search
menu
icon-carat-right
cmu-wordmark
×
Home
Notes
Search
Report a Vulnerability
Disclosure Guidance
VINCE
Carnegie Mellon University
Software Engineering Institute
CERT Coordination Center
Home
Notes
Search
Report a Vulnerability
Disclosure Guidance
VINCE
Home
Current:
Notes
CERT/CC Vulnerability Notes Database
Published
Public
Updated
ID
CVSS
Title
2020-06-02
2020-06-01
2020-09-30
VU#636397
IP-in-IP protocol routes arbitrary traffic by default
2020-05-26
2020-05-23
2020-07-09
VU#127371
6.8
iOS, iPadOS, tvOS, watchOS, and macOS contain a double-free vulnerability in the XNU kernel lio_listio() function
2020-05-18
2020-05-18
2020-05-26
VU#534195
0
Bluetooth devices supporting LE and specific BR/EDR implementations are vulnerable to method confusion attacks
2020-05-18
2020-04-14
2021-02-10
VU#647177
4.8
Bluetooth devices supporting BR/EDR are vulnerable to impersonation attacks
2020-05-14
2020-01-28
2020-05-15
VU#366027
7.8
Samsung Qmage codec for Android Skia library does not properly validate image files
2020-04-06
2020-04-06
2020-04-15
VU#660597
0.9
Periscope BuySpeed is vulnerable to stored cross-site scripting
2020-03-30
2020-03-30
2020-03-30
VU#962085
0.9
Versiant LYNX Customer Service Portal is vulnerable to stored cross-site scripting
2020-03-30
2019-04-12
2020-03-30
VU#944837
6.7
Vertiv Avocent UMG-4000 vulnerable to command injection and cross-site scripting vulnerabilities
2020-03-23
2020-03-23
2020-04-14
VU#354840
9.0
Microsoft Windows Type 1 font parsing remote code execution vulnerabilities
2020-03-19
2020-03-19
2020-06-04
VU#425163
0
Machine learning classifiers trained via gradient descent are vulnerable to arbitrary misclassification attack
2020-03-11
2020-03-10
2020-06-04
VU#872016
7.8
Microsoft SMBv3 compression remote code execution vulnerability
2020-03-04
2020-02-02
2020-06-15
VU#782301
7.7
pppd vulnerable to buffer overflow due to a flaw in EAP packet processing
2020-02-24
2020-02-12
2020-02-26
VU#498544
7.1
ZyXEL pre-authentication command injection in weblogin.cgi
2020-02-12
2020-02-12
2020-02-13
VU#597809
2.4
IBM ServeRAID Manager exposes unauthenticated Java Remote Method Invocation (RMI) service
2020-02-05
2020-02-05
2020-07-08
VU#261385
8.3
Cisco Discovery Protocol (CDP) enabled devices are vulnerable to denial-of-service and remote code execution
Previous
1
4
5
6
You're on page
7
8
9
10
240
Next
Sponsored by
CISA.
Download PGP Key
Read CERT/CC Blog
Learn about Vulnerability Analysis