search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-12-09 2003-10-03 2006-05-01 VU#325603 0 Integer overflow vulnerability in rsync
2008-06-06 2008-06-04 2008-06-06 VU#754403 0 HP Online Support Services ActiveX ExtractCab() buffer overflow
2004-09-17 2004-09-14 2004-09-17 VU#808216 0 Mozilla contains heap overflow in UTF8 conversion of hostname portion of URLs
2005-01-07 2004-12-23 2014-04-23 VU#177584 0 Microsoft Windows kernel vulnerable to a denial-of-service condition via animated cursor (.ani) frame number
2012-12-17 2012-12-17 2014-05-15 VU#323161 0 Adobe Shockwave player provides vulnerable Flash runtime
2008-10-02 2008-09-05 2008-10-02 VU#889484 0 libpng off-by-one vulnerability
2007-06-05 2007-06-04 2007-06-07 VU#471361 0 Microsoft Internet Explorer cross-domain frame race condition
2006-04-28 2006-04-21 2006-05-31 VU#167033 0 Winny contains a buffer overflow
2005-11-11 2005-11-07 2006-05-09 VU#146284 0 Macromedia Flash Player fails to properly validate the frame type identifier read from a "SWF" file
2010-01-20 2009-12-18 2010-06-03 VU#144233 0 Rockwell Automation Allen-Bradley MicroLogix PLC authentication and authorization vulnerabilities
2007-11-19 2007-11-19 2008-02-26 VU#138633 0 Invensys Wonderware InTouch creates insecure NetDDE share
2018-09-05 2018-09-05 2018-10-23 VU#598349 0 Automatic DNS registration and proxy autodiscovery allow spoofing of network services
2008-10-31 2007-09-20 2008-12-19 VU#981849 0 Automated Solutions Modbus TCP Slave ActiveX Control Vulnerability
2005-10-21 2005-10-18 2005-10-21 VU#609340 0 Oracle E-Business Suite Applications Utilities vulnerability
2005-08-15 2005-08-11 2005-08-22 VU#213165 0 Novell eDirectory iMonitor vulnerable to buffer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis