CVE-2015-1850

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not an exploitable issue. Notes: none.

Source: CVE-2015-1850

CVE-2011-4907

Joomla! 1.5x through 1.5.12: Missing JEXEC Check

Source: CVE-2011-4907

CVE-2012-1316

Cisco IronPort Web Security Appliance does not check for certificate revocation which could lead to MITM attacks

Source: CVE-2012-1316

CVE-2012-1326

Cisco IronPort Web Security Appliance up to and including 7.5 does not validate the basic constraints of the certificate authority which could lead to MITM attacks

Source: CVE-2012-1326

CVE-2011-4336

Tiki Wiki CMS Groupware 7.0 has XSS via the GET "ajax" parameter to snarf_ajax.php.

Source: CVE-2011-4336

CVE-2012-0070

spamdyke prior to 4.2.1: STARTTLS reveals plaintext

Source: CVE-2012-0070

CVE-2012-1562

Joomla! core before 2.5.3 allows unauthorized password change.

Source: CVE-2012-1562

CVE-2012-1563

Joomla! before 2.5.3 allows Admin Account Creation.

Source: CVE-2012-1563

CVE-2012-0945

whoopsie-daisy before 0.1.26: Root user can remove arbitrary files

Source: CVE-2012-0945

CVE-2012-0334

Cisco IronPort Web Security Appliance AsyncOS software prior to 7.5 has a SSL Certificate Caching vulnerability which could allow man-in-the-middle attacks

Source: CVE-2012-0334