The Vulnerability Notes Database provides timely information about software vulnerabilities. Vulnerability notes include summaries, technical details, remediation information, and lists of affected vendors. Many vulnerability notes are the result of private coordination and disclosure efforts.
You can search the Vulnerability Notes Database or browse by several views. Help is available on database fields and customizing search queries. For example, you can search for specific information, such as the ten most recently updated vulnerabilities, a list of vulnerabilities that affect control systems, or a list of vulnerabilities discovered using the Basic Fuzzing Framework (BFF).
To communicate with us about a specific vulnerability, please send email with the appropriate VU# number(s) in the subject line. To protect sensitive, non-public vulnerability information, please encrypt mail to the CERT PGP key.
We appreciate your comments and suggestions.
Recent Vulnerability Notes
- 06 Mar 2014VU#687278Aker Secure Mail Gateway reflected XSS vulnerabilityCVE-2013-6037
- 06 Mar 2014VU#341526Huawei E355 contains a direct request vulnerabilityCVE-2013-6031
- 05 Mar 2014VU#823452Serena Dimensions CM 12.2 Build 7.199.0 web client vulnerabilitiesMultiple CVEs
- 04 Mar 2014VU#600724ZTE F460/F660 cable modems contain an unauthenticated backdoorUnknown
- 03 Mar 2014VU#525132Foscam IP camera authentication bypass vulnerabilityCVE-2014-1911
- 28 Feb 2014VU#526062CMS Made Simple contains multiple cross-site scripting vulnerabilitiesCVE-2014-0334
- 27 Feb 2014VU#534284Synology DiskStation Manager VPN module hard-coded password vulnerabilityUnknown
- 25 Feb 2014VU#684412libpng denial-of-service vulnerabilityCVE-2014-0333
- 28 Feb 2014VU#221620Blue Coat ProxySG local user changes contain a time and state vulnerabilityCVE-2014-2033
- 18 Feb 2014VU#656302Belkin Wemo Home Automation devices contain multiple vulnerabilitiesMultiple CVEs