search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2016-02-02 2016-02-02 2016-02-02 VU#719736 4.4 Fisher-Price Smart Toy platform allows some unauthenticated web API commands
2016-02-02 2016-02-02 2016-02-02 VU#544527 2.1 OpenELEC and RasPlex have a hard-coded SSH root password
2016-02-03 2016-02-03 2016-02-04 VU#777024 5.6 Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities
2016-02-04 2016-02-04 2016-02-08 VU#305096 1.6 Comodo Chromodo browser with Ad Sanitizer does not enforce same origin policy and is based on an outdated version of Chromium
2011-12-28 2011-12-28 2016-02-15 VU#903934 0 Hash table implementations vulnerable to algorithmic complexity attacks
2016-02-11 2016-02-11 2016-02-16 VU#327976 5.9 Cisco Adaptive Security Appliance (ASA) IKEv1 and IKEv2 contains a buffer overflow vulnerability
2016-02-17 2016-02-17 2016-02-17 VU#923388 6.2 Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password
2016-02-17 2016-02-17 2016-02-19 VU#899080 6.4 Zhuhai Raysharp firmware for DVRs from multiple vendors contains hard-coded credentials
2016-02-25 2016-02-25 2016-02-25 VU#444472 5.6 QNAP Signage Station and iArtist Lite contain multiple vulnerabilities
2016-02-24 2016-02-23 2016-03-01 VU#981271 1.9 Multiple wireless keyboard/mouse devices use an unsafe proprietary wireless protocol
2016-02-29 2016-02-24 2016-03-04 VU#938151 4.6 Forwarding Loop Attacks in Content Delivery Networks may result in denial of service
2016-03-10 2016-03-10 2016-03-10 VU#270232 1.5 Quagga bgpd with BGP peers enabled for VPNv4 contains a buffer overflow vulnerability
2016-01-20 2016-01-12 2016-03-10 VU#772447 2.9 ffmpeg and Libav cross-domain information disclosure vulnerability
2016-02-17 2016-02-16 2016-03-14 VU#457759 8.1 glibc vulnerable to stack buffer overflow in DNS resolver
2016-03-11 2016-03-10 2016-03-14 VU#713312 2.3 DTE Energy Insight app vulnerable to information exposure

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis