Bugtraq: by date
RSS Feed
About List
All Lists
Previous period
218 messages
starting Mar 01 16 and
ending Mar 31 16
Date index |
Thread index |
Author index
Tuesday, 01 March
WordPress plugin GravityForms Cross-site Scripting vulnerability Henri Salo
[SYSS-2016-009] Sophos UTM 525 Web Application Firewall - Cross-Site Scripting in adrian . vollmer
Executable installers are vulnerable^WEVIL (case 29): putty-0.66-installer.exe allowa arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak
[SECURITY] [DSA 3500-1] openssl security update Alessandro Ghedini
[SECURITY] [DSA 3501-1] perl security update Salvatore Bonaccorso
Wednesday, 02 March
Vivint Sky Control Panel Unauthenticated Access Vulnerability jeremyscott
[security bulletin] HPSBGN03442 rev.1 - HP Helion OpenStack using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert
[security bulletin] HPSBHF03545 rev. 1 - HP EliteBook and Zbook Products with Windows NVidia Graphics Driver, Multiple Local Vulnerabilities HP Security Alert
[REVIVE-SA-2016-001] Revive Adserver - Multiple vulnerabilities Matteo Beccati
Cisco Security Advisory: Cisco NX-OS Software SNMP Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Web Security Appliance HTTPS Packet Processing Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Nexus 3000 Series and 3500 Platform Switches Insecure Default Credentials Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco NX-OS Software TCP Netstack Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: March 2016 Cisco Systems Product Security Incident Response Team
Open-Xchange Security Advisory 2016-03-02 Martin Heiland
Panda SM Manager iOS Application - MITM SSL Certificate Vulnerability David Coomber
[security bulletin] HPSBHF03436 rev.1 - HP Thin Client with ThinPro OS, running Linux, Local Elevated Privileges HP Security Alert
Thursday, 03 March
WordPress Bulk Delete Plugin [Privilege Escalation] Panagiotis Vagenas
[slackware-security] php (SSA:2016-062-03) Slackware Security Team
[slackware-security] openssl (SSA:2016-062-02) Slackware Security Team
[slackware-security] mailx (SSA:2016-062-01) Slackware Security Team
[SECURITY] [DSA 3502-1] roundup security update Yves-Alexis Perez
[SECURITY] [DSA 3426-2] ctdb regression update Salvatore Bonaccorso
[SECURITY] [DSA 3503-1] linux security update Salvatore Bonaccorso
[security bulletin] HPSBGN03550 rev.2 - HP Operations Manager i and BSM using Apache Flex BlazeDS, Remote Disclosure of Information security-alert
[security bulletin] HPSBHF03439 rev.1 - HP Commercial PCs with Sure Start, Local Denial of Service HP Security Alert
[security bulletin] HPSBPI03546 rev.1 - HP LaserJet Printers and MFPs, HP OfficeJet Enterprise Printers, Remote Disclosure of Information HP Security Alert
Friday, 04 March
[SYSS-2015-053] innovaphone IP222/IP232 - Denial of Service disclosure
[SYSS-2015-064] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) erlijn . vangenuchten
[SYSS-2015-060] Thru Managed File Transfer Portal 9.0.2 - Improperly Implemented Security Check for Standard (REVISED) erlijn . vangenuchten
[SYSS-2015-059] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) erlijn . vangenuchten
[SYSS-2015-058] Thru Managed File Transfer Portal 9.0.2 - Insecure Direct Object Reference (REVISED) erlijn . vangenuchten
[SECURITY] [DSA 3506-1] libav security update Moritz Muehlenhoff
[SECURITY] [DSA 3505-1] wireshark security update Moritz Muehlenhoff
[SECURITY] [DSA 3504-1] bsh security update Sebastien Delafond
McAfee VirusScan Enterprise security restrictions bypass Agazzini Maurizio
Sunday, 06 March
Executable installers are vulnerable^WEVIL (case 31): MalwareBytes' installers allows arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak
Executable installers are vulnerable^WEVIL (case 30): clamwin-0.99-setup.exe allows arbitrary (remote) code execution WITH escalation of privilege Stefan Kanthak
[SECURITY] [DSA 3507-1] chromium-browser security update Michael Gilbert
Multiple vulnerabilities in Wordpress plugin SP Projects & Document Manager mail
[SECURITY] [DSA 3508-1] jasper security update Salvatore Bonaccorso
Monday, 07 March
Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Vulnerability Lab
Re: Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Dubbju
Re: Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Edsel Adap
ESA-2016-012: EMC Documentum xCP – User Information Disclosure Vulnerability Security Alert
[slackware-security] php (SSA:2016-067-01) Slackware Security Team
Tuesday, 08 March
Re: Apple iOS v9.2.1 - Multiple PassCode Bypass Vulnerabilities (App Store Link, Buy Tones Link & Weather Channel Link) Michael Lima
[security bulletin] HPSBHF03557 rev.1 - HPE Networking Products using Comware 7 (CW7) running NTP, Remote Denial of Service (DoS) security-alert
Windows Mail Find People DLL side loading vulnerability Securify B.V.
[slackware-security] samba (SSA:2016-068-02) Slackware Security Team
[slackware-security] mozilla-firefox (SSA:2016-068-01) Slackware Security Team
Thomson TWG850 Wireless Router Multiple Vulnerabilities Sebastian Perez
Wednesday, 09 March
LSE Leading Security Experts GmbH - LSE-2016-01-01 - Wordpress ProjectTheme - Multiple Vulnerabilities LSE-Advisories
OS-S 2016-05 Linux aiptek Nullpointer Dereference CVE-2015-7515 Ralf Spenneberg
OS-S 2016-06 Linux cdc_acm Nullpointer Dereference Ralf Spenneberg
OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference Ralf Spenneberg
Re: OS-S 2016-06 Linux cdc_acm Nullpointer Dereference abdyfhie
OS-S 2016-08 Linux mct_u232 Nullpointer Dereference Ralf Spenneberg
OS-S 2016-09 Linux visor clie_5_attach Nullpointer Dereference CVE-2015-7566 Ralf Spenneberg
OS-S 2016-10 Linux visor (treo_attach) Nullpointer Dereference CVE-2016-2782 Ralf Spenneberg
OS-S 2016-11 Linux wacom multiple Nullpointer Dereferences Ralf Spenneberg
OS-S 2016-12 Linux digi_acceleport Nullpointer Dereference Ralf Spenneberg
Re: Windows Mail Find People DLL side loading vulnerability Stefan Kanthak
Cisco Security Advisory: Cisco Wireless Residential Gateway with EDVA Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory:Cisco Wireless Residential Gateway Information Disclosure Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco Cable Modem with Digital Voice Remote Code Execution Vulnerability Cisco Systems Product Security Incident Response Team
Re: Windows Mail Find People DLL side loading vulnerability Securify B.V.
[SECURITY] [DSA 3509-1] rails security update Luciano Bello
[SECURITY] [DSA 3509-1] rails security update Luciano Bello
Advisory X41-2016-001: Memory Corruption Vulnerability in "libotr" X41 D-Sec GmbH Advisories
[CORE-2016-0004] - SAP Download Manager Password Weak Encryption CORE Advisories Team
Cisco Security Advisory: Cisco ASA Content Security and Control Security Services Module Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 3510-1] iceweasel security update Moritz Muehlenhoff
[SECURITY] [DSA 3509-1] rails security update Luciano Bello
[CORE-2016-0003] - Samsung SW Update Tool MiTM CORE Advisories Team
Sunday, 13 March
[SECURITY] [DSA 3511-1] bind9 security update Michael Gilbert
[SECURITY] [DSA 3512-1] libotr security update Salvatore Bonaccorso
[SE-2012-01] Broken security fix in Oracle Java SE 7/8/9 Security Explorations
[slackware-security] bind (SSA:2016-069-01) Slackware Security Team
[slackware-security] mozilla-nss (SSA:2016-069-02) Slackware Security Team
FreeBSD Security Advisory FreeBSD-SA-16:13.bind FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-16:12.openssl FreeBSD Security Advisories
[ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting Christopher Shannon
Monday, 14 March
[ANNOUNCE] CVE-2016-0734: ActiveMQ Web Console - Clickjacking Christopher Shannon
[SECURITY] [DSA 3513-1] chromium-browser security update Michael Gilbert
oss-2016-13: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) Ralf Spenneberg
oss-2016-14: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (gtco driver) Ralf Spenneberg
oss-2016-15: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) Ralf Spenneberg
oss-2016-16: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (snd-usb-audio driver) Ralf Spenneberg
oss-2016-17: Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) Ralf Spenneberg
oss-2016-18: Multiple Local RedHat Enterprise Linux DoS – RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) Ralf Spenneberg
[slackware-security] openssh (SSA:2016-070-01) Slackware Security Team
DW Question Answer Stored XSS Vulnerability Rahul Pratap Singh
WebKitGTK+ Security Advisory WSA-2016-0002 Carlos Alberto Lopez Perez
Microsoft Edge CDOMTextNode::get_data type confusion Berend-Jan Wever
[SECURITY] [DSA 3514-1] samba security update Salvatore Bonaccorso
Soundy Background Music XSS Vulnerability Rahul Pratap Singh
[SECURITY] [DSA 3515-1] graphite2 security update Moritz Muehlenhoff
[SECURITY] [DSA 3516-1] wireshark security update Moritz Muehlenhoff
Re: oss-2016-13: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) amaris
Re: oss-2016-15: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) amaris
Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) amaris
Re: oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) amaris
ESA-2016-012: EMC Documentum xCP – User Information Disclosure Vulnerability Security Alert
Reflected Cross-Site Scripiting in CuteEditor adrmm
ChitaSoft (Web-Application) - SQL Injection Vulnerability Vulnerability Lab
Chamlio LMS v1.10.2 - (Profile) Persistent Web Vulnerability Vulnerability Lab
Yahoo Bug Bounty #37 - Sender Spoofing Vulnerability Vulnerability Lab
[security bulletin] HPSBGN03373 rev.2 - HP Release Control running TLS, Remote Disclosure of Information security-alert
[security bulletin] HPSBMU03377 rev.2 - HP Release Control running RC4, Remote Disclosure of Information security-alert
Tuesday, 15 March
Re: OS-S 2016-06 Linux cdc_acm Nullpointer Dereference vdronov
Re: OS-S 2016-07 Linux cypress_m8 Nullpointer Dereference vdronov
Re: OS-S 2016-08 Linux mct_u232 Nullpointer Dereference vdronov
Re: OS-S 2016-12 Linux digi_acceleport Nullpointer Dereference vdronov
Re: OS-S 2016-11 Linux wacom multiple Nullpointer Dereferences vdronov
Re: oss-2016-17: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes (multiple free) on invalid USB device descriptors (snd-usb-audio driver) vdronov
Re: oss-2016-18: Multiple Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (ati_remote2 driver) vdronov
Re: oss-2016-13: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (powermate driver) vdronov
Re: oss-2016-15: Local RedHat Enterprise Linux DoS â?? RHEL 7.1 Kernel crashes on invalid USB device descriptors (iowarrior driver) vdronov
[security bulletin] HPSBGN03556 rev.1 - ArcSight ESM and ESM Express, Remote Arbitrary File Download, Local Arbitrary Command Execution security-alert
Defense in depth -- the Microsoft way (part 39): vulnerabilities, please meet the bar for security servicing Stefan Kanthak
[ANNOUNCE][CVE-2016-0779] Apache TomEE 1.7.4 and 7.0.0-M3 releases Romain Manni-Bucau
[slackware-security] git (SSA:2016-075-01) Slackware Security Team
[slackware-security] seamonkey (SSA:2016-075-02) Slackware Security Team
Wednesday, 16 March
Reflected Cross-Site Scripting (XSS) Vulnerability in Litecart CMS rsrathoreravi
[SECURITY] [DSA 3518-1] spip security update Sebastien Delafond
[security bulletin] HPSBGN03558 rev.1 - ArcSight ESM and ESM Express, Remote Disclosure of Sensitive Information security-alert
[CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow CORE Advisories Team
Re: [FD] [CORE-2016-0005] - FreeBSD Kernel amd64_set_ldt Heap Overflow jungle Boogie
FreeBSD Security Advisory FreeBSD-SA-16:14.openssh FreeBSD Security Advisories
FreeBSD Security Advisory FreeBSD-SA-16:15.sysarch FreeBSD Security Advisories
Thursday, 17 March
Multiple (persistent) XSS in ProjectSend mail
CVE-2016-1518: GrandStream Android VoIP Phone / App Provisioning Vulnerability Georg Lukas
CVE-2016-1519: GrandStream Android VoIP App TLS MitM Vulnerability Georg Lukas
CVE-2016-1520: GrandStream Android VoIP App Update Redirection Georg Lukas
Re: [ANNOUNCE] CVE-2016-0782: ActiveMQ Web Console - Cross-Site Scripting Derek Mahar
[CVE-2016-2345] Solarwinds Dameware Mini Remote Control Remote Code Execution Vulnerability contact
[SECURITY] [DSA 3519-1] xen security update Moritz Muehlenhoff
[slackware-security] mozilla-firefox (SSA:2016-077-01) Slackware Security Team
Xoops 2.5.7.2 CSRF - Arbitrary User Deletions hyp3rlinx
Xoops 2.5.7.2 Directory Traversal Bypass hyp3rlinx
Friday, 18 March
Re: server and client side remote code execution through a buffer overflow in all git versions before 2.7.1 (unpublished ᴄᴠᴇ-2016-2324 and ᴄᴠᴇ‑2016‑2315) Laël Cellier
Remote Code Execution via CSRF in iTop High-Tech Bridge Security Research
Admin Password Reset & RCE via CSRF in Dating Pro High-Tech Bridge Security Research
SQL Injection and RCE in WebsiteBaker High-Tech Bridge Security Research
Saturday, 19 March
[SECURITY] [DSA 3520-1] icedove security update Moritz Muehlenhoff
[security bulletin] HPSBGN03438 rev.1 - HP Support Assistant, Local Authentication Bypass HP Security Alert
Sunday, 20 March
[SECURITY] [DSA 3521-1] git security update Salvatore Bonaccorso
[SECURITY] [DSA 3522-1] squid3 security update Salvatore Bonaccorso
[SECURITY] [DSA 3523-1] iceweasel security update Moritz Muehlenhoff
[SECURITY] [DSA 3524-1] activemq security update Moritz Muehlenhoff
AbsoluteTelnet 10.14 DLL Hijack Code Exec hyp3rlinx
Monday, 21 March
[security bulletin] HPSBGN03551 rev.1 - HPE Helion Development Platform using glibc, Remote Denial of Service (DoS), Arbitrary Code Execution security-alert
[security bulletin] HPSBGN03560 rev.1 - HP Operations Orchestration using Java Deserialization, Remote Arbitrary Code Execution security-alert
[security bulletin] HPSBMU03562 rev.1 - HPE Service Manager using Java Deserialization, Remote Arbitrary Code Execution security-alert
APPLE-SA-2016-03-21-1 iOS 9.3 Apple Product Security
APPLE-SA-2016-03-21-2 watchOS 2.2 Apple Product Security
APPLE-SA-2016-03-21-4 Xcode 7.3 Apple Product Security
APPLE-SA-2016-03-21-7 OS X Server 5.1 Apple Product Security
APPLE-SA-2016-03-21-3 tvOS 9.2 Apple Product Security
APPLE-SA-2016-03-21-6 Safari 9.1 Apple Product Security
APPLE-SA-2016-03-21-5 OS X El Capitan 10.11.4 and Security Update 2016-002 Apple Product Security
Tuesday, 22 March
[RT-SA-2016-002] Cross-site Scripting in Securimage 3.6.2 RedTeam Pentesting GmbH
[SECURITY] [DSA 3525-1] pixman security update Salvatore Bonaccorso
Wednesday, 23 March
Remote Code Execution in DVR affecting over 70 different vendors rotem kerner
[SECURITY] [DSA 3526-1] libmatroska security update Sebastien Delafond
CVE-2016-2166: Apache Qpid Proton python binding silently ignores request for 'amqps' if SSL/TLS not supported Ken Giusti
CA20160323-01: Security Notice for CA Single Sign-On Web Agents Kotas, Kevin J
Hardcoded root password in Zyxel MAX3XX series Wimax CPEs Gianni Carabelli
Cisco Security Advisory: Cisco IOS and IOS XE Software DHCPv6 Relay Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS and IOS XE and Cisco Unified Communications Manager Software Session Initiation Protocol Memory Leak Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS and IOS XE Software Internet Key Exchange Version 2 Fragmentation Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS and IOS XE Software Smart Install Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS and NX-OS Software Locator/ID Separation Protocol Packet Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
Cisco Security Advisory: Cisco IOS Software Wide Area Application Services Express Denial of Service Vulnerability Cisco Systems Product Security Incident Response Team
[SECURITY] [DSA 3528-1] pidgin-otr security update Sebastien Delafond
[SECURITY] [DSA 3529-1] redmine security update Moritz Muehlenhoff
Thursday, 24 March
XSS (Cross Site Scripting) in Social CRM & Community Solutions powered by Lithium in Knowledge base section netizen01k
[SECURITY] [DSA 3527-1] inspircd security update Sebastien Delafond
[SYSS-2016-017] innovaphone IP222 - Improper Input Validation sven . freund
[SYSS-2016-018] innovaphone IP222 - Improper Restriction of Excessive Authentication Attempts sven . freund
[SYSS-2016-016] innovaphone IP222 - Improper Input Validation sven . freund
Friday, 25 March
[security bulletin] HPSBMU03562 rev.2 - HPE Service Manager using Java Deserialization, Remote Arbitrary Code Execution security-alert
[security bulletin] HPSBGN03563 rev.1 - HPE IceWall Products using OpenSSL, Remote Denial of Service (DoS), Local Denial of Service (DoS), Disclosure of Information security-alert
[CVE-2016-0783] Predictable password reset token Maxim Solodovnik
[CVE-2016-2164] Arbitrary file read via SOAP API Maxim Solodovnik
[CVE-2016-2163] Stored Cross Site Scripting in Event description Maxim Solodovnik
Saturday, 26 March
[SECURITY] [DSA 3530-1] tomcat6 security update Moritz Muehlenhoff
[slackware-security] libevent (SSA:2016-085-01) Slackware Security Team
[slackware-security] mozilla-thunderbird (SSA:2016-085-02) Slackware Security Team
[SECURITY] [DSA 3531-1] chromum-browser security update Michael Gilbert
TrendMicro DDI Cross Site Request Forgerys hyp3rlinx
Sunday, 27 March
[SECURITY] [DSA 3532-1] quagga security update Salvatore Bonaccorso
Monday, 28 March
Validation Bypass in C2Box application : CVE - 2015-4626 harish . ramadoss
BMC-2015-0010: User enumeration vulnerability in BMC Server Automation (BSA) Unix/Linux RSCD Agent (CVE-2016-1542) appsec
BMC-2015-0011: Unauthorized password reset vulnerability in BMC Server Automation (BSA) (CVE-2016-1543) appsec
[SECURITY] [DSA 3533-1] openvswitch security update Salvatore Bonaccorso
Tuesday, 29 March
Fireware XTM Web UI - Open Redirect Manuel Mancera
[SECURITY] [DSA 3534-1] dhcpcd security update Salvatore Bonaccorso
[security bulletin] HPSBGN03444 rev.2 - HPE Network Automation, Remote Code Execution, Disclosure of Sensitive Information security-alert
Wednesday, 30 March
[SECURITY] [DSA 3535-1] kamailio security update Moritz Muehlenhoff
Easy Hosting Control Panel (EHCP) - Multiple Vulnerabilities kyle Lovett
CVE-2016-2385 Kamailio SEAS module heap buffer overflow Stelios Tsampas
Multiple Vulnerabilities in CubeCart High-Tech Bridge Security Research
[CVE-2016-0784] Apache OpenMeetings ZIP file path traversal Maxim Solodovnik
Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability Cisco Systems Product Security Incident Response Team
RE: Cisco Security Advisory: Cisco Firepower Malware Block Bypass Vulnerability Murray, Mike
Thursday, 31 March
[SECURITY] [DSA 3536-1] libstruts1.2-java security update Sebastien Delafond
[SECURITY] [DSA 3537-1] imlib2 security update Sebastien Delafond
[SECURITY] [DSA 3538-1] libebml security update Sebastien Delafond
Patron Info System - SQL Injection Vulnerability Vulnerability Lab
Hi Technology & Services CMS - SQL Injection Vulnerabilities Vulnerability Lab
WP External Links v1.80 - Cross Site Scripting Web Vulnerabilities Vulnerability Lab
Docker UI v0.10.0 - Multiple Client Side Cross Site Request Forgery Web Vulnerabilities Vulnerability Lab
Cades (2016Q1) - (id) Multiple SQL Injection Vulnerabilities Vulnerability Lab
Dorsa Web CMS - Multiple SQL Injection Vulnerabilities Vulnerability Lab
Docker UI v0.10.0 - Multiple Persistent Vulnerabilities Vulnerability Lab
Trend Micro (SSO) - (Backend) SSO Redirect & Session Vulnerability Vulnerability Lab