search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database

Published Public Updated ID CVSS Title
2021-10-04 2021-10-04 2021-10-05 VU#883754 Salesforce DX command line interface (CLI) does not adequately protect sfdxurl credentials
2021-08-10 2021-08-10 2022-09-23 VU#608209 NicheStack embedded TCP/IP has vulnerabilities
2021-08-06 2021-08-06 2021-08-12 VU#357312 HTTP Request Smuggling in Web Proxies
2021-08-02 2021-08-02 2021-10-05 VU#405600 Microsoft Windows Active Directory Certificate Services can allow for AD compromise via PetitPotam NTLM relay attacks
2021-07-20 2021-07-20 2021-10-07 VU#914124 Arcadyan-based routers and modems vulnerable to authentication bypass
2021-07-20 2021-07-20 2021-07-29 VU#506989 Microsoft Windows 10 gives unprivileged user access to system32\config files
2021-07-18 2021-07-18 2021-09-14 VU#131152 Microsoft Windows Print Spooler Point and Print allows installation of arbitrary queue-specific files
2021-06-30 2021-06-30 2021-08-03 VU#383432 Microsoft Windows Print Spooler allows for RCE via AddPrinterDriverEx()
2021-05-25 2021-05-25 2021-05-25 VU#706695 Checkbox Survey insecurely deserializes ASP.NET View State data
2021-05-24 2021-05-24 2021-06-17 VU#667933 Pulse Connect Secure Samba buffer overflow
2021-05-24 2021-05-24 2023-07-13 VU#799380 Devices supporting Bluetooth Core and Mesh Specifications are vulnerable to impersonation attacks and AuthValue disclosure
2021-04-20 2021-04-20 2021-04-22 VU#567764 MySQL for Windows is vulnerable to privilege escalation due to OPENSSLDIR location
2021-04-20 2021-04-20 2021-05-19 VU#213092 Pulse Connect Secure contains a use-after-free vulnerability
2021-02-18 2021-02-18 2021-02-18 VU#240785 Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs
2021-02-09 2021-02-09 2021-02-09 VU#466044 Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths

Sponsored by CISA.