search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-10-27 2001-07-26 2003-10-28 VU#399883 Linux groff utility pic contains format string vulnerability
2002-09-24 2001-12-29 2002-09-24 VU#245795 Cherokee Web Server fails to drop privileges after daemon starts
2007-09-06 2006-12-01 2007-09-06 VU#311192 VUPlayer malformed playlist buffer overflow
2007-01-17 2006-12-23 2007-01-31 VU#863313 Novell NetMail IMAP vulnerable to buffer overflow when processing "SUBSCRIBE" commands
2008-05-08 2008-04-16 2008-05-19 VU#684883 CA Unicenter DSM ITRM Legends ActiveX integer overflow
2001-09-28 2001-06-10 2003-06-02 VU#439395 Apache web server performs case sensitive filtering on Mac OS X HFS+ case insensitive filesystem
2004-10-12 2004-10-12 2007-09-07 VU#546483 Multiple networking devices fail to set the "Secure" attribute of a cookie
2002-01-09 2001-12-13 2002-03-15 VU#758483 Oracle9i Application Server Apache PL/SQL module does not properly decode URL
2005-02-11 2005-02-08 2005-02-11 VU#544392 Sun Java Plugin may create temporary files with predictable names
2002-09-16 2002-01-16 2002-09-16 VU#221683 Input-validation vulnerability in PHP-Nuke allows arbitrary command execution via request for remote web site
2007-06-26 2007-06-26 2007-08-08 VU#365313 MIT Kerberos kadmind RPC library gssrpc__svcauth_unix() integer conversion error
2002-08-01 2002-07-31 2006-05-15 VU#192995 Integer overflow in xdr_array() function when deserializing the XDR stream
2010-10-25 2010-10-19 2010-10-25 VU#362983 Linux kernel RDS protocol vulnerability
2004-10-19 2004-09-18 2004-10-27 VU#424358 sudoedit can expose protected file contents
2003-10-16 2003-10-15 2003-12-09 VU#838572 Microsoft Authenticode mechanism installs ActiveX controls without prompting user

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis