About DOE Button Organization Button News Button Contact Us Button


Entire Site
DOE-CIRC
US Department of Energy Seal and Header Photo
Science and Technology Button Energy Sources Button Energy Efficiency Button The Environment Button Prices and Trends Button National Security Button Safety and Health Button
Office of the Cheif Information Officer
DOE-CIRC Home
About CIRC
Bulletins
Latest
High Risk
Revised
Bulletin Archive
Technical Bulletins
Search
C-Notes
Recent C-Notes
C-Notes Archive
Security Links
Advanced Search
Contact CIRC

Maintenance Schedule
The DOE-CIRC server will be unavailable during the following scheduled events:
Routine maintenance:
Every Thursday from 5:00 - 9:00pm (PST)
Quick Reference Header
circ rss news feed


doe-circ logo

Latest Bulletins
bulletin legend
  • T-303 Apple Safari 4.0.4 Denial of Service (05 February 2010)
  • T-302 Red Hat Linux Kernel Routing Implementation Multiple Remote Denial of Service Vulnerabilities (04 February 2010)
  • T-301 Citrix XenServer Authentication Bypass Vulnerability (03 February 2010)
  • T-300 lighttpd Slow Request Handling Remote Denial of Service Vulnerability (02 February 2010)
  • T-299 Multiple Sun Java Vulnerabilities (01 February 2010)
  • T-298 Samba setuid 'mount.cifs' Verbose Option Information Disclosure Vulnerability (29 Jan 2010)
  • T-297 Multiple Vendor HTML Form Protocol Vulnerability (28 Jan 2010)
  • T-296 Cisco Security Advisory: Multiple Vulnerabilities in Cisco Unified MeetingPlace (27 Jan 2010)
  • T-295 Joomla! JBDiary Component Multiple SQL Injection Vulnerabilities (27 Jan 2010)
  • T-294 Microsoft Internet Explorer URI Validation Remote Code Execution Vulnerability (26 Jan 2010)
  • T-293 Windows Kernel #GP Trap Handler Flaw Lets Local Users Gain Elevated Privileges (25 Jan 2010)
  • T-292 Internet Explorer CVE-2010-0249 Remote Code Execution Vulnerability (19 Jan 2010)
  • T-291 Expat UTF-8 Character XML Parsing Remote Denial of Service Vulnerability (15 Jan 2010)
  • T-290 Net-SNMP 'snmpUDPDomain.c' Remote Information Disclosure Vulnerability(14 Jan 2010)
  • T-289 HP StorageWorks Products Remote Management Interface Privilege Escalation Vulnerability(11 Jan 2010)
  • T-288 New phpldapadmin packages fix remote file inclusion(07 Jan 2010)
  • T-287 NetworkManager Security Bypass and Information Disclosure Vulnerabilities(05 Jan 2010)
  • T-286 Microsoft IIS Malformed Local Filename Security Bypass Vulnerability(28 Dec 2009)
  • T-285 Linux Kernel KVM Large SMP Instruction Local Denial of Service Vulnerability(23 Dec 2009)
  • T-284 Allied Telesyn AT-TFTP Server Filename Remote Buffer Overflow Vulnerability (22 Dec 2009)
  • T-283 Ruby on Rails 'strip_tags()' Non-Printable Character Cross Site Scripting Vulnerability (18 Dec 2009)
  • T-282 Cisco ASA 8.x VPN SSL module Clientless URL-list control bypass vulnerability. (17 Dec 2009)
  • T-281 Mozilla Firefox and SeaMonkey MFSA 2009-65 through -71 Multiple Vulnerabilities (16 Dec 2009)
  • T-280 New Adobe Reader, Acrobat Vulnerability Under Attack (15 Dec 2009)
  • T-279 Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability (11 Dec 2009)
  • T-278 ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability (11 Dec 2009)
  • T-277 Microsoft Security Bulletin Summary for December 2009 (10 Dec 2009)
  • T-276 HP OpenView Network Node Manager 'ovdbrun.exe' Denial of Service Vulnerability (19 Nov 2009)
  • T-275 Sun Java Runtime Environment Font Processing Buffer Overflow Vulnerability (19 Nov 2009)
  • T-274 HP OpenView Network Node Manager Remote Denial of Service Vulnerability (19 Nov 2009)
  • T-273 Sun xVM VirtualBox Guest Additions Kernel Memory Consumption Flaw Lets Local Users Deny Service (17 Nov 2009)
  • T-272 Google Chrome prior to 3.0.195.32 Multiple Security Vulnerabilities (16 Nov 2009)
  • T-271 McAfee IntruShield Network Security Manager Permits Session Hijacking Attacks (13 Nov 2009)
  • T-270 Citrix Online Plug-ins Lets Remote Users Spoof SSL Endpoints (12 Nov 2009)
  • T-269 Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability (10 Nov 2009)
  • T-268 HP Power Manager Management Web Server Login Remote Code Execution Vulnerability (09 Nov 2009)
  • T-267 Buffer and Integer Overflow Vulnerabilities in the Java Runtime Environment (06 Nov 2009)
  • T-266 Sun Solaris SCTP 'sctp(7P)' and SDP 'sdp(7D)' Sockets Local Denial Of Service Vulnerability (05 Nov 2009)
  • T-265 BlackBerry Desktop Manager ActiveX Control Remote Code Execution Vulnerability (04 Nov 2009)
  • T-264 VMware Products Directory Traversal Vulnerability (03 Nov 2009)
  • T-263 KDE Multiple Input Validation Vulnerabilities (02 Nov 2009)
  • T-262 Drupal Workflow Module Multiple HTML Injection Vulnerabilities (30 Oct 2009)
  • T-261 Solaris Trusted Extensions Weakness May Let Users Gain Elevated Privileges (29 Oct 2009)
  • T-260 Mozilla Firefox and SeaMonkey MFSA 2009-52 through -64 Multiple Vulnerabilities (28 Oct 2009)
  • T-259 Linux Kernel 'kernel/signal.c' Local Information Disclosure Vulnerability (27 Oct 2009)
  • T-258 Multiple Security Vulnerabilities in Adobe Reader and Acrobat (26 Oct 2009)
  • T-257 MapServer Multiple Security Vulnerabilities (23 Oct 2009)
  • T-256 Pidgin OSCAR Plugin Invalid Memory Access Denial Of Service Vulnerability (22 Oct 2009)
  • T-255 Oracle Critical Patch Update Advisory (21 Oct 2009)
  • T-254 Cisco IOS Software Authentication Proxy Vulnerability (20 Oct 2009)
  • T-253 Cisco Unified Presence Denial of Service Vulnerabilities (19 Oct 2009)
  • T-252 Xpdf Multiple Integer Overflow Vulnerabilities (16 Oct 2009)
  • T-251 Linux Kernel 'clear_child_tid()' Local Denial of Service Vulnerability (15 Oct 2009)
  • T-250 Microsoft Patch Tuesday Reminder (14 Oct 2009)
  • T-249 Sun VirtualBox VBoxNetAdpCtl Configuration Tool Local Privilege Escalation Vulnerability (13 Oct 2009)
  • T-248 Adobe Acrobat Reader Remote Code Execution Vulnerability (09 Oct 2009)
  • T-247 Multiple HP JetDirect Printers Multiple Cross Site Scripting Vulnerabilities (07 Oct 2009)
  • T-246 IBM AIX 'nfs_portmon' Authentication Bypass Vulnerability (06 Oct 2009)
  • T-245 VMware Fusion vmx86 Kernel Extension Bugs Let Local Host OS Users Gain Elevated Privileges and Deny Service on the Host (05 Oct 2009)
  • T-244 Solaris IP(7P) Module and STREAMS Framework Denial of Service Vulnerabilities (02 Oct 2009)
  • T-243 Red Hat Enterprise Linux OpenSSH 'ChrootDirectory' Option Local Privilege Escalation Vulnerability (01 Oct 2009)
  • T-242 Adobe Photoshop Elements Active File Monitor Service Local Privilege Escalation Vulnerability (30 Sept 2009)
  • T-241 Blackberry OS NULL Character Flaw in Common Name Field Lets Remote Users Spoof Certficates (29 Sept 2009)
  • T-240 OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Remote Denial of Service Vulnerability (28 Sept 2009)
  • T-239 Linux Kernel KVM 'kvm_emulate_hypercall()' Local Denial of Service Vulnerability (25 Sept 2009)
  • T-238 Cisco Unified Communications Manager SIP Message Denial of Service Vulnerability (24 Sept 2009)
  • T-237 Squid Web Proxy Cache Authentication Header Parsing Remote Denial of Service Vulnerability (23 Sept 2009)
  • T-236 OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Packet Denial of Service Vulnerability (22 Sept 2009)
  • T-235 IBM Lotus Notes RSS Reader Widget HTML Injection Vulnerability (21 Sept 2009)
  • T-234 Linux Kernel 'perf_counter_open()' Local Buffer Overflow Vulnerability (18 Sept 2009)
  • T-233 Wireshark 1.2.1 Multiple Vulnerabilities (17 Sept 2009)
  • T-232 VMware Hosted Products VMSA-2009-0005 Multiple Remote Vulnerabilities (16 Sept 2009)
  • T-231 HP StorageWorks Remote Management Interface Vulnerability (15 Sept 2009)
  • T-230 Solaris Heap Overflow Vulnerability in w(1) Utility (14 Sept 2009)
  • T-229 Mozilla Firefox MFSA 2009-47, -48, -49, -50, -51 Multiple Vulnerabilities (11 Sept 2009)
  • T-228 Microsoft Windows SMB2 '_Smb2ValidateProviderCallback()' Remote Code Execution Vulnerability (10 Sept 2009)
  • T-227 Microsoft Patch Tuesday Reminder (09 Sept 2009)
  • T-226 Debian devscripts 'uscan' Input Validation Vulnerability (08 Sept 2009)
  • T-225 Cisco Lightweight Access Point Over-the-Air Provisioning Manipulation Vulnerability (04 Sept 2009)
  • T-224 OpenOffice Word Document Table Parsing Multiple Heap Based Buffer Overflow Vulnerabilities (03 Sept 2009)
  • T-223 Autonomy KeyView Module Excel Document Processing Buffer Overflow Vulnerability (02 Sept 2009)
  • T-222 Microsoft IIS FTPd NLST Remote Buffer Overflow Vulnerability (01 Sept 2009)
  • T-221 Multiple Browser HTTP Resource in HTTPS Context Security Bypass Vulnerability (31 Aug 2009)
  • T-220 Sun Java System Access Manager Debug Files Local Information Disclosure Vulnerability (28 Aug 2009)
  • T-219 Sun Virtual Desktop Infrastructure (VDI) Secure LDAP Vulnerability (27 Aug 2009)
  • T-218 Cisco Lightweight Access Point Over-the-Air Provisioning Manipulation Vulnerability (26 Aug 2009)
  • T-217 Linux Kernel 'udp_sendmsg()' MSG_MORE Flag Local Privilege Escalation Vulnerability (25 Aug 2009)
  • T-216 Multiple Vulnerabilities With Adobe Flash Player, Adobe Reader and Acrobat (24 Aug 2009)
  • T-215 Libpurple msn_slplink_process_msg() Arbitrary Write Vulnerability (21 Aug 2009)
  • T-214 Solaris Kernel Filesystem and Virtual Memory Subsystems Vulnerability (20 Aug 2009)
  • T-213 Cisco IOS XR Software Border Gateway Protocol Vulnerability (19 Aug 2009)
  • T-212 Linux Kernel 'sock_sendpage()' NULL Pointer Dereference Vulnerability (18 Aug 2009)
  • T-211 Memcached Multiple Heap Based Buffer Overflow Vulnerability (17 Aug 2009)
  • T-210 Mozilla Firefox 3.5.1/3.0.12 Multiple Memory Corruption Vulnerabilities (14 Aug 2009)
  • T-209 NTP 'ntpq' Stack Buffer Overflow Vulnerability (13 Aug 2009)
  • T-208 Apple Safari Code Execution and Security Bypass Vulnerabilities (12 Aug 2009)
  • T-207 Microsoft Patch Tuesday Reminder (12 Aug 2009)
  • T-206 Apache Tomcat 'RequestDispatcher' Information Disclosure Vulnerability (10 Aug 2009)
  • T-205 Mozilla Firefox Flash Player Unloading Remote Code Execution Vulnerability (07 Aug 2009)
  • T-204 Apple Mac OS X 2009-003 Multiple Security Vulnerabilities (06 Aug 2009)
  • T-203 Sun Java Runtime Environment Audio System Privilege Escalation Vulnerability (05 Aug 2009)
  • T-202 Mozilla Firefox Error Page Address Bar URL Spoofing Vulnerability (04 Aug 2009)
  • T-201 Mozilla Firefox and Seamonkey Regular Expression Parsing Heap Buffer Overflow Vulnerability (03 Aug 2009)
  • T-200 Absolute Software Computrace LoJack for Laptops Security Bypass Vulnerability (1 Aug 2009)
  • T-199 Mozilla Firefox NULL Character CA SSL Certificate Validation Security Bypass Vulnerability (31 Jul 2009)
  • T-198 Squid Multiple Remote Denial of Service Vulnerabilities (30 Jul 2009)
  • T-197 ISC BIND Denial of Service Vulnerability (29 Jul 2009)
  • T-196 Critical Cumulative Security Update for Internet Explorer (29 Jul 2009)
  • T-195 Remote Jail Breakout Vulnerability via Symlink Traversal in NcFTPd (28 Jul 2009)
  • T-194 Multiple Vulnerabilities in Cisco Wireless LAN Controllers (27 Jul 2009)
  • T-193 Sun Solaris Auditing Extended File Attributes (fsattr(5)) Local Denial Of Service Vulnerability (24 Jul 2009)
  • T-192 Microsoft Office Web Components ActiveX Control 'msDataSourceObject' is vulnerable to Code Execution (24 Jul 2009)
  • T-191 Vulnerability in Adobe Acrobat, Reader, and Flash Player (23 Jul 2009)
  • T-190 Buffer Overflow in NASA Common Data Format (CDF) Library (22 Jul 2009)
  • T-189 Directory Traversal Vulnerability in the Administration Interface in Cisco Customer Response Solutions (21 Jul 2009)
  • T-188 Linked XSS Vulnerability found in Oracle BEA Weblogic Server (20 Jul 2009)
  • T-187 Security Vulnerability in Solaris NFSv4 Kernel Module May Panic an NFSv4 Client System (17 Jul 2009)
  • T-186 Mozilla Firefox 3.5 'Tracemonkey' Component Remote Code Execution Vulnerability (17 Jul 2009)
  • T-185 Two Remote Code Execution Vulnerabilities in Firefox (16 Jul 2009)
  • T-184 Microsoft Monthly Updates (15 Jul 2009)
  • T-183 Vulnerability in Microsoft Office Web Components Control Could Allow Remote Code Execution (14 Jul 2009)
  • T-182 Nagios 'statuswml.cgi' Remote Arbitrary Shell Command Injection Vulnerability (13 Jul 2009)
  • T-181 Microsoft Windows 'MPEG2TuneRequest' ActiveX Control Vulnerability (10 Jul 2009)
  • T-180 Citrix XenCenterWeb Multiple Input Validation Vulnerabilities (09 Jul 2009)
  • T-179 Ubuntu Linux TIFF Image Library Vulnerability (08 Jul 2009)
  • T-178  Microsoft Windows 'msvidctl.dll' ActiveX Control Unspecified Remote Memory Corruption Vulnerability (07 Jul 2009)
  • T-177 FCKeditor input sanitization errors (06 Jul 2009)
  • T-176 Sun Kernel udp(7p) Denial of Service Vulnerability (06 Jul 2009)
  • T-175 Pidgin OSCAR Protocol Web Message Denial of Service Vulnerability (02 Jul 2009)
  • T-174 MIT Kerberos 'asn1_decode_generaltime()' Uninitialized Pointer Memory Corruption Vulnerability (01 Jul 2009)
  • T-173 phpMyAdmin 'db' Parameter Cross Site Scripting Vulnerability (30 Jun 2009)
  • T-172 Linux Kernel 'e1000/e1000_main.c' Remote Denial of Service Vulnerability (29 Jun 2009)
  • T-171 Samba Format String And Security Bypass Vulnerabilities (26 Jun 2009)
  • T-170 Cisco Physical Access Gateway Malformed Packet Remote Denial of Service Vulnerability (25 Jun 2009)
  • T-169 Adobe Shockwave Player Unspecified Security Vulnerability (24 Jun 2009)
  • T-168 IrfanView 'TIFF' File Handling Remote Integer Overflow Vulnerability (23 Jun 2009)
  • T-167 OpenSSL Multiple Vulnerabilities (22 Jun 2009)
  • T-166 FreeBSD Direct Pipe Writes Information Disclosure Vulnerability (19 Jun 2009)
  • T-165 Microsoft Active Directory Encoded LDAP String Memory Corruption Remote Code Execution Vulnerability (18 Jun 2009)
  • T-164 Sun Java Runtime Environment Aqua Look and Feel Privilege Escalation Vulnerability (18 Jun 2009)
  • T-163  Linux Kernel NFS 'MAY_EXEC' Security Bypass Vulnerability (17 Jun 2009)
  • T-162  Drupal Views Module Multiple Security Bypass and HTML Injection Vulnerabilities (16 Jun 2009)
  • T-161 Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009-24 through -32 Multiple Remote Vulnerabilities (15 Jun 2009)
  • T-160 Microsoft Windows Print Spooler 'EnumeratePrintShares()' Remote Stack Buffer Overflow Vulnerability (12 Jun 2009)
  • T-159 Adobe Reader and Acrobat 9.1.1 and Prior Multiple Remote Vulnerabilities (11 Jun 2009)
  • T-158  HP OpenView Network Node Manager SNMP and MIB Unspecified Remote Code Execution Vulnerability (10 Jun 2009)
  • T-157 Apple Safari Prior to 4.0 Multiple Security Vulnerabilities (09 Jun 2009)
  • T-156  GNOME Evolution S/MIME Email Signature Verification Vulnerability (08 Jun 2009)
  • T-155  OpenSSL 'ChangeCipherSpec' DTLS Packet Denial of Service Vulnerability (05 Jun 2009)
  • T-154  Sun Solaris Kerberos Credential Management Security Bypass Vulnerability (05 Jun 2009)
  • T-153  Apache Tomcat Form Authentication Existing/Non-Existing Username Enumeration Weakness (04 Jun 2009)
  • T-152 Apple QuickTime JP2 Image Handling Heap Buffer Overflow Vulnerability (04 Jun 2009)
  • T-151 Microsoft Windows Desktop Wall Paper System Parameter Local Denial Of Service Vulnerability (03 Jun 2009)
  • T-150 VMware Hosted products and ESX and ESXi security issues (02 Jun 2009)
  • T-149 Apache 'Options' and 'AllowOverride' Security Directives Vulnerability (01 Jun 2009)
  • T-148 Microsoft DirectX DirectShow QuickTime Video Remote Code Execution Vulnerability (29 May 2009)
  • T-147  OpenSSL 'dtls1_retrieve_buffered_fragment()' DTLS Packet Denial of Service Vulnerability (29 May 2009)
  • T-146 BlackBerry Attachment Service PDF Distiller Multiple Unspecified Security Vulnerabilities (28 May 2009)
  • T-145 Linux Kernel 'sock.c' SO_BSDCOMPAT Option Information Disclosure Vulnerability (28 May 2009)
  • T-144 FreeBSD 'telnetd' Daemon Remote Code Execution Vulnerability (27 May 2009)
  • T-143  Pidgin Multiple Buffer Overflow Vulnerabilities (26 May 2009)
  • T-142 Basic Analysis and Security Engine Cross-Site Scripting Vulnerability (26 May 2009)
  • T-141 Novell GroupWise Buffer Overflow and Cross Site Scripting Vulnerabilities (22 May 2009)
  • T-140 CiscoWorks Common Services TFTP Server Directory Traversal Vulnerability (21 May 2009)
  • T-139 Linux Kernel 'FWD-TSN' Chunk Remote Buffer Overflow Vulnerability (20 May 2009)
  • T-138  NTP 'ntpd' Autokey and ntpq Stack Buffer Overflow Vulnerability (19 May 2009)
  • T-137 Microsoft IIS 6.0 WebDAV Remote Authentication Bypass (18 May 2009)
  • T-136  Apple Mac OS X PICT Image Handling Integer Overflow Vulnerability (15 May 2009)
  • T-135  Apple Mac OS X Help Viewer HTML Document Remote Code Execution Vulnerability (14 May 2009)
  • T-134  Microsoft PowerPoint Notes Container Heap Memory Corruption Remote Code Execution Vulnerability (13 May 2009)
  • T-133  Little CMS Monochrome Profiles Null Pointer Dereference Denial of Service Vulnerability (12 May 2009)
  • T-132  Multiple Trend Micro Products RAR/ZIP Files Scan Evasion Vulnerability (12 May 2009)
  • T-131  Multiple AVG Products RAR/ZIP Files Scan Evasion Vulnerability (12 May 2009)
  • T-130  F-PROT Products CAB File Scan Evasion Vulnerability (12 May 2009)
  • T-129  HP OpenView Network Node Manager 'ovalarmsrv.exe' Remote Code Execution Vulnerability (08 May 2009)
  • T-128  Adobe Flash Media Server Unspecified RPC Call Privilege Escalation Vulnerability (08 May 2009)
  • T-127  Multiple F-Secure Products RAR/ZIP Files Scan Evasion Vulnerability (07 May 2009)
  • T-126 Insight Control Suite For Linux (ICE-LX) Multiple Remote Vulnerabilities In Nagios (06 May 2009)
  • T-125 The Linux kernel is prone to a local privilege-escalation vulnerability via ptrace_attach(). (05 May 2009)
  • T-124 Linux Kernel 'FWD-TSN' Chunk Remote Buffer Overflow Vulnerability (04 May 2009)
  • T-123  CA ARCserve Backup Apache HTTP Server Multiple Vulnerabilities (1 May 2009)
  • T-122 McAfee Products RAR/ZIP Files Scan Evasion Vulnerability (30 Apr 2009)
  • T-121  Linux Kernel 'exit_notify()' CAP_KILL Verification Local Privilege Escalation Vulnerability (29 Apr 2009)
  • T-120  Adobe Reader 'spell.customDictionaryOpen()' JavaScript Function Remote Code Execution Vulnerability (28 Apr 2009)
  • T-119  Symantec Brightmail Gateway Appliance Cross-site Scripting and Elevation of Privilege (28 Apr 2009)
  • T-118  GNOME glib Base64 Encoding and Decoding Multiple Integer Overflow Vulnerabilities (27 Apr 2009)
  • T-117  Sun Java System Delegated Administrator HTTP Response Splitting Vulnerability (24 Apr 2009)
  • T-116 Symantec Norton Ghost 'EasySetupInt.dll' ActiveX Multiple Remote Denial of Service Vulnerabilities (24 Apr 2009)
  • T-115  Multiple Vulnerabilities in Firefox, Thunderbird and Seamonkey (23 Apr 2009)
  • T-114  Xpdf JBIG2 Processing Multiple Security Vulnerabilities (22 Apr 2009)
  • T-113  udev Netlink Message Validation Local Privilege Escalation Vulnerability (21 Apr 2009)
  • T-112  CUPS Integer Overflow in Processing TIFF Images Lets Remote Users Execute Arbitrary Code (17 Apr 2009)
  • T-111 Oracle April 2009 Critical Patch Update (16 Apr 2009)
  • T-110 OpenBSD PF Remote Denial of Service Vulnerability (16 Apr 2009)
  • T-109 Blended Threat Vulnerability in SearchPath Could Allow Elevation of Privilege (959426) (16 Apr 2009)
  • T-108 Vulnerabilities in Microsoft ISA Server and Forefront Threat Management Gateway (Medium Business Edition) Could Cause De (16 Apr 2009)
  • T-107 Vulnerabilities in Windows Could Allow Elevation of Privilege (959454) (16 Apr 2009)
  • T-106 Vulnerabilities in Microsoft Office Excel Could Cause Remote Code Execution (968557) (16 Apr 2009)
  • T-105 Critical Cumulative Security Update for Internet Explorer (963027) (16 Apr 2009)
  • T-104 Vulnerabilities in Windows HTTP services could allow remote code execution (15 Apr 2009)
  • T-103 Vulnerability in Microsoft DirectShow Could Allow Remote Code Execution (15 Apr 2009)
  • T-102 Vulnerabilities in WordPad and Office Text Converters Could Allow Remote Code Execution (15 Apr 2009)
  • T-101 Vmware Flaw in Multiple Products Allows Compromise of Host System (14 Apr 2009)
  • T-100 Tor Security Bypass And Privilege Escalation Weaknesses (13 Apr 2009)
  • T-099 Linux Kernel CIFS Remote Buffer Overflow Vulnerability (10 Apr 2009)
  • T-098 Multiple Vulnerabilities in Cisco ASA Adaptive Security Appliance and Cisco PIX Security Appliances (09 Apr 2009)
  • T-097 Novell Client/NetIdentity Agent Remote Arbitrary Pointer Dereference Code Execution Vulnerability (08 Apr 2009)
  • T-096 Clam AV 0.94 and below Rar Evasion Vulnerability (07 Apr 2009)
  • T-095 Microsoft Office PowerPoint code execution vulnerability (06 Apr 2009)
  • T-094 Wireshark PN-DCP Data Format String Vulnerability (02 Apr 2009)
  • T-093 Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities (01 Apr 2009)
  • T-092 Mozilla Firefox '_moveToEdgeShift' Remote Code Execution Vulnerability (31 Mar 2009)
  • T-091 Conficker Worm Targets Microsoft Windows Systems (30 Mar 2009)
  • T-090 Squid Web Proxy Cache HTTP Version Number Parsing Denial of Service Vulnerability (27 Mar 2009)
  • T-089 pam-krb5 Local Privilege Escalation Vulnerability (26 Mar 2009)
  • T-088 HP-UX VERITAS File System and VERITAS Oracle Disk Manager Local Privilege Escalation Vulnerability (25 Mar 2009)
  • T-087 Sun Solaris NFS Daemon (nfsd(1M)) Security Bypass Vulnerability (24 Mar 2009)
  • T-086 Linux Kernel 'readlink' Local Privilege Escalation Vulnerability (23 Mar 2009)
  • T-085 Mozilla Firefox/Thunderbird/SeaMonkey MFSA 2009 -07 -08 -09 and -11 Multiple Remote Vulnerabilities (20 Mar 2009)
  • T-084 Tasklist Drupal Module Unspecified SQL Injection Vulnerability (19 Mar 2009)
  • T-083 Sun Java Runtime Environment and Java Development Kit Multiple Security Vulnerabilities (18 Mar 2009)
  • T-082 Opera Web Browser HTML Parsing Heap-Based Remote Code Execution Vulnerability (17 Mar 2009)
  • T-081 Libpng Library Uninitialized Pointer Arrays Memory Corruption Vulnerabilities (16 Mar 2009)
  • T-080 Hewlett-Packard WMI Mapper for HP Systems Insight Manager Unauthorized Access Vulnerabilities (13 Mar 2009)
  • T-079 Cisco Unified Communications Manager IP Phone Personal Address Book Synchronizer Privilege Escalation Vulnerability (12 Mar 2009)
  • T-078 Microsoft Windows Kernel GDI EMF/WMF Remote Code Execution Vulnerability (11 Mar 2009)
  • T-077 IBM Tivoli Storage Manager HSM Buffer Overflow Vulnerability (10 Mar 2009)
  • T-076 OpenSC PKCS#11 Implementation Unauthorized Access Vulnerability (09 Mar 2009)
  • T-075 VMware Server 1.0.5 and Workstation 6.0.3 Multiple Vulnerabilities (06 Mar 2009)
  • T-074 XML Data Theft via RDFXML DataSouce and Cross-Domain Redirect (05 Mar 2009)
  • T-073 New proftpd-dfsg packages fix SQL injection vulnerabilites (04 Mar 2009)
  • T-072 Adobe Flash Player Invalid Object Reference Bug Lets Remote Users Execute Arbitrary Code (03 Mar 2009)
  • T-071 Novell eDirectory Management Console Accept-Language Buffer Overflow (02 Mar 2009)
  • T-070 Cisco Unified MeetingPlace Web Conferencing Authentication Bypass Vulnerability (27 Feb 2009)
  • T-069 HP OpenView Network Node Manager Vulnerable to Denial of Service (26 Feb 2009)
  • T-068 Microsoft Windows AutoRun and AutoPlay Vulnerability (25 Feb 2009)
  • T-067 Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (24 Feb 2009)
  • T-066 Multiple HTTP Proxy HTTP Host Header Incorrect Relay Behavior Vulnerability (23 Feb 2009)
  • T-065 Adobe Acrobat and Reader PDF File Handling Remote Code Execution Vulnerability (20 Feb 2009)
  • T-064 BlackBerry Application Web Loader ActiveX Control Remote Buffer Overflow Vulnerability (19 Feb 2009)
  • T-063 Apple Mac OS X SMB Component Unspecified Buffer Overflow Vulnerability (18 Feb 2009)
  • T-062 Unspecified vulnerablility in CarbonCore in Apple Mac OS X 10.4.11 and 10.5.6 allows remote attackers to cause a denial of service. (17 Feb 2009)
  • T-061 pam-krb5 'KRB5CCNAME' Environment Variable Local Privilege Escalation Vulnerability (13 Feb 2009)
  • T-060 Cumulative Security Update for Internet Explorer 7 (12 Feb 2009)
  • T-059 Vulnerabilities in Microsoft Exchange Could Allow Remote Code Execution (11 Feb 2009)
  • T-058 RealPlayer IVR File Processing Two Vulnerabilities (10 Feb 2009)
  • T-057 Certain HP LaserJet Printers, HP Color LaserJet Printers, and HP Digital Senders, Remote Unauthorized Access to Files (9 Feb 2009)
  • T-056 RealNetworks RealPlayer IVR File Parsing Multiple Vulnerabilities (6 Feb 2009)
  • T-055 Cisco IOS HTTP Server Multiple Cross Site Scripting Vulnerabilities (4 Feb 2009)
  • T-054 Mozilla Firefox/Thunderbird/SeaMonkey Multiple Remote Vulnerabilities Bypass Same-Origin Restrictions (4 Feb 2009)
  • T-053 Buffer Overflows in RealNetworks Helix Server and Helix Mobile Server Allow Remote Attackers to Cause a Denial of Service Attack (3 Feb 2009)
  • T-052 Sun Solaris BIND "EVP_VerifyFinal()" and "DSA_do_verify()" Spoofing Vulnerability (2 Feb 2009)
  • T-051 Sun Java System Access Manager User Enumeration Weakness (30 Jan 2009)
  • T-050 Sun Solaris Pseudo-terminal Driver Local Denial of Service Vulnerability (29 Jan 2009)
  • T-049 Sun Solaris IPv6 Packet Processing Denial of Service Vulnerability (28 Jan 2009)
  • T-048 Computer Assosciates Anti-Virus Engine 'arclib.dll' Multiple Scan Evasion Vulnerabilities(28 Jan 2009)
  • T-047 Sun Solaris "libike" Library Denial of Service (28 Jan 2009)
  • T-046 Cisco Unified Communications Manager CAPF Denial of Service Vulnerability (27 Jan 2009)
  • T-045 CYV4: Linux Kernel dell_rbu Denial of Service Security Issues (26 Jan 2009)
  • T-044 Apple QuickTime MPEG-2 Playback Component For Windows Input Validation Vulnerability (23 Jan 2009)
  • T-043 Apple Quicktime Memory Corruption and Buffer Overflow Vulnerabilities (22 Jan 2009)
  • T-042 Linux Kernel "keyctl_join_session_keyring()" Denial of Service (21 Jan 2009)
  • T-041 Symantec AppStream Client LaunchObj ActiveX Control Insecure Methods (20 Jan 2009)
  • T-040  Sun SPARC Enterprise Server Authentication Bypass Vulnerability (20 Jan 2009)
  • T-039 Sun Java System Access Manager Privilege Vulnerability and Password Security Issue (16 Jan 2009)
  • T-038 Cisco ONS Platform Crafted Packet Vulnerability (15 Jan 2009)
  • T-037 Oracle Has Released The January 2009 Critical Patch Update (14 Jan 2009)
  • T-036  Vulnerabilities in SMB Could Allow Remote Code Execution (MS09-001) (14 Jan 2009)
  • T-035  Microsoft RPC Worm Spreads in Corporate Networks (13 Jan 2009)
  • T-034  Vulnerability Discovered In XOOPS (09 Jan 2009)
  • T-033  OpenSSL Security Advisory (08 Jan 2009)
  • T-032 New Xterm Packages Fix Regression (07 Jan 2009)
  • T-031  SolucionWeb "id_area" SQL Injection Vulnerability (06 Jan 2009)
  • T-030  New Ruby packages fix denial of service (05 Jan 2009)
  • T-029  Linux Kernel Malformed 'msghdr' Structure Remote Denial of Service Vulnerability (02 Jan 2009)
  • T-028  New php-ajax packages fix cross-site scripting (31 Dec 2008)
  • T-027  Vulnerability in SQL Server could allow remote execution (24 Dec 2008)
  • T-026  Zero-day exploit for Internet Explorer (10 Dec 2008)
  • T-025  Vulnerabilities in Microsoft XML Core Services (13 Nov 2008)
  • T-024  Vulnerability in Server Messge Block (SMB) (13 Nov 2008)
  • T-023  Cisco PIX ASA Vulnerability (6 Nov 2008)
  • T-022  OpenOffice Vulnerability (6 Nov 2008)
  • T-021  libspf2 Vulnerability (6 Nov 2008)
  • T-020  Adobe Reader Acrobat 8 Vulnerability (6 Nov 2008)
  • T-019  libxml2 Vulnerability (29 Oct 2008)
  • T-018  Vulnerability in Server Service   (Released 23 Oct 2008)
  • T-017  Gear Software CD DVD Filter Vulnerability   (Released 15 Oct 2008)
  • T-016  iseemedia / Roxio / MGI Software LPViewer ActiveX Vulnerabilities   (Released 15 Oct 2008)
  • T-015  InstallShield / Macrovision / Acresso FLEXnet Connect Vulnerabilities   (Released 15 Oct 2008)
  • T-014  InstallShield Update Service Agent ActiveX Vulnerability   (Released 15 Oct 2008)
  • T-013  Mac OS X v10.5.5 and Security Update 2008-006   (Released 15 Oct 2008)
  • T-012  MPlayer Vulnerability   (Released 15 Oct 2008)
  • T-011  Oracle Critical Patch Update Advisory - October 2008   (Released 15 Oct 2008)
  • T-010  Vulnerability in the Microsoft Ancillary Function Driver   (Released 15 Oct 2008)
  • T-009  Vulnerability in Message Queuing   (Released 15 Oct 2008)
  • T-008  Vulnerability in Virtual Address Descriptor Manipulation   (Released 15 Oct 2008)
  • T-007  Vulnerability in Windows Internet Printing Service   (Released 15 Oct 2008)
  • T-006  Vulnerabilities in Windows Kernel   (Released 15 Oct 2008)
  • T-005  Vulnerability in Active Directory   (Released 15 Oct 2008)
  • T-004  Cumulative Security Update for Internet Explorer   (Released 15 Oct 2008)
  • T-003  Vulnerabilities in Microsoft Excel   (Released 15 Oct 2008)
  • T-002  Vulnerability in Host Integration Server RPC Service   (Released 15 Oct 2008)
  • T-001  LANDesk QIP Vulnerability   (Released 14 Oct 2008)

 

 
  Related Links

  cyber security sites
GFIRST

US-CERT

FIRST

AUSCERT

NVD (National Vulnerability Database)

NSA (National Security Agency)

  VIRUS information

The White House www.USA.gov E-gov IQ FOIA DOE Privacy Program
U.S. Department of Energy | 1000 Independence Ave., SW | Washington, DC 20585
1-800-dial-DOE | f/202-586-4403