Vulnerability Disclosures

December 2013

Solutionary Disclosure ID Risk Rating CVE ID Title Disclosure Date
SERT-VDN-1014 Medium CVE-2013-6240 s8Tunes Playlist Heap Buffer Overflow 12/06/2013

January 2012

Solutionary Disclosure ID Risk Rating CVE ID Title Disclosure Date
SERT-VDN-1013 High CVE-2011-4821 D-Link DIR-601 TFTP Directory Traversal Vulnerability 01/20/2012

August 2011

Solutionary Disclosure ID Risk Rating CVE ID Title Disclosure Date
SERT-VDN-1012 Medium CVE-2011-3694 NetSaro Enterprise Messenger Server Administration Console Null Byte Request Source Code Disclosure 8/22/2011
SERT-VDN-1010 Medium CVE-2011-3692 NetSaro Enterprise Messenger Server Administration Console Weak Cryptographic Password Storage Vulnerability 8/15/2011
SERT-VDN-1011 Medium CVE-2011-3693 NetSaro Enterprise Messenger Server Plaintext Password Storage Vulnerability 5/30/2011

July 2011

Solutionary Disclosure ID Risk Rating CVE ID Title Disclosure Date
SERT-VDN-1009 Low CVE-2011-3691 Foxit Reader Insecure Library Loading 7/21/2011

June 2011

Solutionary Disclosure ID Risk Rating CVE ID Title Disclosure Date
SERT-VDN-1008 Low CVE-2011-3690 PDFill Insecure Library Loading 6/9/2011

May 2011

Solutionary Disclosure ID Risk Rating CVE ID Title Disclosure Date
SERT-VDN-1007 Low CVE-2011-3689 CodeMeter WebAdmin Cross-site Scripting (XSS) Vulnerability 5/30/2011

April 2011

Solutionary Disclosure ID Risk Rating CVE ID Title Disclosure Date
SERT-VDN-1006 High CVE-2011-3688 Sonexis SQL Injection 4/06/2011
SERT-VDN-1005 Low CVE-2011-3686, CVE-2011-3687 Sonexis XSS Vulnerabilities 4/06/2011

February 2011

Solutionary Disclosure ID Risk Rating CVE ID Title Disclosure Date
SERT-VDN-1004 Medium CVE-2011-3685 Tembria Server Monitor Weak Xpto Pwd Storage 2/14/2011
SERT-VDN-1003 Low CVE-2011-3684 Tembria Server Monitor XSS 2/14/2011

December 2010

Solutionary Disclosure ID Risk Rating CVE ID Title Disclosure Date
SERT-VDN-1002 High CVE-2010-4322 Novell Vibe OnPrem 3 BETA Stored Cross-site Scripting Vulnerability 12/10/2010
SERT-VDN-1001 Low CVE-2010-4841 ManageEngine EventLog Analyzer Multiple Cross-site Scripting (XSS) Vulnerabilities 12/10/2010
SERT-VDN-1000 High CVE-2010-4840 ManageEngine EventLog Analyzer Syslog Remote Denial of Service Vulnerability 12/10/2010