search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-08-09 2001-06-22 2002-08-06 VU#109475 Microsoft Windows NT and 2000 Domain Name Servers allow non-authoritative RRs to be cached by default
2004-10-19 2004-08-31 2004-10-19 VU#664422 PhpWebSite contains multiple cross-site scripting vulnerabilities
2007-11-09 2007-08-03 2007-11-20 VU#912593 Guidance EnCase Enterprise uses weak authentication to identify target machines
2003-02-12 2003-01-21 2003-02-12 VU#979793 Apache vulnerable to DoS via request for MS-DOS device
2004-09-07 2004-07-06 2004-09-07 VU#829422 Ethereal fails to properly handle malformed iSNS packets
2005-01-05 2004-12-20 2005-01-14 VU#420222 Konqueror fails to restrict access to Java classes
2006-09-19 2006-09-18 2007-03-21 VU#416092 Microsoft Internet Explorer VML stack buffer overflow
2008-12-05 2008-01-03 2008-12-05 VU#528993 Linksys WVC54GC wireless video camera vulnerable to information disclosure
2004-08-20 2004-05-29 2004-08-20 VU#561022 Mozilla contains a buffer overflow in the SendUidl() function
2005-04-12 2005-04-12 2005-04-13 VU#756122 Microsoft Internet Explorer URL validation routine contains a buffer overflow
2005-10-26 2005-10-25 2005-12-19 VU#668193 Skype VCARD handling routine contains a buffer overflow
2005-02-01 2004-09-05 2005-02-03 VU#961686 QNX PPPoEd vulnerable to buffer overflow
2002-01-14 2002-01-09 2002-01-14 VU#833459 Cisco SN 5420 Storage Router fails to properly authenticate user before granting read access to configuration file
2002-02-27 2002-02-06 2002-03-12 VU#547459 Oracle 9iAS creates temporary files when processing JSP requests that are world-readable
2002-03-04 2002-02-21 2002-03-06 VU#613459 Squid Proxy Server contains buffer overflow in parsing of the authentication portion of FTP URLs

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis