search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2015-11-24 2015-11-23 2015-12-01 VU#870761 6.5 Dell Foundation Services installs root certificate and private key (eDellRoot)
2016-11-30 2016-11-29 2016-12-02 VU#791496 6.5 Mozilla Firefox SVG animation nsSMILTimeContainer use-after-free vulnerability
2017-09-13 2017-09-12 2017-09-16 VU#101048 6.5 Microsoft .NET framework SOAP Moniker PrintClientProxy remote code execution vulnerability
2016-03-01 2016-03-01 2016-03-14 VU#583776 6.5 Network traffic encrypted using RSA-based SSL certificates over SSLv2 may be decrypted by the DROWN attack
2012-11-05 2012-11-05 2012-11-06 VU#662243 6.5 Sophos Antivirus contains multiple vulnerabilities
2004-06-09 2004-06-03 2012-07-23 VU#713878 6.5 Microsoft Internet Explorer does not properly validate source of redirected frame
2016-10-04 2016-10-04 2016-10-11 VU#884840 6.5 Animas OneTouch Ping insulin pump contains multiple vulnerabilities
2008-04-29 2008-04-17 2016-04-21 VU#643049 6.5 Motorola Surfboard cable modem cross-site request forgery vulnerability
2014-04-08 2014-04-07 2016-05-13 VU#720951 6.5 OpenSSL TLS heartbeat extension read overflow discloses sensitive information
2015-08-17 2015-07-31 2015-08-17 VU#300820 6.4 Cisco Prime Infrastructure contains SUID root binaries
2017-04-17 2017-04-14 2017-04-27 VU#676632 6.4 IBM Lotus Domino server mailbox name stack buffer overflow
2015-09-30 2015-09-30 2015-09-30 VU#693036 6.4 Datalex airline booking software allowed authorization bypass for arbitrary users
2015-03-06 2015-03-06 2015-10-27 VU#243585 6.4 SSL/TLS implementations accept export-grade RSA keys (FREAK attack)
2016-06-02 2016-06-02 2016-06-06 VU#321640 6.4 NTP.org ntpd is vulnerable to denial of service and other vulnerabilities
2018-08-28 2018-08-27 2018-09-13 VU#906424 6.4 Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis