO NVRMini2 Authenticated Command Injection
Critical
CVE-2018-15716
November 29, 2018
TRA-2018-40
[R2] Zoom Message Spoofing
Critical
CVE-2018-15715
November 26, 2018
TRA-2018-39
[R1] Multiple HPE Moonshot Provisioning Manager Vulnerabilities
High
November 26, 2018
TRA-2018-38
[R1] Multiple Schneider Electric Modicon Quantum Vulnerabilities
Critical
CVE-2018-7809 CVE-2018-7810 CVE-2018-7811 CVE-2018-7830 CVE-2018-7831
November 13, 2018
TRA-2018-37
[R2] Nagios XI Multiple Vulnerabilities
High
CVE-2018-15708 CVE-2018-15709 CVE-2018-15710 CVE-2018-15711 CVE-2018-15712 CVE-2018-15713 CVE-2018-15714
November 9, 2018
TRA-2018-36
[R1] Cisco Energy Management Suite Multiple Vulnerabilities
Critical
CVE-2018-15444 CVE-2018-15445
October 31, 2018
TRA-2018-35
[R1] Multiple Advantech WebAccess Vulnerabilities
Critical
CVE-2018-15705 CVE-2018-15706 CVE-2018-15707
October 30, 2018
TRA-2018-34
[R1] Multiple Vulnerabilities in AVEVA Indusoft Web Studio and InTouch Edge HMI
Critical
CVE-2018-17914 CVE-2018-17916
October 18, 2018
TRA-2018-33
[R1] Multiple Advantech WebAccess Vulnerabilities
High
CVE-2018-15703 CVE-2018-15704
October 17, 2018
TRA-2018-32
[R1] Multiple Oracle WebLogic Docker Password Disclosures
Medium
CVE-2018-3213
October 17, 2018
TRA-2018-31
[R1] Multiple Oracle GoldenGate Manager Vulnerabilities
Critical
CVE-2018-2912 CVE-2018-2913 CVE-2018-2914
October 12, 2018
TRA-2018-30
[R1] IBM WebSphere Application Server Admin Console File Disclosure
Medium
CVE-2018-1770
October 10, 2018
TRA-2018-29
[R1] Multiple Jenkins Vulnerabilities
Medium
October 9, 2018
TRA-2018-28
[R3] HPE Intelligent Management Center Multiple Vulnerabilities
Critical
CVE-2018-7116 CVE-2018-7121 CVE-2018-7122 CVE-2018-7123 CVE-2019-5392 CVE-2019-5393
October 1, 2018
TRA-2018-27
[R1] TP-Link TL-WRN841N Multiple Vulnerabilities
Critical
CVE-2018-15700 CVE-2018-15701 CVE-2018-15702
September 20, 2018
TRA-2018-26
[R1] RSLinx Classic Buffer Overflows
Critical
CVE-2018-14821 CVE-2018-14829
September 17, 2018
TRA-2018-25
[R2] Multiple NUUO NVRMini2 Vulnerabilities
Critical
CVE-2018-1149 CVE-2018-1150
September 10, 2018
TRA-2018-24
[R1] HPE Intelligent Management Center Stack Buffer Overflow
Critical
CVE-2018-7115
September 10, 2018
TRA-2018-23
[R1] Advantech WebAccess Remote Code Execution
Critical
CVE-2017-16720
August 24, 2018
TRA-2018-22
[R1] Multiple ASUSTOR Data Master Vulnerabilities
High
CVE-2018-15694 CVE-2018-15695 CVE-2018-15696 CVE-2018-15697 CVE-2018-15698 CVE-2018-15699
August 22, 2018
TRA-2018-21
[R1] Mikrotik RouterOS Multiple Authenticated Vulnerabilities
Critical
CVE-2018-1156 CVE-2018-1157 CVE-2018-1158 CVE-2018-1159
August 21, 2018
TRA-2018-20
[R2] Cisco Data Center Network Manager Authenticated Path Traversal
Medium
CVE-2018-0464
July 18, 2018
TRA-2018-19
[R1] AVEVA InduSoft Web Studio and InTouch Machine Edition Remote Code Execution
Critical
CVE-2018-10620
June 15, 2018
TRA-2018-18
[R1] Burp Suite Community Edition Improper Certificate Validation
Medium
CVE-2018-1153
June 14, 2018
TRA-2018-17
[R1] libturbo-jpeg Denial of Service
Medium
CVE-2018-1152
June 12, 2018
TRA-2018-16
[R1] GlassFish 4.x Denial of Service
High
June 11, 2018
TRA-2018-15
[R2] HPE Moonshot Provisioning Manager Arbitrary File Move
High
CVE-2018-7072 CVE-2018-7073
June 11, 2018
TRA-2018-14
[R1] Western Digital TV Media Player and Live Hub Unauthenticated RCE
Critical
CVE-2018-1151
June 8, 2018
TRA-2018-13
[R2] IBM Netezza Appliance Local Privilege Escalation
High
CVE-2018-1460
May 4, 2018
TRA-2018-12
[R1] Cylance PROTECT Missing SSL Certificate Verification
Medium
May 4, 2018
TRA-2018-11
[R1] Cisco Prime Data Center Network Manager Remote Code Execution
Critical
CVE-2018-0258
May 4, 2018
TRA-2018-10
[R1] Trend Micro Smart Protection Server Denial of Service
High
CVE-2018-6237
May 4, 2018
TRA-2018-09
[R1] OpenVPN Windows Service Double Free
High
CVE-2018-9336
April 12, 2018
TRA-2018-08
[R1] Belkin N750 F9K1103 v1 Multiple Vulnerabilities
Critical
CVE-2018-1143 CVE-2018-1144 CVE-2018-1145 CVE-2018-1146
April 6, 2018
TRA-2018-07
[R3] Schneider Electric InduSoft Web Studio and InTouch Machine Edition Remote Code Execution
Critical
CVE-2018-8840
March 28, 2018
TRA-2018-06
[R1] Cisco IOS and IOS XE Multiple Memory Corruption Vulnerabilities
High
CVE-2018-0172 CVE-2018-0173 CVE-2018-0174
February 26, 2018
TRA-2018-05
[R1] Micro Focus Operations Orchestrations Information Disclosure and Remote Denial of Service
High
CVE-2018-6490
February 26, 2018
TRA-2018-04
[R3] Check Point Gaia OS Privilege Escalation
Medium
February 15, 2018
TRA-2018-03
[R2] EMC VASA Virtual Appliance Default Creds and Arbitrary File Upload
Critical
CVE-2018-1216 CVE-2018-1215
January 29, 2018
TRA-2018-02
[R1] NetGain Enterprise Manager Multiple Remote Vulnerabilities
High
CVE-2017-17406 CVE-2017-16610 CVE-2017-16607 CVE-2017-16609 CVE-2017-16608
January 29, 2018
TRA-2018-01
[R1] HPE Intelligent Management Center (iMC) PLAT Java RMI RCE
High
CVE-2017-5792
November 21, 2017
TRA-2017-37
[R1] gSOAP HTTP DIME Parsing Denial of Service
Medium
November 21, 2017
TRA-2017-36
[R1] Firebird fbudf Module Authenticated Remote Code Execution
Critical
CVE-2017-11509
November 20, 2017
TRA-2017-35
[R2] Verizon Fios Quantum Gateway G1100 Remote Information Disclosure
Medium
November 20, 2017
TRA-2017-34
[R1] Siemens SIMATIC Logon Denial of Service
Medium
CVE-2017-9938
November 10, 2017
TRA-2017-33
[R1] Wanscam Network Camera Multiple Vulnerabiltiies
Medium
CVE-2017-11510
November 9, 2017
TRA-2017-32
[R1] HPE Universal Configuration Management Database Multiple Vulnerabilities
Critical
CVE-2017-14351 CVE-2017-14353 CVE-2017-14354
November 8, 2017
TRA-2017-31
[R1] ManageEngine ServiceDesk Multiple Vulnerabilties
High
CVE-2017-11511 CVE-2017-11512
November 7, 2017
TRA-2017-30
[R1] HPE System Management Homepage Remote Denial of Service
High
CVE-2017-12545
November 7, 2017
TRA-2017-29
[R1] Advantech WebAccess SQL Injection
Critical
CVE-2017-12710
November 7, 2017
TRA-2017-28
[R1] HPE Operations Orchestration Central Remoting Java Deserialization Remote Code Execution
High
CVE-2017-8994
November 7, 2017
TRA-2017-27
[R1] HPE Intelligent Management Center SOM Module Remote File Disclosure
Medium
CVE-2017-12555
November 6, 2017
TRA-2017-26
[R1] HP Data Protector Multiple Remote Vulnerabilities
High
CVE-2017-5807, CVE-2017-5808
November 6, 2017
TRA-2017-25
[R2] HPE Operations Orchestration Incomplete Fix for CVE-2016-8519
High
CVE-2017-8994
November 6, 2017
TRA-2017-24
[R1] Ecava IntegraXor SQL Injection Remote Code Execution
High
CVE-2017-6050
November 3, 2017
TRA-2017-23
[R1] Cisco Security Manager and Prime LMS Java Deserialization Remote Code Execution
Critical
CVE-2015-6420
November 2, 2017
TRA-2017-22
[R1] ReadyMedia HTTP Request Denial of Service
High
November 2, 2017
TRA-2017-21
[R1] Check_MK Multisite Web UI Reflected XSS
Medium
CVE-2017-9781
November 2, 2017
TRA-2017-20
[R2] Check_MK Multisite Web UI Stored and Reflected XSS
Medium
CVE-2017-11507
May 2, 2017
TRA-2017-19
[R1] Kaa IoT Platform SdkServlet / RecordServlet Java Object Deserialization Remote Code Execution
High
CVE-2017-7911
April 26, 2017
TRA-2017-18
[R1] HP Intelligent Management Center (iMC) Platform euplat RMI Registry Java Deserialization Remote Code Execution
Critical
CVE-2017-5792
April 19, 2017
TRA-2017-17
[R1] ManageEngine ServiceDesk Plus AuthError.jsp ErrorMsg Parameter Reflected XSS
Medium
April 18, 2017
TRA-2017-16
[R1] Oracle WebLogic Server Web Container Subcomponent Reflected PartItem File Manipulation Remote Code Execution
Critical
CVE-2017-3531
March 30, 2017
TRA-2017-15
[R2] NetIQ Sentinel Multiple Remote Vulnerabilities
High
CVE-2017-5184 CVE-2017-5185
March 25, 2017
TRA-2017-14
[R1] Cisco Unified Customer Voice Portal Java Deserialization Remote Code Execution
Critical
CVE-2015-6420
March 18, 2017
TRA-2017-13
[R1] HPE LoadRunner libxdrutil.dll mxdr_string() Function XDR String Handling Remote Heap Buffer Overflow
Critical
CVE-2017-5789
March 16, 2017
TRA-2017-12
[R1] HP Intelligent Management Center (iMC) Platform /imc/fault/accessMgrServlet Java Deserialization Remote Code Execution
Critical
CVE-2017-5790
March 15, 2017
TRA-2017-11
[R1] Sophos XG Firewall login.jsp utype Parameter Reflected XSS
Medium
March 13, 2017
TRA-2017-10
[R1] Debian MediaTomb (fork) Multiple Remote Vulnerabilities
Critical
CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2016-6255 CVE-2016-8863
February 1, 2017
TRA-2017-09
[R2] HP Intelligent Management Center (iMC) Platform /rptviewer/servlets/redirectviewer Multiple Remote Issues
High
CVE-2016-8525 CVE-2016-8530
January 26, 2017
TRA-2017-08
[R1] Portable SDK for UPnP Devices (libupnp) glibc Implementation getaddrinfo() Function Remote Stack Overflow
Critical
CVE-2015-7547
January 25, 2017
TRA-2017-07
[R1] Oracle WebLogic RMI Registry UnicastRef Object Java Deserialization Remote Code Execution
Critical
CVE-2017-3248
January 23, 2017
TRA-2017-06
[R1] ManageEngine ADAudit Plus Multiple Vulnerabilities
High
January 20, 2017
TRA-2017-05
[R1] HP Operations Orchestration (HP OO) /oo/backwards-compatibility/wsExecutionBridgeService Jaa Deserialization Remote Code Execution
Critical
CVE-2016-8519
January 19, 2017
TRA-2017-04
[R1] Advantech WebAccess Multiple Vulnerabilities
High
CVE-2017-5152 CVE-2017-5154
January 18, 2017
TRA-2017-03
[R2] Oracle Outside In Content Access vspdf.dll Multiple Remote DoS
Medium
CVE-2017-3294 CVE-2017-3295
January 11, 2017
TRA-2017-02
[R2] Sophos Web Protection Appliance ftp_redirect.php s Parameter Reflected XSS
Medium
CVE-2017-9523
January 9, 2017
TRA-2017-01
[R1] Liferay CE Portal /api/liferay Java Deserialization Blacklist Bypass Remote Code Execution
Critical
December 11, 2016
TRA-2016-39
[R1] Hewlett Packard Network Automation RPCServlet Arbitrary Code Execution
High
CVE-2016-8511
December 5, 2016
TRA-2016-38
[R1] Cisco Prime Collaboration Provisioning Restricted CLI Bypass Local Privilege Escalation
Medium
CVE-2016-1320
November 29, 2016
TRA-2016-37
[R2] Dell SonicWALL /appliance/license.jsp Serial Number Disclosure Remote Privilege Escalation
Medium
November 28, 2016
TRA-2016-36
[R1] ManageEngine OpManager NMS Server Multiple Vulnerabilities
Critical
November 25, 2016
TRA-2016-35
[R1] WISE Server Commons Collection / FileUpload Java Deserialization Remote Command Execution
Critical
November 16, 2016
TRA-2016-34
[R1] VMWare vRealize Operations Manager Appliance Multiple Vulnerabilities Chained Remote Code Execution
High
CVE-2016-7462
November 1, 2016
TRA-2016-33
[R1] Oracle WebLogic Server Commons DiskFileItem Remote File Manipulation
Critical
CVE-2016-5535
October 29, 2016
TRA-2016-32
[R1] HP System Management Homepage (SMH) Multiple Remote Stack Buffer Overflows
High
CVE-2016-4395 CVE-2016-4396
October 21, 2016
TRA-2016-31
[R1] ManageEngine ADAudit Plus Obfuscated Cookie Password Disclosure
Low
October 17, 2016
TRA-2016-30
[R1] Novell NetIQ Sentinel Commons DiskFileItem RMI Java Deserialization Remote File Creation / Manipulation
Critical
CVE-2016-1000031
October 6, 2016
TRA-2016-29
[R2] Citrix License Server / Flexera FlexNet Publisher lmadmin.exe 2F Packet Handling Remote DoS
Medium
CVE-2016-6273
September 26, 2016
TRA-2016-28
[R2] CloudView NMS Multiple Remote Vulnerabilities
High
September 22, 2016
TRA-2016-27
[R1] Hewlett Packard Network Automation RMI Registry Port Java Deserialization Remote Code Execution
Critical
CVE-2016-4385
September 21, 2016
TRA-2016-26
[R1] HP LoadRunner Multiple Remote DoS
High
CVE-2016-4384 CVE-2016-4361
September 14, 2016
TRA-2016-25
[R1] Red5 Server RMI Registry /red5 Java Deserialization Remote Code Execution
Critical
August 18, 2016
TRA-2016-24
[R1] PowerFolder Multiple Remote Vulnerabilities
Critical
August 12, 2016
TRA-2016-23
[R4] Apache Wicket DiskFileItem Java Deserialization Remote File Manipulation
Medium
CVE-2013-2186 CVE-2016-1000031 CVE-2016-6793
July 20, 2016
TRA-2016-22
[R2] Red Hat JBoss Operations Network /jboss-remoting-servlet-invoker/ServerInvokerServlet Jython Deserialization Remote Code Execution
Critical
CVE-2016-3737 CVE-2016-6330
July 19, 2016
TRA-2016-21
[R1] Oracle WebLogic Server weblogic.corba.utils.MarshallObject Java Deserialization Remote Code Execution
Critical
CVE-2016-3510
July 8, 2016
TRA-2016-20
[R2] Pivotal Spring Framework HttpInvokerServiceExporter readRemoteInvocation Method Untrusted Java Deserialization
Critical
CVE-2016-1000027
June 28, 2016
TRA-2016-19
[R1] Palo Alto Networks PAN-OS /api Multiple Parameter Handling Remote DoS
Medium
June 27, 2016
TRA-2016-18
[R1] IBM iAccess for Windows i Navigator Encoded Windows Admin Password Local Disclosure
Low
CVE-2016-0287
June 13, 2016
TRA-2016-17
[R2] HP Loadrunner / HP Performance Center Virtual Table Server (VTS) \web\admin\data.js Remote File Deletion
High
CVE-2016-4360
June 13, 2016
TRA-2016-16
[R2] HP LoadRunner mchan.dll Shared Memory Object Name Construction Remote Stack Buffer Overflow
High
CVE-2016-4359
May 17, 2016
TRA-2016-15
[R1] Ipswitch WhatsUp Gold WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection
Medium
CVE-2016-1000000
May 5, 2016
TRA-2016-14
[R1] HP System Management Homepage (SMH) mod_smh_config.so AddCertsToTrustCfgList() Function X.509 Certificate Subject Common Name Handling Remote DoS
Low
May 3, 2016
TRA-2016-13
[R1] Core FTP Server Path Traversal Arbitrary File/Directory Access
Medium
April 20, 2016
TRA-2016-12
[R3] Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution (LOBSTER)
Critical
CVE-2016-1000031
April 20, 2016
TRA-2016-11
[R1] Oracle MySQL Enterprise Monitor Multiple Library readObject() Function Java Object Deserialization Remote Code Execution
High
CVE-2016-3461
April 19, 2016
TRA-2016-10
[R2] ManageEngine OpManager / Service Desk Multiple Vulnerabilities
High
CVE-2016-82014 CVE-2016-82015
April 19, 2016
TRA-2016-09
[R1] Oracle WebLogic ClassFilter.class ServerChannelInputStream Bypass Java Deserialization Remote Code Execution
Critical
CVE-2016-0638 CVE-2015-4829
April 15, 2016
TRA-2016-08
[R1] Cisco Unified Computing System - Multiple Vulnerabilities
Medium
CVE-2016-1339 CVE-2016-1340
April 13, 2016
TRA-2016-07
[R1] Microsoft Windows 10 lsass.exe Empty SID Lookup Handling Remote DoS
Medium
CVE-2016-0135
April 5, 2016
TRA-2016-06
[R1] Cisco Multiple Routers Fragmented IKEv2 Packet Handling Remote Integer Overflow
High
CVE-2016-1344
March 29, 2016
TRA-2016-05
[R1] Barco ClickShare Multiple Script Remote Command Execution
High
CVE-2015-6532 CVE-2015-6533
March 28, 2016
TRA-2016-04
[R2] Cisco IOS Smart Install Client Feature Config / Boot Image File List Upload Remote Code Execution
High
CVE-2015-6264 CVE-2016-1349
March 24, 2016
TRA-2016-03
[R1] Microsoft Windows DNS Server dns.exe answerIQuery() Function Remote Buffer Overflow
Medium
CVE-2016-82007
March 14, 2016
TRA-2016-02
[R1] HP Operations Manager i flex-messaging-core.jar XML External Entity (XXE) Injection Remote Information Disclosure
Medium
CVE-2015-3269
February 17, 2016
TRA-2016-01
[R1] ManageEngine AssetExplorer /workorder/FileDownload.jsp fName Parameter Traversal Remote File Disclosure
Medium
CVE-2016-82002
December 14, 2015
TRA-2015-07
[R1] ManageEngine Desktop Central /statusUpdate fileName Parameter Traversal Multiple Extension File Upload Remote Code Execution
Critical
CVE-2015-82001
November 30, 2015
TRA-2014-04
[R1] NetMotion Mobility VPN nmdrv.sys TCP Connection Termination Handling Remote DoS
High
CVE-2014-82000
November 30, 2015
TRA-2015-06
[R1] HP Client Automation / Accelerite Endpoint Management Core Server HPCA Management Agent (nvdkit.exe) Cleartext Credentials MiTM Disclosure
Low
CVE-2015-82000
November 24, 2015
TRA-2015-05
[R1] FreeSWITCH parse_string() Function Multiple Vector Remote Heap Buffer Overflow
Critical
CVE-2015-8311
October 21, 2015
TRA-2015-04
[R1] NTP Autokey Functionality Multiple Remote DoS
High
CVE-2015-7691 CVE-2015-7692 CVE-2015-7701
October 15, 2015
TRA-2015-03
[R1] 3S CODESYS PLCWinNT Runtime Service NULL Pointer Dereference Remote DoS
High
CVE-2015-6482
September 15, 2015
TRA-2015-02
[R2] Palo Alto Networks Panorama VM Appliance PAN-OS Firmware Signature Verification Bypass Arbitrary Code Execution
High
CVE-2015-6531
August 24, 2015
TRA-2015-01
[R1] Microsoft Windows SMB v1 Service Principal Name Handling Remote Buffer Overflow
High
CVE-2015-2474
May 14, 2014
TRA-2014-01
Juniper Junos Space MySQL Server Unspecified Hardcoded Credentials
High
CVE-2014-3413
February 28, 2014
TRA-2014-02
Novell ZENworks Configuration Management (ZCM) PreBoot Service (novell-pbserv.exe) Remote Path Traversal File Access
High
CVE-2013-3706
January 30, 2014
TRA-2014-03
3S CoDeSys Runtime Toolkit Unspecified NULL Pointer Dereference Remote DoS
High
CVE-2014-0757
November 12, 2013
TRA-2013-08
Adobe ColdFusion CFIDE Directory Unspecified Reflected XSS
Medium
CVE-2013-5326
September 3, 2013
TRA-2013-07
[R1] Cisco Prime Network Control System (NCS) / Wireless Control System (WCS) login.jsp requestUrl Parameter Reflected XSS
Medium
CVE-2012-5990
July 24, 2013
TRA-2013-05
HP LoadRunner magentproc.exe SSL Connection Handling Buffer Overflow Remote Code Execution
High
CVE-2013-4800
July 24, 2013
TRA-2013-06
HP LoadRunner XDR-encoded Data Handling Remote Buffer Overflow
High
CVE-2013-4799
May 22, 2013
TRA-2013-10
3S CoDeSys Gateway Unspecified Use-after-free Arbitrary Code Execution
Critical
CVE-2013-2781
May 14, 2013
TRA-2013-04
Adobe ColdFusion Unspecified Remote Code Execution
Critical
CVE-2013-1389
April 19, 2013
TRA-2013-09
[R1] IBM InfoSphere Products /rdweb/getUsers.do Remote Account Information Remote Disclosure
Medium
CVE-2013-0584
March 27, 2013
TRA-2013-03
Cisco IOS Smart Install Client Feature Malformed Config / Boot Image File Upload Remote Code Execution
Critical
CVE-2013-1146
January 23, 2013
TRA-2013-02
[R1] WebYaST /host Configuration Path Handling Unauthenticated Host List Manipulation
Medium
CVE-2012-0435
January 9, 2013
TRA-2013-01
Dell OpenManage Server Administrator /help/sm/en/Output/wwhelp/wwhimpl/js/html/index_main.htm topic Parameter DOM-based XSS
Medium
CVE-2012-6272
August 29, 2012
TRA-2012-18
Novell File Reporter NFRAgent.exe VOL Element Tag Parsing Remote Overflow
High
August 22, 2012
TRA-2012-17
[R1] McAfee Email and Web Security / Email Gateway Multiple Vulnerabilities
Critical
CVE-2012-4595 CVE-2012-4596 CVE-2012-4597
July 20, 2012
TRA-2012-16
[R1] Symantec Web Gateway (SWG) Multiple Vulnerabilities #2
Critical
CVE-2012-2953 CVE-2012-2957 CVE-2012-2961 CVE-2012-2977
June 10, 2012
TRA-2012-05
Rocket U2 UniData unidata72 RPC Interface Call Parsing Arbitrary Command Execution
Critical
May 19, 2012
TRA-2012-04
[R1] Symantec LiveUpdate Administrator Installation Directory Permission Weakness Local Privilege Escalation
High
CVE-2012-0304
May 17, 2012
TRA-2012-03
[R1] Symantec Web Gateway (SWG) Multiple Vulnerabilities #1
Critical
CVE-2012-0297 CVE-2012-0298 CVE-2012-0299 CVE-2012-0296
May 9, 2012
TRA-2012-02
Apple Mac OS X SRP-Based Authentication Credential Verification Time Capsule Credential Information Disclosure
Medium
CVE-2012-0675
May 3, 2012
TRA-2012-19
[R1] CiscoWorks Prime LAN Management Solution (LMS) Autologin.jsp URL Parameter HTTP Header Response Splitting
Medium
CVE-2011-4237
January 10, 2012
TRA-2012-01
PHP Timezone Functionality php_date_parse_tzfile Cache strtotime Function Call Saturation Remote DoS
Medium
CVE-2012-0789
November 11, 2011
TRA-2011-12
HP StorageWorks P4000 Virtual SAN Appliance Software Management Service Authentication Bypass Remote Command Execution
High
CVE-2012-4361 CVE-2012-2986
November 3, 2011
TRA-2011-08
[R1] Dell KACE K2000 System Deployment Appliance Read-Only Account Default Credentials Remote Information Disclosure
Medium
CVE-2011-4048
November 3, 2011
TRA-2011-09
[R1] Dell KACE K2000 System Deployment Appliance Task Processor Database Write Access Remote Privilege Escalation
High
CVE-2011-4047
November 3, 2011
TRA-2011-10
[R1] Dell KACE K2000 System Deployment Appliance Multiple Reflected XSS
Medium
CVE-2011-4436
November 3, 2011
TRA-2011-11
[R2] Dell KACE K2000 System Deployment Appliance Backdoor Admin Account
Critical
CVE-2011-4046
October 11, 2011
TRA-2011-07
[R1] Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities
Medium
CVE-2011-1895 CVE-2011-1896 CVE-2011-1897
August 8, 2011
TRA-2011-06
[R2] HP OpenView Performance Insight sendEmail.jsp bgcolor Parameter Reflected XSS
Medium
CVE-2011-2410
July 19, 2011
TRA-2011-05
[R1] Oracle Secure Backup /apache/htdocts/php/common.php username Parameter Remote Code Execution
Critical
CVE-2011-2261
May 31, 2011
TRA-2011-04
[R1] IBM Tivoli Management Framework Endpoint lcfd.exe opts Field Handling Remote Buffer Overflow
High
CVE-2011-1220
April 26, 2011
TRA-2011-03
IBM solidDB rpc_test_svc Commands Handling NULL Dereference Remote DoS
High
CVE-2011-1208
April 1, 2011
TRA-2011-02
IBM solidDB Password Hash Verification Bypass Remote Code Execution
High
CVE-2011-1560
February 8, 2011
TRA-2011-01
[R1] Adobe ColdFusion Administrator Console login.cfm URI Handling Reflected XSS
Medium
CVE-2011-0580
December 15, 2010
TRA-2010-05
HP Power Manager Management Server Login Form URL Parameter Buffer Overflow
High
CVE-2010-4113
November 6, 2010
TRA-2010-04
[R1] FreeNAS exec_raw.php cmd Parameter Remote Command Execution
Critical
October 13, 2010
TRA-2010-03
[R1] HP Multiple Products switchFWInstallStatus.jsp logfile Parameter Arbitrary File Access
High
CVE-2010-3286 CVE-2010-3986 CVE-2010-4100 CVE-2010-4103 CVE-2010-4102
September 8, 2010
TRA-2010-02
[R1] phpMyAdmin Setup Script setup/frames/index.inc.php Verbose Server Name Stored XSS
Medium
CVE-2010-3263
May 5, 2010
TRA-2010-01
HP Mercury LoadRunner Agent magentproc.exe Remote Arbitrary Code Execution
Critical
CVE-2010-1549
December 16, 2009
TRA-2009-04
HP Storage OpenView Data Protector Backup Client Service MSG_PROTOCOL Command Remote Overflow
Critical
CVE-2007-2280
November 10, 2009
TRA-2009-03
Movable Type /mt/mt-check.cgi System Information Disclosure
Medium
April 14, 2009
TRA-2009-02
[R1] phpMyAdmin < 3.1.3.2 Multiple Vulnerabilities
Critical
CVE-2009-1285
March 19, 2009
TRA-2009-01
Adobe Acrobat getIcon() Function PDF Handling Overflow
High
CVE-2009-0927
August 14, 2008
TRA-2008-01
Symantec Veritas Storage Foundation Scheduler Service (VxSchedService.exe) NULL NTLMSSP Authentication Bypass
Critical
CVE-2008-3703
December 14, 2007
TRA-2007-12
HP-UX Software Distributor (SD) swagentd sw_rpc_agent_init Function Crafted DCE RPC Request Remote Overflow
Critical
CVE-2007-6195
December 11, 2007
TRA-2007-11
Microsoft Windows Message Queuing MSMQ Message Handling Arbitrary Code Execution
High
CVE-2007-3039
December 7, 2007
TRA-2007-10
Novell NetMail AntiVirus Agent (avirus.exe) Unspecified ASCII Iinteger Handling Remote Overflow
Medium
CVE-2007-6302
December 6, 2007
TRA-2007-09
HP OpenView Network Node Manager (OV NNM) Multiple Remote Overflow
Critical
CVE-2007-6204
October 10, 2007
TRA-2007-08
CA BrightStor ARCServe Backup Message Engine RPC Service Arbitrary Code Execution
Critical
CVE-2007-5328
September 4, 2007
TRA-2007-07
MIT Kerberos 5 RPCSEC_GSS RPC Library (librpcsecgss) lib/rpc/svc_auth_gss.c svcauth_gss_validate Function Remote Overflow
Critical
CVE-2007-3999
August 20, 2007
TRA-2007-06
EMC NetWorker Remote Exec Service (nsrexecd.exe) Remote Overflow
High
CVE-2007-3618
July 25, 2007
TRA-2007-05
BakBone NetVault Reporter Manager Scheduler Client Multiple Remote Overflow
Critical
CVE-2007-3911
July 20, 2007
TRA-2007-04
Panda AdminSecure Agent Crafted Packet Remote Overflow
High
CVE-2007-3026
May 9, 2007
TRA-2007-03
CA Multiple Products inoweb Console Server Authentication Remote Overflow
Critical
CVE-2007-2522
April 24, 2007
TRA-2007-02
CA BrightStor ARCserve Backup Media Server SUN RPC Service Remote Overflows
Critical
CVE-2007-2139
April 18, 2007
TRA-2007-01
Novell GroupWise WebAccess GWINTER.exe Basic Authentication Base64 Decoding Overflow
Critical
CVE-2007-2171
July 11, 2006
TRA-2006-01
Microsoft Windows Server Service SRV.SYS Crafted Request SMB Information Disclosure
Medium
CVE-2006-1315