search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2022-05-09 2022-05-02 2023-04-04 VU#473698 uClibc, uClibc-ng libraries have monotonically increasing DNS transaction ID
2022-02-22 2022-02-22 2023-02-24 VU#229438 Mobile device monitoring services do not authenticate API requests
2022-11-08 2022-11-08 2023-01-25 VU#434994 Multiple race conditions due to TOCTOU flaws in various UEFI Implementations
2023-01-17 2023-01-17 2023-01-23 VU#572615 Vulnerabilities in TP-Link routers, WR710N-V1-151022 and Archer C5 V2
2023-01-17 2023-01-17 2023-01-17 VU#986018 New Netcomm router models NF20MESH, NF20, and NL1902 vulnerabilities
2022-10-03 2022-10-03 2022-11-10 VU#915563 Microsoft Exchange vulnerable to server-side request forgery and remote code execution.
2021-08-10 2021-08-10 2022-09-23 VU#608209 NicheStack embedded TCP/IP has vulnerabilities
2020-06-16 2020-06-16 2022-09-20 VU#257161 Treck IP stacks contain multiple vulnerabilities
2022-08-04 2022-08-04 2022-08-05 VU#495801 muhttpd versions 1.1.5 and earlier are vulnerable to path traversal
2022-01-31 2022-01-31 2022-06-27 VU#119678 Samba vfs_fruit module insecurely handles extended file attributes
2022-06-21 2022-06-21 2022-06-21 VU#142546 SMA Technologies OpCon UNIX agent adds the same SSH key to all installations
2022-03-31 2022-03-30 2022-05-19 VU#970766 Spring Framework insecurely handles PropertyDescriptor objects with data binding
2022-04-28 2010-10-10 2022-04-29 VU#411271 Qt allows for privilege escalation due to hard-coding of qt_prfxpath value
2022-04-28 2022-04-28 2022-04-28 VU#730007 Tychon is vulnerable to privilege escalation due to OPENSSLDIR location
2020-06-26 2020-06-26 2022-02-28 VU#576779 Netgear httpd upgrade_check.cgi stack buffer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis