search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2017-07-18 2017-07-18 2017-07-26 VU#547255 5.9 Dahua IP cameras Sonia web interface is vulnerable to stack buffer overflow
2014-04-10 2014-04-08 2014-04-10 VU#882841 5.9 Microsoft Office file format converter memory corruption vulnerability
2014-12-12 2014-12-11 2014-12-12 VU#659684 5.9 Honeywell OPOS suite Stack Buffer Overflow vulnerability
2018-09-26 2018-09-18 2018-11-08 VU#581311 5.9 TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks
2014-12-19 2014-12-19 2015-10-27 VU#852879 5.9 NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)
2015-09-24 2015-08-13 2015-10-28 VU#804060 5.8 Cookies set via HTTP requests may be used to bypass HTTPS and reveal private information
2013-05-14 2013-05-14 2013-05-14 VU#113732 5.8 Adobe ColdFusion 9 & 10 code injection vulnerability
2012-09-24 2012-09-24 2012-09-25 VU#555668 5.8 JAMF Software Casper Suite contains a cross-site request forgery vulnerability
2016-06-01 2016-06-01 2016-12-21 VU#754056 5.8 Fonality contains a hard-coded password and embedded SSL private key
2015-01-23 2015-01-23 2015-01-29 VU#637068 5.8 LabTech contains privilege escalation vulnerability
2017-03-07 2016-12-17 2017-03-07 VU#608591 5.8 PHP FormMail Generator generates code vulnerable to multiple issues
2018-07-23 2018-07-23 2018-08-17 VU#304725 5.7 Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
2014-04-11 2014-03-10 2014-04-16 VU#939260 5.7 ZyXEL Wireless N300 NetUSB Router NBG-419N devices contain multiple vulnerabilities
2017-10-16 2017-10-16 2017-11-16 VU#228519 5.7 Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse
2014-01-20 2013-12-20 2014-01-20 VU#219470 5.7 MW6 Technologies ActiveX controls contain multiple vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis