search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-04-05 2006-03-23 2006-05-17 VU#172489 RealNetworks products fail to properly handle chunked data
2001-06-18 1999-05-30 2005-11-15 VU#23495 DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries
2007-01-09 2007-01-09 2007-01-18 VU#122084 Microsoft Internet Explorer VML buffer overflow
2006-09-12 2006-09-12 2006-09-15 VU#108884 Microsoft Indexing Services vulnerable to cross-site scripting
2008-02-20 2007-12-10 2008-02-25 VU#438395 Samba "send_mailslot()" function buffer overflow
2007-03-06 2007-03-06 2007-03-19 VU#568689 Apple QuickTime 3GP integer overflow
2001-07-17 2001-07-16 2003-04-17 VU#583184 Lotus Domino R5 Server Family contains multiple vulnerabilities in LDAP handling code
2002-01-14 2002-01-09 2002-01-14 VU#855195 Cisco SN 5420 Storage Router vulnerable to DoS via fragmented packet sent over Gigabit interface
2008-02-29 2008-02-29 2008-02-29 VU#524857 Learn2 STRunner ActiveX control stack buffer overflows
2002-01-31 2000-05-08 2002-01-31 VU#24447 AOL Instant Messenger exposes local file path during file transfers
2003-05-05 2003-04-24 2004-02-23 VU#443257 Cisco Catalyst switches allow access to "enable mode" without password
2007-04-10 2007-04-10 2007-04-11 VU#728057 Microsoft Windows Agent fails to properly process crafted URLs
2002-04-05 2001-10-06 2002-04-05 VU#710347 AOL Instant Messenger vulnerable to DoS via crafted GIF file
2000-12-19 2000-12-09 2001-01-11 VU#602625 KTH Kerberos environment variables krb4proxy and KRBCONFDIR may be used insecurely
2004-03-24 2004-03-22 2004-03-25 VU#864884 Ethereal contains multiple vulnerabilities in the IGAP protocol dissector

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis