The Vulnerability Notes Database provides timely information about software vulnerabilities. Vulnerability notes include summaries, technical details, remediation information, and lists of affected vendors. Many vulnerability notes are the result of private coordination and disclosure efforts.
You can search the Vulnerability Notes Database or browse by several views. Help is available on database fields and customizing search queries. For example, you can search for specific information, such as the ten most recently updated vulnerabilities, a list of vulnerabilities that affect control systems, or a list of vulnerabilities discovered using the Basic Fuzzing Framework (BFF).
To communicate with us about a specific vulnerability, please send email with the appropriate VU# number(s) in the subject line. To protect sensitive, non-public vulnerability information, please encrypt mail to the CERT PGP key.
We appreciate your comments and suggestions.
Recent Vulnerability Notes
- 07 Aug 2014VU#578598Iridium Pilot and OpenPort contain multiple vulnerabilitiesMultiple CVEs
- 07 Aug 2014VU#882207Cobham Aviator satellite terminals contain multiple vulnerabilitiesMultiple CVEs
- 07 Aug 2014VU#269991Cobham Sailor 6000 series satellite terminal contain hardcoded credentialsCVE-2014-2941
- 07 Aug 2014VU#460687Cobham Sailor satellite terminals contain hardcoded credentialsCVE-2014-2940
- 07 Aug 2014VU#179732Cobham thraneLINK improper verification of firmware updates vulnerabilityCVE-2014-0328
- 07 Aug 2014VU#602006Cobham SATCOM products' web interface contains a weak password recovery vulnerabilityCVE-2013-7180
- 07 Aug 2014VU#552286UEFI EDK2 Capsule Update vulnerabilitiesMultiple CVEs
- 04 Aug 2014VU#252068Symantec Endpoint Protection Client contains a kernel pool overflow vulnerabilityCVE-2014-3434
- 28 Jul 2014VU#867980Silver Peak VX is vulnerable to cross-site request forgery and cross-site scriptingMultiple CVEs
- 25 Jul 2014VU#394540Sabre AirCentre Crew solutions contain a SQL injection vulnerabilityCVE-2014-4858