search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-12-10 2001-05-29 2003-11-05 VU#403051 GnuPG format string vulnerability in do_get() in ttyio.c while prompting for a new filename
2002-02-27 2002-01-10 2002-02-27 VU#712723 Oracle 9iAS default configuration uses well-known default passwords
2006-08-15 2006-07-26 2006-08-16 VU#401660 MIT Kerberos (krb5) ftpd and ksu do not properly validate seteuid() calls
2005-10-13 2005-10-11 2005-10-14 VU#415828 Microsoft Windows FTP client does not properly validate received file names
2001-07-12 2001-04-11 2001-07-12 VU#890128 Lotus Domino vulnerable to a denial of service via DOS device request
2004-09-14 2004-08-18 2004-10-28 VU#526089 Microsoft Internet Explorer treats arbitrary files as images for drag and drop operations
2004-01-21 2003-11-14 2004-01-21 VU#530660 Microsoft Exchange Server 2003 fails to assign user credentials to proper mailbox
2003-06-05 2003-05-27 2003-06-05 VU#799060 Various Axis products allow unauthorized remote privileged access
2006-07-24 2006-07-12 2006-07-24 VU#167228 Adobe Acrobat fails to properly convert files to PDF
2004-04-14 2004-04-13 2004-04-14 VU#547028 Microsoft Windows contains buffer overflow in processing of WMF and EMF image formats
2006-07-27 2006-07-25 2007-02-09 VU#670060 Mozilla fails to properly release JavaScript references
2007-03-06 2007-03-06 2007-03-19 VU#568689 Apple QuickTime 3GP integer overflow
2002-05-30 2002-05-18 2002-06-04 VU#251339 Verisign transmits sensitive customer information in plain text when applying for a "Code Signing Digital ID"
2007-07-23 2007-06-20 2007-07-24 VU#200928 VLC Media Player format string vulnerability
2007-03-07 2007-03-07 2007-03-12 VU#194944 Microsoft Windows fails to properly handle malformed OLE documents

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis