The Vulnerability Notes Database provides timely information about software vulnerabilities. Vulnerability notes include summaries, technical details, remediation information, and lists of affected vendors. Many vulnerability notes are the result of private coordination and disclosure efforts.
You can search the Vulnerability Notes Database or browse by several views. Help is available on database fields and customizing search queries. For example, you can search for specific information, such as the ten most recently updated vulnerabilities, a list of vulnerabilities that affect control systems, or a list of vulnerabilities discovered using the Basic Fuzzing Framework (BFF).
To communicate with us about a specific vulnerability, please send email with the appropriate VU# number(s) in the subject line. To protect sensitive, non-public vulnerability information, please encrypt mail to the CERT PGP key.
We appreciate your comments and suggestions.
Recent Vulnerability Notes
- 23 Oct 2014VU#184540Incorrect implementation of NAT-PMP in multiple devicesUnknown
- 17 Oct 2014VU#577193POODLE vulnerability in SSL 3.0CVE-2014-3566
- 17 Oct 2014VU#298796Centreon contains multiple vulnerabilitiesMultiple CVEs
- 08 Oct 2014VU#573356IBM WebSphere Application Server contains multiple vulnerabilitiesMultiple CVEs
- 07 Oct 2014VU#121036BMC Track-It! contains multiple vulnerabilitiesMultiple CVEs
- 07 Oct 2014VU#280844Cryoserver Security Appliance vulnerable to privilege escalationCVE-2014-4867
- 06 Oct 2014VU#251276Rejetto HTTP File Server (HFS) search feature fails to handle null bytesCVE-2014-6287
- 06 Oct 2014VU#941108NetCommWireless NB604N ADSL2+ Wireless N300 Modem Router contains a stored cross-site scripting vulnerabilityCVE-2014-4871
- 03 Oct 2014VU#125228HP System Management Homepage vulnerable to cross-site scriptingCVE-2014-2640
- 03 Oct 2014VU#111588Brocade Vyatta 5400 vRouter contains multiple vulnerabilitiesMultiple CVEs