search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2015-02-13 2015-02-04 2015-02-27 VU#695940 2.9 Henry Spencer regular expressions (regex) library contains a heap overflow vulnerability
2015-02-23 2015-02-22 2015-02-26 VU#366544 8.0 Adtrustmedia PrivDog fails to validate SSL certificates
2015-02-13 2015-02-13 2015-02-13 VU#787252 8.5 Microsoft Windows domain-configured client Group Policy fails to authenticate servers
2015-02-05 2014-02-05 2015-02-10 VU#377644 3.2 Ektron Content Management System (CMS) contains multiple vulnerabilities
2015-02-05 2015-02-05 2015-02-06 VU#669156 1.3 Topline Systems Opportunity Form vulnerable to information disclosure
2015-01-05 2014-12-28 2015-02-03 VU#533140 3.8 Tianocore UEFI implementation reclaim function vulnerable to buffer overflow
2014-06-09 2014-05-27 2015-02-03 VU#758382 3.5 Unauthorized modification of UEFI variables in UEFI systems
2015-02-02 2015-02-02 2015-02-02 VU#522460 5.9 SerVision HVG Video Gateway web interface contains multiple vulnerabilities
2015-01-23 2015-01-23 2015-01-29 VU#637068 5.8 LabTech contains privilege escalation vulnerability
2015-01-23 2015-01-23 2015-01-23 VU#546340 2.5 QPR Portal contains multiple vulnerabilities
2014-10-17 2014-10-14 2015-01-21 VU#577193 3.6 POODLE vulnerability in SSL 3.0
2015-01-21 2015-01-21 2015-01-21 VU#110652 5.0 iPass Open Mobile Windows Client contains a remote code execution vulnerability
2015-01-16 2015-01-16 2015-01-21 VU#936356 6.8 Ceragon FiberAir IP-10 Microwave Bridge contains a default root password
2015-01-13 2014-12-11 2015-01-13 VU#117604 1.0 Panasonic Arbitrator Back-End Server (BES) uses unencrypted communication
2014-12-19 2014-12-12 2015-01-07 VU#1680209 0 AppsGeyser generates Android applications that fail to properly validate SSL certificates

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis