search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-09-17 2004-09-15 2004-09-17 VU#481998 Apache vulnerable to buffer overflow when expanding environment variables
2006-06-02 2006-06-01 2007-02-09 VU#421529 Mozilla contains a buffer overflow vulnerability in crypto.signText()
2005-02-28 2005-02-08 2005-02-28 VU#896729 IBM AIX auditselect contains format string vulnerability
2010-12-13 2010-12-07 2010-12-13 VU#682457 Exim string_format() buffer overflow
2006-05-30 2006-05-30 2006-06-07 VU#135529 Secure Elements Class 5 AVR server sends messages in cleartext
2006-05-16 2006-05-15 2008-02-26 VU#117929 RealVNC Server does not validate client authentication method
2011-11-08 2011-11-03 2011-11-08 VU#193529 Dell KACE K2000 Appliance contains multiple reflected cross-site scripting vulnerabilities
2006-01-11 2006-01-10 2006-01-11 VU#115729 Apple QuickTime fails to properly handle corrupt TGA images
2010-06-17 2010-06-16 2010-06-18 VU#221257 Symantec AppStream and Workspace Streaming vulnerable to arbitrary code download and execution
2008-04-18 2008-04-16 2008-04-18 VU#441529 Mozilla Firefox JavaScript engine fails to properly handle garbage collection
2006-05-30 2006-05-30 2006-06-12 VU#456729 Secure Elements Class 5 AVR server fails to enforce integrity of message digests
2003-09-18 2003-07-01 2003-09-18 VU#108964 Sendmail contains buffer overflow in ruleset parsing
2005-09-09 2005-09-09 2005-09-23 VU#573857 Mozilla-based browsers contain a buffer overflow in handling URIs containing a malformed IDN hostname
2006-06-16 2006-05-02 2006-07-05 VU#633257 X.Org server buffer overflow in Xrender extension
2004-04-26 2004-04-21 2004-04-26 VU#184558 BEA WebLogic Server contains a vulnerability in the URL pattern matching

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis