search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2016-11-21 2016-11-21 2017-11-20 VU#633847 6.1 NTP.org ntpd contains multiple denial of service vulnerabilities
2017-11-17 2017-11-16 2017-11-20 VU#817544 0 Windows 8 and later fail to properly randomize every application if system-wide mandatory ASLR is enabled via EMET or Windows Defender Exploit Guard
2017-10-16 2017-10-16 2017-11-16 VU#228519 5.7 Wi-Fi Protected Access (WPA) handshake traffic can be manipulated to induce nonce and session key reuse
2017-11-03 2017-11-01 2017-11-09 VU#739007 6.2 IEEE P1735 implementations may have weak cryptographic protections
2017-09-12 2017-09-12 2017-11-08 VU#240311 6.2 Multiple Bluetooth implementation vulnerabilities affect many devices
2017-10-16 2017-10-16 2017-11-08 VU#307015 6.9 Infineon RSA library does not properly generate RSA key pairs
2017-11-02 2017-10-03 2017-11-06 VU#446847 5.2 Savitech USB audio drivers install a new root CA certificate
2017-07-20 2017-07-20 2017-10-30 VU#586501 0 Inmarsat AmosConnect8 Mail Client Vulnerable to SQL Injection and Backdoor Account
2013-11-22 2013-11-21 2017-10-18 VU#893462 1.8 Thomson Reuters Velocity Analytics Vhayu Analytic Server version 6.9.4 build 2995 contains a code injection vulnerability
2017-07-27 2017-07-27 2017-10-18 VU#793496 3.6 Open Shortest Path First (OSPF) protocol implementations may improperly determine LSA recency
2017-09-08 2017-09-08 2017-10-12 VU#166743 3.8 Das U-Boot AES-CBC encryption implementation contains multiple vulnerabilities
2017-09-13 2017-09-12 2017-09-16 VU#101048 6.5 Microsoft .NET framework SOAP Moniker PrintClientProxy remote code execution vulnerability
2017-09-06 2017-09-05 2017-09-06 VU#112992 8.3 Apache Struts 2 framework REST plugin insecurely deserializes untrusted XML data
2015-04-13 2015-04-13 2017-09-05 VU#672268 5.7 Microsoft Windows NTLM automatically authenticates via SMB when following a file:// URL
2017-08-29 2017-08-28 2017-08-31 VU#403768 1.3 Akeo Consulting Rufus fails to update itself securely

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis