search menu icon-carat-right cmu-wordmark

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2019-01-04 2018-11-12 2019-01-04 VU#531281 9.7 Microsoft Windows DNS servers are vulnerable to heap overflow
2019-01-04 2018-11-12 2019-01-04 VU#289907 5.0 Microsoft Windows Kernel Transaction Manager (KTM) is vulnerable to a race condition
2018-12-19 2018-12-19 2018-12-21 VU#573168 6.2 Microsoft Internet Explorer scripting engine JScript memory corruption vulnerability
2018-12-20 2018-12-19 2018-12-20 VU#228297 4.3 Microsoft Windows MsiAdvertiseProduct function vulnerable to privilege escalation via race condition
2012-06-27 2012-06-27 2018-12-14 VU#971035 0.5 Simple Certificate Enrollment Protocol (SCEP) does not strongly authenticate certificate requests
2018-09-26 2018-09-18 2018-11-08 VU#581311 5.9 TP-Link EAP Controller lacks RMI authentication and is vulnerable to deserialization attacks
2018-11-01 2018-10-31 2018-11-05 VU#339704 5.5 Cisco ASA and FTD SIP Inspection denial-of-service vulnerability
2018-09-05 2018-09-05 2018-10-23 VU#598349 0 Automatic DNS registration and proxy autodiscovery allow spoofing of network services
2018-10-06 2018-10-06 2018-10-16 VU#176301 0 Auto-Maskin DCU 210E RP 210E and Marine Pro Observer App
2018-08-14 2018-08-14 2018-10-12 VU#641765 6.6 Linux kernel IP fragment re-assembly vulnerable to denial of service
2018-08-06 2018-07-23 2018-09-14 VU#962459 6.4 TCP implementations vulnerable to Denial of Service
2018-08-14 2018-08-10 2018-09-14 VU#787952 6.0 Android and iOS apps contain multiple vulnerabilities
2018-08-28 2018-08-27 2018-09-13 VU#906424 6.4 Microsoft Windows task scheduler contains a local privilege escalation vulnerability in the ALPC interface
2018-08-15 2018-04-14 2018-09-10 VU#982149 5.6 Intel processors are vulnerable to a speculative execution side-channel attack called L1 Terminal Fault (L1TF)
2015-11-13 2015-01-28 2018-08-27 VU#576313 6.4 Apache Commons Collections Java library insecurely deserializes data

Sponsored by the Department of Homeland Security Office of Cybersecurity and Communications.