search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2016-03-26 2016-03-25 2016-03-26 VU#319816 3.8 npm fails to restrict the actions of malicious npm packages
2016-03-24 2016-03-24 2016-03-24 VU#279472 1.4 Granite Data Services AMF framework fails to properly parse XML input containing a reference to external entities
2012-10-24 2012-10-23 2016-03-16 VU#268267 6.1 DomainKeys Identified Mail (DKIM) Verifiers may inappropriately convey message trust
2016-03-01 2016-03-01 2016-03-14 VU#583776 6.5 Network traffic encrypted using RSA-based SSL certificates over SSLv2 may be decrypted by the DROWN attack
2016-03-11 2016-03-10 2016-03-14 VU#713312 2.3 DTE Energy Insight app vulnerable to information exposure
2016-02-17 2016-02-16 2016-03-14 VU#457759 8.1 glibc vulnerable to stack buffer overflow in DNS resolver
2016-01-20 2016-01-12 2016-03-10 VU#772447 2.9 ffmpeg and Libav cross-domain information disclosure vulnerability
2016-03-10 2016-03-10 2016-03-10 VU#270232 1.5 Quagga bgpd with BGP peers enabled for VPNv4 contains a buffer overflow vulnerability
2016-02-29 2016-02-24 2016-03-04 VU#938151 4.6 Forwarding Loop Attacks in Content Delivery Networks may result in denial of service
2016-02-24 2016-02-23 2016-03-01 VU#981271 1.9 Multiple wireless keyboard/mouse devices use an unsafe proprietary wireless protocol
2016-02-25 2016-02-25 2016-02-25 VU#444472 5.6 QNAP Signage Station and iArtist Lite contain multiple vulnerabilities
2016-02-17 2016-02-17 2016-02-19 VU#899080 6.4 Zhuhai Raysharp firmware for DVRs from multiple vendors contains hard-coded credentials
2016-02-17 2016-02-17 2016-02-17 VU#923388 6.2 Swann SRNVW-470 allows unauthorized access to video stream and contains a hard-coded password
2016-02-11 2016-02-11 2016-02-16 VU#327976 5.9 Cisco Adaptive Security Appliance (ASA) IKEv1 and IKEv2 contains a buffer overflow vulnerability
2011-12-28 2011-12-28 2016-02-15 VU#903934 0 Hash table implementations vulnerable to algorithmic complexity attacks

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis