search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2012-02-03 2012-02-01 2014-07-24 VU#732115 0.9 Project Open cross-site scripting vulnerability
2014-01-23 2014-01-17 2014-07-24 VU#869702 1.4 Avanset Visual CertExam Manager 3.3 SQL injection vulnerability
2014-04-25 2014-04-24 2014-07-24 VU#719225 6.9 Apache Struts2 ClassLoader allows access to class properties via request parameters
2014-04-11 2014-03-05 2014-07-24 VU#901156 1.3 PivotX 2.3.8 contains multiple vulnerabilities
2012-12-17 2012-12-17 2014-07-24 VU#519137 3.2 Adobe Shockwave player installs Xtras without prompting
2012-12-17 2012-12-17 2014-07-24 VU#546769 3.2 Adobe Shockwave player vulnerable to downgrading
2013-04-03 2013-04-03 2014-07-24 VU#418923 1.1 C2 WebResource web interface XSS vulnerability
2012-01-27 2012-01-17 2014-07-24 VU#470151 5.6 Linux Kernel local privilege escalation via SUID /proc/pid/mem write
2012-03-14 2012-03-14 2014-07-24 VU#339177 5.5 Cisco AnyConnect Clientless SSL VPN Portforwarder ActiveX control buffer overflow
2014-07-24 2014-07-24 2014-07-24 VU#669804 0 TestRail cross-site scripting vulnerability
2014-07-23 2014-07-23 2014-07-23 VU#162308 1.3 Resin Pro improperly performs Unicode transformations
2014-07-21 2014-07-21 2014-07-21 VU#875548 1.0 MicroPact iComplaints cross-site scripting vulnerability
2014-07-21 2014-07-21 2014-07-21 VU#688812 1.5 Huawei E355 contains a stored cross-site scripting vulnerability
2014-07-10 2014-07-10 2014-07-10 VU#712660 7.0 Raritian PX power distribution software is vulnerable to the cipher zero attack.
2014-07-09 2014-07-09 2014-07-10 VU#100972 2.0 Liferay Portal PCE contains multiple cross-site scripting vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis