search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2017-10-16 2017-10-16 2017-11-08 VU#307015 6.9 Infineon RSA library does not properly generate RSA key pairs
2016-01-28 2016-01-28 2016-01-29 VU#257823 6.9 OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol
2016-04-12 2016-04-12 2016-04-14 VU#813296 6.9 Microsoft Windows and Samba may allow spoofing of authenticated users ("Badlock")
2014-04-25 2014-04-24 2014-07-24 VU#719225 6.9 Apache Struts2 ClassLoader allows access to class properties via request parameters
2014-05-16 2014-04-16 2014-05-16 VU#480428 6.8 Juniper ScreenOS is vulnerable to a denial of service from malformed SSL packets
2013-06-26 2013-06-24 2014-05-07 VU#662676 6.8 Digital Alert Systems DASDEC and Monroe Electronics R189 One-Net firmware exposes private root SSH key
2019-12-19 2019-09-27 2020-10-08 VU#941987 6.8 Apple devices vulnerable to arbitrary code execution in SecureROM
2020-05-26 2020-05-23 2020-07-09 VU#127371 6.8 iOS, iPadOS, tvOS, watchOS, and macOS contain a double-free vulnerability in the XNU kernel lio_listio() function
2015-07-08 2015-07-05 2015-07-14 VU#103336 6.8 Windows Adobe Type Manager privilege escalation vulnerability
2019-05-14 2019-05-13 2019-05-16 VU#400865 6.8 Cisco Trust Anchor module (TAm) improperly checks code and Cisco IOS XE web UI does not sanitize user input
2015-01-16 2015-01-16 2015-01-21 VU#936356 6.8 Ceragon FiberAir IP-10 Microwave Bridge contains a default root password
2017-01-27 2017-01-23 2017-01-27 VU#909240 6.8 Cisco WebEx web browser extension allows arbitrary code execution
2017-04-10 2017-04-07 2017-04-13 VU#921560 6.8 Microsoft OLE URL Moniker improperly handles remotely-linked HTA data
2018-08-21 2018-02-21 2019-03-13 VU#332928 6.8 Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities
2014-12-15 2014-12-15 2017-01-06 VU#315340 6.7 EMC Documentum products contain multiple vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis