search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2013-01-09 2013-01-09 2015-09-17 VU#950172 1.4 Dell OpenManage Server Administrator version 7.1.0.1 DOM-based XSS vulnerability
2013-01-08 2013-01-08 2013-01-11 VU#380039 8.7 Ruby on Rails Action Pack framework insecurely typecasts YAML and Symbol XML parameters
2012-12-29 2012-12-28 2013-01-14 VU#154201 9 Microsoft Internet Explorer CButton use-after-free vulnerability
2012-12-17 2012-12-17 2014-07-24 VU#519137 3.2 Adobe Shockwave player installs Xtras without prompting
2012-12-17 2012-12-17 2014-07-24 VU#546769 3.2 Adobe Shockwave player vulnerable to downgrading
2012-12-17 2012-12-17 2014-05-15 VU#323161 0 Adobe Shockwave player provides vulnerable Flash runtime
2013-08-05 2012-12-17 2013-10-03 VU#948096 5.1 Huawei networking equipment weak password cipher
2012-12-12 2012-12-12 2012-12-12 VU#876780 1.4 D-Link DSL2730U router restricted telnet shell command whitelisting bypass
2012-12-12 2012-12-12 2012-12-12 VU#856892 1.3 Centreon 2.3.3 through 2.3.9-4 blind sqli injection vulnerability.
2012-12-06 2012-11-30 2012-12-06 VU#571068 1.5 ManageEngine AssetExplorer fails to properly sanitize XML asset data submission
2012-11-26 2012-11-26 2012-12-07 VU#281284 1.9 Samsung Printer firmware contains a hardcoded SNMP community string
2012-12-13 2012-11-24 2012-12-13 VU#871148 1.5 Huawei E585 pocket wifi 2 device contains multiple vulnerabilities
2013-04-26 2012-11-22 2016-01-13 VU#948155 2.0 Henry Schein Dentrix G5 uses hard-coded database credentials shared across multiple installations
2012-11-20 2012-11-20 2014-01-28 VU#849841 8.7 Autonomy Keyview IDOL contains multiple vulnerabilities in file parsers
2012-12-12 2012-11-19 2013-01-02 VU#194604 1.8 IBM Power 5 Service Processor privilege escalation vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis