search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2011-02-23 2011-01-20 2011-02-23 VU#375127 IBM WebSphere Portal Server input validation vulnerability
2006-01-19 2005-01-17 2006-03-17 VU#857412 Oracle Transparent Data Encryption master encryption key stored as plaintext
2002-09-27 2001-06-02 2003-09-23 VU#255915 WebBoard does not adequately validate user input thereby permitting arbitrary JavaScript execution
2007-11-27 2007-11-25 2007-11-27 VU#433819 Apple Mail remote command execution vulnerability
2004-12-10 2004-10-18 2005-01-14 VU#968818 Anti-virus software may not properly scan malformed zip archives
2002-05-17 2002-02-19 2005-04-29 VU#150227 HTTP proxy default configurations allow arbitrary TCP connections
2002-07-25 2002-06-14 2003-02-05 VU#225555 Microsoft SQL Server contains buffer overflow in pwdencrypt() function
2002-05-16 2002-04-05 2002-05-16 VU#772915 Computer Associates MLink "mllock" command vulnerable to buffer overflow via long string of characters
2001-11-05 2000-06-09 2001-11-05 VU#40327 OpenSSH UseLogin option allows remote execution of commands as root
2003-05-01 2003-02-19 2003-05-01 VU#143627 RealSystem Server contains buffer overflow
2003-03-21 2002-08-01 2003-04-15 VU#671627 HP Tru64 UNIX "dxchpwd" contains buffer overflow
2006-09-15 2006-09-13 2006-11-14 VU#377369 Microsoft DirectAnimation Path ActiveX control fails to validate input
2003-10-30 2001-08-29 2003-10-30 VU#315227 KaZaA Media Desktop discloses username to remote users
2002-09-12 2002-05-09 2002-09-12 VU#416427 HP Tru64 UNIX "deliver" contains buffer overflow (SSRT2275)
2005-06-14 2005-06-14 2005-06-27 VU#851869 Microsoft HTML Help vulnerable to integer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis