search
menu
icon-carat-right
cmu-wordmark
×
Home
Notes
Search
Report a Vulnerability
Disclosure Guidance
VINCE
Carnegie Mellon University
ATTENTION: VINCE web interface and API interfaces will be down for maintenance from 1200 EDT on Tuesday, March 19, 2024, until no later than 0900 EDT Wednesday, March 20, 2024.
Software Engineering Institute
CERT Coordination Center
Home
Notes
Search
Report a Vulnerability
Disclosure Guidance
VINCE
Home
Current:
Notes
CERT/CC Vulnerability Notes Database
Published
Public
Updated
ID
CVSS
Title
2022-03-31
2022-03-30
2022-05-19
VU#970766
Spring Framework insecurely handles PropertyDescriptor objects with data binding
2022-02-24
2022-02-24
2022-02-24
VU#383864
Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS
2022-02-22
2022-02-22
2023-02-24
VU#229438
Mobile device monitoring services do not authenticate API requests
2022-02-01
2022-02-01
2023-07-17
VU#796611
InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM
2022-01-31
2022-01-31
2022-06-27
VU#119678
Samba vfs_fruit module insecurely handles extended file attributes
2022-01-20
2022-01-20
2022-01-20
VU#287178
McAfee Agent for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
2022-01-07
2022-01-07
2022-01-09
VU#142629
Silicon Labs Z-Wave chipsets contain multiple vulnerabilities
2021-12-22
2021-12-22
2022-02-02
VU#692873
Saviynt Enterprise Identity Cloud vulnerable to local user enumeration and authentication bypass
2021-12-15
2021-11-29
2024-03-04
VU#930724
Apache Log4j allows insecure JNDI lookups
2021-11-09
2021-11-09
2021-11-09
VU#999008
Compilers permit Unicode control and homoglyph characters
2021-10-04
2021-10-04
2021-10-05
VU#883754
Salesforce DX command line interface (CLI) does not adequately protect sfdxurl credentials
2021-08-10
2021-08-10
2022-09-23
VU#608209
NicheStack embedded TCP/IP has vulnerabilities
2021-08-06
2021-08-06
2021-08-12
VU#357312
HTTP Request Smuggling in Web Proxies
2021-08-02
2021-08-02
2021-10-05
VU#405600
Microsoft Windows Active Directory Certificate Services can allow for AD compromise via PetitPotam NTLM relay attacks
2021-07-20
2021-07-20
2021-10-07
VU#914124
Arcadyan-based routers and modems vulnerable to authentication bypass
Previous
1
2
You're on page
3
4
5
6
239
Next
Sponsored by
CISA.
Download PGP Key
Read CERT/CC Blog
Learn about Vulnerability Analysis