search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-04-02 2001-04-11 2003-04-11 VU#527736 mkpasswd uses weak random number generator
2001-09-05 2001-04-18 2001-09-05 VU#943536 ISC InterNetNews (INN) innfeed contains buffer overflow
2007-01-09 2006-12-20 2007-05-16 VU#102289 Sun Java JRE vulnerable to privilege escalation
2003-04-01 2003-03-31 2003-04-01 VU#112553 Apple QuickTime Player for Windows contains buffer overflow in processing of overly long QuickTime URLs
2007-02-15 2007-02-14 2007-03-09 VU#885753 Mozilla browsers "location.hostname" cross-domain vulnerability
2006-05-30 2006-05-30 2006-06-07 VU#566553 Secure Elements Class 5 AVR uses the same RSA key for all installations
2010-02-25 2009-12-14 2010-04-29 VU#166739 APC Network Management Card web interface vulnerable to cross-site scripting and cross-site request forgery
2006-07-18 2006-07-10 2006-07-26 VU#313836 Samba fails to properly handle multiple share connection requests
2007-01-15 2007-01-05 2007-01-26 VU#443108 Cisco Secure Access Control Server fails to properly handle specially crafted Access-Request messages
2007-05-31 2007-05-31 2007-06-20 VU#751636 Mozilla Layout Engine memory corruption vulnerabilities
2006-06-13 2006-06-13 2006-06-13 VU#909508 Microsoft Graphics Rendering Engine fails to properly handle WMF images
2002-10-01 2002-02-11 2002-10-01 VU#355971 Microsoft Internet Explorer executes scripts when scripting has been disabled after bypassing initial security checks
2005-05-10 2005-05-07 2005-08-09 VU#534710 Mozilla fails to properly prevent "JavaScript:" URIs containing "eval()" from being executed in the context of other URIs in the history list
2006-08-04 2006-08-01 2006-09-18 VU#575372 Apple Mac OS X AFP server vulnerable to an integer overflow when file sharing is enabled
2003-01-21 2002-11-12 2003-01-21 VU#237777 Microsoft Virtual Machine allows applets write access to the Standard Security Manager

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis