Vendor Name | Vulnerability Reported | Author | Date Reported | Date Closed | Duration to Fix | Affected Products | CVE’s | Status | Reference |
---|---|---|---|---|---|---|---|---|---|
Zscaler | Click Jacking | Liad Mizrachi | June 8th 2014 | 39 days | Zscaler Cloud | No CVE | Fixed & published Advisory | ||
BlueCoat | Stored XSS, No http only cookie, No secured cookie | Avi Gimpel Oded Vanunu |
April 7th 2014 | June 3rd | 58 days | ThreatPulse Version: 6.3.2-2014.02.07 | CVE-2014-2724, CVE-2014-2725, CVE-2014-2726 |
Fixed & published Advisory | Link |
Fortinet | XSS | Inbar Raz/william Costa | July 1st 2013 | Nov 22nd 2013 | 144 days | FortiGate’s FortiAnalyzer & FortiManager up to firmware version v5.0.6 | CVE-2013-6826 | Fixed & published Advisory | Link |
XSS | Oded Vanunu & Adi Volkovitz | March 10th 2014 | Oct 30th 2014 | 234 days | FortiManager and FortiAnalyzer Web UI | CVE-2014-2334, CVE-2014-2335, CVE-2014-2336 |
Fixed & published Advisory | Link | |
Sourcefire | XSS CSRF |
Liad Mizrachi Adi Volkovitz |
Feb 16th 2014 | Apr 22th 2014 | 66 days | SourceFire NGIPS Defense Center version 5.2.0.1 | CVE-2014-2012, CVE-2014-2028, CVE-2014-2011 |
Fixed & published Advisory | Link Link Link Link |
Cisco | XSS | Adi Volkovitz | Mar 4th 2014 | Mar 27th 2014 | 24 days | Cisco Prime Security Manager ver 9.2.1.2 | CVE-2014-2118 | Fixed & published Advisory | Link |
XSS (Cross-Site-Scripting) | Dikla Barda | Sep 8th 2014 | Dec 12 2014 | 93 days | Cisco Prime Security Manager (PRSM) | CVE-2014-3364 | Fixed & published Advisory | Link | |
Palo Alto | CSRF | Anton Ziukin | Nov 20th 2013 | Feb 4th 2014 | 77 days | PAN-OS version 4.1.15 and earlier; 5.0.9 and earlier; 5.1.4 and earlier. | CVE-2013-6850, CVE-2013-6851 | Fixed & published Advisory | Link |
XSS (Cross-Site-Scripting) | Avi Gimpel & Oded Vanunu | May 21 2014 | Dec 12 2014 | 216 days | PAN-OS version 6.0.5 and earlier; 5.1.9 and earlier; 5.0.14 and earlier | CVE-2014-3764 | Fixed & published Advisory | Link | |
XSS (Cross-Site-Scripting) | Avi Gimpel, Oded Vanunu, and Liad Mizrachi | May 15 2015 | 124 days | PAN-OS 6.1.2 and earlier; PAN-OS PAN-OS version 6.0.8 and earlier; PAN-OS 5.0.15 and earlier |
Fixed & published Advisory | ||||
McAfee | CSRF | Adi Volkovitz | March 25th 2014 | July 24th 2014 | 119 days | Network Security Manager 8.0.5.9 | CVE-2014-2390 | Fixed & published Advisory | Link |
FireEye | URL-Encoded Text Injection | Oded Vanunu, Avi Gimple | July 24th, 2014 | July 7th, 2015 | 349 days | FX, AX, NX, EX, CM | CVE-2014-5046 | Fixed & published Advisory | Link |