search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2017-10-16 2017-10-16 2017-11-16 VU#228519 5.7 Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse
2014-04-11 2014-03-10 2014-04-16 VU#939260 5.7 ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities
2018-07-23 2018-07-23 2018-08-17 VU#304725 5.7 Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
2017-03-07 2016-12-17 2017-03-07 VU#608591 5.8 PHP FormMail Generator generates code vulnerable to multiple issues
2015-01-23 2015-01-23 2015-01-29 VU#637068 5.8 LabTech contains privilege escalation vulnerability
2016-06-01 2016-06-01 2016-12-21 VU#754056 5.8 Fonality contains a hard-coded password and embedded SSL private key
2012-09-24 2012-09-24 2012-09-25 VU#555668 5.8 JAMF Software Casper Suite contains a cross-site request forgery vulnerability
2013-05-14 2013-05-14 2013-05-14 VU#113732 5.8 Adobe ColdFusion 9 & 10 code injection vulnerability
2015-09-24 2015-08-13 2015-10-28 VU#804060 5.8 Cookies set via HTTP requests may be used to bypass HTTPS and reveal private information
2014-12-12 2014-12-11 2014-12-12 VU#659684 5.9 Honeywell OPOS suite Stack Buffer Overflow vulnerability
2014-12-19 2014-12-19 2015-10-27 VU#852879 5.9 NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)
2018-09-26 2018-09-18 2018-11-08 VU#581311 5.9 TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks
2012-03-16 2012-03-13 2015-09-17 VU#624051 5.9 Microsoft Remote Desktop Protocol (RDP) insecurely deallocates memory
2015-03-16 2015-03-13 2015-03-16 VU#184100 5.9 D-Link DAP-1320 Rev Ax is vulnerable to a command injection
2014-04-10 2014-04-08 2014-04-10 VU#882841 5.9 Microsoft Office file format converter memory corruption vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis