search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-06-18 2008-06-12 2009-04-13 VU#145313 Novell iPrint Client ActiveX control stack buffer overflows
2007-01-18 2006-12-19 2007-03-05 VU#405092 Mozilla products allows the src attribute in an img element to be changed to a JavaScript URI
2002-08-05 2001-09-10 2005-03-28 VU#177243 Mac OS X Finder creates world-readable ".FBCIndex" file thereby disclosing sensitive information
2006-02-28 2006-02-23 2006-02-28 VU#437212 Adobe Macromedia Shockwave Player ActiveX installer buffer overflow vulnerability
2002-09-18 2001-11-05 2002-09-18 VU#243243 Entrust GetAccess does not validate user input thereby allowing users to read arbitrary files
2001-05-15 2001-05-14 2001-09-18 VU#789543 IIS decodes filenames superfluously after applying security checks
2002-06-13 2002-06-12 2004-02-23 VU#313819 Microsoft Internet Information Server (IIS) contains remote buffer overflow in chunked encoding data transfer mechanism for HTR
2002-09-26 2001-08-21 2002-09-26 VU#782243 TDForum does not adequately validate user input thereby allowing users to embed malicious script code in messages
2003-11-19 2003-09-10 2003-12-05 VU#326412 Microsoft Internet Explorer execCommand method does not properly validate URL source
2001-08-21 2000-11-22 2001-08-21 VU#227312 Aladdin Ghostscript creates insecure temporary files allowing a local user to create symbolic links to other files
2002-02-28 2002-02-06 2002-03-15 VU#878603 Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via HTTP Authorization header
2002-01-03 2002-01-02 2002-01-16 VU#907819 AOL Instant Messenger client for Windows contains a buffer overflow while parsing TLV 0x2711 packets
2002-08-23 2002-08-22 2003-07-02 VU#342243 Microsoft Windows Server Message Block (SMB) fails to properly handle SMB_COM_TRANSACTION packets requesting NetShareEnum transaction
2006-07-28 2006-07-27 2006-10-18 VU#395412 Apache mod_rewrite contains off-by-one error in ldap scheme handling
2004-10-13 2004-10-12 2004-10-13 VU#218526 Microsoft Windows contains vulnerability in Window Management API

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis