Tenable Research Advisories -

This page contains information regarding security vulnerabilities in third-party software discovered by a dedicated team supported by researchers and engineers at Tenable. Tenable believes in coordinated disclosure, working with vendors to better protect our customers. Here is our public key. Please refer to our Vulnerability Disclosure Policy for additional details.

For issues that impact Tenable products, please visit the Tenable Product Security Advisories. For more details on submitting vulnerability information for Tenable products, please see our Vulnerability Reporting Guidelines page.

Find a vulnerability in a Tenable product?

Please report it here

Report

Date	Advisory ID	Name	Severity	CVE ID
December 30, 2021	TRA-2021-58	Bitmask Riseup Local Privilege Escalation	High	CVE-2021-44466
December 30, 2021	TRA-2021-57	Netgear Nighthawk R6700 Multiple Vulnerabilities	High	CVE-2021-20173 CVE-2021-20174 CVE-2021-20175 CVE-2021-23147 CVE-2021-45732 CVE-2021-45077
December 30, 2021	TRA-2021-56	Netgear Genie MacOS Installer Privilege Escalation	Medium	CVE-2021-20172
December 30, 2021	TRA-2021-55	Netgear Nighthawk RAX43 Multiple Vulnerabilities	Critical	CVE-2021-20166 CVE-2021-20167 CVE-2021-20168 CVE-2021-20169 CVE-2021-20170 CVE-2021-20171
December 30, 2021	TRA-2021-54	Trendnet AC2600 TEW-827DRU Multiple Vulnerabilities	Critical	CVE-2021-20149 CVE-2021-20150 CVE-2021-20151 CVE-2021-20152 CVE-2021-20153 CVE-2021-20154 CVE-2021-20155 CVE-2021-20156 CVE-2021-20157 CVE-2021-20158 CVE-2021-20159 CVE-2021-20160 CVE-2021-20161 CVE-2021-20162 CVE-2021-20163 CVE-2021-20164 CVE-2021-20165
December 30, 2021	TRA-2021-53	AutoDesk Meshmixer macOS Installer Local Privilege Escalation	Medium
December 23, 2021	TRA-2021-52	ManageEngine SelfService Plus Multiple Vulnerabilities	Medium	CVE-2021-20147 CVE-2021-20148
December 7, 2021	TRA-2021-51	Multiple Vulnerabilities in Gryphon Tower Router	Critical	CVE-2021-20137 CVE-2021-20138 CVE-2021-20139 CVE-2021-20140 CVE-2021-20141 CVE-2021-20142 CVE-2021-20143 CVE-2021-20144 CVE-2021-20145 CVE-2021-20146
November 16, 2021	TRA-2021-50	Schneider Electric C-Gate Multiple Vulnerabilities	High	CVE-2021-22796 CVE-2021-22720 CVE-2021-22784
November 8, 2021	TRA-2021-49	Arris SurfBoard SB8200 Insecure Password Change Utility	Medium	CVE-2021-20119
October 29, 2021	TRA-2021-48	ManageEngine Log360 Database Configuration Overwrite Unauthenticated RCE	Critical	CVE-2021-20136
October 26, 2021	TRA-2021-47	CODESYS V2 Web Server Multiple Vulnerabilities	Critical	CVE-2021-34583 CVE-2021-34584 CVE-2021-34585 CVE-2021-34586
October 26, 2021	TRA-2021-46	Wishpond Connect.js Javascript Library Prototype Pollution	Medium
October 20, 2021	TRA-2021-45	Arris SurfBoard SB8200 Cross Site Request Forgery	High	CVE-2021-20120
October 19, 2021	TRA-2021-44	Critical Vulnerabilities on the D-Link DIR-2640 Router	High	CVE-2021-20132 CVE-2021-20133 CVE-2021-20134
October 13, 2021	TRA-2021-43	ManageEngine ADManager Plus Build 7111 Multiple Vulnerabilities	High	CVE-2021-20130 CVE-2021-20131
October 12, 2021	TRA-2021-42	Multiple Vulnerabilities in Draytek VigorConnect 1.60.0-B3	Critical	CVE-2021-20123 CVE-2021-20124 CVE-2021-20125 CVE-2021-20126 CVE-2021-20127 CVE-2021-20128 CVE-2021-20129
October 11, 2021	TRA-2021-41	Multiple Vulnerabilities in Telus Wi-Fi Hub	Medium	CVE-2021-20121 CVE-2021-20122
October 8, 2021	TRA-2021-40	Johnson Controls exacqVision Multiple Vulnerabilities	Critical	CVE-2021-27664 CVE-2021-27665
September 14, 2021	TRA-2021-39	Multiple Vulnerabilities in Tracki / Trackimo GPS Platform and application	Medium
September 14, 2021	TRA-2021-38	Multiple Vulnerabilities in Optimus GPS Platform	Medium
September 14, 2021	TRA-2021-37	Multiple Vulnerabilities in Spytec GPS platform	Medium
September 14, 2021	TRA-2021-36	Multiple Vulnerabilities in LandAirSea SilverCloud GPS Platform	Medium
August 19, 2021	TRA-2021-35	User Enumeration in GSuite Okta Integration	Low
August 9, 2021	TRA-2021-34	Cisco Webex Universal Links Redirect	Medium
August 9, 2021	TRA-2021-33	HPE Edgeline Infrastructure Manager Unauthenticated Information Disclosure	Medium	CVE-2021-26586
July 21, 2021	TRA-2021-32	Multiple Vulnerabilities in TCExam	Critical	CVE-2021-20111 CVE-2021-20112 CVE-2021-20113 CVE-2021-20114 CVE-2021-20115 CVE-2021-20116
July 16, 2021	TRA-2021-31	Manage Engine Asset Explorer Agent - Integer Overflow	High	CVE-2021-20110
July 16, 2021	TRA-2021-30	Manage Engine Heap Overflow POST payload	High	CVE-2021-20109
July 16, 2021	TRA-2021-29	Manage Engine Asset Explorer Agent - Remote DoS	High	CVE-2021-20108
July 12, 2021	TRA-2021-28	Schneider Electric Modicon M340 / M580 Authentication Bypass Vulnerability	High	CVE-2021-22779
July 12, 2021	TRA-2021-27	AWS EC2 macOS Local Privilege Escalation	Medium
June 30, 2021	TRA-2021-26	Sloan Smart Faucet Unauthenticated BLE	Medium	CVE-2021-20107
June 28, 2021	TRA-2021-25	Machform Multiple Vulnerabilities	High	CVE-2021-20101 CVE-2021-20102 CVE-2021-20103 CVE-2021-20104 CVE-2021-20105
June 15, 2021	tra-2021-24	Multiple Vulnerabilities in Wibu-Systems CodeMeter	Critical	CVE-2021-20093 CVE-2021-20094
June 13, 2021	TRA-2021-23	Multiple vulnerabilities in Microsoft Power Apps (apps.powerapps.com, make.powerapps.com)	Medium
June 9, 2021	TRA-2021-22	ManageEngine ServiceDesk Plus Authenticated RCE	High	CVE-2021-20081
June 2, 2021	TRA-2021-21	macOS Gatekeeper Bypass / Local Privilege Escalation	Medium
June 2, 2021	TRA-2021-20	macOS Installer Local Privilege Escalation	Medium
June 2, 2021	TRA-2021-19	Microsoft Teams macOS Installer Local Privilege Escalation	Medium
May 21, 2021	TRA-2021-18	OpenOversight Multiple Vulnerabilities	Medium	CVE-2021-20096
May 19, 2021	TRA-2021-17	SecureDrop OSSEC Cross-Site Request Forgery	Low
May 11, 2021	TRA-2021-16	LINE Private IP Address and Platform information Disclosure via GIFMagazine	Medium
April 30, 2021	TRA-2021-15	HPE Edgeline Infrastructure Manager v1.21 Authentication Bypass	Critical	CVE-2021-29203
April 28, 2021	TRA-2021-14	Python-Babel/Babel Locale Directory Traversal / Arbitrary Code Execution	Medium
April 23, 2021	TRA-2021-13	Multiple Vulnerabilities in Buffalo and Arcadyan manufactured routers	High	CVE-2021-20090 CVE-2021-20091 CVE-2021-20092
April 21, 2021	TRA-2021-12	Stored XSS in make.powerapps.com	Medium
April 8, 2021	TRA-2021-11	ManageEngine ServiceDesk Plus and AssetExplorer - Unauthenticated Stored XSS	Medium	CVE-2021-20080
March 31, 2021	TRA-2021-10	ManageEngine OpManager Remote Directory Deletion	Critical	CVE-2021-20078
March 12, 2021	TRA-2021-09	Microsoft Teams services forwarding to untrusted domain	Medium
March 8, 2021	TRA-2021-08	LINE Debugging Interface Information Disclosure	Medium
March 1, 2021	TRA-2021-07	Dell EMC OpenManage Server Administrator Authentication Bypass	Critical	CVE-2021-21513
February 22, 2021	TRA-2021-06	Secomea GateManager Multiple Vulnerabilities	High	CVE-2020-29028 CVE-2020-29030 CVE-2020-29032
February 16, 2021	TRA-2021-05	JSDom Improper Loading of Local Resources	Medium	CVE-2021-20066
February 16, 2021	TRA-2021-04	Racom MIDGE Firmware Multiple Vulnerabilities	High	CVE-2021-20067 CVE-2021-20068 CVE-2021-20069 CVE-2021-20070 CVE-2021-20071 CVE-2021-20072 CVE-2021-20073 CVE-2021-20074 CVE-2021-20075
February 15, 2021	TRA-2021-03	IBM Spectrum Protect Operations Center 8.1.10 Multiple Vulnerabilities	High	CVE-2020-4954 CVE-2020-4955 CVE-2020-4956
February 4, 2021	TRA-2021-02	ManageEngine Applications Manager Authenticated SQLi	High	CVE-2020-35765
January 7, 2021	TRA-2021-01	Marvell QConvergeConsole GUI Multiple Vulnerabilities	High	CVE-2020-5804 CVE-2020-5805
December 28, 2020	TRA-2020-71	Rockwell Automation FactoryTalk Multiple Vulnerabilities	High	CVE-2020-5801 CVE-2020-5802 CVE-2020-5806 CVE-2020-5807
December 18, 2020	TRA-2020-70	Secomea GateManager Multiple Vulnerabilities	Medium	CVE-2020-29021 CVE-2020-29022
December 15, 2020	TRA-2020-69	Carbon Black Installer Multiple Vulnerabilities	Medium	CVE-2020-4008
December 6, 2020	TRA-2020-68	PsExec Local Privilege Escalation	Medium
December 4, 2020	TRA-2020-67	Druva inSync Installer Privilege Escalation	High	CVE-2020-5798
December 4, 2020	TRA-2020-66	IBM Spectrum Protect Plus Static Credential Vulnerability	Critical	CVE-2020-4854
December 3, 2020	TRA-2020-65	Eat Spray Love Mobile App Multiple Vulnerabilities	High	CVE-2020-5799 CVE-2020-5800
November 23, 2020	TRA-2020-64	Cross-site Scripting via WHOIS and DNS records on multiple lookup platforms	High
November 16, 2020	TRA-2020-63	Trend Micro InterScan Web Security Virtual Appliance Multiple Vulnerabilities	High	CVE-2020-28578 CVE-2020-28579 CVE-2020-28580 CVE-2020-28581
November 16, 2020	TRA-2020-62	Trend Micro Worry-Free Business Security Unauthenticated Remote File Deletion	High	CVE-2020-28574
November 13, 2020	TRA-2020-61	Nagios XI Local Privilege Escalation	High	CVE-2020-5796
November 5, 2020	TRA-2020-60	TP-Link Archer Routers USB Symlink Following Vulnerabilities	Medium	CVE-2020-5795 CVE-2020-5797
October 21, 2020	TRA-2020-59	Umbraco Cloud CMS Multiple Vulnerabilities	Medium	CVE-2020-5809 CVE-2020-5810 CVE-2020-5811
October 20, 2020	TRA-2020-58	Nagios XI Multiple Vulnerabilities	Medium	CVE-2020-5790 CVE-2020-5791 CVE-2020-5792
October 1, 2020	TRA-2020-57	Teltonika Gateway TRB245 Multiple Vulnerabilities	Medium	CVE-2020-5784 CVE-2020-5785 CVE-2020-5786 CVE-2020-5787 CVE-2020-5788 CVE-2020-5789
September 25, 2020	TRA-2020-56	Marvell QConvergeConsole GUI Multiple Vulnerabilities	High	CVE-2020-15643 CVE-2020-15644 CVE-2020-15645 CVE-2020-5803
September 22, 2020	TRA-2020-55	IgniteNet HeliOS GLinq v2.2.1 r2961 Multiple Vulnerabilities	Medium	CVE-2020-5781 CVE-2020-5782 CVE-2020-5783
September 14, 2020	TRA-2020-54	IBM Spectrum Protect Plus 10.1.6-1974 Multiple Vulnerabilities	High	CVE-2020-4711 CVE-2020-4703
September 9, 2020	TRA-2020-53	Unauthenticated email forgery/spoofing in WordPress Email Subscribers plugin	High	CVE-2020-5780
September 2, 2020	TRA-2020-52	Trading Technologies Messaging Multiple Unauthenticated Remote DoS	High	CVE-2020-5778 CVE-2020-5779
September 1, 2020	TRA-2020-51	MAGMI Multiple Vulnerabilities	Medium	CVE-2020-5777 CVE-2020-5776
August 28, 2020	TRA-2020-50	IBM Spectrum Protect CertQryResp Unauthenticated Remote DoS	High	CVE-2020-4559
August 11, 2020	TRA-2020-49	Canvas LMS Unauthenticated Blind SSRF	Medium	CVE-2020-5775
August 3, 2020	TRA-2020-48	Teltonika Gateway TRB245 Multiple Vulnerabilities	High	CVE-2020-5770 CVE-2020-5771 CVE-2020-5772 CVE-2020-5773
July 29, 2020	TRA-2020-47	Grandstream ATA HT800 Series Multiple Vulnerabilities	Critical	CVE-2020-5760 CVE-2020-5761 CVE-2020-5762 CVE-2020-5763
July 22, 2020	TRA-2020-46	CODESYS V3 Unauthenticated Webserver Memory Leak DoS	High	CVE-2020-15806
July 17, 2020	TRA-2020-45	Ubiquiti UniFi Protect Username Discovery	Medium	CVE-2020-8213
July 16, 2020	TRA-2020-44	Multiple Vulnerabilities in Icegram Email Subscribers & Newsletters Plugin for WordPress	Medium	CVE-2020-5767 CVE-2020-5768
July 16, 2020	TRA-2020-43	Teltonika Gateway TRB245 Stored Cross-site Scripting	Low	CVE-2020-5769
July 10, 2020	TRA-2020-42	SQL Injection in SRS Simple Hits Counter Plugin for WordPress	Medium	CVE-2020-5766
July 7, 2020	TRA-2020-41	MX Player Android App Directory Traversal	High	CVE-2020-5764
June 23, 2020	TRA-2020-40	Grandstream UCM6200 Series Multiple Authenticated RCE	Critical	CVE-2020-5757 CVE-2020-5758 CVE-2020-5759
June 23, 2020	TRA-2020-39	Grandstream GWN7000 Authenticated Command Execution	Critical	CVE-2020-5756
June 19, 2020	TRA-2020-38	VMware Tools Denial of Service	Medium	CVE-2020-3972
June 15, 2020	TRA-2020-37	IBM Spectrum Protect Plus Multiple Vulnerabilities	Critical	CVE-2020-4469 CVE-2020-4470 CVE-2020-4471
June 15, 2020	TRA-2020-36	Webroot Multiple Vulnerabilities	High	CVE-2020-5754 CVE-2020-5755
June 15, 2020	TRA-2020-35	Plex Media Server Weak CORS Policy	Medium	CVE-2020-5742
May 21, 2020	TRA-2020-34	Druva inSync Windows Client Local Privilege Escalation (CVE-2019-3999 Patch Bypass)	High	CVE-2020-5752
May 19, 2020	TRA-2020-33	Signal App Information Disclosure	Low	CVE-2020-5753
May 7, 2020	TRA-2020-32	Plex Media Server Authenticated Python Deserialization / RCE (Windows)	Medium	CVE-2020-5741
May 7, 2020	TRA-2020-31	TCExam Multiple Vulnerabilities	Medium	CVE-2020-5743 CVE-2020-5744 CVE-2020-5745 CVE-2020-5746 CVE-2020-5747 CVE-2020-5748 CVE-2020-5749 CVE-2020-5750 CVE-2020-5751
May 4, 2020	TRA-2020-30	Instacart SMS Link Spoofing Vulnerability	Medium
May 1, 2020	TRA-2020-29	SimpliSafe SS3 PIN Add Using Rogue Keypad	Low	CVE-2020-5727
April 27, 2020	TRA-2020-28	Flexera FlexNet Publisher lmadmin Message 282 Remote DoS	Medium	CVE-2020-12080
April 22, 2020	TRA-2020-27	Ubiquiti UniFi Cloud Key - Unprotected root UART Access	High	CVE-2020-8157
April 22, 2020	TRA-2020-26	IBM Spectrum Protect Verb 134 Unauthenticated Remote Stack Overflow	Critical	CVE-2020-4415
April 21, 2020	TRA-2020-25	Plex Media Server Local Privilege Escalation (Windows)	High	CVE-2020-5740
April 15, 2020	TRA-2020-24	Cisco IP Phones Web Server Multiple Vulnerabilities	Critical	CVE-2020-3161 CVE-2016-1421
April 15, 2020	TRA-2020-23	MikroTik WinBox Cleartext Password Storage	Low	CVE-2020-5721
April 13, 2020	TRA-2020-22	Grandstream GXP1600 Series Multiple Issues	Critical	CVE-2020-5738 CVE-2020-5739
April 9, 2020	TRA-2020-21	Ubiquiti Unifi Cloud Key Gen2 Plus Unauthenticated Hostname Modification	Medium	CVE-2020-8148
April 7, 2020	TRA-2020-20	Amcrest Camera/NVR Multiple Vulnerabilities	Critical	CVE-2020-5735 CVE-2020-5736
April 6, 2020	TRA-2020-19	SolarWinds Dameware DoS	High	CVE-2020-5734
April 3, 2020	TRA-2020-18	OpenMRS Multiple Vulnerabilities	Medium	CVE-2020-5728 CVE-2020-5729 CVE-2020-5730 CVE-2020-5731 CVE-2020-5732 CVE-2020-5733
March 30, 2020	TRA-2020-17	Grandstream UCM62xx Multiple SQL Injections	Medium	CVE-2020-5723 CVE-2020-5724 CVE-2020-5725 CVE-2020-5726
March 25, 2020	TRA-2020-16	CODESYS V3 Unauthenticated Remote Heap Overflow	Critical	CVE-2020-10245
March 23, 2020	TRA-2020-15	Grandstream UCM62xx SQL Injection	Critical	CVE-2020-5722
March 12, 2020	TRA-2020-14	Kodi Multiple Issues	High
February 26, 2020	TRA-2020-13	Advantech WebAccess/SCADA Unauthenticated Remote Heap Buffer Overflow	Critical
February 25, 2020	TRA-2020-12	Druva inSync Client Multiple Vulnerabilities	High	CVE-2019-3999 CVE-2019-4000 CVE-2019-4001
February 19, 2020	TRA-2020-11	Palo Alto Expedition Migration Tool Insufficient XSRF Protection	High	CVE-2020-1977
February 18, 2020	TRA-2020-10	Siemens TIA Portal Denial of Service	High	CVE-2019-19282
February 13, 2020	TRA-2020-09	SimpliSafe SS3 Unauthenticated Wi-Fi Config Modification	Low	CVE-2019-3998
February 9, 2020	TRA-2020-08	Microsoft Windows User Group Policy Bypass	Medium
February 6, 2020	TRA-2020-07	MikroTik WinBox Path Traversal	Medium	CVE-2020-5720
February 3, 2020	TRA-2020-06	Atlassian Jira CSRF	Medium	CVE-2019-20100
February 3, 2020	TRA-2020-05	Atlassian Jira Multiple CSRF	Medium	CVE-2019-20098 CVE-2019-20099
January 23, 2020	TRA-2020-04	CODESYS V3 Denial of Service	High	CVE-2020-7052
January 16, 2020	TRA-2020-03	SimpliSafe SS3 Unauthenticated Keypad Pairing Vulnerability	Low	CVE-2019-3997
January 15, 2020	TRA-2020-02	HPE Smart Update Manager 8.4.5 Remote Unauthorized Access	Critical
January 14, 2020	TRA-2020-01	MikroTik WinBox Man-in-the-Middle Password Hash Disclosure	Medium	CVE-2019-3981
December 26, 2019	TRA-2019-54	Microsoft Teams Multiple Vulnerabilities	Medium
December 12, 2019	TRA-2019-53	ELOG Multiple Vulnerabilities	High	CVE-2019-3992 CVE-2019-3993 CVE-2019-3994 CVE-2019-3995 CVE-2019-3996
December 11, 2019	TRA-2019-52	Advantech WebAccess/SCADA Stack Buffer Overflow	Critical	CVE-2019-3951
December 5, 2019	TRA-2019-51	Blink XT2 Sync Module Multiple Vulnerabilities	High	CVE-2019-3983 CVE-2019-3984 CVE-2019-3985 CVE-2019-3986 CVE-2019-3987 CVE-2019-3988 CVE-2019-3989
December 3, 2019	TRA-2019-50	Harbor.io User Enumeration Vulnerability	Medium	CVE-2019-3990
November 20, 2019	TRA-2019-49	Schneider Electric FLM v2.3.1.0 / FlexNet Publisher 11.6.2 Multiple Vulnerabilities	High
November 20, 2019	TRA-2019-48	CODESYS V3 Unauthenticated Remote Heap Buffer Overflow	Critical	CVE-2019-18858
November 6, 2019	TRA-2019-47	Qualcomm Atheros Universal WLAN Kernel Memory Disclosure	Medium	CVE-2019-10618
October 28, 2019	TRA-2019-46	MikroTik RouterOS Multiple Vulnerabilities	High	CVE-2019-3976 CVE-2019-3977 CVE-2019-3978 CVE-2019-3979
October 17, 2019	TRA-2019-45	Cisco TelePresence Advanced Media Gateway 3610 Denial of Service	Medium	CVE-2019-15966
October 15, 2019	TRA-2019-44	Cisco SPA100 Series Multiple Vulnerabilities	Critical	CVE-2019-15240 CVE-2019-15241 CVE-2019-15242 CVE-2019-15243 CVE-2019-15244 CVE-2019-15245 CVE-2019-15246 CVE-2019-15247 CVE-2019-15248 CVE-2019-15249 CVE-2019-15250 CVE-2019-15251 CVE-2019-15252 CVE-2019-15257 CVE-2019-15258 CVE-2019-12702 CVE-2019-12703 CVE-2019-12704 CVE-2019-12708
September 30, 2019	TRA-2019-43	SolarWinds Dameware Mini Remote Control Unauthenticated RCE	Critical	CVE-2019-3980
September 25, 2019	TRA-2019-42	HPE iMC 7.3 E0703 Multiple Vulnerabilities	Critical	CVE-2019-5390 CVE-2019-5391
September 10, 2019	TRA-2019-41	Advantech WebAccess/SCADA 8.4.1 Unauthenticated Remote Stack Buffer Overflow	Critical	CVE-2019-3975
August 19, 2019	TRA-2019-40	OpenEMR Multiple Vulnerabilities	High	CVE-2019-3963 CVE-2019-3964 CVE-2019-3965 CVE-2019-3966 CVE-2019-3967 CVE-2019-3968
August 12, 2019	TRA-2019-39	Apple macOS / iOS UIFoundation Vulnerability	Medium
August 2, 2019	TRA-2019-38	macOS LaunchServices Denial of Service	Medium
July 30, 2019	TRA-2019-37	WallacePOS Multiple Vulnerabilities	Medium	CVE-2019-3958 CVE-2019-3959 CVE-2019-3960
July 29, 2019	TRA-2019-36	Amcrest IP Camera Multiple Vulnerabilities	Medium	CVE-2019-3948
July 17, 2019	TRA-2019-35	Jenkins Path Traversal / Arbitrary File Write	Medium	CVE-2019-10352
July 15, 2019	TRA-2019-34	Comodo Antivirus Multiple Vulnerabilities	Medium	CVE-2019-3969 CVE-2019-3970 CVE-2019-3971 CVE-2019-3972 CVE-2019-3973
July 8, 2019	TRA-2019-33	Siemens TIA Portal (STEP7) Remote Code Execution	Critical	CVE-2019-10915
July 2, 2019	TRA-2019-32	Citrix SD-WAN Appliance Multiple Vulnerabilities	Critical	CVE-2019-12989 CVE-2019-12991
July 2, 2019	TRA-2019-31	Citrix SD-WAN Center Multiple Vulnerabilities	Critical	CVE-2019-12985 CVE-2019-12986 CVE-2019-12987 CVE-2019-12988 CVE-2019-12990 CVE-2019-12992
July 1, 2019	TRA-2019-30	Arlo Basestation Firmware Multiple Vulnerabilities	High	CVE-2019-3949 CVE-2019-3950
June 19, 2019	TRA-2019-29	Cisco RV110W, RV130W, and RV215W Routers Multiple Vulnerabilities	Medium	CVE-2019-1897 CVE-2019-1898 CVE-2019-1899
June 18, 2019	TRA-2019-28	Multiple Advantech WebAccess Vulnerabilities	Critical	CVE-2019-3953 CVE-2019-3954
June 11, 2019	TRA-2019-27	Fuji Electric V-Server Denial of Service and Information Disclosure	Medium	CVE-2019-3946 CVE-2019-3947
June 6, 2019	TRA-2019-26	Dameware Remote Mini Controller Multiple Vulnerabilities	High	CVE-2019-3955 CVE-2019-3956 CVE-2019-3957
June 3, 2019	TRA-2019-25	Zsh Multiple Denial of Service Vulnerabilities	Low
May 29, 2019	TRA-2019-24	Chromium Dev Tools Crash	Low
May 7, 2019	TRA-2019-23	Slack Desktop Application for Windows Download Hijack	Medium
May 7, 2019	TRA-2019-22	Parrot ANAFI Drone Denial of Service	Medium	CVE-2019-3944 CVE-2019-3945
May 1, 2019	TRA-2019-21	Cisco Small Business Switch Security Feature Bypass	High	CVE-2019-1859
April 30, 2019	TRA-2019-20	OEM Presentation Platform Vulnerabilities	Critical	CVE-2019-3925 CVE-2019-3926 CVE-2019-3927 CVE-2019-3928 CVE-2019-3929 CVE-2019-3930 CVE-2019-3931 CVE-2019-3932 CVE-2019-3933 CVE-2019-3934 CVE-2019-3935 CVE-2019-3936 CVE-2019-3937 CVE-2019-3938 CVE-2019-3939 CVE-2017-16709
April 11, 2019	TRA-2019-19	Palo Alto Expedition Migration Tool 1.1.12 and earlier - XSS	Low	CVE-2019-1574
April 10, 2019	TRA-2019-18	Citrix SD-WAN Center and NetScaler SD-WAN Center Unauthenticated Remote Command Injection	Critical	CVE-2019-10883
April 9, 2019	TRA-2019-17	Verizon Fios Quantum Gateway Multiple Vulnerabilities	High	CVE-2019-3914 CVE-2019-3915 CVE-2019-3916
April 8, 2019	TRA-2019-16	MikroTik RouterOS Authenticated Directory Traversal	High	CVE-2019-3943
April 4, 2019	TRA-2019-15	Multiple Advantech WebAccess Vulnerabilities	Critical	CVE-2019-3940 CVE-2019-3941 CVE-2019-3942
March 27, 2019	TRA-2019-14	FileZilla 'fzsftp' Untrusted Search Path	Medium	CVE-2019-5429
March 22, 2019	TRA-2019-13	Palo Alto Expedition Migration Tool 1.1.8 and earlier - Multiple XSS	Low	CVE-2019-1569 CVE-2019-1570 CVE-2019-1571
March 20, 2019	TRA-2019-12	HPE iMC 7.3 E0605P06 Multiple Vulnerabilities	Critical	CVE-2019-5390 CVE-2019-5391
March 4, 2019	TRA-2019-11	RSLinx Classic Stack Buffer Overflow	Critical	CVE-2019-6553
March 1, 2019	TRA-2019-10	Palo Alto Expedition Migration Tool Stored XSS	Low	CVE-2019-1567
February 27, 2019	TRA-2019-09	Nokia GPON ONT Multiple Vulnerabilities	Critical	CVE-2019-3917 CVE-2019-3918 CVE-2019-3919 CVE-2019-3920 CVE-2019-3921 CVE-2019-3922
February 20, 2019	TRA-2019-08	SonicOS Improper Certificate Access	Medium	CVE-2018-9867
February 12, 2019	TRA-2019-07	MikroTik RouterOS Unauthenticated Intermediary	Medium	CVE-2019-3924
February 4, 2019	TRA-2019-06	Rockwell Automation EWEB SNMP Denial of Service	Medium	CVE-2018-19016
February 4, 2019	TRA-2019-05	Crestron DGE-100 Unauthenticated Remote Denial of Service	High
February 4, 2019	TRA-2019-04	Indusoft Web Studio and InTouch Edge HMI Remote Code Execution	Critical	CVE-2019-6545 CVE-2019-6543
January 24, 2019	TRA-2019-03	LabKey Server Community Edition Multiple Vulnerabilities	Medium	CVE-2019-3911 CVE-2019-3912 CVE-2019-3913
January 10, 2019	TRA-2019-02	[R1] Crestron AM-100 Authentication Bypass	Critical	CVE-2019-3910
January 8, 2019	TRA-2019-01	[R3] Multiple Premisys Identicard Vulnerabilities	Critical	CVE-2019-3906 CVE-2019-3907 CVE-2019-3908 CVE-2019-3909
December 20, 2018	TRA-2018-48	[R2] Netatalk Out-of-bounds Write	Critical	CVE-2018-1160
December 19, 2018	TRA-2018-47	[R2] Logitech Harmony Hub Multiple Vulnerabilities	High	CVE-2018-15720 CVE-2018-15721 CVE-2018-15722 CVE-2018-15723
December 19, 2018	TRA-2018-46	[R1] Cisco Adaptive Security Appliance HTTP Privilege Escalation	High	CVE-2018-15465
December 14, 2018	TRA-2018-45	[R2] Advantech WebAccess Stack Buffer Overflow	Critical	CVE-2018-18999
December 12, 2018	TRA-2018-44	[R1] Open Dental Multiple Vulnerabilities	Critical	CVE-2018-15717 CVE-2018-15718 CVE-2018-15719
December 5, 2018	TRA-2018-43	[R2] Jenkins Forced Migration of User Records	Medium	CVE-2018-1000863
December 5, 2018	TRA-2018-42	[R1] Cisco Energy Management Suite Default PostgreSQL Credentials	Medium	CVE-2018-0468
November 29, 2018	TRA-2018-41	[R1] NUUO NVRMini2 Authenticated Command Injection	Critical	CVE-2018-15716
November 29, 2018	TRA-2018-40	[R2] Zoom Message Spoofing	Critical	CVE-2018-15715
November 26, 2018	TRA-2018-39	[R1] Multiple HPE Moonshot Provisioning Manager Vulnerabilities	High
November 26, 2018	TRA-2018-38	[R1] Multiple Schneider Electric Modicon Quantum Vulnerabilities	Critical	CVE-2018-7809 CVE-2018-7810 CVE-2018-7811 CVE-2018-7830 CVE-2018-7831
November 13, 2018	TRA-2018-37	[R2] Nagios XI Multiple Vulnerabilities	High	CVE-2018-15708 CVE-2018-15709 CVE-2018-15710 CVE-2018-15711 CVE-2018-15712 CVE-2018-15713 CVE-2018-15714
November 9, 2018	TRA-2018-36	[R1] Cisco Energy Management Suite Multiple Vulnerabilities	Critical	CVE-2018-15444 CVE-2018-15445
October 31, 2018	TRA-2018-35	[R1] Multiple Advantech WebAccess Vulnerabilities	Critical	CVE-2018-15705 CVE-2018-15706 CVE-2018-15707
October 30, 2018	TRA-2018-34	[R1] Multiple Vulnerabilities in AVEVA Indusoft Web Studio and InTouch Edge HMI	Critical	CVE-2018-17914 CVE-2018-17916
October 18, 2018	TRA-2018-33	[R1] Multiple Advantech WebAccess Vulnerabilities	High	CVE-2018-15703 CVE-2018-15704
October 17, 2018	TRA-2018-32	[R1] Multiple Oracle WebLogic Docker Password Disclosures	Medium	CVE-2018-3213
October 17, 2018	TRA-2018-31	[R1] Multiple Oracle GoldenGate Manager Vulnerabilities	Critical	CVE-2018-2912 CVE-2018-2913 CVE-2018-2914
October 12, 2018	TRA-2018-30	[R1] IBM WebSphere Application Server Admin Console File Disclosure	Medium	CVE-2018-1770
October 10, 2018	TRA-2018-29	[R1] Multiple Jenkins Vulnerabilities	Medium
October 9, 2018	TRA-2018-28	[R3] HPE Intelligent Management Center Multiple Vulnerabilities	Critical	CVE-2018-7116 CVE-2018-7121 CVE-2018-7122 CVE-2018-7123 CVE-2019-5392 CVE-2019-5393
October 1, 2018	TRA-2018-27	[R1] TP-Link TL-WRN841N Multiple Vulnerabilities	Critical	CVE-2018-15700 CVE-2018-15701 CVE-2018-15702
September 20, 2018	TRA-2018-26	[R1] RSLinx Classic Buffer Overflows	Critical	CVE-2018-14821 CVE-2018-14829
September 17, 2018	TRA-2018-25	[R2] Multiple NUUO NVRMini2 Vulnerabilities	Critical	CVE-2018-1149 CVE-2018-1150
September 10, 2018	TRA-2018-24	[R1] HPE Intelligent Management Center Stack Buffer Overflow	Critical	CVE-2018-7115
September 10, 2018	TRA-2018-23	[R1] Advantech WebAccess Remote Code Execution	Critical	CVE-2017-16720
August 24, 2018	TRA-2018-22	[R1] Multiple ASUSTOR Data Master Vulnerabilities	High	CVE-2018-15694 CVE-2018-15695 CVE-2018-15696 CVE-2018-15697 CVE-2018-15698 CVE-2018-15699
August 22, 2018	TRA-2018-21	[R1] Mikrotik RouterOS Multiple Authenticated Vulnerabilities	Critical	CVE-2018-1156 CVE-2018-1157 CVE-2018-1158 CVE-2018-1159
August 21, 2018	TRA-2018-20	[R2] Cisco Data Center Network Manager Authenticated Path Traversal	Medium	CVE-2018-0464
July 18, 2018	TRA-2018-19	[R1] AVEVA InduSoft Web Studio and InTouch Machine Edition Remote Code Execution	Critical	CVE-2018-10620
June 15, 2018	TRA-2018-18	[R1] Burp Suite Community Edition Improper Certificate Validation	Medium	CVE-2018-1153
June 14, 2018	TRA-2018-17	[R1] libturbo-jpeg Denial of Service	Medium	CVE-2018-1152
June 12, 2018	TRA-2018-16	[R1] GlassFish 4.x Denial of Service	High
June 11, 2018	TRA-2018-15	[R2] HPE Moonshot Provisioning Manager Arbitrary File Move	High	CVE-2018-7072 CVE-2018-7073
June 11, 2018	TRA-2018-14	[R1] Western Digital TV Media Player and Live Hub Unauthenticated RCE	Critical	CVE-2018-1151
June 8, 2018	TRA-2018-13	[R2] IBM Netezza Appliance Local Privilege Escalation	High	CVE-2018-1460
May 4, 2018	TRA-2018-12	[R1] Cylance PROTECT Missing SSL Certificate Verification	Medium
May 4, 2018	TRA-2018-11	[R1] Cisco Prime Data Center Network Manager Remote Code Execution	Critical	CVE-2018-0258
May 4, 2018	TRA-2018-10	[R1] Trend Micro Smart Protection Server Denial of Service	High	CVE-2018-6237
May 4, 2018	TRA-2018-09	[R1] OpenVPN Windows Service Double Free	High	CVE-2018-9336
April 12, 2018	TRA-2018-08	[R1] Belkin N750 F9K1103 v1 Multiple Vulnerabilities	Critical	CVE-2018-1143 CVE-2018-1144 CVE-2018-1145 CVE-2018-1146
April 6, 2018	TRA-2018-07	[R3] Schneider Electric InduSoft Web Studio and InTouch Machine Edition Remote Code Execution	Critical	CVE-2018-8840
March 28, 2018	TRA-2018-06	[R1] Cisco IOS and IOS XE Multiple Memory Corruption Vulnerabilities	High	CVE-2018-0172 CVE-2018-0173 CVE-2018-0174
February 26, 2018	TRA-2018-05	[R1] Micro Focus Operations Orchestrations Information Disclosure and Remote Denial of Service	High	CVE-2018-6490
February 26, 2018	TRA-2018-04	[R3] Check Point Gaia OS Privilege Escalation	Medium
February 15, 2018	TRA-2018-03	[R2] EMC VASA Virtual Appliance Default Creds and Arbitrary File Upload	Critical	CVE-2018-1216 CVE-2018-1215
January 29, 2018	TRA-2018-02	[R1] NetGain Enterprise Manager Multiple Remote Vulnerabilities	High	CVE-2017-17406 CVE-2017-16610 CVE-2017-16607 CVE-2017-16609 CVE-2017-16608
January 29, 2018	TRA-2018-01	[R1] HPE Intelligent Management Center (iMC) PLAT Java RMI RCE	High	CVE-2017-5792
November 21, 2017	TRA-2017-37	[R1] gSOAP HTTP DIME Parsing Denial of Service	Medium
November 21, 2017	TRA-2017-36	[R1] Firebird fbudf Module Authenticated Remote Code Execution	Critical	CVE-2017-11509
November 20, 2017	TRA-2017-35	[R2] Verizon Fios Quantum Gateway G1100 Remote Information Disclosure	Medium
November 20, 2017	TRA-2017-34	[R1] Siemens SIMATIC Logon Denial of Service	Medium	CVE-2017-9938
November 10, 2017	TRA-2017-33	[R1] Wanscam Network Camera Multiple Vulnerabiltiies	Medium	CVE-2017-11510
November 9, 2017	TRA-2017-32	[R1] HPE Universal Configuration Management Database Multiple Vulnerabilities	Critical	CVE-2017-14351 CVE-2017-14353 CVE-2017-14354
November 8, 2017	TRA-2017-31	[R1] ManageEngine ServiceDesk Multiple Vulnerabilties	High	CVE-2017-11511 CVE-2017-11512
November 7, 2017	TRA-2017-30	[R1] HPE System Management Homepage Remote Denial of Service	High	CVE-2017-12545
November 7, 2017	TRA-2017-29	[R1] Advantech WebAccess SQL Injection	Critical	CVE-2017-12710
November 7, 2017	TRA-2017-28	[R1] HPE Operations Orchestration Central Remoting Java Deserialization Remote Code Execution	High	CVE-2017-8994
November 7, 2017	TRA-2017-27	[R1] HPE Intelligent Management Center SOM Module Remote File Disclosure	Medium	CVE-2017-12555
November 6, 2017	TRA-2017-26	[R1] HP Data Protector Multiple Remote Vulnerabilities	High	CVE-2017-5807, CVE-2017-5808
November 6, 2017	TRA-2017-25	[R2] HPE Operations Orchestration Incomplete Fix for CVE-2016-8519	High	CVE-2017-8994
November 6, 2017	TRA-2017-24	[R1] Ecava IntegraXor SQL Injection Remote Code Execution	High	CVE-2017-6050
November 3, 2017	TRA-2017-23	[R1] Cisco Security Manager and Prime LMS Java Deserialization Remote Code Execution	Critical	CVE-2015-6420
November 2, 2017	TRA-2017-22	[R1] ReadyMedia HTTP Request Denial of Service	High
November 2, 2017	TRA-2017-21	[R1] Check_MK Multisite Web UI Reflected XSS	Medium	CVE-2017-9781
November 2, 2017	TRA-2017-20	[R2] Check_MK Multisite Web UI Stored and Reflected XSS	Medium	CVE-2017-11507
May 2, 2017	TRA-2017-19	[R1] Kaa IoT Platform SdkServlet / RecordServlet Java Object Deserialization Remote Code Execution	High	CVE-2017-7911
April 26, 2017	TRA-2017-18	[R1] HP Intelligent Management Center (iMC) Platform euplat RMI Registry Java Deserialization Remote Code Execution	Critical	CVE-2017-5792
April 19, 2017	TRA-2017-17	[R1] ManageEngine ServiceDesk Plus AuthError.jsp ErrorMsg Parameter Reflected XSS	Medium
April 18, 2017	TRA-2017-16	[R1] Oracle WebLogic Server Web Container Subcomponent Reflected PartItem File Manipulation Remote Code Execution	Critical	CVE-2017-3531
March 30, 2017	TRA-2017-15	[R2] NetIQ Sentinel Multiple Remote Vulnerabilities	High	CVE-2017-5184 CVE-2017-5185
March 25, 2017	TRA-2017-14	[R1] Cisco Unified Customer Voice Portal Java Deserialization Remote Code Execution	Critical	CVE-2015-6420
March 18, 2017	TRA-2017-13	[R1] HPE LoadRunner libxdrutil.dll mxdr_string() Function XDR String Handling Remote Heap Buffer Overflow	Critical	CVE-2017-5789
March 16, 2017	TRA-2017-12	[R1] HP Intelligent Management Center (iMC) Platform /imc/fault/accessMgrServlet Java Deserialization Remote Code Execution	Critical	CVE-2017-5790
March 15, 2017	TRA-2017-11	[R1] Sophos XG Firewall login.jsp utype Parameter Reflected XSS	Medium
March 13, 2017	TRA-2017-10	[R1] Debian MediaTomb (fork) Multiple Remote Vulnerabilities	Critical	CVE-2012-5958 CVE-2012-5959 CVE-2012-5960 CVE-2016-6255 CVE-2016-8863
February 1, 2017	TRA-2017-09	[R2] HP Intelligent Management Center (iMC) Platform /rptviewer/servlets/redirectviewer Multiple Remote Issues	High	CVE-2016-8525 CVE-2016-8530
January 26, 2017	TRA-2017-08	[R1] Portable SDK for UPnP Devices (libupnp) glibc Implementation getaddrinfo() Function Remote Stack Overflow	Critical	CVE-2015-7547
January 25, 2017	TRA-2017-07	[R1] Oracle WebLogic RMI Registry UnicastRef Object Java Deserialization Remote Code Execution	Critical	CVE-2017-3248
January 23, 2017	TRA-2017-06	[R1] ManageEngine ADAudit Plus Multiple Vulnerabilities	High
January 20, 2017	TRA-2017-05	[R1] HP Operations Orchestration (HP OO) /oo/backwards-compatibility/wsExecutionBridgeService Jaa Deserialization Remote Code Execution	Critical	CVE-2016-8519
January 19, 2017	TRA-2017-04	[R1] Advantech WebAccess Multiple Vulnerabilities	High	CVE-2017-5152 CVE-2017-5154
January 18, 2017	TRA-2017-03	[R2] Oracle Outside In Content Access vspdf.dll Multiple Remote DoS	Medium	CVE-2017-3294 CVE-2017-3295
January 11, 2017	TRA-2017-02	[R2] Sophos Web Protection Appliance ftp_redirect.php s Parameter Reflected XSS	Medium	CVE-2017-9523
January 9, 2017	TRA-2017-01	[R1] Liferay CE Portal /api/liferay Java Deserialization Blacklist Bypass Remote Code Execution	Critical
December 11, 2016	TRA-2016-39	[R1] Hewlett Packard Network Automation RPCServlet Arbitrary Code Execution	High	CVE-2016-8511
December 5, 2016	TRA-2016-38	[R1] Cisco Prime Collaboration Provisioning Restricted CLI Bypass Local Privilege Escalation	Medium	CVE-2016-1320
November 29, 2016	TRA-2016-37	[R2] Dell SonicWALL /appliance/license.jsp Serial Number Disclosure Remote Privilege Escalation	Medium
November 28, 2016	TRA-2016-36	[R1] ManageEngine OpManager NMS Server Multiple Vulnerabilities	Critical
November 25, 2016	TRA-2016-35	[R1] WISE Server Commons Collection / FileUpload Java Deserialization Remote Command Execution	Critical
November 16, 2016	TRA-2016-34	[R1] VMWare vRealize Operations Manager Appliance Multiple Vulnerabilities Chained Remote Code Execution	High	CVE-2016-7462
November 1, 2016	TRA-2016-33	[R1] Oracle WebLogic Server Commons DiskFileItem Remote File Manipulation	Critical	CVE-2016-5535
October 29, 2016	TRA-2016-32	[R1] HP System Management Homepage (SMH) Multiple Remote Stack Buffer Overflows	High	CVE-2016-4395 CVE-2016-4396
October 21, 2016	TRA-2016-31	[R1] ManageEngine ADAudit Plus Obfuscated Cookie Password Disclosure	Low
October 17, 2016	TRA-2016-30	[R1] Novell NetIQ Sentinel Commons DiskFileItem RMI Java Deserialization Remote File Creation / Manipulation	Critical	CVE-2016-1000031
October 6, 2016	TRA-2016-29	[R2] Citrix License Server / Flexera FlexNet Publisher lmadmin.exe 2F Packet Handling Remote DoS	Medium	CVE-2016-6273
September 26, 2016	TRA-2016-28	[R2] CloudView NMS Multiple Remote Vulnerabilities	High
September 22, 2016	TRA-2016-27	[R1] Hewlett Packard Network Automation RMI Registry Port Java Deserialization Remote Code Execution	Critical	CVE-2016-4385
September 21, 2016	TRA-2016-26	[R1] HP LoadRunner Multiple Remote DoS	High	CVE-2016-4384 CVE-2016-4361
September 14, 2016	TRA-2016-25	[R1] Red5 Server RMI Registry /red5 Java Deserialization Remote Code Execution	Critical
August 18, 2016	TRA-2016-24	[R1] PowerFolder Multiple Remote Vulnerabilities	Critical
August 12, 2016	TRA-2016-23	[R4] Apache Wicket DiskFileItem Java Deserialization Remote File Manipulation	Medium	CVE-2013-2186 CVE-2016-1000031 CVE-2016-6793
July 20, 2016	TRA-2016-22	[R2] Red Hat JBoss Operations Network /jboss-remoting-servlet-invoker/ServerInvokerServlet Jython Deserialization Remote Code Execution	Critical	CVE-2016-3737 CVE-2016-6330
July 19, 2016	TRA-2016-21	[R1] Oracle WebLogic Server weblogic.corba.utils.MarshallObject Java Deserialization Remote Code Execution	Critical	CVE-2016-3510
July 8, 2016	TRA-2016-20	[R2] Pivotal Spring Framework HttpInvokerServiceExporter readRemoteInvocation Method Untrusted Java Deserialization	Critical	CVE-2016-1000027
June 28, 2016	TRA-2016-19	[R1] Palo Alto Networks PAN-OS /api Multiple Parameter Handling Remote DoS	Medium
June 27, 2016	TRA-2016-18	[R1] IBM iAccess for Windows i Navigator Encoded Windows Admin Password Local Disclosure	Low	CVE-2016-0287
June 13, 2016	TRA-2016-17	[R2] HP Loadrunner / HP Performance Center Virtual Table Server (VTS) \web\admin\data.js Remote File Deletion	High	CVE-2016-4360
June 13, 2016	TRA-2016-16	[R2] HP LoadRunner mchan.dll Shared Memory Object Name Construction Remote Stack Buffer Overflow	High	CVE-2016-4359
May 17, 2016	TRA-2016-15	[R1] Ipswitch WhatsUp Gold WrFreeFormText.asp sUniqueID Parameter Blind SQL Injection	Medium	CVE-2016-1000000
May 5, 2016	TRA-2016-14	[R1] HP System Management Homepage (SMH) mod_smh_config.so AddCertsToTrustCfgList() Function X.509 Certificate Subject Common Name Handling Remote DoS	Low
May 3, 2016	TRA-2016-13	[R1] Core FTP Server Path Traversal Arbitrary File/Directory Access	Medium
April 20, 2016	TRA-2016-12	[R3] Apache Commons FileUpload DiskFileItem File Manipulation Remote Code Execution (LOBSTER)	Critical	CVE-2016-1000031
April 20, 2016	TRA-2016-11	[R1] Oracle MySQL Enterprise Monitor Multiple Library readObject() Function Java Object Deserialization Remote Code Execution	High	CVE-2016-3461
April 19, 2016	TRA-2016-10	[R2] ManageEngine OpManager / Service Desk Multiple Vulnerabilities	High	CVE-2016-82014 CVE-2016-82015
April 19, 2016	TRA-2016-09	[R1] Oracle WebLogic ClassFilter.class ServerChannelInputStream Bypass Java Deserialization Remote Code Execution	Critical	CVE-2016-0638 CVE-2015-4829
April 15, 2016	TRA-2016-08	[R1] Cisco Unified Computing System - Multiple Vulnerabilities	Medium	CVE-2016-1339 CVE-2016-1340
April 13, 2016	TRA-2016-07	[R1] Microsoft Windows 10 lsass.exe Empty SID Lookup Handling Remote DoS	Medium	CVE-2016-0135
April 5, 2016	TRA-2016-06	[R1] Cisco Multiple Routers Fragmented IKEv2 Packet Handling Remote Integer Overflow	High	CVE-2016-1344
March 29, 2016	TRA-2016-05	[R1] Barco ClickShare Multiple Script Remote Command Execution	High	CVE-2015-6532 CVE-2015-6533
March 28, 2016	TRA-2016-04	[R2] Cisco IOS Smart Install Client Feature Config / Boot Image File List Upload Remote Code Execution	High	CVE-2015-6264 CVE-2016-1349
March 24, 2016	TRA-2016-03	[R1] Microsoft Windows DNS Server dns.exe answerIQuery() Function Remote Buffer Overflow	Medium	CVE-2016-82007
March 14, 2016	TRA-2016-02	[R1] HP Operations Manager i flex-messaging-core.jar XML External Entity (XXE) Injection Remote Information Disclosure	Medium	CVE-2015-3269
February 17, 2016	TRA-2016-01	[R1] ManageEngine AssetExplorer /workorder/FileDownload.jsp fName Parameter Traversal Remote File Disclosure	Medium	CVE-2016-82002
December 14, 2015	TRA-2015-07	[R1] ManageEngine Desktop Central /statusUpdate fileName Parameter Traversal Multiple Extension File Upload Remote Code Execution	Critical	CVE-2015-82001
November 30, 2015	TRA-2014-04	[R1] NetMotion Mobility VPN nmdrv.sys TCP Connection Termination Handling Remote DoS	High	CVE-2014-82000
November 30, 2015	TRA-2015-06	[R1] HP Client Automation / Accelerite Endpoint Management Core Server HPCA Management Agent (nvdkit.exe) Cleartext Credentials MiTM Disclosure	Low	CVE-2015-82000
November 24, 2015	TRA-2015-05	[R1] FreeSWITCH parse_string() Function Multiple Vector Remote Heap Buffer Overflow	Critical	CVE-2015-8311
October 21, 2015	TRA-2015-04	[R1] NTP Autokey Functionality Multiple Remote DoS	High	CVE-2015-7691 CVE-2015-7692 CVE-2015-7701
October 15, 2015	TRA-2015-03	[R1] 3S CODESYS PLCWinNT Runtime Service NULL Pointer Dereference Remote DoS	High	CVE-2015-6482
September 15, 2015	TRA-2015-02	[R2] Palo Alto Networks Panorama VM Appliance PAN-OS Firmware Signature Verification Bypass Arbitrary Code Execution	High	CVE-2015-6531
August 24, 2015	TRA-2015-01	[R1] Microsoft Windows SMB v1 Service Principal Name Handling Remote Buffer Overflow	High	CVE-2015-2474
May 14, 2014	TRA-2014-01	Juniper Junos Space MySQL Server Unspecified Hardcoded Credentials	High	CVE-2014-3413
February 28, 2014	TRA-2014-02	Novell ZENworks Configuration Management (ZCM) PreBoot Service (novell-pbserv.exe) Remote Path Traversal File Access	High	CVE-2013-3706
January 30, 2014	TRA-2014-03	3S CoDeSys Runtime Toolkit Unspecified NULL Pointer Dereference Remote DoS	High	CVE-2014-0757
November 12, 2013	TRA-2013-08	Adobe ColdFusion CFIDE Directory Unspecified Reflected XSS	Medium	CVE-2013-5326
September 3, 2013	TRA-2013-07	[R1] Cisco Prime Network Control System (NCS) / Wireless Control System (WCS) login.jsp requestUrl Parameter Reflected XSS	Medium	CVE-2012-5990
July 24, 2013	TRA-2013-05	HP LoadRunner magentproc.exe SSL Connection Handling Buffer Overflow Remote Code Execution	High	CVE-2013-4800
July 24, 2013	TRA-2013-06	HP LoadRunner XDR-encoded Data Handling Remote Buffer Overflow	High	CVE-2013-4799
May 22, 2013	TRA-2013-10	3S CoDeSys Gateway Unspecified Use-after-free Arbitrary Code Execution	Critical	CVE-2013-2781
May 14, 2013	TRA-2013-04	Adobe ColdFusion Unspecified Remote Code Execution	Critical	CVE-2013-1389
April 19, 2013	TRA-2013-09	[R1] IBM InfoSphere Products /rdweb/getUsers.do Remote Account Information Remote Disclosure	Medium	CVE-2013-0584
March 27, 2013	TRA-2013-03	Cisco IOS Smart Install Client Feature Malformed Config / Boot Image File Upload Remote Code Execution	Critical	CVE-2013-1146
January 23, 2013	TRA-2013-02	[R1] WebYaST /host Configuration Path Handling Unauthenticated Host List Manipulation	Medium	CVE-2012-0435
January 9, 2013	TRA-2013-01	Dell OpenManage Server Administrator /help/sm/en/Output/wwhelp/wwhimpl/js/html/index_main.htm topic Parameter DOM-based XSS	Medium	CVE-2012-6272
August 29, 2012	TRA-2012-18	Novell File Reporter NFRAgent.exe VOL Element Tag Parsing Remote Overflow	High
August 22, 2012	TRA-2012-17	[R1] McAfee Email and Web Security / Email Gateway Multiple Vulnerabilities	Critical	CVE-2012-4595 CVE-2012-4596 CVE-2012-4597
July 20, 2012	TRA-2012-16	[R1] Symantec Web Gateway (SWG) Multiple Vulnerabilities #2	Critical	CVE-2012-2953 CVE-2012-2957 CVE-2012-2961 CVE-2012-2977
June 10, 2012	TRA-2012-05	Rocket U2 UniData unidata72 RPC Interface Call Parsing Arbitrary Command Execution	Critical
May 19, 2012	TRA-2012-04	[R1] Symantec LiveUpdate Administrator Installation Directory Permission Weakness Local Privilege Escalation	High	CVE-2012-0304
May 17, 2012	TRA-2012-03	[R1] Symantec Web Gateway (SWG) Multiple Vulnerabilities #1	Critical	CVE-2012-0297 CVE-2012-0298 CVE-2012-0299 CVE-2012-0296
May 9, 2012	TRA-2012-02	Apple Mac OS X SRP-Based Authentication Credential Verification Time Capsule Credential Information Disclosure	Medium	CVE-2012-0675
May 3, 2012	TRA-2012-19	[R1] CiscoWorks Prime LAN Management Solution (LMS) Autologin.jsp URL Parameter HTTP Header Response Splitting	Medium	CVE-2011-4237
January 10, 2012	TRA-2012-01	PHP Timezone Functionality php_date_parse_tzfile Cache strtotime Function Call Saturation Remote DoS	Medium	CVE-2012-0789
November 11, 2011	TRA-2011-12	HP StorageWorks P4000 Virtual SAN Appliance Software Management Service Authentication Bypass Remote Command Execution	High	CVE-2012-4361 CVE-2012-2986
November 3, 2011	TRA-2011-08	[R1] Dell KACE K2000 System Deployment Appliance Read-Only Account Default Credentials Remote Information Disclosure	Medium	CVE-2011-4048
November 3, 2011	TRA-2011-09	[R1] Dell KACE K2000 System Deployment Appliance Task Processor Database Write Access Remote Privilege Escalation	High	CVE-2011-4047
November 3, 2011	TRA-2011-10	[R1] Dell KACE K2000 System Deployment Appliance Multiple Reflected XSS	Medium	CVE-2011-4436
November 3, 2011	TRA-2011-11	[R2] Dell KACE K2000 System Deployment Appliance Backdoor Admin Account	Critical	CVE-2011-4046
October 11, 2011	TRA-2011-07	[R1] Microsoft Forefront Unified Access Gateway Multiple Vulnerabilities	Medium	CVE-2011-1895 CVE-2011-1896 CVE-2011-1897
August 8, 2011	TRA-2011-06	[R2] HP OpenView Performance Insight sendEmail.jsp bgcolor Parameter Reflected XSS	Medium	CVE-2011-2410
July 19, 2011	TRA-2011-05	[R1] Oracle Secure Backup /apache/htdocts/php/common.php username Parameter Remote Code Execution	Critical	CVE-2011-2261
May 31, 2011	TRA-2011-04	[R1] IBM Tivoli Management Framework Endpoint lcfd.exe opts Field Handling Remote Buffer Overflow	High	CVE-2011-1220
April 26, 2011	TRA-2011-03	IBM solidDB rpc_test_svc Commands Handling NULL Dereference Remote DoS	High	CVE-2011-1208
April 1, 2011	TRA-2011-02	IBM solidDB Password Hash Verification Bypass Remote Code Execution	High	CVE-2011-1560
February 8, 2011	TRA-2011-01	[R1] Adobe ColdFusion Administrator Console login.cfm URI Handling Reflected XSS	Medium	CVE-2011-0580
December 15, 2010	TRA-2010-05	HP Power Manager Management Server Login Form URL Parameter Buffer Overflow	High	CVE-2010-4113
November 6, 2010	TRA-2010-04	[R1] FreeNAS exec_raw.php cmd Parameter Remote Command Execution	Critical
October 13, 2010	TRA-2010-03	[R1] HP Multiple Products switchFWInstallStatus.jsp logfile Parameter Arbitrary File Access	High	CVE-2010-3286 CVE-2010-3986 CVE-2010-4100 CVE-2010-4103 CVE-2010-4102
September 8, 2010	TRA-2010-02	[R1] phpMyAdmin Setup Script setup/frames/index.inc.php Verbose Server Name Stored XSS	Medium	CVE-2010-3263
May 5, 2010	TRA-2010-01	HP Mercury LoadRunner Agent magentproc.exe Remote Arbitrary Code Execution	Critical	CVE-2010-1549
December 16, 2009	TRA-2009-04	HP Storage OpenView Data Protector Backup Client Service MSG_PROTOCOL Command Remote Overflow	Critical	CVE-2007-2280
November 10, 2009	TRA-2009-03	Movable Type /mt/mt-check.cgi System Information Disclosure	Medium
April 14, 2009	TRA-2009-02	[R1] phpMyAdmin < 3.1.3.2 Multiple Vulnerabilities	Critical	CVE-2009-1285
March 19, 2009	TRA-2009-01	Adobe Acrobat getIcon() Function PDF Handling Overflow	High	CVE-2009-0927
August 14, 2008	TRA-2008-01	Symantec Veritas Storage Foundation Scheduler Service (VxSchedService.exe) NULL NTLMSSP Authentication Bypass	Critical	CVE-2008-3703
December 14, 2007	TRA-2007-12	HP-UX Software Distributor (SD) swagentd sw_rpc_agent_init Function Crafted DCE RPC Request Remote Overflow	Critical	CVE-2007-6195
December 11, 2007	TRA-2007-11	Microsoft Windows Message Queuing MSMQ Message Handling Arbitrary Code Execution	High	CVE-2007-3039
December 7, 2007	TRA-2007-10	Novell NetMail AntiVirus Agent (avirus.exe) Unspecified ASCII Iinteger Handling Remote Overflow	Medium	CVE-2007-6302
December 6, 2007	TRA-2007-09	HP OpenView Network Node Manager (OV NNM) Multiple Remote Overflow	Critical	CVE-2007-6204
October 10, 2007	TRA-2007-08	CA BrightStor ARCServe Backup Message Engine RPC Service Arbitrary Code Execution	Critical	CVE-2007-5328
September 4, 2007	TRA-2007-07	MIT Kerberos 5 RPCSEC_GSS RPC Library (librpcsecgss) lib/rpc/svc_auth_gss.c svcauth_gss_validate Function Remote Overflow	Critical	CVE-2007-3999
August 20, 2007	TRA-2007-06	EMC NetWorker Remote Exec Service (nsrexecd.exe) Remote Overflow	High	CVE-2007-3618
July 25, 2007	TRA-2007-05	BakBone NetVault Reporter Manager Scheduler Client Multiple Remote Overflow	Critical	CVE-2007-3911
July 20, 2007	TRA-2007-04	Panda AdminSecure Agent Crafted Packet Remote Overflow	High	CVE-2007-3026
May 9, 2007	TRA-2007-03	CA Multiple Products inoweb Console Server Authentication Remote Overflow	Critical	CVE-2007-2522
April 24, 2007	TRA-2007-02	CA BrightStor ARCserve Backup Media Server SUN RPC Service Remote Overflows	Critical	CVE-2007-2139
April 18, 2007	TRA-2007-01	Novell GroupWise WebAccess GWINTER.exe Basic Authentication Base64 Decoding Overflow	Critical	CVE-2007-2171
July 11, 2006	TRA-2006-01	Microsoft Windows Server Service SRV.SYS Crafted Request SMB Information Disclosure	Medium	CVE-2006-1315

Tenable.ep

Tenable.io

Nessus

Tenable.sc

Tenable.ad

Tenable.ot

Tenable Lumin

All Products

Business Needs

Industry

Compliance

Support and Services

Quick Links

About Us

News and Events

Find a Partner

Tenable Assure Partners

Technology Partners

Resources

Explore Cyber Exposure

Platform

Tenable Research Advisories

Find a vulnerability in a Tenable product?

Tenable Research Advisories

Find a vulnerability in a Tenable product?

Thank You

Try Nessus Professional Free

Buy Nessus Professional

Select Your License

Try Tenable.io Web Application Scanning

Buy Tenable.io Web Application Scanning

Thank You

Try Tenable.io Container Security

Buy Tenable.io Container Security

Thank You

Request a demo of Tenable.sc

Try Tenable Lumin

Buy Tenable Lumin

Thank You

Request a demo of Tenable.ot

Thank You

Request a demo of Tenable.ad

Success!

LEARN MORE ABOUT TENABLE.CS

Thank You