search menu icon-carat-right cmu-wordmark
ATTENTION: VINCE web interface and API interfaces will be down for maintenance from 1200 EDT on Tuesday, March 19, 2024, until no later than 0900 EDT Wednesday, March 20, 2024.

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2021-07-20 2021-07-20 2021-07-29 VU#506989 Microsoft Windows 10 gives unprivileged user access to system32\config files
2021-07-18 2021-07-18 2021-09-14 VU#131152 Microsoft Windows Print Spooler Point and Print allows installation of arbitrary queue-specific files
2021-06-30 2021-06-30 2021-08-03 VU#383432 Microsoft Windows Print Spooler allows for RCE via AddPrinterDriverEx()
2021-05-25 2021-05-25 2021-05-25 VU#706695 Checkbox Survey insecurely deserializes ASP.NET View State data
2021-05-24 2021-05-24 2021-06-17 VU#667933 Pulse Connect Secure Samba buffer overflow
2021-05-24 2021-05-24 2023-07-13 VU#799380 Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure
2021-04-20 2021-04-20 2021-04-22 VU#567764 MySQL for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
2021-04-20 2021-04-20 2021-05-19 VU#213092 Pulse Connect Secure contains a use-after-free vulnerability
2021-02-18 2021-02-18 2021-02-18 VU#240785 Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs
2021-02-09 2021-02-09 2021-02-09 VU#466044 Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths
2021-02-04 2021-01-26 2021-04-26 VU#794544 Sudo set_cmd() is vulnerable to heap-based buffer overflow
2021-02-01 2021-02-01 2021-02-01 VU#125331 Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs
2021-01-19 2021-01-19 2024-03-04 VU#434904 Dnsmasq is vulnerable to memory corruption and cache poisoning
2020-12-26 2020-12-26 2021-01-28 VU#843464 SolarWinds Orion API authentication bypass allows remote command execution
2020-12-23 2020-12-23 2021-01-06 VU#429301 Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location

Sponsored by CISA.