search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-01-05 2003-12-28 2004-01-09 VU#288308 0 Microsoft Internet Information Server (IIS) vulnerable to cross-site scripting via HTTP TRACK method
2012-12-17 2012-12-17 2014-05-15 VU#323161 0 Adobe Shockwave player provides vulnerable Flash runtime
2007-06-27 2007-06-12 2007-06-28 VU#445313 0 602pro Lan Suite 2003 buffer overflow vulnerability
2011-12-08 2011-12-06 2011-12-08 VU#759307 0 Adobe Acrobat and Reader U3D memory corruption vulnerability
2005-10-21 2005-10-18 2005-10-21 VU#609340 0 Oracle E-Business Suite Applications Utilities vulnerability
2010-01-20 2009-12-18 2010-06-03 VU#144233 0 Rockwell Automation Allen-Bradley MicroLogix PLC authentication and authorization vulnerabilities
2009-03-10 2009-03-10 2009-03-17 VU#319331 0 Microsoft Windows DNS Server response validation vulnerability
2005-11-11 2005-11-07 2006-05-09 VU#146284 0 Macromedia Flash Player fails to properly validate the frame type identifier read from a "SWF" file
2011-11-08 2011-11-03 2015-09-30 VU#135606 0 Dell KACE K2000 Appliance contains backdoor administrator account
2008-05-06 2008-05-05 2008-09-17 VU#596268 0 Wonderware SuiteLink null pointer dereference
2008-06-10 2008-05-31 2009-07-16 VU#878044 0 SNMPv3 improper HMAC validation allows authentication bypass
2004-04-09 2004-03-31 2004-04-09 VU#723910 0 MPlayer contains a buffer overflow in the HTTP parser
2003-03-06 1970-01-01 2017-07-10 VU#789985 0 Physical access to a computer system can be used to bypass software-based access control mechanisms
2008-08-12 2008-08-12 2008-08-13 VU#309739 0 Microsoft Color Management System (MSCMS) module remote code execution
2012-02-23 2012-02-15 2012-03-02 VU#523889 0 libpng chunk decompression integer overflow vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis