CERT Vulnerability Notes Database

Published	Public	Updated	ID	CVSS	Title
2024-07-09	2024-07-09	2024-07-10	VU#312260		Use-after-free vulnerability in lighttpd version 1.4.50 and earlier
2018-08-14	2018-08-14	2024-07-15	VU#857035	7.9	IKEv1 Main Mode vulnerable to brute force attacks
2024-04-03	2024-04-03	2024-07-19	VU#421644		HTTP/2 CONTINUATION frames can be utilized for DoS attacks
2024-07-30	2024-07-30	2024-08-06	VU#244112		Multiple SMTP services are susceptible to spoofing attacks due to insufficient enforcement
2021-01-19	2021-01-19	2024-08-19	VU#434904		Dnsmasq is vulnerable to memory corruption and cache poisoning
2024-04-30	2024-04-30	2024-08-23	VU#163057		BMC software fails to validate IPMI session.
2024-08-30	2024-07-25	2024-08-30	VU#455367		Insecure Platform Key (PK) used in UEFI system firmware signature
2024-09-19	2024-09-19	2024-09-19	VU#138043		A stack-based overflow vulnerability exists in the Microchip Advanced Software Framework (ASF) implementation of the tinydhcp server
2024-04-09	2024-04-09	2024-10-02	VU#155143		Linux kernel on Intel systems is susceptible to Spectre v2 attacks
2024-03-19	2024-03-19	2024-10-03	VU#417980		Implementations of UDP-based application protocols are vulnerable to network loops
2024-01-16	2024-01-16	2024-10-09	VU#132380		Vulnerabilities in EDK2 NetworkPkg IP stack implementation.
2024-07-09	2024-07-09	2024-10-15	VU#456537		RADIUS protocol susceptible to forgery attacks.
2024-10-23	2024-08-19	2024-10-23	VU#123336		Vulnerable WiFi Alliance example code found in Arcadyan FMIMG51AX000J

Software Engineering Institute