search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-03-14 2005-12-07 2006-03-14 VU#642428 Microsoft Excel fails to properly perform range validation when parsing document files
2005-03-17 2005-03-17 2005-04-20 VU#131828 NotifyLink web client fails to adequately restrict access to administrative functions
2002-09-05 2002-08-30 2002-09-05 VU#629289 HP Tru64 UNIX "traceroute" contains buffer overflow (SSRT2261)
2003-06-27 2003-06-22 2003-09-03 VU#823260 Microsoft Windows HTML conversion library vulnerable to buffer overflow
2006-05-16 2006-05-11 2006-05-16 VU#186944 EMC Retrospect Client buffer overflow vulnerability
2011-10-24 2011-10-18 2011-10-24 VU#659251 Multiple MIT KRB5 KDC daemon vulnerabilities
2003-10-16 2003-10-15 2003-10-16 VU#435444 Microsoft Outlook Web Access (OWA) contains cross-site scripting vulnerability in the "Compose New Message" form
2004-10-13 2004-10-12 2004-10-13 VU#637760 Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability
2008-10-14 2008-10-14 2008-10-20 VU#166651 Husdawg, LLC Systems Requirements Lab ActiveX control and Java applet vulnerable to arbitrary code download and execution
2002-01-14 2001-10-06 2002-01-14 VU#990451 AOL Instant Messenger vulnerable to DoS via crafted WAV file
2002-10-01 2002-02-11 2002-10-01 VU#355971 Microsoft Internet Explorer executes scripts when scripting has been disabled after bypassing initial security checks
2007-08-17 2007-07-27 2007-08-21 VU#120760 Yahoo! Installer Plugin for Widgets ActiveX control stack buffer overflow
2001-07-24 2001-07-24 2001-08-07 VU#994851 Microsoft Services for UNIX Telnet server is vulnerable to denial of service via memory leak
2001-07-27 2001-07-02 2001-07-30 VU#981651 Caucho Technologies Resin vulnerable to Cross-Site Scripting via passing of user input directly to default error page
2005-01-25 2005-01-25 2005-06-21 VU#938617 BIND 9.3.0 vulnerable to denial of service in validator code

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis