search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

Vulnerability Notes Database

The Vulnerability Notes Database provides information about software vulnerabilities. Vulnerability notes include summaries, technical details, remediation information, and lists of affected vendors. Most vulnerability notes are the result of private coordination and disclosure efforts. For more comprehensive coverage of public vulnerability reports, consider the National Vulnerability Database (NVD). CERT/CC also publishes the Vulnerability Notes Data Archive on GitHub.

Recently Published Vulnerabilities

VU#228297: Microsoft Windows MsiAdvertiseProduct function vulnerable to privilege escalation via race condition

December 20, 2018

VU#741315: Dokan file system driver contains a stack-based buffer overflow

December 20, 2018

VU#573168: Microsoft Internet Explorer scripting engine JScript memory corruption vulnerability

December 19, 2018

VU#756913: Pixars Tractor contains a stored cross-site scripting vulnerability

December 13, 2018

VU#395981: Self-Encrypting Drives Have Multiple Vulnerabilities

November 06, 2018
View More
 Subscribe to our feed

Search

Search over 3,400 vulnerability notes affecting over 2,000 vendors.

Want to report a vulnerability?

The CERT Coordination Center (CERT/CC) prioritizes coordination efforts on vulnerabilities that affect multiple vendors or that impact safety, critical or internet infrastructure, or national security. We also prioritize reports that affect sectors that are new to vulnerability disclosure. We may be able to provide assistance for reports when the coordination process breaks down.

Before reporting a vulnerability to us, we recommend reading our vulnerability disclosure policy and guidance.

Report a Vulnerability

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.

Download PGP/GPG Key

Read CERT/CC Blog

Learn about Vulnerability Analysis