search
menu
icon-carat-right
cmu-wordmark
×
Home
Notes
Search
Report a Vulnerability
Disclosure Guidance
VINCE
Carnegie Mellon University
Software Engineering Institute
CERT Coordination Center
Home
Notes
Search
Report a Vulnerability
Disclosure Guidance
VINCE
Home
Current:
Notes
CERT/CC Vulnerability Notes Database
Published
Public
Updated
ID
CVSS
Title
2023-01-17
2023-01-17
2023-01-17
VU#986018
New Netcomm router models NF20MESH, NF20, and NL1902 vulnerabilities
2022-11-16
2022-01-10
2023-04-04
VU#709991
Netatalk contains multiple error and memory management vulnerabilities
2022-11-08
2022-11-08
2024-05-06
VU#434994
Multiple race conditions due to TOCTOU flaws in various UEFI Implementations
2022-11-01
2022-11-01
2024-03-08
VU#794340
OpenSSL 3.0.0 to 3.0.6 decodes some punycode email addresses in X.509 certificates improperly
2022-10-07
2022-10-07
2023-07-13
VU#730793
Heimdal Kerberos vulnerable to remotely triggered NULL pointer dereference
2022-10-03
2022-10-03
2022-11-10
VU#915563
Microsoft Exchange vulnerable to server-side request forgery and remote code execution.
2022-09-27
2022-09-27
2023-06-14
VU#855201
L2 network security controls can be bypassed using VLAN 0 stacking and/or 802.3 headers
2022-08-11
2022-08-11
2024-03-04
VU#309662
Signed third party UEFI bootloaders are vulnerable to Secure Boot bypass
2022-08-04
2022-08-04
2022-08-05
VU#495801
muhttpd versions 1.1.5 and earlier are vulnerable to path traversal
2022-06-21
2022-06-21
2022-06-21
VU#142546
SMA Technologies OpCon UNIX agent adds the same SSH key to all installations
2022-05-09
2022-05-02
2023-04-04
VU#473698
uClibc, uClibc-ng libraries have monotonically increasing DNS transaction ID
2022-04-28
2022-04-28
2022-04-28
VU#730007
Tychon is vulnerable to privilege escalation due to OPENSSLDIR location
2022-04-28
2010-10-10
2022-04-29
VU#411271
Qt allows for privilege escalation due to hard-coding of qt_prfxpath value
2022-03-31
2022-03-30
2022-05-19
VU#970766
Spring Framework insecurely handles PropertyDescriptor objects with data binding
2022-02-24
2022-02-24
2022-02-24
VU#383864
Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS
Previous
1
2
You're on page
3
4
5
6
240
Next
Sponsored by
CISA.
Download PGP Key
Read CERT/CC Blog
Learn about Vulnerability Analysis