search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2013-04-26 2012-11-22 2016-01-13 VU#948155 2.0 Henry Schein Dentrix G5 uses hard-coded database credentials shared across multiple installations
2012-12-13 2012-11-24 2012-12-13 VU#871148 1.5 Huawei E585 pocket wifi 2 device contains multiple vulnerabilities
2012-11-26 2012-11-26 2012-12-07 VU#281284 1.9 Samsung Printer firmware contains a hardcoded SNMP community string
2012-12-06 2012-11-30 2012-12-06 VU#571068 1.5 ManageEngine AssetExplorer fails to properly sanitize XML asset data submission
2012-12-12 2012-12-12 2012-12-12 VU#856892 1.3 Centreon 2.3.3 through 2.3.9-4 blind sqli injection vulnerability.
2012-12-12 2012-12-12 2012-12-12 VU#876780 1.4 D-Link DSL2730U router restricted telnet shell command whitelisting bypass
2012-12-17 2012-12-17 2014-07-24 VU#519137 3.2 Adobe Shockwave player installs Xtras without prompting
2012-12-17 2012-12-17 2014-07-24 VU#546769 3.2 Adobe Shockwave player vulnerable to downgrading
2012-12-17 2012-12-17 2014-05-15 VU#323161 0 Adobe Shockwave player provides vulnerable Flash runtime
2013-08-05 2012-12-17 2013-10-03 VU#948096 5.1 Huawei networking equipment weak password cipher
2012-12-29 2012-12-28 2013-01-14 VU#154201 9 Microsoft Internet Explorer CButton use-after-free vulnerability
2013-01-08 2013-01-08 2013-01-11 VU#380039 8.7 Ruby on Rails Action Pack framework insecurely typecasts YAML and Symbol XML parameters
2013-01-09 2013-01-09 2015-09-17 VU#950172 1.4 Dell OpenManage Server Administrator version 7.1.0.1 DOM-based XSS vulnerability
2013-01-09 2013-01-09 2013-01-09 VU#990652 1.9 BigAnt IM Message server and components contain multiple vulnerabilities
2013-01-10 2013-01-10 2013-06-12 VU#625617 9.5 Java 7 fails to restrict access to privileged code

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis