search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2018-08-28 2018-08-27 2018-09-13 VU#906424 6.4 Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface
2014-02-18 2013-04-25 2014-02-18 VU#539289 6.4 Microsoft XMLDOM ActiveX control information disclosure vulnerability
2018-08-06 2018-07-23 2018-09-14 VU#962459 6.4 TCP implementations vulnerable to Denial of Service
2015-08-20 2015-08-20 2015-08-20 VU#276148 6.4 Dedicated Micros DVR products use plaintext protocols and require no password by default
2014-12-19 2014-12-19 2017-05-09 VU#561444 6.4 Multiple broadband routers use vulnerable versions of Allegro RomPager
2017-03-07 2017-03-07 2017-03-07 VU#355151 6.4 ACTi cameras models from the D, B, I, and E series contain multiple security vulnerabilities
2014-04-14 2014-04-14 2014-04-14 VU#437385 6.4 PaperThin CommonSpot CMS contains multiple vulnerabilities
2016-09-07 2016-09-06 2016-09-07 VU#282991 6.4 DEXIS Imaging Suite 10 contains hard-coded credentials
2016-02-17 2016-02-17 2016-02-19 VU#899080 6.4 Zhuhai Raysharp firmware for DVRs from multiple vendors contains hard-coded credentials
2013-06-11 2013-06-10 2013-09-24 VU#735364 6.4 HP System Management Homepage contains a command injection vulnerability
2015-11-13 2015-01-28 2018-08-27 VU#576313 6.4 Apache Commons Collections Java library insecurely deserializes data
2015-03-27 2008-12-31 2015-04-07 VU#591120 6.4 Multiple SSL certificate authorities use predefined email addresses as proof of domain ownership
2015-11-24 2015-11-24 2015-12-01 VU#925497 6.4 Dell System Detect installs root certificate and private key (DSDTestProvider)
2014-12-18 2014-12-18 2014-12-18 VU#843044 6.4 Multiple Dell iDRAC IPMI v1.5 implementations use insufficiently random session ID values
2014-05-30 2014-05-15 2014-05-30 VU#124908 6.3 Dell ML6000 and Quantum Scalar i500 tape backup system command injection vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis