search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-06-05 2002-02-21 2002-06-05 VU#952875 Yahoo! Messenger is vulnerable to DoS via multiple messages from spoofed names
2002-08-20 2002-04-22 2002-08-20 VU#809347 FreeBSD privilege elevation vulnerability
2001-12-21 2001-12-20 2002-01-09 VU#700575 Buffer overflows in Microsoft SQL Server 7.0 and SQL Server 2000
2004-01-15 2003-12-22 2004-01-16 VU#281356 Sun Solaris tcsh(1) contains vulnerability in the built-in ls-F command
2002-02-09 2001-07-18 2002-02-09 VU#116875 Adobe PhotoDeluxe does not adequately restrict Java execution
2001-12-04 2001-12-04 2002-01-02 VU#157447 OpenSSH UseLogin directive permits privilege escalation
2010-08-05 2010-08-02 2010-09-14 VU#275247 FreeType 2 CFF font stack corruption vulnerability
2001-09-18 2001-06-07 2001-09-18 VU#405075 Microsoft Windows 2000 Telnet Service fails to reject oversized username input values
2002-09-24 2001-12-13 2002-09-24 VU#413875 EFTP does not adequately validate user input thereby allowing directory traversal
2006-05-30 2006-05-30 2006-06-07 VU#288121 Secure Elements Class 5 AVR client fails to validate source address of messages
2001-08-03 2001-07-11 2001-08-03 VU#321475 Allaire ColdFusion Server contains vulnerability allowing templates to be overwritten by zero byte file of the same name
2001-10-29 2001-10-25 2001-10-29 VU#825275 NSI RWhoisd contains format string vulnerability in print_error()
2001-07-27 2001-06-13 2001-09-17 VU#451275 Curses library vulnerable to buffer overflow
2008-05-29 2008-05-28 2008-05-29 VU#566875 Apple Help Viewer vulnerable to buffer overflow
2004-04-09 2004-01-27 2004-04-12 VU#858990 BEA WebLogic Server fails to properly associate the user identity on subsequent client connections

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis