search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2011-01-11 2010-12-21 2011-01-12 VU#979776 Ecava IntegraXor web service allows directory traversal outside of web root
2002-09-27 2001-05-23 2002-09-27 VU#739376 Microsoft Windows Media Player creates URL shortcut that may contain HTML code in known location in Local Computer Zone
2004-03-09 2004-03-09 2004-03-15 VU#305206 Microsoft Outlook fails to properly filter parameters passed via "mailto:" URL
2004-10-12 2004-09-23 2004-10-12 VU#668206 Macromedia JRun Server is vulnerable to a cross-site scripting attack
2006-09-22 2006-09-20 2006-09-26 VU#642076 Cisco Intrusion Prevention System administration interface fails to properly handle Secure Socket Layer packets
2009-07-14 2009-07-14 2009-07-29 VU#410676 ISC DHCP dhclient stack buffer overflow
2003-04-10 2003-04-07 2003-07-10 VU#267873 Samba contains multiple buffer overflows
2010-11-19 2009-09-30 2010-11-19 VU#479051 OSIsoft PI Server provides an insecure authentication mechanism
2004-03-24 2004-03-22 2004-03-25 VU#119876 Ethereal contains multiple vulnerabilities in the EIGRP protocol dissector
2001-01-28 1996-02-05 2006-04-17 VU#20276 phf CGI Script fails to guard against newline characters
2004-10-13 2004-10-12 2004-10-18 VU#431576 Microsoft Internet Explorer vulnerable to address bar spoofing on double byte character set systems
2006-07-13 2006-07-10 2006-11-14 VU#474593 Adobe Flash Player fails to properly handle malformed SWF files
2006-01-11 2006-01-10 2006-01-12 VU#921193 Apple QuickTime fails to properly handle corrupt media files
2006-10-02 2006-09-29 2006-10-02 VU#897628 Apple Mac OS X may allow network accounts to bypass service access controls
2006-07-27 2006-07-25 2007-07-17 VU#527676 Mozilla contains multiple memory corruption vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis