search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-07-25 2003-07-23 2003-07-30 VU#265232 Microsoft Windows DirectX MIDI library does not adequately validate MThd track values in MIDI files
2006-03-09 2006-03-03 2006-03-09 VU#841132 LISTSERV contains multiple buffer overflow vulnerabilities in the WA CGI script
2002-06-11 2002-03-01 2002-06-13 VU#259435 AOL Instant Messenger vulnerable to buffer overflow via crafted "addbuddy" URI sent in message
2007-04-23 2007-04-23 2008-10-14 VU#184473 Microgaming Download Helper ActiveX control stack buffer overflow
2003-02-07 2003-02-06 2003-02-07 VU#666073 AbsoluteTelnet vulnerable to buffer overflow via overly long window title
2007-10-20 2007-10-18 2007-11-15 VU#871673 RealPlayer playlist name stack buffer overflow
2007-07-27 2007-07-24 2008-08-06 VU#252735 ISC BIND generates cryptographically weak DNS query IDs
2008-05-27 2008-05-27 2008-06-09 VU#395473 Adobe Flash player code execution vulnerability
2007-12-11 2007-12-11 2007-12-11 VU#601073 Microsoft Windows Vista privilege escalation vulnerability
2003-05-20 2003-05-03 2003-07-14 VU#397604 GnuPG contains flaw in key validation code
2006-10-02 2006-09-29 2006-10-04 VU#838404 Apple kernel exception handling vulnerability
2002-12-05 2002-11-27 2002-12-06 VU#683673 Sun Solaris priocntl(2) does not adequately validate path to kernel modules that implement lightweight process (LWP) scheduling policy
2006-05-12 2006-05-11 2006-05-12 VU#519473 Apple Safari fails to properly handle archive files containing symbolic links
2004-08-11 2004-08-09 2004-08-11 VU#139504 Sun Solaris X Display Manager does not properly handle invalid XDMCP requests
2008-03-18 2008-03-18 2008-04-28 VU#329673 BusinessObjects RptViewerAX ActiveX control stack buffer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis