search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-01-25 2008-01-24 2008-12-18 VU#339345 GE Fanuc Proficy Information Portal allows arbitrary file upload and execution
2007-05-08 2007-05-08 2007-05-09 VU#343145 Microsoft Exchange Server fails to properly decode MIME email messages
2008-06-11 2008-06-11 2008-10-08 VU#476345 Citect CitectSCADA ODBC service buffer overflow
2002-07-31 2002-04-01 2002-07-31 VU#158323 Oracle Configurator discloses version and host information via "test" argument passed to servlet
2003-03-03 2003-03-03 2003-05-20 VU#916785 Buffer overflow in Snort RPC preprocessor
2002-09-20 2002-09-11 2003-02-06 VU#603945 Slash-based bulletin boards contain a "quick login" feature that may disclose username and password
2004-08-27 2004-03-19 2004-08-27 VU#785945 isakmpd crashes when handling ISAKMP packets with malformed "Security Association Payload"
2002-09-05 2002-08-30 2002-09-05 VU#629289 HP Tru64 UNIX "traceroute" contains buffer overflow (SSRT2261)
2002-10-28 2002-04-15 2002-10-28 VU#582923 webalizer vulnerable to buffer overflow when performing reverse DNS lookups
2001-12-20 2001-10-10 2001-12-21 VU#140723 Advanced Poll does not adequately authenticate users
2006-05-16 2006-05-11 2006-05-16 VU#186944 EMC Retrospect Client buffer overflow vulnerability
2008-02-22 2008-02-13 2008-02-25 VU#264385 OpenCA allows Cross site request forgery (XSRF)
2000-10-02 2000-06-23 2001-02-19 VU#29823 Format string input validation error in wu-ftpd site_exec() function
2001-09-18 2001-06-07 2001-09-18 VU#855723 Microsoft Windows 2000 Telnet Service fails to enforce timeouts on idle telnet sessions
2007-08-29 2007-08-27 2007-08-30 VU#281977 Quiksoft EasyMail SMTP ActiveX control stack buffer overflow vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis