search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2012-12-29 2012-12-28 2013-01-14 VU#154201 9 Microsoft Internet Explorer CButton use-after-free vulnerability
2014-11-13 2014-11-11 2014-11-17 VU#505120 9.0 Microsoft Secure Channel (Schannel) vulnerable to remote code execution via specially crafted packets
2012-08-23 2012-06-05 2012-08-23 VU#663809 8.7 MarkAny ContentSAFER MASetupCaller ActiveX control arbitrary download and execution
2013-01-08 2013-01-08 2013-01-11 VU#380039 8.7 Ruby on Rails Action Pack framework insecurely typecasts YAML and Symbol XML parameters
2013-02-01 2013-02-01 2013-06-14 VU#858729 8.7 Oracle Java contains multiple vulnerabilities
2017-03-14 2017-03-06 2017-03-14 VU#834067 8.7 Apache Struts 2 is vulnerable to remote code execution
2018-03-27 2018-02-07 2018-03-27 VU#184077 8.7 Navarino Infinity web interface is affected by multiple vulnerabilities.
2012-11-20 2012-11-20 2014-01-28 VU#849841 8.7 Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers
2017-10-02 2017-10-02 2018-02-02 VU#973527 8.7 Dnsmasq contains multiple vulnerabilities
2012-05-03 2012-05-03 2013-12-02 VU#520827 8.7 PHP-CGI query string parameter vulnerability
2014-09-24 2014-09-24 2014-09-24 VU#772676 8.7 Mozilla Network Security Services (NSS) fails to properly verify RSA signatures
2015-02-19 2015-02-19 2015-03-17 VU#529496 8.6 Komodia Redirector with SSL Digestor fails to properly validate SSL and installs non-unique root CA certificates and private keys
2014-11-18 2014-11-18 2014-11-19 VU#213119 8.5 Microsoft Windows Kerberos Key Distribution Center (KDC) fails to properly validate Privilege Attribute Certificate (PAC) signature
2015-02-13 2015-02-13 2015-02-13 VU#787252 8.5 Microsoft Windows domain-configured client Group Policy fails to authenticate servers
2020-02-05 2020-02-05 2020-07-08 VU#261385 8.3 Cisco Discovery Protocol (CDP) enabled devices are vulnerable to denial-of-service and remote code execution

Sponsored by CISA.