search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2018-08-21 2018-02-21 2019-03-13 VU#332928 6.8 Ghostscript contains multiple -dSAFER sandbox bypass vulnerabilities
2018-08-15 2018-04-14 2018-09-10 VU#982149 5.6 Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)
2018-08-14 2018-08-10 2018-09-14 VU#787952 6.0 Android and iOS apps contain multiple vulnerabilities
2018-08-14 2018-08-14 2018-08-17 VU#857035 7.9 IKEv1 Main Mode vulnerable to brute force attacks
2018-08-14 2018-08-14 2018-10-12 VU#641765 6.6 Linux kernel IP fragment re-assembly vulnerable to denial of service
2018-08-06 2018-07-23 2018-09-14 VU#962459 6.4 TCP implementations vulnerable to Denial of Service
2018-08-03 2013-06-09 2018-08-03 VU#307144 0 mingw-w64 by default produces executables that opt in to ASLR, but are not compatible with ASLR
2018-07-23 2018-07-23 2018-08-17 VU#304725 5.7 Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
2018-05-23 2018-05-22 2018-06-13 VU#338343 3.9 strongSwan VPN charon server vulnerable to buffer underflow
2018-05-21 2018-05-21 2018-06-19 VU#180049 3.4 CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks
2018-05-14 2018-05-14 2018-05-15 VU#122919 0 OpenPGP and S/MIME mail client vulnerabilities
2018-05-08 2018-05-08 2019-07-11 VU#631579 5.3 Hardware debug exception documentation may result in unexpected behavior
2018-05-03 2018-05-03 2018-05-03 VU#283803 2.7 Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")
2018-04-10 2018-04-10 2019-01-10 VU#974272 4.1 Microsoft Outlook retrieves remote OLE content without prompting
2018-03-29 2018-03-27 2018-04-24 VU#277400 5.9 Windows 7 and Windows Server 2008 R2 x64 fail to protect kernel memory when the Microsoft update for meltdown is installed

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.