search menu icon-carat-right cmu-wordmark
ATTENTION: VINCE web interface and API interfaces will be down for maintenance from 1200 EDT on Tuesday, March 19, 2024, until no later than 0900 EDT Wednesday, March 20, 2024.

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2022-03-31 2022-03-30 2022-05-19 VU#970766 Spring Framework insecurely handles PropertyDescriptor objects with data binding
2022-02-24 2022-02-24 2022-02-24 VU#383864 Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS
2022-02-22 2022-02-22 2023-02-24 VU#229438 Mobile device monitoring services do not authenticate API requests
2022-02-01 2022-02-01 2023-07-17 VU#796611 InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM
2022-01-31 2022-01-31 2022-06-27 VU#119678 Samba vfs_fruit module insecurely handles extended file attributes
2022-01-20 2022-01-20 2022-01-20 VU#287178 McAfee Agent for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
2022-01-07 2022-01-07 2022-01-09 VU#142629 Silicon Labs Z-Wave chipsets contain multiple vulnerabilities
2021-12-22 2021-12-22 2022-02-02 VU#692873 Saviynt Enterprise Identity Cloud vulnerable to local user enumeration and authentication bypass
2021-12-15 2021-11-29 2024-03-04 VU#930724 Apache Log4j allows insecure JNDI lookups
2021-11-09 2021-11-09 2021-11-09 VU#999008 Compilers permit Unicode control and homoglyph characters
2021-10-04 2021-10-04 2021-10-05 VU#883754 Salesforce DX command line interface (CLI) does not adequately protect sfdxurl credentials
2021-08-10 2021-08-10 2022-09-23 VU#608209 NicheStack embedded TCP/IP has vulnerabilities
2021-08-06 2021-08-06 2021-08-12 VU#357312 HTTP Request Smuggling in Web Proxies
2021-08-02 2021-08-02 2021-10-05 VU#405600 Microsoft Windows Active Directory Certificate Services can allow for AD compromise via PetitPotam NTLM relay attacks
2021-07-20 2021-07-20 2021-10-07 VU#914124 Arcadyan-based routers and modems vulnerable to authentication bypass

Sponsored by CISA.