search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2022-08-11 2022-08-11 2022-08-11 VU#309662 Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass
2022-08-04 2022-08-04 2022-08-05 VU#495801 muhttpd versions 1.1.5 and earlier are vulnerable to path traversal
2022-06-21 2022-06-21 2022-06-21 VU#142546 SMA Technologies OpCon UNIX agent adds the same SSH key to all installations
2022-05-09 2022-05-02 2022-07-12 VU#473698 uClibc, uClibc-ng libraries have monotonically increasing DNS transaction ID
2022-04-28 2022-04-28 2022-04-28 VU#730007 Tychon is vulnerable to privilege escalation due to OPENSSLDIR location
2022-04-28 2010-10-10 2022-04-29 VU#411271 Qt allows for privilege escalation due to hard-coding of qt_prfxpath value
2022-03-31 2022-03-30 2022-05-19 VU#970766 Spring Framework insecurely handles PropertyDescriptor objects with data binding
2022-02-24 2022-02-24 2022-02-24 VU#383864 Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS
2022-02-22 2022-02-22 2022-02-24 VU#229438 Mobile device monitoring services do not authenticate API requests
2022-02-01 2022-02-01 2022-04-26 VU#796611 InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM
2022-01-31 2022-01-31 2022-06-27 VU#119678 Samba vfs_fruit module insecurely handles extended file attributes
2022-01-20 2022-01-20 2022-01-20 VU#287178 McAfee Agent for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
2022-01-07 2022-01-07 2022-01-09 VU#142629 Silicon Labs Z-Wave chipsets contain multiple vulnerabilities
2021-12-22 2021-12-22 2022-02-02 VU#692873 Saviynt Enterprise Identity Cloud vulnerable to local user enumeration and authentication bypass
2021-12-15 2021-12-15 2022-02-07 VU#930724 Apache Log4j allows insecure JNDI lookups

Sponsored by CISA.