search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-27 2000-04-03 2002-09-27 VU#26493 MS Excel XLM Text Macro execution fails to trigger warning when default medium security set
2003-02-14 2003-02-11 2003-07-24 VU#849993 Some implementations of mod_dav contain a format string vulnerability in "ap_log_rerror()" function
2001-08-21 2001-06-12 2001-11-15 VU#655259 OpenSSH allows arbitrary file deletion via symlink redirection of temporary file
2001-09-27 2001-09-14 2001-09-27 VU#914859 Microsoft Windows Index Server discloses sensitive configuration information via crafted request to SQLQHit.asp sample application
2007-06-08 2007-06-07 2007-06-11 VU#932217 Yahoo! Webcam view utilities ActiveX control vulnerable to arbitrary code execution
2001-12-12 2001-12-12 2002-04-11 VU#569272 System V derived login contains a remotely exploitable buffer overflow
2001-12-08 2001-06-19 2004-01-14 VU#105259 Oracle Database Server vulnerable to DoS via repeated requests to Oracle listener without connecting to redirected port
2005-10-11 2005-10-11 2005-10-27 VU#214572 Microsoft Plug and Play fails to properly validate user supplied data
2005-11-16 2005-11-15 2005-12-07 VU#312073 First4Internet CodeSupport ActiveX controls incorrectly marked 'safe for scripting'
2009-12-08 2009-12-08 2011-07-22 VU#568372 NTP mode 7 denial-of-service vulnerability
2005-04-27 2005-04-12 2005-04-28 VU#948486 Oracle products contain multiple vulnerabilities
2001-09-18 2001-06-07 2001-09-18 VU#215259 Microsoft Windows 2000 Telnet Service contains handle leak
2004-03-24 2004-03-22 2004-04-05 VU#792286 Ethereal fails to properly handle a zero-length Presentation protocol selector
2001-04-05 2001-04-04 2008-05-22 VU#970472 Network Time Protocol ([x]ntpd) daemon contains buffer overflow in ntp_control:ctl_getitem() function
2001-08-23 2001-07-02 2001-08-23 VU#560659 IBM WebSphere vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis