search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2016-02-02 2016-02-02 2016-02-02 VU#544527 2.1 OpenELEC and RasPlex have a hard-coded SSH root password
2016-02-03 2016-02-03 2016-02-04 VU#777024 5.6 Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities
2016-02-04 2016-02-04 2016-02-08 VU#305096 1.6 Comodo Chromodo browser with Ad Sanitizer does not enforce same origin policy and is based on an outdated version of Chromium
2016-02-11 2016-02-11 2016-02-16 VU#327976 5.9 Cisco Adaptive Security Appliance (ASA) IKEv1 and IKEv2 contains a buffer overflow vulnerability
2016-02-16 2016-02-16 2016-11-09 VU#507216 5.2 Hirschmann "Classic Platform" switches reveal administrator password in SNMP community string by default
2016-02-17 2016-02-16 2016-03-14 VU#457759 8.1 glibc vulnerable to stack buffer overflow in DNS resolver
2016-02-17 2016-02-17 2016-02-17 VU#923388 6.2 Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password
2016-02-17 2016-02-17 2016-02-19 VU#899080 6.4 Zhuhai Raysharp firmware for DVRs from multiple vendors contains hard-coded credentials
2016-02-22 2016-02-22 2016-04-04 VU#485744 5.9 Flexera Software FlexNet Publisher lmgrd contains a buffer overflow vulnerability
2016-02-24 2016-02-23 2016-03-01 VU#981271 1.9 Multiple wireless keyboard/mouse devices use an unsafe proprietary wireless protocol
2016-02-25 2016-02-25 2016-02-25 VU#444472 5.6 QNAP Signage Station and iArtist Lite contain multiple vulnerabilities
2016-02-29 2016-02-25 2017-07-18 VU#419128 6.7 IKE/IKEv2 protocol implementations may allow network amplification attacks
2016-02-29 2016-02-24 2016-03-04 VU#938151 4.6 Forwarding Loop Attacks in Content Delivery Networks may result in denial of service
2016-03-01 2016-03-01 2016-03-14 VU#583776 6.5 Network traffic encrypted using RSA-based SSL certificates over SSLv2 may be decrypted by the DROWN attack
2016-03-10 2016-03-10 2016-03-10 VU#270232 1.5 Quagga bgpd with BGP peers enabled for VPNv4 contains a buffer overflow vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis