search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2018-11-01 2018-10-31 2018-11-05 VU#339704 5.5 Cisco ASA and FTD SIP Inspection denial-of-service vulnerability
2015-01-05 2014-12-28 2015-08-03 VU#976132 5.6 UEFI implementations do not properly secure the EFI S3 Resume Boot Path boot script
2012-01-27 2012-01-17 2014-07-24 VU#470151 5.6 Linux Kernel local privilege escalation via SUID /proc/pid/mem write
2016-10-21 2016-10-20 2016-11-17 VU#243144 5.6 Linux kernel memory subsystem copy on write mechanism contains a race condition vulnerability
2018-08-15 2018-04-14 2018-09-10 VU#982149 5.6 Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)
2016-02-25 2016-02-25 2016-02-25 VU#444472 5.6 QNAP Signage Station and iArtist Lite contain multiple vulnerabilities
2017-07-25 2017-06-26 2017-07-25 VU#838200 5.6 Telerik Web UI contains cryptographic weakness
2016-02-03 2016-02-03 2016-02-04 VU#777024 5.6 Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities
2017-06-19 2017-06-19 2017-06-28 VU#489392 5.6 Acronis True Image fails to update itself securely
2016-06-10 2016-06-10 2016-07-01 VU#778696 5.6 Netgear D6000 and D3600 contain hard-coded cryptographic keys and are vulnerable to authentication bypass
2014-07-25 2014-07-25 2014-07-25 VU#394540 5.6 Sabre AirCentre Crew solutions contain a SQL injection vulnerability
2013-10-17 2013-10-12 2014-07-29 VU#248083 5.6 D-Link routers authenticate administrative access using specific User-Agent string
2015-04-13 2015-04-13 2017-09-05 VU#672268 5.7 Microsoft Windows NTLM automatically authenticates via SMB when following a file:// URL
2016-09-28 2016-09-28 2016-09-28 VU#706359 5.7 Aternity version 9 vulnerable to cross-site scripting and remote code execution
2014-01-20 2013-12-20 2014-01-20 VU#219470 5.7 MW6 Technologies ActiveX controls contain multiple vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis