search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2024-03-19 2024-03-19 2024-10-03 VU#417980 Implementations of UDP-based application protocols are vulnerable to network loops
2024-01-16 2024-01-16 2024-10-09 VU#132380 Vulnerabilities in EDK2 NetworkPkg IP stack implementation.
2024-07-09 2024-07-09 2024-10-15 VU#456537 RADIUS protocol susceptible to forgery attacks.
2024-10-23 2024-08-19 2024-10-23 VU#123336 Vulnerable WiFi Alliance example code found in Arcadyan FMIMG51AX000J
2021-11-09 2021-11-09 2024-12-10 VU#999008 Compilers permit Unicode control and homoglyph characters
2024-12-11 2024-12-11 2024-12-11 VU#164934 PDQ Deploy allows reuse of deleted credentials that can compromise a device and facilitate lateral movement
2023-09-12 2023-09-12 2024-12-20 VU#347067 Multiple BGP implementations are vulnerable to improperly formatted BGP updates
2024-08-30 2024-07-25 2025-01-14 VU#455367 Insecure Platform Key (PK) used in UEFI system firmware signature
2025-01-14 2025-01-14 2025-01-21 VU#529659 Howyar Reloader UEFI bootloader vulnerable to unsigned software execution
2025-01-30 2025-01-30 2025-01-30 VU#733789 ChatGPT-4o contains security bypass vulnerability through time and search functions called "Time Bandit"
2022-01-31 2022-01-31 2025-02-03 VU#119678 Samba vfs_fruit module insecurely handles extended file attributes
2025-02-11 2025-02-11 2025-02-11 VU#148244 PandasAI interactive prompt function can be exploited to run arbitrary Python code through prompt injection, which can lead to remote code execution (RCE)
2012-06-27 2012-06-27 2025-03-20 VU#971035 0.5 Simple Certificate Enrollment Protocol (SCEP) does not strongly authenticate certificate requests
2025-04-03 2025-04-03 2025-04-03 VU#252619 Multiple deserialization vulnerabilities in PyTorch Lightning 2.4.0 and earlier versions
2025-01-14 2025-01-14 2025-04-09 VU#952657 Rsync contains six vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis