search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2020-01-31 2020-01-28 2020-03-09 VU#390745 10.0 OpenSMTPD vulnerable to local privilege escalation and remote code execution
2019-01-04 2018-11-12 2019-01-04 VU#531281 9.7 Microsoft Windows DNS servers are vulnerable to heap overflow
2014-09-25 2014-09-24 2015-04-14 VU#252743 9.6 GNU Bash shell executes commands in exported functions in environment variables
2013-01-10 2013-01-10 2013-06-12 VU#625617 9.5 Java 7 fails to restrict access to privileged code
2012-08-27 2012-08-26 2013-01-16 VU#636312 9.5 Oracle Java JRE 1.7 Expression.execute() and SunToolkit.getField() fail to restrict access to privileged code
2014-04-27 2014-04-26 2014-05-07 VU#222929 9.5 Microsoft Internet Explorer CMarkup use-after-free vulnerability
2010-08-02 2010-08-02 2020-09-02 VU#362332 9.5 Wind River Systems VxWorks debug service enabled by default
2014-02-14 2014-02-13 2014-02-20 VU#732479 9.5 Internet Explorer CMarkup use-after-free vulnerability
2010-08-02 2010-08-02 2014-06-02 VU#840249 9.5 Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
2020-01-14 2020-01-14 2020-01-15 VU#849224 9.4 Microsoft Windows CryptoAPI fails to properly validate ECC certificate chains
2013-03-05 2013-03-04 2013-06-14 VU#688246 9.4 Oracle Java contains multiple vulnerabilities
2011-12-27 2011-12-27 2012-05-10 VU#723755 9.3 WiFi Protected Setup (WPS) PIN brute force vulnerability
2014-08-07 2014-08-07 2014-09-12 VU#578598 9.2 Iridium Pilot and OpenPort contain multiple vulnerabilities
2020-03-23 2020-03-23 2020-04-14 VU#354840 9.0 Microsoft Windows Type 1 font parsing remote code execution vulnerabilities
2012-05-16 2012-05-16 2012-05-16 VU#859230 9 HP Business Service Management 9.12 remote code execution vulnerability

Sponsored by CISA.