search
menu
icon-carat-right
cmu-wordmark
×
Home
Notes
Search
Report a Vulnerability
Disclosure Guidance
VINCE
Carnegie Mellon University
Software Engineering Institute
CERT Coordination Center
Home
Notes
Search
Report a Vulnerability
Disclosure Guidance
VINCE
Home
Current:
Notes
CERT/CC Vulnerability Notes Database
Published
Public
Updated
ID
CVSS
Title
2018-08-06
2018-07-23
2018-09-14
VU#962459
6.4
TCP implementations vulnerable to Denial of Service
2018-08-14
2018-08-10
2018-09-14
VU#787952
6.0
Android and iOS apps contain multiple vulnerabilities
2018-08-28
2018-08-27
2018-09-13
VU#906424
6.4
Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface
2018-08-15
2018-04-14
2018-09-10
VU#982149
5.6
Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)
2015-11-13
2015-01-28
2018-08-27
VU#576313
6.4
Apache Commons Collections Java library insecurely deserializes data
2018-07-23
2018-07-23
2018-08-17
VU#304725
5.7
Bluetooth implementations may not sufficiently validate elliptic curve parameters during Diffie-Hellman key exchange
2018-08-14
2018-08-14
2018-08-17
VU#857035
7.9
IKEv1 Main Mode vulnerable to brute force attacks
2018-08-03
2013-06-09
2018-08-03
VU#307144
0
mingw-w64 by default produces executables that opt in to ASLR, but are not compatible with ASLR
2018-05-21
2018-05-21
2018-06-19
VU#180049
3.4
CPU hardware utilizing speculative execution may be vulnerable to cache side-channel attacks
2018-05-23
2018-05-22
2018-06-13
VU#338343
3.9
strongSwan VPN charon server vulnerable to buffer underflow
2018-02-27
2018-02-27
2018-06-05
VU#475445
4.9
Multiple SAML libraries may allow authentication bypass via incorrect XML canonicalization and DOM traversal
2018-05-14
2018-05-14
2018-05-15
VU#122919
0
OpenPGP and S/MIME mail client vulnerabilities
2018-03-29
2018-03-27
2018-04-24
VU#277400
5.9
Windows 7 and Windows Server 2008 R2 x64 fail to protect kernel memory when the Microsoft update for meltdown is installed
2017-12-12
2017-12-12
2018-04-09
VU#144389
4.2
TLS implementations may disclose side channel information via discrepancies between valid and invalid PKCS#1 padding
2016-08-15
2016-08-15
2018-04-04
VU#905344
3.4
HTTP CONNECT and 407 Proxy Authentication Required messages are not integrity protected
Previous
1
8
9
10
You're on page
11
12
13
14
240
Next
Sponsored by
CISA.
Download PGP Key
Read CERT/CC Blog
Learn about Vulnerability Analysis