The Vulnerability Notes Database provides information about software vulnerabilities. Vulnerability notes include summaries, technical details, remediation information, and lists of affected vendors. Most vulnerability notes are the result of private coordination and disclosure efforts. For more comprehensive coverage of public vulnerability reports, consider the National Vulnerability Database (NVD). CERT/CC also publishes the Vulnerability Notes Data Archive on GitHub.
A previously freed memory usage in WebGL in Google Chrome versions prior to 91.0.4472.114, allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page
An issue was discovered in ProxyServlet.java in the /proxy servlet in Zimbra Collaboration Suite 8.8 before 8.8.15 Patch 23 and 9.x before 9.0.0 Patch 16.
ACRN versiones anteriores a 2.5, presenta una Desreferencia del Puntero NULL en el archivo devicemodel/hw/pci/xhci.c para un puntero trb
The CERT/CC Vulnerability Notes Database is run by the CERT Division, which is part of the Software Engineering Institute, a federally funded research and development center operated by Carnegie Mellon University. Together, we are leaders in cybersecurity, software innovation, and computer science.
The CERT Coordination Center (CERT/CC) prioritizes coordination efforts on vulnerabilities that affect multiple vendors or that impact safety, critical or internet infrastructure, or national security. We also prioritize reports that affect sectors that are new to vulnerability disclosure. We may be able to provide assistance for reports when the coordination process breaks down.
Before reporting a vulnerability to us, we recommend reading our vulnerability disclosure policy and guidance.