search menu icon-carat-right cmu-wordmark

CERT Coordination Center


CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2014-09-25 2014-09-24 2015-04-14 VU#252743 9.6 GNU Bash shell executes commands in exported functions in environment variables
2014-04-27 2014-04-26 2014-05-07 VU#222929 9.5 Microsoft Internet Explorer CMarkup use-after-free vulnerability
2014-02-14 2014-02-13 2014-02-20 VU#732479 9.5 Internet Explorer CMarkup use-after-free vulnerability
2010-08-02 2010-08-02 2014-06-02 VU#362332 9.5 Wind River Systems VxWorks debug service enabled by default
2012-08-27 2012-08-26 2013-01-16 VU#636312 9.5 Oracle Java JRE 1.7 Expression.execute() and SunToolkit.getField() fail to restrict access to privileged code
2013-01-10 2013-01-10 2013-06-12 VU#625617 9.5 Java 7 fails to restrict access to privileged code
2010-08-02 2010-08-02 2014-06-02 VU#840249 9.5 Wind River Systems VxWorks weak default hashing algorithm in standard authentication API (loginLib)
2013-03-05 2013-03-04 2013-06-14 VU#688246 9.4 Oracle Java contains multiple vulnerabilities
2011-12-27 2011-12-27 2012-05-10 VU#723755 9.3 WiFi Protected Setup (WPS) PIN brute force vulnerability
2014-08-07 2014-08-07 2014-09-12 VU#578598 9.2 Iridium Pilot and OpenPort contain multiple vulnerabilities
2012-12-29 2012-12-28 2013-01-14 VU#154201 9 Microsoft Internet Explorer CButton use-after-free vulnerability
2012-05-16 2012-05-16 2012-05-16 VU#859230 9 HP Business Service Management 9.12 remote code execution vulnerability
2014-11-13 2014-11-11 2014-11-17 VU#505120 9 Microsoft Secure Channel (Schannel) vulnerable to remote code execution via specially crafted packets
2014-09-24 2014-09-24 2014-09-24 VU#772676 8.7 Mozilla Network Security Services (NSS) fails to properly verify RSA signatures
2018-03-27 2018-02-07 2018-03-27 VU#184077 8.7 Navarino Infinity web interface is affected by multiple vulnerabilities.

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.