search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2016-02-03 2016-02-03 2016-02-04 VU#777024 5.6 Netgear Management System NMS300 contains arbitrary file upload and path traversal vulnerabilities
2016-02-02 2016-02-02 2016-02-02 VU#719736 4.4 Fisher-Price Smart Toy platform allows some unauthenticated web API commands
2016-02-02 2016-02-02 2016-02-02 VU#544527 2.1 OpenELEC and RasPlex have a hard-coded SSH root password
2016-02-01 2016-02-01 2016-02-01 VU#972224 1.0 Huawei Mobile WiFi E5151 and E5186 routers use insufficiently random values for DNS queries
2016-01-28 2016-01-28 2016-01-29 VU#257823 6.9 OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol
2016-01-21 2016-01-21 2016-01-27 VU#992624 5.9 Harman AMX multimedia devices contain hard-coded credentials
2016-01-20 2016-01-19 2016-01-20 VU#916896 5.9 Oracle Outside In 8.5.2 contains multiple stack buffer overflows
2016-01-14 2016-01-14 2016-01-20 VU#456088 2.7 OpenSSH Client contains a client information leak vulnerability and buffer overflow
2016-01-20 2016-01-12 2016-03-10 VU#772447 2.9 ffmpeg and Libav cross-domain information disclosure vulnerability
2016-01-12 2016-01-11 2016-01-25 VU#913000 5.0 Samsung SRN-1670D camera contains multiple vulnerabilities
2016-01-05 2016-01-05 2016-01-05 VU#418072 4.2 Comcast XFINITY Home Security fails to properly handle wireless communications disruption
2016-01-07 2015-12-19 2016-01-07 VU#753264 5.9 IPSwitch WhatsUp Gold does not validate commands when deserializing XML objects
2015-12-18 2015-12-18 2015-12-18 VU#757840 1.5 Dovestones Software AD Self Password Reset fails to properly restrict password reset request to authorized users
2015-12-21 2015-12-17 2015-12-22 VU#640184 6.2 Juniper ScreenOS contains multiple vulnerabilities
2015-12-16 2015-12-16 2015-12-27 VU#176160 4.4 IPswitch WhatsUp Gold contains multiple XSS vulnerabilities and a SQLi

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis