List of software security vulnerabilities I found which haven been publicly disclosed:
- CVE-2014-0835 IBM QRADAR Multiple Vulnerabilities
- CVE-2014-0836 IBM QRADAR Multiple Vulnerabilities
- CVE-2014-0837 IBM QRADAR Multiple Vulnerabilities
- PaloAlto Networks PAN-OS <= 5.0.8 XSS
- CVE-2013-213: rrdtool format string vulnerability
- Zenoss 4.2.1 Various bugs
- CVE-2010-3865: Linux Kernel RDS Integer Overflow
- 10-2010: Linux Kernel "remap_file_pages" system call Integer Overflow - Overflow 2
- CVE-2009-1265: Linux Kernel AF_ROSE Integer Overflow
- 02-2009: Microsoft Online Services
- 12-2008: Microsoft Online Services
- CVE-2008-6832: Atlassian JIRA Cross Site Scripting
- CVE-2008-6831: Atlassian JIRA HTML Injection
- CVE-2008-4729: Hummingbird Exceed XWeb Activex Buffer Overflow
- CVE-2008-3130: Opencart Script Insertion
- CVE-2008-2064: phpGedView Script Insertion
- CVE-2008-1988: EncapsGallery File Upload
- CVE-2008-1987: EncapsGallery Cross-Site Scripting
- CVE-2008-1965: Lotus Expeditor Uri Handler Command Execution
- CVE-2008-1833: ClamAV Heap Overflow
- CVE-2008-1722: CUPS PNG Filter Integer Overflow
- CVE-2008-1469: Gallarific Multiple Vulnerabilities
- CVE-2008-0516: SQLiteManager Remote File Inclusion
- CVE-2007-4959: osCmax Cross-Site scripting
- CVE-2007-2434: Aventail Connect Hostname Buffer Overfow
- CVE-2006-4563: PHP-Nuke MyHeadlines Module "myh_op" Cross-Site Scripting
- CVE-2006-4299: TikiWiki "highlight" Cross-Site Scripting
- CVE-2006-0886: DEV web management system Cross-Site Scripting and Script Insertion
- CVE-2006-0933: PHPX "url" XCode Script Insertion
- CVE-2006-0934: WEBInsta Limbo Contact Form Script Insertion
- CVE-2006-0842: @Mail Webmail Image Tag Script Insertion
- CVE-2006-0796: Clever Copy Private Message "Subject" Script Insertion
- CVE-2006-0682: e107 script insertion
- CVE-2006-0499: phpBB Rlink Module "url" Cross-Site Scripting
- CVE-2006-0091: Open-Xchange Webmail HTML Attachment Script Insertion
- Papoo Username Script Insertion Vulnerability
- Exponent Cms script insertion
Links to entries in various vulnerability databases:
Blog : thomas pollet