search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-01-25 2007-12-10 2008-04-28 VU#203611 inet_network() off-by-one buffer overflow
2003-01-15 2003-01-15 2003-03-26 VU#284857 ISC DHCPD minires library contains multiple buffer overflows
2004-09-14 2004-08-18 2004-10-28 VU#526089 Microsoft Internet Explorer treats arbitrary files as images for drag and drop operations
2008-04-21 2007-12-11 2008-04-21 VU#570089 Microsoft HeartbeatCtl ActiveX control buffer overflow
2002-02-27 2002-01-10 2002-02-27 VU#712723 Oracle 9iAS default configuration uses well-known default passwords
2007-05-29 2007-05-29 2007-05-30 VU#210257 British Telecommunications Business Connect webhelper ActiveX control buffer overflows
2005-08-12 2005-08-12 2007-01-12 VU#378957 VERITAS Backup Exec uses hard-coded authentication credentials
2006-10-09 2006-10-09 2006-10-12 VU#661524 AOL YGP Pic Downloader Plugin ActiveX control buffer overflow
2007-02-22 2007-02-21 2007-02-27 VU#615857 Google Desktop vulnerable to cross-site scripting
2006-06-02 2006-06-01 2007-02-09 VU#237257 Mozilla privilege escalation using addSelectionListener
2006-05-05 2006-05-02 2006-05-17 VU#602457 MySQL fails to properly validate COM_TABLE_DUMP packets
2007-02-13 2007-02-13 2007-02-23 VU#753924 Microsoft Internet Explorer fails to properly instantiate COM objects
2005-08-12 2005-05-24 2005-08-15 VU#814557 GNOME gedit contains format string vulnerability
2008-10-30 2008-10-21 2011-07-22 VU#183657 libspf2 DNS TXT record parsing buffer overflow
2001-09-28 2000-12-01 2001-09-28 VU#872257 IBM AIX enq buffer overflow in -M argument

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis