search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2017-01-03 2017-01-03 2017-02-08 VU#475907 1.8 ShoreTel Mobility Client mobile application does not verify SSL certificates
2014-04-21 2014-04-01 2014-04-21 VU#622950 1.8 Toshiba Global Commerce Solutions' 4690 Point of Sale operating system contains a password hashing algorithm that can be reversed
2015-07-24 2015-07-24 2017-03-22 VU#857948 1.8 Honeywell Tuxedo Touch Controller contains multiple vulnerabilities
2015-03-17 2015-03-12 2015-03-17 VU#868948 1.8 HP ArcSight contains multiple vulnerabilities
2012-12-12 2012-11-19 2013-01-02 VU#194604 1.8 IBM Power 5 Service Processor privilege escalation vulnerability
2012-07-30 2012-04-04 2013-04-08 VU#122656 1.8 Amazon Kindle Touch libkindleplugin scriptable browser plugin vulnerability
2013-10-18 2013-10-18 2013-10-18 VU#233990 1.8 Watchguard Extensible Threat Management (XTM) appliance version 11.7.4 contains a buffer overflow vulnerability
2012-11-07 2012-11-07 2012-11-07 VU#427547 1.8 Agile FleetCommander and FleetCommander Kiosk versions prior to 4.08 contain multiple vulnerabilities
2012-04-02 2012-04-02 2013-04-03 VU#834723 1.8 TP-Link 8840T DSL router default remote management vulnerability
2012-04-24 2012-04-23 2012-07-18 VU#889195 1.8 RuggedCom Rugged Operating System (ROS) contains hard-coded user account with predictable password
2013-09-13 2013-08-13 2013-12-04 VU#800094 1.8 Dahua Security DVRs contain multiple vulnerabilities
2013-11-22 2013-11-21 2017-10-18 VU#893462 1.8 Thomson Reuters Velocity Analytics Vhayu Analytic Server version 6.9.4 build 2995 contains a code injection vulnerability
2019-10-09 2019-10-09 2019-10-25 VU#763073 1.8 iTerm2 with tmux integration is vulnerable to remote command execution
2013-11-07 2007-08-21 2014-03-25 VU#274923 1.8 Dual_EC_DRBG output using untrusted curve constants may be predictable
2016-01-04 2015-01-04 2016-01-04 VU#820196 1.8 Furuno Voyage Data Recorder (VDR) moduleserv firmware update utility fails to properly sanitize user-provided input

Sponsored by CISA.