search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2021-11-09 2021-11-09 2021-11-09 VU#999008 Compilers permit Unicode control and homoglyph characters
2021-05-24 2021-05-24 2021-12-09 VU#799380 Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure
2018-05-03 2018-05-03 2022-01-07 VU#283803 2.7 Integrated GPUs may allow side-channel and rowhammer attacks using WebGL ("Glitch")
2018-01-04 2018-01-03 2022-01-07 VU#584653 5.1 CPU hardware vulnerable to side-channel attacks
2022-01-07 2022-01-07 2022-01-09 VU#142629 Silicon Labs Z-Wave chipsets contain multiple vulnerabilities
2022-01-20 2022-01-20 2022-01-20 VU#287178 McAfee Agent for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
2021-12-22 2021-12-22 2022-02-02 VU#692873 Saviynt Enterprise Identity Cloud vulnerable to local user enumeration and authentication bypass
2021-12-15 2021-12-15 2022-02-07 VU#930724 Apache Log4j allows insecure JNDI lookups
2020-09-15 2020-09-15 2022-02-11 VU#896979 IPTV encoder devices contain multiple vulnerabilities
2022-02-24 2022-02-24 2022-02-24 VU#383864 Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS
2022-02-22 2022-02-22 2022-02-24 VU#229438 Mobile device monitoring services do not authenticate API requests
2020-06-26 2020-06-26 2022-02-28 VU#576779 Netgear httpd upgrade_check.cgi stack buffer overflow
2022-01-31 2022-01-31 2022-03-25 VU#119678 Samba vfs_fruit module insecurely handles extended file attributes
2022-02-01 2022-02-01 2022-04-26 VU#796611 InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM
2022-04-28 2022-04-28 2022-04-28 VU#730007 Tychon is vulnerable to privilege escalation due to OPENSSLDIR location

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis