search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-10-24 2006-10-18 2007-01-19 VU#521252 Integer overflow vulnerability in Asterisk driver for Cisco SCCP-enabled phones
2007-05-08 2007-05-08 2007-05-09 VU#124113 Microsoft Exchange Outlook Web Access UTF character set label script injection vulnerability
2003-04-02 2003-02-21 2003-04-17 VU#624713 IBM AIX "secldapclntd" daemon authentication vulnerability
2004-12-01 2004-10-13 2005-03-17 VU#948752 LibTIFF contains multiple heap-based buffer overflows
2005-10-03 2005-06-20 2005-10-18 VU#684913 Ruby library contains vulnerable default value
2006-11-15 2006-11-14 2006-11-17 VU#197852 Microsoft Internet Explorer fails to properly interpret HTML with certain layout combinations
2003-03-20 2002-10-18 2012-02-03 VU#464113 TCP/IP implementations handle unusual flag combinations inconsistently
2009-07-06 2009-07-04 2009-07-15 VU#180513 Microsoft Video ActiveX control stack buffer overflow
2002-10-01 1999-09-10 2002-10-11 VU#40813 SetupCtl 1.0 Type Library contains a buffer overflow
2002-10-17 2002-08-27 2002-10-28 VU#899713 Microsoft Word and Excel documents allow local file reading by via embedded fields
2010-03-11 2010-03-02 2010-03-11 VU#280613 Apache mod_isapi module library unload results in orphaned callback pointers
2006-01-20 2006-01-17 2006-01-24 VU#871756 Oracle TNS protocol fails to properly validate authentication requests
2007-02-13 2007-02-12 2007-02-13 VU#319913 Aruba Mobility Controller Management Interface contains a buffer overflow
2007-08-13 2007-07-16 2007-08-13 VU#470913 InterActual Player IAKey ActiveX control stack buffer overflow
2007-10-19 2007-10-19 2007-10-19 VU#755513 Mozilla products vulnerable to memory corruption in the JavaScript engine

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis