Software Engineering Institute

CERT Coordination Center

Search

324 Results

VU#970766: Spring Framework insecurely handles PropertyDescriptor objects with data binding

Published March 31, 2022 Updated May 19, 2022

VU#930724: Apache Log4j allows insecure JNDI lookups

Published December 15, 2021 Updated April 17, 2024

VU#660597: Periscope BuySpeed is vulnerable to stored cross-site scripting

Published April 06, 2020 Updated April 15, 2020

VU#962085: Versiant LYNX Customer Service Portal is vulnerable to stored cross-site scripting

Published March 30, 2020 Updated March 30, 2020

VU#597809: IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI) service

Published February 12, 2020 Updated February 13, 2020

VU#335217: Content Delivery Networks handle HTTP headers in different and unexpected ways

Published January 14, 2020 Updated January 14, 2020

VU#873161: Telos Automated Message Handling System contains multiple vulnerabilities

Published December 19, 2019 Updated December 19, 2019

VU#877837: Multiple vulnerabilities in Quest Kace System Management Appliance

Published June 01, 2019 Updated June 03, 2019

VU#756913: Pixar Tractor contains a stored cross-site scripting vulnerability

Published December 13, 2018 Updated January 28, 2019

VU#581311: TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks

Published September 26, 2018 Updated November 08, 2018

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis

Carnegie Mellon University
Software Engineering Institute
4500 Fifth Avenue
Pittsburgh, PA 15213-2612
412-268-5800

Office Locations | Additional Sites Directory | Legal | Privacy Notice | CMU Ethics Hotline | www.sei.cmu.edu

©2025 Carnegie Mellon University

Contact SEI

Contact CERT/CC

412-268-5800
cert@cert.org