search menu icon-carat-right cmu-wordmark
ATTENTION: VINCE web interface and API interfaces will be down for maintenance from 1200 EDT on Tuesday, March 19, 2024, until no later than 0900 EDT Wednesday, March 20, 2024.

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2022-01-07 2022-01-07 2022-01-09 VU#142629 Silicon Labs Z-Wave chipsets contain multiple vulnerabilities
2022-01-20 2022-01-20 2022-01-20 VU#287178 McAfee Agent for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
2021-12-22 2021-12-22 2022-02-02 VU#692873 Saviynt Enterprise Identity Cloud vulnerable to local user enumeration and authentication bypass
2020-09-15 2020-09-15 2022-02-11 VU#896979 IPTV encoder devices contain multiple vulnerabilities
2022-02-24 2022-02-24 2022-02-24 VU#383864 Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS
2020-06-26 2020-06-26 2022-02-28 VU#576779 Netgear httpd upgrade_check.cgi stack buffer overflow
2022-04-28 2022-04-28 2022-04-28 VU#730007 Tychon is vulnerable to privilege escalation due to OPENSSLDIR location
2022-04-28 2010-10-10 2022-04-29 VU#411271 Qt allows for privilege escalation due to hard-coding of qt_prfxpath value
2022-03-31 2022-03-30 2022-05-19 VU#970766 Spring Framework insecurely handles PropertyDescriptor objects with data binding
2022-06-21 2022-06-21 2022-06-21 VU#142546 SMA Technologies OpCon UNIX agent adds the same SSH key to all installations
2022-01-31 2022-01-31 2022-06-27 VU#119678 Samba vfs_fruit module insecurely handles extended file attributes
2022-08-04 2022-08-04 2022-08-05 VU#495801 muhttpd versions 1.1.5 and earlier are vulnerable to path traversal
2020-06-16 2020-06-16 2022-09-20 VU#257161 Treck IP stacks contain multiple vulnerabilities
2021-08-10 2021-08-10 2022-09-23 VU#608209 NicheStack embedded TCP/IP has vulnerabilities
2022-10-03 2022-10-03 2022-11-10 VU#915563 Microsoft Exchange vulnerable to server-side request forgery and remote code execution.

Sponsored by CISA.