search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-05-30 2006-05-30 2006-06-07 VU#921017 Secure Elements Class 5 AVR client sends messages in cleartext
2006-05-30 2006-05-30 2006-06-07 VU#584329 Secure Elements Class 5 AVR server contains hard-coded user ID and password
2006-05-30 2006-05-30 2006-06-12 VU#456729 Secure Elements Class 5 AVR server fails to enforce integrity of message digests
2006-05-30 2006-05-30 2006-06-07 VU#207161 Secure Elements Class 5 AVR server fails to properly authenticate registration messages
2006-05-30 2006-05-30 2007-05-04 VU#487617 Secure Elements Class 5 AVR server fails to properly authenticate session start messages
2006-05-30 2006-05-30 2006-06-07 VU#397417 Secure Elements Class 5 AVR server fails to properly enforce access controls on console operations
2006-05-30 2006-05-30 2006-06-07 VU#764025 Secure Elements Class 5 AVR server fails to properly validate pathnames when downloading updates
2006-05-30 2006-05-30 2006-06-07 VU#207337 Secure Elements Class 5 AVR server fails to properly validate peer certificate when downloading updates
2006-05-30 2006-05-30 2006-06-07 VU#919345 Secure Elements Class 5 AVR server fails to validate source address of messages
2006-05-30 2006-05-30 2006-06-07 VU#135529 Secure Elements Class 5 AVR server sends messages in cleartext
2006-05-30 2006-05-30 2006-05-30 VU#346377 Secure Elements Class 5 AVR uses the same encryption key and initialization vector for every message session
2006-05-30 2006-05-30 2006-06-07 VU#566553 Secure Elements Class 5 AVR uses the same RSA key for all installations
2006-05-30 2006-05-30 2006-05-31 VU#378604 WeOnlyDo! SFTP ActiveX control fails to properly restrict access to methods
2006-06-02 2006-06-01 2007-02-09 VU#237257 Mozilla privilege escalation using addSelectionListener
2006-06-02 2006-06-01 2007-02-09 VU#421529 Mozilla contains a buffer overflow vulnerability in crypto.signText()

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis