search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2018-08-21 2018-02-21 2019-03-13 VU#332928 6.8 Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities
2018-02-27 2018-02-27 2018-06-05 VU#475445 4.9 Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal
2018-03-29 2018-03-27 2018-04-24 VU#277400 5.9 Windows 7 and Windows Server 2008 R2 x64 fail to protect kernel memory when the Microsoft update for meltdown is installed
2018-04-10 2018-04-10 2019-01-10 VU#974272 4.1 Microsoft Outlook retrieves remote OLE content without prompting
2018-08-15 2018-04-14 2018-09-10 VU#982149 5.6 Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)
2018-05-03 2018-05-03 2022-01-07 VU#283803 2.7 Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")
2018-05-08 2018-05-08 2019-07-11 VU#631579 5.3 Hardware debug exception documentation may result in unexpected behavior
2018-05-14 2018-05-14 2018-05-15 VU#122919 0 OpenPGP and S/MIME mail client vulnerabilities
2018-05-21 2018-05-21 2018-06-19 VU#180049 3.4 CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks
2018-05-23 2018-05-22 2018-06-13 VU#338343 3.9 strongSwan VPN charon server vulnerable to buffer underflow
2018-07-23 2018-07-23 2018-08-17 VU#304725 5.7 Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
2018-08-06 2018-07-23 2018-09-14 VU#962459 6.4 TCP implementations vulnerable to Denial of Service
2018-08-14 2018-08-10 2018-09-14 VU#787952 6.0 Android and iOS apps contain multiple vulnerabilities
2018-08-14 2018-08-14 2024-07-15 VU#857035 7.9 IKEv1 Main Mode vulnerable to brute force attacks
2018-08-14 2018-08-14 2018-10-12 VU#641765 6.6 Linux kernel IP fragment re-assembly vulnerable to denial of service

Sponsored by CISA.