Affiliation/Organization: Sense of Security


Time to Patch Stats

For vulnerabilities disclosed through this affiliation where we have sufficient data to calculate the time to patch (18 vulns), the following statistics apply:

Min Time To Patch:3 days
Avg Time To Patch:83 days
Max Time To Patch:332 days

Other Affiliations

Creditees Affiliated with Sense of Security have also affiliated with:

Security-Assessment.com (1)
Zero Day Initiative (ZDI) (1)

Website: http://www.senseofsecurity.com.au/

Creditees currently or formerly associated with Sense of Security (11):
(ordered by association date)

Known SinceNameVulns Through Affiliation
2010-10-05Brett Gervasoni3
2010-12-20Sense of Security13
2011-03-27Phil Taylor8
2011-04-15Kaan Kivilcim1
2011-05-03Karan Khosla1
2012-02-23Nathaniel Carew6
2012-03-12Niket Khosla1
2012-05-13Jason Edelstein2
2012-06-13Nadeem Salim8
2013-04-29Blair Strang1
2013-10-08Chris Archimandritis1

Disclosed Vulnerabilities (39):

Discl. DateOSVDB IDCVE IDCrediteesTitle
2013-12-10 103491 Jason Edelstein
SAP Web Runtime and API Commands (BW-BEX-ET-WJR-RT) BW-BEX Unspecified Reflected XSS
2013-10-08 105492 Chris Archimandritis
SAP UDDI Server (BC-ESI-UDDI) Unspecified Reflected XSS
2013-04-29 97699 Blair Strang
Mi-Token Two-Factor Authentication (2FA) OTP Verification Brute Force Weakness
2013-04-05 92227 2013-6618 Sense of Security
Juniper Junos J-Web Sajax file/jsdm/ajax/port.php rs Parameter Remote Command Execution
2013-04-03 91982 Nathaniel Carew
Google Apps Directory Sync (GADS) PBEwithMD5andDES Algorithm Weakness Stored Credential Local Disclosure
2012-11-29 87998 Nathaniel Carew
SilverStripe Site Title Field XSS
2012-11-29 87997 Nathaniel Carew
SilverStripe /admin/security/EditForm/ Arbitrary Admin User Creation CSRF
2012-10-10 86254 Nathaniel Carew
FileBound On-Site Password Change SOAP Request UserID Parameter Parsing Arbitrary Password Manipulation
2012-09-05 85483 Phil Taylor
Nadeem Salim
Ektron CMS /WorkArea/Blogs/xmlrpc.aspx XML External Entity (XXE) Data Parsing Arbitrary File Disclosure
2012-09-05 85481 Phil Taylor
Nadeem Salim
Ektron CMS /WorkArea/Upload.asp JPEG File Upload ASPX Code Execution
2012-08-24 84956 Phil Taylor
Nadeem Salim
elcomCMS UploadStyleSheet.aspx ASPX File Upload Remote ASP Code Execution
2012-06-14 83292 Nadeem Salim
Squiz Matrix _admin/ XML External Entity (XXE) Data Parsing Arbitrary File Disclosure
2012-06-14 83234 Nadeem Salim
Squiz Matrix _admin/ Multiple Parameter XSS
2012-06-13 83338 Nadeem Salim
Phil Taylor
QNAP Turbo NAS nas_p Cookie Parameter Base-64 Authentication Credential Storage Weakness
2012-06-13 83307 Nadeem Salim
Phil Taylor
QNAP Turbo NAS Qdownload/DS_RSS_Option.cgi Multiple Parameter Remote Command Execution
2012-06-13 83308 Nadeem Salim
Phil Taylor
QNAP Turbo NAS Secure / HttpOnly Flag Cookie Weakness
2012-05-13 82021 Jason Edelstein
NETGEAR N600 (WNDRMAC) unauth.cgi Password Reset Functionality Credential Disclosure
2012-03-12 80077 Niket Khosla
Aurora WebOPAC MemberDetailsRecovery.aspx txtEmailAliasBarcode Parameter SQL Injection
2012-03-07 80568 Sense of Security
Iciniti Store logon_forgot_password.aspx ctlEmail Parameter SQL Injection
2012-02-24 79618 Nathaniel Carew
Snom VoIP Phone Admin Password Manipulation CSRF
2012-02-24 79819 Phil Taylor
Symfony XmlEncoder Component XML External Entity (XXE) Data Parsing Arbitrary File Disclosure
2012-02-23 79655 Nathaniel Carew
Snom VoIP Phone advanced_network.htm Password Reset Admin Password Manipulation
2011-07-19 73971 2011-2260 Sense of Security
Sun GlassFish Enterprise Server help/helpwindow.jsf Multiple Parameter XSS
2011-07-19 73972 2011-2260 Sense of Security
Sun GlassFish Enterprise Server Administration Log Viewer Login Field XSS
2011-06-14 73066 2011-2104 Brett Gervasoni
Adobe Reader / Acrobat Unspecified Memory Corruption DoS
2011-05-18 72416 2011-0959 Sense of Security
Cisco Unified Operations Manager iptm/advancedfind.do extn Parameter XSS
2011-05-18 72414 2011-0960 Sense of Security
Cisco Unified Operations Manager iptm/PRTestCreation.do CCMs Parameter SQL Injection
2011-05-18 72415 2011-0960 Sense of Security
Cisco Unified Operations Manager iptm/TelePresenceReportAction.do ccm Parameter SQL Injection
2011-05-18 72417 2011-0959 Sense of Security
Cisco Unified Operations Manager iptm/ddv.do deviceInstanceName Parameter XSS
2011-05-18 72418 2011-0959 Sense of Security
Cisco Unified Operations Manager iptm/eventmon Multiple Parameter XSS
2011-05-18 72419 2011-0959 Sense of Security
Cisco Unified Operations Manager iptm/faultmon/ui/dojo/Main/eventmon_wrapper.jsp Multiple Parameter XSS
2011-05-18 72420 2011-0959 Sense of Security
Cisco Unified Operations Manager iptm/logicalTopo.do Multiple Parameter XSS
2011-05-18 72421 2011-0962 Sense of Security
Cisco Unified Operations Manager CSCOnm/servlet/com.cisco.nm.help.ServerHelpEngine tag Parameter XSS
2011-05-03 72165 Karan Khosla
Proofpoint Protection Server enduser/process.cgi displayprogress Parameter XSS
2011-04-15 71843 Kaan Kivilcim
Collaborative Passwords Manager (cPassMan) sources/downloadFile.php path Parameter Traversal Arbitrary File Access
2011-03-27 71481 2011-4342 Phil Taylor
BackWPup Plugin for WordPress wp_xml_export.php wpabs Parameter Remote File Inclusion
2011-02-08 71395 2011-0585 Brett Gervasoni
Adobe Reader / Acrobat Unspecified DoS (2011-0585)
2010-12-20 69986 Sense of Security
CommunityManager.NET Multiple Cookie Authentication Bypass
2010-10-05 68430 2010-3630 Brett Gervasoni
Adobe Reader / Acrobat AcroRd32.dll sub_60AF56 Function Memory Corruption

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2014 Open Sourced Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use