search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2012-06-27 2012-06-27 2020-06-29 VU#971035 0.5 Simple Certificate Enrollment Protocol (SCEP) does not strongly authenticate certificate requests
2019-07-15 2019-07-15 2020-06-18 VU#129209 0 LLVMs Arm stack protection feature can be rendered ineffective
2020-03-04 2020-02-02 2020-06-15 VU#782301 7.7 pppd vulnerable to buffer overflow due to a flaw in EAP packet processing
2020-03-11 2020-03-10 2020-06-04 VU#872016 7.8 Microsoft SMBv3 compression remote code execution vulnerability
2020-03-19 2020-03-19 2020-06-04 VU#425163 0 Machine learning classifiers trained via gradient descent are vulnerable to arbitrary misclassification attack
2020-05-18 2020-05-18 2020-05-26 VU#534195 0 Bluetooth devices supporting LE and specific BR/EDR implementations are vulnerable to method confusion attacks
2019-08-14 2019-08-14 2020-05-15 VU#918987 7.8 Bluetooth BR/EDR supported devices are vulnerable to key negotiation attacks
2020-05-14 2020-01-28 2020-05-15 VU#366027 7.8 Samsung Qmage codec for Android Skia library does not properly validate image files
2020-04-06 2020-04-06 2020-04-15 VU#660597 0.9 Periscope BuySpeed is vulnerable to stored cross-site scripting
2020-03-23 2020-03-23 2020-04-14 VU#354840 9.0 Microsoft Windows Type 1 font parsing remote code execution vulnerabilities
2020-03-30 2020-03-30 2020-03-30 VU#962085 0.9 Versiant LYNX Customer Service Portal is vulnerable to stored cross-site scripting
2020-03-30 2019-04-12 2020-03-30 VU#944837 6.7 Vertiv Avocent UMG-4000 vulnerable to command injection and cross-site scripting vulnerabilities
2020-01-31 2020-01-28 2020-03-09 VU#390745 10.0 OpenSMTPD vulnerable to local privilege escalation and remote code execution
2020-02-24 2020-02-12 2020-02-26 VU#498544 7.1 ZyXEL pre-authentication command injection in weblogin.cgi
2020-01-17 2020-01-17 2020-02-19 VU#338824 7.1 Microsoft Internet Explorer Scripting Engine memory corruption vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis