search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-05-21 2004-05-17 2006-05-01 VU#210606 Apple Mac OS X "disk://" URI handler stores arbitrary files in a known location
2006-02-15 2006-02-10 2006-02-15 VU#884076 IBM Lotus Notes ZIP file handling buffer overflow
2006-01-09 2005-12-27 2006-01-09 VU#646976 Research in Motion (RIM) BlackBerry Attachment Service does not properly handle PNG image files
2005-08-09 2005-07-15 2005-08-16 VU#965206 Microsoft Internet Explorer JPEG rendering library vulnerable to buffer overflow
2004-01-15 2003-12-22 2004-01-16 VU#281356 Sun Solaris tcsh(1) contains vulnerability in the built-in ls-F command
2006-10-25 2006-08-24 2006-10-25 VU#638376 Wireshark contains multiple off-by-one errors in the IPSec ESP preference parser
2006-10-11 2006-10-10 2006-11-17 VU#534276 Microsoft Office fails to properly parse malformed chart records
2006-05-30 2006-05-30 2006-06-07 VU#288121 Secure Elements Class 5 AVR client fails to validate source address of messages
2002-10-11 2002-09-09 2003-11-07 VU#307306 Microsoft Java implementation JDBC classes do not properly validate DLL requests
2004-12-07 2004-02-10 2005-10-26 VU#820006 XFree86 vulnerable to buffer overflow via crafted font directory in 'fonts.alias' file
2008-02-05 2008-02-02 2008-02-13 VU#101676 Yahoo! Music Jukebox YMP Datagrid ActiveX control stack buffer overflows
2006-08-24 2006-07-31 2006-08-29 VU#822476 VMware ESX Server management interface logs passwords in cleartext in a world-readable file
2004-05-07 2004-05-03 2004-05-07 VU#648406 Apple Mac OS X AppleFileServer fails to properly handle certain authentication requests
2004-03-05 2004-01-22 2004-03-05 VU#584606 NTP service vulnerable to internal overflow if date / time offset is greater than 34 years
2004-04-14 2004-04-13 2004-04-14 VU#353956 Microsoft Windows H.323 implementation fails to handle malformed requests

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis