CERT Advisories

VU#790839: Objective Systems ASN1C generates code that contains a heap overflow...

Objective Systems ASN1C generates code that contains a heap overflow vulnerability Original Release date: 19 Jul 2016 | Last revised: 21 Jul 2016 Overview ASN.1 is a...

VU#548487: BSD libc contains a buffer overflow vulnerability in link_ntoa()

Vulnerability Note VU#548487 BSD libc contains a buffer overflow vulnerability in link_ntoa() Original Release date: 06 Dec 2016 | Last revised: 08 Dec 2016

VU#480428: Juniper ScreenOS is vulnerable to a denial of service from...

Vulnerability Note VU#480428 Juniper ScreenOS is vulnerable to a denial of service from malformed SSL packets Original Release date: 16 May 2014 | Last...

VU#600724: ZTE F460/F660 cable modems contain an unauthenticated backdoor

Vulnerability Note VU#600724 ZTE F460/F660 cable modems contain an unauthenticated backdoor Original Release date: 04 Mar 2014 | Last revised: 19 Mar 2014

VU#797896: CGI web servers assign Proxy header values from client requests...

CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables Original Release date: 18 Jul 2016 | Last revised: 19...

VU#582497: Multiple Android applications fail to properly validate SSL certificates

Vulnerability Note VU#582497 Multiple Android applications fail to properly validate SSL certificates Original Release date: 03 Sep 2014 | Last revised: 08 Sep 2014

VU#758382: Unauthorized modification of UEFI variables in UEFI systems

Vulnerability Note VU#758382 Unauthorized modification of UEFI variables in UEFI systems Original Release date: 09 Jun 2014 | Last revised: 03 Jul 2014

VU#143335: mDNSResponder contains multiple memory-based vulnerabilities

mDNSResponder contains multiple memory-based vulnerabilities Original Release date: 20 Jun 2016 | Last revised: 20 Jun 2016 Overview mDNSResponder provides unicast and multicast mDNS services on UNIX-like...

VU#867968: Microsoft Windows SMB Tree Connect Response denial of service vulnerability

Vulnerability Note VU#867968 Microsoft Windows SMB Tree Connect Response denial of service vulnerability Original Release date: 02 Feb 2017 | Last revised: 17 Mar...

VU#978508: OpenSSL is vulnerable to a man-in-the-middle attack

Vulnerability Note VU#978508 OpenSSL is vulnerable to a man-in-the-middle attack Original Release date: 05 Jun 2014 | Last revised: 19 Jun 2014

VU#338624: U by BB&T iOS banking application fails to properly validate...

U by BB&T iOS banking application fails to properly validate SSL certificates Original Release date: 30 Sep 2016 | Last revised: 06 Oct 2016 Overview U by...

VU#712660: Raritian PX power distribution software is vulnerable to the cipher...

Vulnerability Note VU#712660 Raritian PX power distribution software is vulnerable to the cipher zero attack. Original Release date: 10 Jul 2014 | Last revised:...