search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2020-10-22 2020-10-20 2020-10-22 VU#208577 Chocolatey Boxstarter vulnerable to privilege escalation due to weak ACLs
2020-10-12 2020-10-12 2020-10-12 VU#114757 Acronis backup software contains multiple privilege escalation vulnerabilities
2020-09-16 2020-09-16 2020-10-01 VU#490028 Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector
2020-09-15 2020-09-15 2020-09-28 VU#896979 IPTV encoder devices contain multiple vulnerabilities
2020-09-09 2020-09-09 2020-10-15 VU#589825 Devices supporting Bluetooth BR/EDR and LE using CTKD are vulnerable to key overwrite
2020-08-20 2020-08-20 2020-08-24 VU#221785 Diebold Nixdorf ProCash 2100xe USB ATM does not adequately secure communications between CCDM and host
2020-08-20 2020-08-20 2020-08-21 VU#815655 NCR SelfServ ATM BNA contains multiple vulnerabilities
2020-08-20 2020-08-20 2020-08-20 VU#116713 NCR SelfServ ATM dispenser software contains multiple vulnerabilities
2020-07-29 2020-07-29 2020-08-13 VU#174059 GRUB2 bootloader is vulnerable to buffer overflow
2020-07-08 2020-06-30 2020-07-13 VU#290915 F5 BIG-IP contains multiple vulnerabilities including unauthenticated remote command execution
2020-06-26 2020-06-26 2020-06-26 VU#576779 Netgear httpd upgrade_check.cgi stack buffer overflow
2020-06-16 2020-06-16 2020-10-08 VU#257161 Treck IP stacks contain multiple vulnerabilities
2020-06-08 2020-06-08 2020-07-08 VU#339275 Universal Plug and Play (UPnP) SUBSCRIBE can be abused to send traffic to arbitrary destinations
2020-06-02 2020-06-01 2020-09-30 VU#636397 IP-in-IP protocol routes arbitrary traffic by default
2020-05-26 2020-05-23 2020-07-09 VU#127371 6.8 iOS, iPadOS, tvOS, watchOS, and macOS contain a double-free vulnerability in the XNU kernel lio_listio() function

Sponsored by CISA.