search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-07-07 2008-07-07 2008-08-12 VU#837785 Microsoft Office Snapshot Viewer ActiveX control race condition
2008-09-16 2008-09-16 2008-11-28 VU#837092 InstallShield / Macrovision / Acresso FLEXnet Connect insecurely retrieves and executes scripts
2002-10-03 2002-10-02 2002-10-03 VU#240329 Apache HTTPD server vulnerable to cross site scripting on error page when using wildcard DNS
2008-03-11 2008-03-10 2008-07-26 VU#831457 RealNetworks RealPlayer ActiveX controls property heap memory corruption
2007-11-16 2007-10-29 2007-11-16 VU#759385 RealNetworks player "Lyrics3" buffer overflow
2007-07-11 2007-07-10 2007-11-15 VU#730785 Adobe Flash Player FLV integer overflow
2008-03-18 2008-03-18 2008-03-18 VU#992585 Check Point VPN-1 information disclosure vulnerability
2005-08-16 2005-08-16 2005-10-04 VU#606857 EMC Legato NetWorker uses weak AUTH_UNIX authentication
2002-06-25 2002-06-12 2002-08-08 VU#139931 Microsoft SQLXML HTTP components vulnerable to cross-site scripting via root parameter
2008-06-20 2008-06-19 2008-06-20 VU#127185 Apple Safari automatically executes downloaded files based on Internet Explorer zone settings
2007-12-12 2007-12-11 2007-12-13 VU#319385 Microsoft Windows Media Format Runtime ASF handling buffer overflow
2002-02-26 2002-02-06 2003-07-03 VU#180147 Oracle 9i Database Server PL/SQL module allows remote command execution without authentication
2006-05-30 2006-05-30 2006-06-07 VU#584329 Secure Elements Class 5 AVR server contains hard-coded user ID and password
2005-09-09 2005-08-31 2006-10-18 VU#744929 mod_ssl fails to properly enforce client certificates authentication
2007-01-02 2006-10-27 2007-01-02 VU#363992 Wireshark HTTP dissector vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis