search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2015-11-20 2015-11-20 2015-11-23 VU#419568 6.7 ARRIS cable modems generate passwords deterministically and contain XSS and CSRF vulnerabilities
2015-11-23 2015-11-23 2015-11-23 VU#428280 2.0 CSL DualCom GPRS CS2300-R alarm signalling boards contain multiple vulnerabilties
2015-10-27 2015-10-27 2015-11-19 VU#672500 4.1 EPSON Network Utility installs EpsonBidirectionalService with insecure permissions
2015-11-06 2015-11-06 2015-11-09 VU#438928 2.0 Huawei HG532 routers contain a path traversal vulnerability
2015-11-03 2015-11-03 2015-11-06 VU#866432 2.1 Commvault Edge Server deserializes cookie data insecurely
2015-11-03 2015-11-03 2015-11-04 VU#391604 5.9 ZTE ZXHN H108N R1A routers contain multiple vulnerabilities
2015-10-27 2015-10-19 2015-11-03 VU#350508 4.6 HP ArcSight SmartConnector fails to properly validate SSL and contains a hard-coded password
2015-11-02 2015-10-31 2015-11-02 VU#316888 4.4 MobaXterm server may allow arbitrary command injection due to missing X11 authentication
2015-10-29 2015-10-29 2015-10-29 VU#573848 5.1 Qolsys IQ Panel contains multiple vulnerabilities
2015-10-13 2015-10-13 2015-10-29 VU#870744 5.3 ZyXEL NBG-418N, PMG5318-B20A and P-660HW-T1 routers contain multiple vulnerabilities
2015-09-24 2015-08-13 2015-10-28 VU#804060 5.8 Cookies set via HTTP requests may be used to bypass HTTPS and reveal private information
2014-12-09 2014-12-08 2015-10-27 VU#264212 3.4 Recursive DNS resolver implementations may follow referrals infinitely
2014-12-19 2014-12-19 2015-10-27 VU#852879 5.9 NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)
2014-06-05 2014-06-05 2015-10-27 VU#978508 8.1 OpenSSL is vulnerable to a man-in-the-middle attack
2015-03-06 2015-03-06 2015-10-27 VU#243585 6.4 SSL/TLS implementations accept export-grade RSA keys (FREAK attack)

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis