Cатсн²² (in)sесuяitу / ChrisJohnRiley

Because we're damned if we do, and we're damned if we don't!

Advisories

This area contains detailed advisories for vulnerabilities that have been discovered and reported to vendors.

This information is given to allow for accurate testing and resolution of issues, and not for malicious purposes.

Advisory ID

Description

Severity

Published
(c22-2013-03/04)

CVE-2013-5112

 Vulnerability: Evernote Android Insecure Storage of PIN data / Bypass of PIN protection

  • Evernote (Android) ver. 5.5.0 (and prior)
 Medium
 07-12-2013
(c22-2013-02)

CVE-2013-5113
CVE-2013-5114

 Vulnerability: LastPass Android container PIN and auto-wipe security feature bypass

  • LastPass (Android) ver. 2.0.4 (and prior)
 Medium
 13-11-2013
(c22-2013-01)

CVE-2013-2503

 Vulnerability: Credential Exposure

  • Privoxy 3.0.20 (and prior)
 Medium
 11-03-2013
TYPO3-EXT-SA-2012-003 Vulnerability: Path Traversal

  • Typo3 eXtplorer (t3extplorer)
 Low
 23-02-2012
(c22-2011-02)

SurveyMonkey: IP Spoofing

 Vulnerability:

  • IP Spoofing (via X-Forwarded-For)

Low / Medium

(estimated)

 22-04-2011
(c22-2011-01)

SAP Management Console

 Vulnerability:

  • Information Disclosure
  • BASIC auth
  • Code Execution (through OSexecute)
 High
 09-01-2011
(c22-2010-02)

scr.im

 Vulnerability:

  • Incorrect use of Captchas
  • Captcha Bypass
 Medium

(estimated)

 07-10-2009

(reviewed 12-10-2010)
TYPO3-SA-2010-009 Vulnerability: Cross-site Scripting

  • Frontend User Registration (sr_feuser_register)
 Medium 14-04-2010
TYPO3-SA-2009-016 Vulnerability: Cross-site Scripting

  • Frontend Login (felogin)
 Medium 22-10-2009
TYPO3-SA-2009-016 Vulnerability: Cross-site Scripting

  • Install Tool
 Medium 22-10-2009
TYPO3-SA-2009-001 Vulnerability: Insecure Randomness

  • TYPO3 CORE
 High 20-01-2009