search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2016-04-22 2016-04-22 2016-04-22 VU#822980 7.1 SysLINK M2M Modular Gateway contains multiple vulnerabilities
2016-04-22 2016-04-18 2016-04-22 VU#267328 6.3 HP Data Protector does not perform authentication and contains an embedded SSL private key
2008-04-29 2008-04-17 2016-04-21 VU#643049 6.5 Motorola Surfboard cable modem cross-site request forgery vulnerability
2016-04-07 2016-04-07 2016-04-20 VU#615456 6.7 Lemur Vehicle Monitors BlueDriver LSB2 does not authenticate users for Bluetooth access
2016-03-17 2016-03-17 2016-04-18 VU#897144 4.4 Solarwinds Dameware Remote Mini Controller Windows service is vulnerable to stack buffer overflow
2015-08-31 2015-08-31 2016-04-17 VU#525276 4.7 Philippine Long Distance Telephone SpeedSurf 504AN and Kasda KW58293 contain multiple vulnerabilities
2016-04-12 2016-04-12 2016-04-14 VU#813296 6.9 Microsoft Windows and Samba may allow spoofing of authenticated users ("Badlock")
2016-02-22 2016-02-22 2016-04-04 VU#485744 5.9 Flexera Software FlexNet Publisher lmgrd contains a buffer overflow vulnerability
2016-03-30 2016-02-15 2016-03-30 VU#344432 2.4 Patterson Dental Eaglesoft uses a hard-coded database password across installations
2016-03-28 2016-03-28 2016-03-28 VU#732760 1.8 Autodesk Backburner Manager contains a stack-based buffer overflow vulnerability
2016-03-26 2016-03-25 2016-03-26 VU#319816 3.8 npm fails to restrict the actions of malicious npm packages
2016-03-24 2016-03-24 2016-03-24 VU#279472 1.4 Granite Data Services AMF framework fails to properly parse XML input containing a reference to external entities
2012-10-24 2012-10-23 2016-03-16 VU#268267 6.1 DomainKeys Identified Mail (DKIM) Verifiers may inappropriately convey message trust
2016-03-01 2016-03-01 2016-03-14 VU#583776 6.5 Network traffic encrypted using RSA-based SSL certificates over SSLv2 may be decrypted by the DROWN attack
2016-03-11 2016-03-10 2016-03-14 VU#713312 2.3 DTE Energy Insight app vulnerable to information exposure

Sponsored by CISA.