CERT Advisories

VU#361684: Router devices do not implement sufficient UPnP authentication and security

Vulnerability Note VU#361684 Router devices do not implement sufficient UPnP authentication and security Original Release date: 31 Aug 2015 | Last revised: 31 Aug...

VU#936356: Ceragon FiberAir IP-10 Microwave Bridge contains a default root password

Vulnerability Note VU#936356 Ceragon FiberAir IP-10 Microwave Bridge contains a default root password Original Release date: 16 Jan 2015 | Last revised: 21 Jan...

VU#534407: Barracuda Web Filter insecurely performs SSL inspection

Vulnerability Note VU#534407 Barracuda Web Filter insecurely performs SSL inspection Original Release date: 28 Apr 2015 | Last revised: 28 Apr 2015

VU#602540: ICU Project ICU4C library contains multiple overflow vulnerabilities

Vulnerability Note VU#602540 ICU Project ICU4C library contains multiple overflow vulnerabilities Original Release date: 04 May 2015 | Last revised: 07 May 2015

VU#326395: Nuuo NT-4040 firmware contains insecure default credentials

Nuuo NT-4040 firmware contains insecure default credentials Original Release date: 20 Oct 2016 | Last revised: 20 Oct 2016 Overview Nuuo NT-4040 Titan, firmware NT-4040_01.07.0000.0015_1120, uses default...

VU#369800: Little CMS 2 DefaultICCintents double-free vulnerability

Little CMS 2 DefaultICCintents double-free vulnerability Original Release date: 04 May 2016 | Last revised: 04 May 2016

VU#243585: SSL/TLS implementations accept export-grade RSA keys (FREAK attack)

Vulnerability Note VU#243585 SSL/TLS implementations accept export-grade RSA keys (FREAK attack) Original Release date: 06 Mar 2015 | Last revised: 17 Mar 2015

VU#257823: OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol

Vulnerability Note VU#257823 OpenSSL re-uses unsafe prime numbers in Diffie-Hellman protocol Original Release date: 28 Jan 2016 | Last revised: 29 Jan 2016

VU#298796: Centreon contains multiple vulnerabilities

Vulnerability Note VU#298796 Centreon contains multiple vulnerabilities Original Release date: 17 Oct 2014 | Last revised: 17 Oct 2014 ...

VU#617567: TrackR Bravo contains multiple vulnerabilities

TrackR Bravo contains multiple vulnerabilities Original Release date: 25 Oct 2016 | Last revised: 27 Oct 2016 Overview TrackR Bravo contains multiple vulnerabilities including sensitive information exposure...

VU#912036: N-Able RSMWinService contains hard coded security constants allowing decryption of...

Vulnerability Note VU#912036 N-Able RSMWinService contains hard coded security constants allowing decryption of domain administrator password Original Release date: 20 Jul 2015 | Last...

VU#790839: Objective Systems ASN1C generates code that contains a heap overflow...

Objective Systems ASN1C generates code that contains a heap overflow vulnerability Original Release date: 19 Jul 2016 | Last revised: 21 Jul 2016 Overview ASN.1 is a...