Affiliation/Organization: Core Security Technologies


Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (116 vulns), the following statistics apply:

Min Time To Patch:4 days
Avg Time To Patch:55 days
Max Time To Patch:300 days

Other Affiliations

Creditees Affiliated with Core Security Technologies have also affiliated with:

Core Exploit Writers Team (5)
Groundworks Technologies (2)
IOActive (2)
Amplia Security (1)

Website: http://www.coresecurity.com/

Creditees currently or formerly associated with Core Security Technologies (77):
(ordered by association date)

Known SinceNameVulns Through Affiliation
1998-04-22Ivan Arce2
2002-11-15Gerardo Richarte4
2003-03-19Alberto Soliño4
2003-03-19Javier Kohen1
2003-03-19Diego Kelyacoubian1
2003-03-19Juan Vera1
2003-04-15Core Security Team8
2003-04-28Emiliano Kargieman1
2003-04-28Hernán Gips1
2003-04-28Javier Burroni1
2003-05-27Juliano Rizzo1
2003-07-02Pablo Rubinstein2
2003-07-02Gustavo Ajzenman1
2003-07-02Javier Garcia Di Palma4
2003-07-02Hernán Ochoa1
2003-07-02Eduardo Arias1
2003-07-02Ricardo Quesada2
2003-07-02Damian Saura13
2003-07-02Gabriel Becedillas2
2003-09-18Juan Pablo Martinez Kuhn4
2004-08-03Daniel De Luca1
2004-08-03Carlos Sarraute1
2004-08-03Daniel De Luca1
2004-10-12Lucas Lavarello5
2005-07-12Ariel Sanchez1
2006-06-06Alejandro Lozanoff1
2006-06-06Norberto Kueffner3
2006-06-06Eduardo Koch2
2006-09-07Luciana Tabo3
2006-09-07Sebastian Cufre3
2006-09-07Ezequiel Gutesman3
2006-12-13Alfredo Ortega15
2007-11-27Sebastian Muniz3
2007-12-03Ricardo Narvaja8
2008-02-04Damián Frizza13
2008-03-18Rodrigo Carvalho4
2008-04-04Diego Juarez12
2008-04-28Dario Menichelli3
2008-04-28Andres Blanco7
2008-04-28Anibal Sacco7
2008-08-12Jorge Luis Álvarez Medina4
2008-08-20Francisco Falcon17
2008-08-20Federico Muttis16
2008-09-12Nicolas Economou8
2009-01-21Oren Isacson3
2009-01-28Dan Crowley6
2009-02-03Ariel Futoransky2
2009-02-03Fernando Russ2
2009-03-31SCS Team5
2009-07-08Fernando Arnaboldi7
2009-07-08José Orlicki6
2009-08-31Pablo Jorge1
2009-10-06Aureliano Calvo4
2009-11-05Sebastián Tello5
2009-11-23Federico Charosky1
2009-12-09Pablo Annetta9
2010-02-01Matias Pablo Brutti1
2010-02-03Adrián Manrique2
2010-03-02Nadia Rodríguez2
2010-05-04Daniel Kazimirow4
2010-10-20Andres Lopez Luksenberg1
2010-11-12Matias Eissler1
2010-11-29Alejandro Frydman8
2010-12-02CORE IMPACT4
2010-12-13Nahuel Riva6
2011-01-31Manuel Muradas2
2011-02-10Ernesto Alvarez3
2011-05-12Laura Balian1
2011-05-24Pablo Santamaria3
2012-05-09Martin Gallo5
2013-04-29Flavio De Cristofaro6
2013-06-05Matthew Bergin1
2013-08-06Alejandro Rodriguez1
2013-08-28Facundo Pantaleo2
2013-08-28Marcos Accossatto1
2013-10-01John Petrusa1
2013-11-05Martin Di Paola1

Disclosed Vulnerabilities (210):

Discl. DateOSVDB IDCVE IDCrediteesTitle
2014-04-15 105967 2014-0984 Martin Gallo
SAProuter Route Permission Table passwordCheck Function Timing Attack Remote Password Disclosure
2014-03-11 104354 2014-0983 Francisco Falcon
Oracle VM VirtualBox Chromium Server CR_VERTEXATTRIB4NUBARB_OPCODE Message Handling Memory Corruption
2014-03-11 104352 2014-0981 Francisco Falcon
Oracle VM VirtualBox GuestHost/OpenGL/util/net.c crNetRecvReadback Function CR_MESSAGE_READBACK Message Handling Memory Corruption
2014-03-11 104353 2014-0982 Francisco Falcon
Oracle VM VirtualBox GuestHost/OpenGL/util/net.c crNetRecvWriteback Function CR_MESSAGE_WRITEBACK Message Handling Memory Corruption
2013-12-17 101135 2013-6877 Ricardo Narvaja
RealPlayer RMP File TRACKID Attribute Handling Heap Buffer Overflow
2013-12-10 100761 2013-5058 Nicolas Economou
Microsoft Windows Win32k.sys RFONTOBJ::bTextExtent Function Handling Local Integer Overflow DoS
2013-11-05 99377 2013-4985 Martin Di Paola
VIVOTEK Multiple IP Cameras RTSP Basic Authentication Bypass
2013-10-31 99264 Dario Menichelli
Verint Nextiva S1900e Default Unauthenticated Access
2013-10-01 97960 2013-4987 John Petrusa
PineApp Mail-SeCure system Command Local Privilege Escalation
2013-08-28 96694 2013-4979 Daniel Kazimirow
EPS Viewer Crafted File Handling Arbitrary Code Execution
2013-08-28 96698 2013-4982 Facundo Pantaleo
AVTECH AVN801 DVR Hardcoded CAPTCHA Request Bypass
2013-08-28 96695 2013-4978 Marcos Accossatto
Aloaha PDF Crafted File Handling Arbitrary Code Execution
2013-08-28 96692 2013-4980 Anibal Sacco
AVTECH AVN801 DVR RTSP Transaction Handling Remote Buffer Overflow
2013-08-28 96693 2013-4981 Facundo Pantaleo
AVTECH AVN801 DVR /cgi-bin/user/Config.cgi Network.SMTP.Receivers Parameter Remote Buffer Overflow
2013-08-06 96004 2013-4976 Alejandro Rodriguez
Hikvision Multiple IP Camera Anonymous Account Default Hardcoded Credentials
2013-08-06 96006 2013-4977 Anibal Sacco
Federico Muttis
Hikvision Multiple IP Camera RTSP Transaction Range Parameter Remote Overflow
2013-08-06 96005 2013-4975 Alberto Soliño
Hikvision Multiple IP Camera /PSIA/System/ConfigurationData Remote Admin Password Disclosure
2013-07-30 95872 2013-2578 Flavio De Cristofaro
Andres Blanco
TP-LINK IP Cameras /cgi-bin/admin/servetest Multiple Parameter Remote Command Execution Weakness
2013-07-30 95873 2013-2579 Flavio De Cristofaro
Andres Blanco
TP-LINK IP Cameras Telnet Service Hardcoded Default Credentials
2013-07-30 95874 2013-2580 Flavio De Cristofaro
Andres Blanco
TP-LINK IP Cameras /cgi-bin/uploadfile Arbitrary File Upload Weakness
2013-07-30 95875 2013-2581 Flavio De Cristofaro
Andres Blanco
TP-LINK TL-SC3171 IP Cameras /cgi-bin/firmwareupgrade Unauthenticated Firmware Upgrade
2013-07-23 95622 2013-2574 Flavio De Cristofaro
Andres Blanco
Foscam FI8620 PTZ Camera Web Interface Open Directory Information Disclosure
2013-07-22 95580 2013-2577 Ricardo Narvaja
XnView PCT File Handling Buffer Overflow
2013-07-20 95573 2013-2576 Daniel Kazimirow
Artweaver AWD File Handling Buffer Overflow
2013-06-05 94030 2013-2571 Matthew Bergin
Iris on Xpient POS Crafted Request Remote Code Execution
2013-06-04 93923 2013-0984 Nicolas Economou
Apple Mac OS X Directory Service DSTCPEndpoint.cpp DSTCPEndpoint::AllocFromProxyStruct() Function Crafted Network Message Handling Buffer Overflow
2013-05-28 93713 2013-2569 Nahuel Riva
Francisco Falcon
Zavio IP Cameras video.h264 Direct Request Live Video Stream Disclosure
2013-05-28 93712 2013-2570 Nahuel Riva
Francisco Falcon
Zavio IP Cameras /opt/cgi/view/param sub_C8C8 Function General.Time.NTP.Server Parameter Remote Command Execution
2013-05-28 93711 2013-2567 Nahuel Riva
Francisco Falcon
Zavio IP Cameras Default Hardcoded Credentials
2013-05-28 93710 2013-2568 Nahuel Riva
Francisco Falcon
Zavio IP Cameras /cgi-bin/mft/wireless_mft.cgi ap Parameter Remote Command Execution
2013-04-29 92864 2013-1603 Pablo Santamaria
D-Link Multiple IP Cameras Default Hardcoded Password
2013-04-29 92862 2013-1601 Francisco Falcon
Nahuel Riva
D-Link Multiple IP Cameras md/lums.cgi Direct Request Live Video Stream ASCII Output Disclosure
2013-04-29 92873 2013-1594 Alejandro Leon Morales
Flavio De Cristofaro
Vivotek PT7135 IP Camera Direct Request Plaintext Information Disclosure
2013-02-14 90238 2013-1592 Martin Gallo
Francisco Falcon
SAP Message Service (BC-CST-MS) msg_server.exe _MsJ2EE_AddStatistics() Function Crafted Request Parsing Memory Corruption
2013-02-13 90237 2013-1593 Martin Gallo
SAP Message Service (BC-CST-MS) msg_server.exe WRITE_C() Function Opcode 0x15 Packet Parsing Memory Corruption
2012-11-15 87539 2012-2615
2012-5703
Sebastián Tello
VMware ESXi vSphere API Multiple Method Request Parsing Remote DoS
2012-10-10 86138 2012-3939 Beyond Security
Core Security Team
Codenomicon
TELUS Security Labs Vulnerability Research Team
Cisco WebEx Recording Format Player Unspecified WRF File Handling Memory Corruption
2012-10-10 86139 2012-3940 Beyond Security
Core Security Team
Codenomicon
TELUS Security Labs Vulnerability Research Team
Cisco WebEx Recording Format Player Unspecified WRF File Handling Overflow (2012-3940)
2012-10-10 86140 2012-3941 Beyond Security
Core Security Team
Codenomicon
TELUS Security Labs Vulnerability Research Team
Cisco WebEx Recording Format Player Unspecified WRF File Handling Overflow (2012-3941)
2012-10-10 86141 2012-3936 Beyond Security
Core Security Team
Codenomicon
TELUS Security Labs Vulnerability Research Team
Cisco WebEx Recording Format Player Unspecified WRF File Handling Overflow (2012-3936)
2012-10-10 86142 2012-3937 Beyond Security
Core Security Team
Codenomicon
TELUS Security Labs Vulnerability Research Team
Cisco WebEx Recording Format Player Unspecified WRF File Handling Overflow (2012-3937)
2012-10-10 86143 2012-3938 Beyond Security
Core Security Team
Codenomicon
TELUS Security Labs Vulnerability Research Team
Cisco WebEx Recording Format Player Unspecified WRF File Handling Overflow (2012-3938)
2012-07-10 83659 2012-1890 Nicolas Economou
Qihoo 360 Security Center
Microsoft Windows win32k.sys Keyboard Layout Handling Local Privilege Escalation
2012-06-21 83280 2012-2614 Daniel Kazimirow
Ricardo Narvaja
Lattice Diamond XCF File Handling Overflow
2012-05-09 81759 2012-2611 Martin Gallo
SAP NetWeaver disp+work.exe Module Developer Trace DiagTraceR3Info() Function Packet Parsing Remote Code Execution
2012-05-09 81760 2012-2511
2012-2512
2012-2513
2012-2514
2012-2612
Martin Gallo
SAP NetWeaver disp+work.exe Module Multiple Function Packet Parsing Remote DoS
2012-05-08 81716 2012-0181 Geoff McDonald
Tarjei Mandt
Nicolas Economou
Microsoft Windows win32k.sys Keyboard Layout File Handling Local Privilege Escalation
2011-11-08 76968 2011-2447 Pablo Santamaria
Adobe Shockwave Player TextXtra.x32 Director File Handling Remote Memory Corruption
2011-05-24 72705 2011-1512 Pablo Santamaria
Oren Isacson
Nadia Rodríguez
IBM Lotus Notes Autonomy KeyView xlssr.dll Biff Record Parsing Overflow
2011-05-12 72327 2011-0615 Diego Juarez
Eduardo Koch
Laura Balian
Adobe Audition SES Session File Processing TRKM Chunk Parsing Overflow
2011-03-23 71277 2010-3275 Ricardo Narvaja
VLC Media Player libdirectx_plugin.dll AMV File Large Video Dimension Overflow
2011-03-23 71278 2010-3276 Ricardo Narvaja
VLC Media Player libdirectx_plugin.dll NSV File Large Video Dimension Overflow
2011-02-11 70872 2010-3274
2011-5105
Ernesto Alvarez
ManageEngine ADSelfService Plus EmployeeSearch.cc Multiple Parameter XSS
2011-02-10 70869 2010-3273 Ernesto Alvarez
ManageEngine ADSelfService Plus accounts/ResetResult Direct Access Security Question Bypass
2011-02-10 70870 2010-3272 Ernesto Alvarez
ManageEngine ADSelfService Plus POST Request Manipulation Security Question Weakness
2011-01-31 72432 2010-3269 Federico Muttis
Sebastián Tello
Manuel Muradas
Cisco WebEx WRF File Handling Overflow
2011-01-31 72433 2010-3270 Federico Muttis
Sebastián Tello
Manuel Muradas
Cisco WebEx Meeting Center ATP File Handling Overflow
2010-12-13 70002 2010-3268 Nahuel Riva
Symantec Antivirus AMS Intel Alert Handler hndlrsvc.exe prgxhndl.dll GetStringAMSHandler Function Remote DoS
2010-12-07 69645 2010-5269 CORE IMPACT
Intel Threading Building Blocks (TBB) Path Subversion Arbitrary DLL Injection Code Execution
2010-12-03 69587 2010-5268 CORE IMPACT
Kindle for PC Path Subversion Arbitrary DLL Injection Code Execution
2010-12-03 69763 2010-5271
2010-5272
2010-5273
CORE IMPACT
Altova Multiple Products Path Subversion Arbitrary DLL Injection Code Execution
2010-12-02 69629 2010-5270 CORE IMPACT
Adobe Device Central Path Subversion Arbitrary DLL Injection Code Execution
2010-11-29 69569 2010-3266 Damian Saura
Alejandro Frydman
BugTracker.NET edit_bug.aspx pcd Parameter XSS
2010-11-29 69576 2010-3266 Damian Saura
Alejandro Frydman
BugTracker.NET edit_comment.aspx bug_id Parameter XSS
2010-11-29 69575 2010-3266 Damian Saura
Alejandro Frydman
BugTracker.NET edit_customfield.aspx default_name Parameter XSS
2010-11-29 69574 2010-3266 Damian Saura
Alejandro Frydman
BugTracker.NET edit_user_permissions2.aspx id Parameter XSS
2010-11-29 69573 2010-3267 Damian Saura
Alejandro Frydman
BugTracker.NET bugs.aspx qu_id Parameter SQL Injection
2010-11-29 69572 2010-3267 Damian Saura
Alejandro Frydman
BugTracker.NET delete_query.aspx row_id Parameter SQL Injection
2010-11-29 69571 2010-3267 Damian Saura
Alejandro Frydman
BugTracker.NET edit_bug.aspx Multiple Parameter SQL Injection
2010-11-29 69570 2010-3267 Damian Saura
Alejandro Frydman
BugTracker.NET massedit.aspx bug_list Parameter SQL Injection
2010-11-12 69324 2010-4010 Anibal Sacco
Matias Eissler
Apple Mac OS X Apple Type Services Embedded CFF Font Integer Signedness Arbitrary Code Execution
2010-11-10 69251 2010-2892 Aureliano Calvo
LANDesk Management Gateway gsb/drivers.php DRIVES Parameter Shell Metacharacter Arbitrary Command Execution
2010-10-20 68767 2010-2891 Andres Lopez Luksenberg
libsmi lib/smi.c smiGetNode() Function Object Identifier (OID) Handling Buffer Overflow
2010-10-13 68559 2010-2740 Diego Juarez
Sebastian Apelt
Microsoft Windows OpenType Font Parsing Unspecified Remote Code Execution
2010-10-12 68543 2010-3329 Damián Frizza
Microsoft IE HtmlDlgHelper Class Object Handling Memory Corruption
2010-10-05 68427 2010-3627 Ricardo Narvaja
Adobe Reader / Acrobat PDF Flash Code Handling Arbitrary Code Execution
2010-08-10 66983 2010-1897 Nicolas Economou
Microsoft Windows win32k.sys Driver xxxCreateWindowsEx hParent Value Handling Local Privilege Escalation
2010-08-10 66991 2010-2562 Damián Frizza
Microsoft Office Excel PivotTable Cache Data Record Handling Overflow
2010-06-24 65738 2010-1930 Francisco Falcon
Novell iManager /nps/servlet/webacc/ Tree Parameter Off-by-One Remote DoS
2010-06-23 65737 2010-1929 Francisco Falcon
Novell iManager /nps/servlet/webacc/ Multiple Parameter Overflow
2010-05-04 64446 2010-1681 Daniel Kazimirow
Microsoft Office Visio VISIODWG.DLL Crafted DXF File Handling Overflow
2010-05-04 64793 2010-1690 Nicolas Economou
Microsoft Multiple Products smtpsvc.dll DNS Implementation ID Transaction Validation MiTM DNS Response Spoofing Weakness
2010-03-16 63522 2010-1225 Nicolas Economou
Microsoft Virtual PC / Server Hypervisor Virtual Machine Monitor Memory Management Implementation Memory Location Protection Mechanism Restriction Bypass
2010-03-09 62823 2010-0264 Damián Frizza
Microsoft Office Excel XLS File DbOrParamQry Record Parsing Overflow
2010-03-09 62811 2010-0265 Damián Frizza
Microsoft Windows Movie Maker / Producer IsValidWMToolsStream() Function Project File (.MSWMM) Handling Overflow
2010-03-02 62669 2010-0766 Diego Juarez
Nadia Rodríguez
Modo 401 valet4.dll Swap4 Function LXO File Handling Overflow
2010-02-09 62235 2010-0243 Damián Frizza
Microsoft Office Excel MSO.DLL OfficeArtSpgr Container Overflow
2010-02-05 63137 Dan Crowley
Cherokee Web Server on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
2010-02-05 63138 Dan Crowley
Mongoose on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
2010-02-05 63136 Dan Crowley
nginx on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
2010-02-05 63139 Dan Crowley
lighttpd on Windows 8.3 Filename Alias Request Access Rules / Authentication Bypass
2010-02-03 62136 2010-0368 Aureliano Calvo
Adrián Manrique
LANDesk Management Gateway Arbitrary Shell Command Execution CSRF
2010-02-03 62156 2010-0255 Jorge Luis Álvarez Medina
Federico Muttis
Microsoft IE Dynamic OBJECT Tag Cross-domain Arbitrary File Access
2010-02-03 62137 2010-0369 Aureliano Calvo
Adrián Manrique
LANDesk Management Gateway Unspecified XSS
2010-02-03 62157 2010-0555 Jorge Luis Álvarez Medina
Federico Muttis
Microsoft IE text/html Content Type URLMON Sniffing Arbitrary File Access
2010-02-01 62069 2010-0440 Matias Pablo Brutti
Cisco Secure Desktop (CSD) /translation POST Body XSS
2010-01-13 61685 2010-0280 Francisco Falcon
lib3ds lib3ds/mesh.c face_array_read() Function 3DS File Handling Memory Corruption
2009-12-09 60914 2009-4237 Pablo Annetta
TestLink login.php req Parameter XSS
2009-12-09 60915 2009-4237 Pablo Annetta
TestLink lib/general/staticPage.php key Parameter XSS
2009-12-09 60916 2009-4237 Pablo Annetta
TestLink lib/attachments/attachmentupload.php tableName Parameter XSS
2009-12-09 60917 2009-4237 Pablo Annetta
TestLink lib/events/eventviewer.php Multiple Parameter XSS
2009-12-09 60918 2009-4237 Pablo Annetta
TestLink lib/results/resultsMoreBuilds_buildReport.php search_notes_string Parameter XSS
2009-12-09 60919 2009-4238 Pablo Annetta
TestLink lib/general/navBar.php targetTestCase Parameter SQL Injection
2009-12-09 60920 2009-4238 Pablo Annetta
TestLink lib/events/eventviewer.php logLevel Parameter SQL Injection
2009-12-09 60921 2009-4237 Pablo Annetta
TestLink lib/testcases/searchData.php summary Parameter XSS
2009-12-09 60981 2009-4237 Pablo Annetta
TestLink lib/testcases/searchData.php Multiple Parameter XSS
2009-12-03 60647 2009-4148 Diego Juarez
DAZ Studio Multiple File Association Arbitrary Code Execution
2009-11-23 60661 2009-3576 Diego Juarez
Fernando Arnaboldi
Federico Charosky
Autodesk Softimage Scene Package .scntoc File XSS
2009-11-23 60662 2009-3577 Sebastián Tello
Autodesk 3D Studio Max (3DSMax) .max File Handling DOSCommand Method Arbitrary Code Execution
2009-11-23 60663 2009-3578 Diego Juarez
Autodesk Maya Embedded Language (MEL) Multiple File Handling Arbitrary Code Execution
2009-11-18 60375 2009-3840 Damián Frizza
IBM solidDB Database Service (solid.exe) Malformed Error Code Remote DoS
2009-11-17 60200 2009-3840 Damián Frizza
HP OpenView Network Node Manager (OV NNM) Database Service (ovdbrun.exe) TCP Packet Handling Remote DoS
2009-11-17 60424 2009-3977 Damián Frizza
HP OpenView Network Node Manager (OV NNM) ActiveDom.ocx ActiveX Multiple Method Overflows
2009-11-05 59853 2009-3850 Diego Juarez
Sebastián Tello
Blender BLEND File ScriptLink SDNA onLoad Action Arbitrary Code Execution
2009-10-06 58883 2009-3579 Aureliano Calvo
Jetty CookieDump.java Sample Application cookie/ GET Request Value Parameter XSS
2009-08-31 57592 2009-2957 Pablo Jorge
Alberto Soliño
Dnsmasq src/tftp.c tftp_request() Function Remote Overflow
2009-07-28 43187 2008-0387 Francisco Falcon
Firebird SQL Multiple XDR Requests Remote Memory Corruption Overflow
2009-07-28 56606 2009-2620 Francisco Falcon
Firebird op_connect_request Packet Handling Remote DoS
2009-07-14 55981 2009-2533 Damián Frizza
RealNetworks Helix Server RTSP SET_PARAMETERS Request Handling DataConvertBuffer Parameter Remote DoS
2009-07-14 55982 2009-2534 Damián Frizza
RealNetworks Helix Server SETUP Request Handling Searched 0x2F Character Remote DoS
2009-07-08 55713 2009-2335 José Orlicki
Fernando Arnaboldi
WordPress Login Error Message Account Enumeration
2009-07-08 55714 2009-2336 Fernando Arnaboldi
José Orlicki
WordPress Forgotten Mail Interface New Password Request User Enumeration
2009-07-08 55712 2009-2334 Fernando Arnaboldi
José Orlicki
WordPress admin.php page Parameter Arbitrary Plugin Configuration Disclosure
2009-07-08 55715 2009-2334 Fernando Arnaboldi
José Orlicki
WordPress Plugin Configuration Module Exclude Actions By Term Field XSS
2009-07-08 55716 2009-2431 José Orlicki
Fernando Arnaboldi
WordPress HTML Comment Poster Account Name Disclosure
2009-07-08 55717 2009-2432 Fernando Arnaboldi
José Orlicki
WordPress wp-settings.php Direct Request Path Disclosure
2009-07-08 55863 2009-2386 Diego Juarez
Winds3D Viewer Plugin GetURL Method Arbitrary Remote File Execution
2009-06-09 54945 2009-1140 Jorge Luis Álvarez Medina
Microsoft IE Cached Data Handling Cross-Domain Information Disclosure
2009-06-09 54969 2009-2011 Diego Juarez
Firefox Plugin for DX Studio Player shell.execute() API Method Arbitrary Command Execution
2009-06-02 55002 2009-0949 Anibal Sacco
CUPS cupsd cups/ipp.c ippReadIO Function IPP Packet Handling Remote DoS
2009-05-28 54825 2009-1792 Diego Juarez
Ston3D StandalonePlayer system.openURL() Function Shell Metacharacter Remote Command Execution
2009-05-28 54826 2009-1792 Diego Juarez
Ston3D WebPlayer system.openURL() Function Shell Metacharacter Remote Command Execution
2009-05-20 54610 2009-1729 SCS Team
Sun Java System Communications Express uwc/abs/search.xml abperson_displayName Parameter XSS
2009-05-20 54609 2009-1729 SCS Team
Sun Java System Communications Express uwc/base/UWCMain URL Parameter XSS
2009-05-02 54647 2009-1376
2009-2694
Federico Muttis
Pidgin libpurple msn_slplink_process_msg() Function MSN SLP Message Handling Remote Overflow
2009-05-02 55246 2009-2694
2009-1376
Loic VALBON
Federico Muttis
Adium libpurple msn_slplink_process_msg() Function MSN SLP Message Handling Remote Overflow
2009-04-21 53920 2009-1357 SCS Team
Sun Java System Delegated Administrator /da/DA/Login HELP_PAGE Parameter HTTP Response Splitting
2009-03-31 53179 2009-1218 SCS Team
Sun Java System Calendar Server login.wcap Fmt-out Parameter XSS
2009-03-31 53180 2009-1218 SCS Team
Sun Java System Calendar Server command.shtml date Parameter XSS
2009-03-10 55614 2009-0837 Francisco Falcon
Foxit Reader Filename Argument Handling Overflow
2009-03-09 55615 2009-0836 Francisco Falcon
Foxit Reader Multiple Action Trigger Condition Satisfication Arbitrary Command Execution
2009-02-03 55423 2009-0388 Ariel Futoransky
Fernando Russ
Alfredo Ortega
TightVNC ClientConnection.cpp Multiple Function Integer Signedness Error Remote Code Execution
2009-02-03 55422 2009-0388 Alfredo Ortega
Fernando Russ
Ariel Futoransky
UltraVNC ClientConnection.cpp Multiple Function Integer Signedness Error Remote Code Execution
2009-01-28 55720 2009-0323 Alfredo Ortega
Dan Crowley
Amaya Web Browser Xml2thot.c Multiple Function Overflow
2009-01-28 55721 2009-0323 Dan Crowley
Alfredo Ortega
Amaya Web Browser html2toth.c Multiple Function Overflow
2009-01-22 53242 2009-0920
2009-0921
Oren Isacson
HP OpenView Network Node Manager (OV NNM) OvCgi/Toolbar.exe Multiple Cookie Handling Overflow
2009-01-21 53243 2009-0921 Oren Isacson
HP OpenView Network Node Manager (OV NNM) Accept-Language HTTP Header Handling Remote Overflow
2009-01-08 51419 2009-0496 Federico Muttis
Openfire logviewer.jsp log Parameter XSS
2009-01-08 51420 2009-0496 Federico Muttis
Openfire log.jsp log Parameter XSS
2009-01-08 51421 2009-0496 Federico Muttis
Openfire group-summary.jsp search Parameter XSS
2009-01-08 51422 2009-0496 Federico Muttis
Openfire user-properties.jsp username Parameter XSS
2009-01-08 51423 2009-0496 Federico Muttis
Openfire audit-policy.jsp Multiple Parameter XSS
2009-01-08 51424 2009-0496 Federico Muttis
Openfire server-properties.jsp propName Parameter XSS
2009-01-08 51425 2009-0496 Federico Muttis
Openfire muc-room-edit-form.jsp Multiple Parameter XSS
2009-01-08 51426 2009-0497 Federico Muttis
Openfire log.jsp log Parameter Traversal Arbitrary File Access
2008-12-22 52913 2008-2382 Alfredo Ortega
KVM kvm-79 VNC Server vnc.c protocol_client_msg Function Crafted Message Remote DoS
2008-12-22 52912 2008-2382 Alfredo Ortega
QEMU VNC Server vnc.c protocol_client_msg Function Crafted Message Remote DoS
2008-12-09 50590 2008-4024 Ricardo Narvaja
Microsoft Office Word Malformed File Information Block (FIB) lcbPlcfBkfSdt' Field Memory Corruption
2008-09-12 48240 2008-3950 Nicolas Economou
Apple Safari on iPhone / iPod WebKit _web_drawInRect:withFont:ellipsis:alignment:measureOnly Function Crafted JavaScript Alert Call DoS
2008-08-20 47591 2008-3773 Federico Muttis
vBulletin Private Message Subject Field XSS
2008-08-20 47592 2008-3480 Francisco Falcon
Anzio Web Print Object (WePO) ActiveX mainurl Variable Overflow
2008-08-12 47413 2008-1448 Jorge Luis Álvarez Medina
Microsoft IE MHTML Protocol Handler Cross-Domain Information Disclosure
2008-08-04 47424 2008-3431 Anibal Sacco
Sun xVM VirtualBox VBoxDrv.sys VBoxDrvNtDeviceControl Function IOCTL Request Local Privilege Escalation
2008-06-10 46105 2008-2639 Sebastian Muniz
Schneider Electric CitectSCADA ODBC Service Packet Handling Remote Stack Buffer Overflow
2008-06-04 45969 2008-2542 Alfredo Ortega
NASA Ames BigView Ppm/ppm.C getline Function PNM File Handling Overflow
2008-05-20 45422 2008-2559 Damián Frizza
Borland InterBase Packet Processing Remote Overflow
2008-05-05 44801 2008-2005 Sebastian Muniz
Invensys Wonderware InTouch SuiteLink Service (slssvc.exe) Crafted Registration Packet Remote DoS
2008-05-05 44800 2008-2080 Alfredo Ortega
Common Data Format Read32s_64 Function Crafted CDF File Handling Overflow
2008-04-28 44683 2008-1737 Damian Saura
Anibal Sacco
Dario Menichelli
Norberto Kueffner
Andres Blanco
Rodrigo Carvalho
Sophos Anti-Virus NtCreateKey Hooked SSDT Function Local DoS
2008-04-28 44764 2008-1738 Damian Saura
Anibal Sacco
Dario Menichelli
Norberto Kueffner
Andres Blanco
Rodrigo Carvalho
Rising Antivirus 2008 NtOpenProcess Hooked SSDT Function Local DoS
2008-04-04 44036 2008-1602 Diego Juarez
Orbit Downloader URL Unicode Conversion Overflow
2008-03-25 43762 2008-1552 Rodrigo Carvalho
SILC Multiple Products lib/silccrypt/silcpkcs1.c silc_pkcs1_decode Function Overflow
2008-03-18 43400 2008-1000 Rodrigo Carvalho
Apple Mac OS X Wiki Server ContentServer.py Traversal Arbitrary File Write
2008-03-10 43545 2008-1118 Motorola Timbuktu Pro Multiple Field Crafted Log Entry Manipulation
2008-03-10 43544 2008-1117 Luigi Auriemma
Motorola Timbuktu Pro Flash Notes (tb2ftp.dll) Traversal Arbitrary File Upload
2008-03-04 43182 2008-0985 Alfredo Ortega
Google Android SDK WebKit Framework GIF Library GIF Handling Overflow
2008-03-04 43183 2008-0986 Alfredo Ortega
Google Android SDK libsgl.so BMP::readFromStream Method BMP Handling Overflow
2008-02-27 43002 2008-0984 Core Security Team
VLC Media Player MP4 Demuxer (mp4.c) Arbitrary Memory Overwrite
2008-02-04 42201 2008-0485 Damián Frizza
Alfredo Ortega
MPlayer libmpdemux/demux_mov.c MOV File stsc Atom Tag Handling Overflow
2008-02-04 42197 2008-0486 Damián Frizza
Alfredo Ortega
MPlayer libmpdemux/demux_audio.c FLAC Tag Processing Memory Corruption
2008-01-07 43074 2008-1136 Alfredo Ortega
SynCE vdccm src/utils.cpp Utils::runScripts Function Remote Command Execution
2007-12-03 42192 2007-6262 Ricardo Narvaja
VLC Media Player ActiveX (axvlc.dll) Multiple Function Arbitrary Code Execution
2007-11-27 40796 2007-6593 Sebastian Muniz
Autonomy Keyview SDK l123sr.dll Worksheet File (WKS) Handling Overflows
2007-09-25 40556 2007-4901
2007-5124
Lucas Lavarello
AOL Instant Messenger (AIM) IE Server Control Notification Window Script Injection
2007-03-13 33050 2007-1365 Alfredo Ortega
OpenBSD kern/uipc_mbuf2.c mbuf Crafted ICMP6 Packet Remote Code Execution
2007-03-05 33502 2007-1264
2007-1269
2007-1265
2007-1268
2007-1267
2007-1266
Gerardo Richarte
Multiple Mail Client --status-fd GnuPG Invocation Spoofed Content Weakness
2007-03-05 33501 2007-1263 Gerardo Richarte
GnuPG / GPGME Unsigned OpenPGP Message Weakness
2006-12-13 31509 2006-6563 Alfredo Ortega
ProFTPD mod_ctrls Module pr_ctrls_recv_request Function Local Overflow
2006-09-07 30953 2006-4661 Lucas Lavarello
Sebastian Cufre
Ezequiel Gutesman
Javier Garcia Di Palma
Luciana Tabo
ICQ Toolbar Configuration Webpage Origin Verification Failure
2006-09-07 28646 2006-4660 Lucas Lavarello
Sebastian Cufre
Ezequiel Gutesman
Javier Garcia Di Palma
Luciana Tabo
ICQ Toolbar RSS Feed Multiple Field XSS
2006-09-07 28645 2006-4662 Lucas Lavarello
Sebastian Cufre
Ezequiel Gutesman
Javier Garcia Di Palma
Luciana Tabo
ICQ Pro 2003b MCRegEx__Search Routine Remote Overflow
2006-07-28 27644 2006-3942 Gerardo Richarte
Microsoft Windows Server Driver (srv.sys) Crafted SMB Packet NULL Dereference DoS
2006-06-06 26176 2006-2923 Damian Saura
Alejandro Lozanoff
Eduardo Koch
Norberto Kueffner
Ivan Arce
IAXClient Open Source Library iax_net_read Function Packet Handling Remote Overflow
2006-03-20 24224 2006-1344 Alberto Soliño
VeriSign haydn.exe VHTML_FILE Variable Error Output XSS
2005-07-12 17844 2005-2278 Ariel Sanchez
MailEnable IMAP STATUS Command Remote Overflow
2004-10-12 10697 2004-0574 Lucas Lavarello
Microsoft Windows/Exchange NNTP Component Remote Overflow
2004-08-09 8406 2004-1702 Juan Pablo Martinez Kuhn
Cfengine AuthenticationDialogue() Function Remote DoS
2004-08-09 14664 2004-1701 Juan Pablo Martinez Kuhn
Cfengine AuthenticationDialogue() Function Remote Overflow
2004-08-03 8299 2004-1440 Daniel De Luca
Daniel De Luca
Carlos Sarraute
PuTTY modpow() Pre-authentication Arbitrary Code Execution
2003-09-18 2171 2003-0759 Juan Pablo Martinez Kuhn
IBM DB2 db2licm Command Line Local Overflow
2003-09-18 9501 2003-0758 Juan Pablo Martinez Kuhn
IBM DB2 db2dart Command Line Local Overflow
2003-07-02 12655 2003-0507 Pablo Rubinstein
Gabriel Becedillas
Ricardo Quesada
Damian Saura
Microsoft Windows Active Directory LSASS.EXE DoS
2003-07-02 2237 Eduardo Arias
Gabriel Becedillas
Ricardo Quesada
Damian Saura
Microsoft Windows 2000 Active Directory Lsass.exe Overflow
2003-07-02 2239 2003-0505 Hernán Ochoa
Gustavo Ajzenman
Javier Garcia Di Palma
Pablo Rubinstein
Microsoft NetMeeting Arbitrary File Write/Execution
2003-05-27 4804 2003-0240 Juliano Rizzo
Axis Network Camera HTTP Authentication Bypass
2003-04-28 6294 2003-0220 Emiliano Kargieman
Hernán Gips
Javier Burroni
Kerio Personal Firewall Administrator Authentication Handshake Packet Remote Overflow
2003-04-15 4444 2003-0209 Core Security Team
Snort stream4 Reassemble Module Overflow
2003-03-19 9795 2003-0129 Diego Kelyacoubian
Javier Kohen
Alberto Soliño
Juan Vera
Ximian Evolution Mail User Agent UUencoded Mail DoS
2002-11-15 18470 2002-1312 Alex S. Harasic
Gerardo Richarte
Linksys Multiple Router Web Management Interface Password Field Buffer Overflow
1998-04-22 1003 1999-0493 Ivan Arce
Solaris rpc.statd RPC Call Relaying

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
License - Privacy Statement - Terms of Use