search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2019-08-14 2019-08-14 2019-08-19 VU#918987 7.8 Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks
2019-08-13 2019-08-13 2019-08-20 VU#605641 0 HTTP/2 implementations do not robustly handle abnormal traffic and resource exhaustion
2019-08-01 2019-07-18 2019-08-01 VU#489481 0 Cylance Antivirus Products Susceptible to Concatenation Bypass
2019-07-17 2019-07-16 2019-07-17 VU#790507 3.9 Oracle Solaris vulnerable to arbitrary code execution via /proc/self
2019-07-15 2019-07-15 2019-07-15 VU#129209 0 LLVMs Arm stack protection feature can be rendered ineffective
2019-06-20 2019-06-17 2019-07-08 VU#905115 5.0 Multiple TCP Selective Acknowledgement (SACK) and Maximum Segment Size (MSS) networking vulnerabilities may cause denial-of-service conditions in Linux and FreeBSD kernels
2019-06-04 2019-02-19 2019-06-19 VU#576688 4.2 Microsoft Windows RDP can bypass the Windows lock screen
2019-06-01 2019-06-01 2019-06-03 VU#877837 5.5 Multiple vulnerabilities in Quest Kace System Management Appliance
2019-05-22 2019-05-21 2019-06-12 VU#119704 6.4 Microsoft Windows Task Scheduler SetJobFileSecurityByName privilege escalation vulnerability
2019-05-14 2019-05-13 2019-05-16 VU#400865 6.8 Cisco Trust Anchor module (TAm) improperly checks code and Cisco IOS XE web UI does not sanitize user input
2019-05-03 2019-05-03 2019-05-22 VU#169249 7.8 PrinterLogic Print Management Software fails to validate SSL certificates or the integrity of software updates.
2019-04-17 2019-04-15 2019-04-23 VU#166939 4.0 Broadcom WiFi chipset drivers contain multiple vulnerabilities
2019-04-12 2019-04-10 2019-06-05 VU#871675 7.0 WPA3 design issues and implementation vulnerabilities in hostapd and wpa_supplicant
2019-04-11 2019-04-10 2019-04-24 VU#192371 4.5 VPN applications insecurely store session cookies
2019-04-08 2019-04-08 2019-04-08 VU#174715 1.6 MyCar Controls uses hard-coded credentials

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.