search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-07-30 2002-07-30 2002-09-30 VU#258555 OpenSSL clients contain a buffer overflow during the SSL3 handshake process
2002-09-24 2001-09-24 2002-09-24 VU#933955 PHPNuke 'admin.php' script does not adequately authenticate users, thereby allowing malicious user to copy, move, or upload files
2006-10-20 2006-10-18 2006-10-20 VU#383092 IBM Lotus Notes sets insecure default permissions on program data
2002-09-18 2000-02-09 2002-09-18 VU#214555 Multiple vulnerabilities exist within credit card chips thereby allowing malicious user to bypass authentication mechanism
2006-10-11 2006-10-10 2006-10-31 VU#547212 Microsoft XML Core Services XMLHTTP ActiveX control fails to properly interpret certain HTTP operations
2002-04-05 2000-12-12 2002-04-05 VU#474592 AOL Instant Messenger contains buffer overflows in parsing of AIM URI handler requests
2002-09-09 2002-07-19 2002-09-09 VU#771155 HP Tru64 UNIX "ipcs" contains buffer overflow (SSRT0794U)
2002-03-29 2001-06-19 2004-02-23 VU#219043 Netwin Surge FTP Server does not adequately validate user input thereby allowing directory traversal
2007-02-26 2007-02-08 2007-03-01 VU#303012 HP Mercury products vulnerable to buffer overflow
2004-04-14 2004-04-13 2004-04-14 VU#212892 Microsoft Windows creates COM object identifiers incorrectly
2008-05-09 2008-05-09 2008-05-09 VU#468843 Microsoft Internet Explorer 7 DisableCachingOfSSLPages may not prevent caching
2001-09-10 2001-08-28 2001-11-30 VU#274043 BSD Line Printer Daemon vulnerable to buffer overflow via crafted print request
2001-11-06 2001-11-05 2001-11-06 VU#986843 WS-FTP Server vulnerable to buffer overflow via long string sent as argument to ftp command
2005-02-28 2005-02-28 2005-02-28 VU#795812 Gaim vulnerable to DoS via specially crafted HTML
2003-05-13 2003-04-28 2003-05-13 VU#641012 Kerio Personal Firewall vulnerable to replay attack

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis