search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-01-08 2002-01-08 2002-01-08 VU#985347 iPlanet Web Server Enterprise Edition and Netscape Enterprise Server Web Publisher command exposes server to brute force attack
2001-11-05 2001-10-18 2001-11-05 VU#945747 Mac OS X executes 'recent items' with privileges of foreground application
2004-05-10 2004-01-26 2004-05-10 VU#197142 Gaim contains a buffer overflow vulnerability in the Extract Info Field function
2004-02-26 2004-02-24 2004-02-26 VU#841742 Apple Mac OS X Point-to-Point Protocol daemon (pppd) contains format string vulnerability
2002-06-05 2002-02-21 2002-06-05 VU#952875 Yahoo! Messenger is vulnerable to DoS via multiple messages from spoofed names
2002-08-20 2002-04-22 2002-08-20 VU#809347 FreeBSD privilege elevation vulnerability
2001-12-21 2001-12-20 2002-01-09 VU#700575 Buffer overflows in Microsoft SQL Server 7.0 and SQL Server 2000
2004-01-13 2003-01-13 2009-07-29 VU#749342 Multiple vulnerabilities in H.323 implementations
2002-02-09 2001-07-18 2002-02-09 VU#116875 Adobe PhotoDeluxe does not adequately restrict Java execution
2001-12-04 2001-12-04 2002-01-02 VU#157447 OpenSSH UseLogin directive permits privilege escalation
2010-08-05 2010-08-02 2010-09-14 VU#275247 FreeType 2 CFF font stack corruption vulnerability
2001-09-18 2001-06-07 2001-09-18 VU#405075 Microsoft Windows 2000 Telnet Service fails to reject oversized username input values
2002-09-24 2001-12-13 2002-09-24 VU#413875 EFTP does not adequately validate user input thereby allowing directory traversal
2001-06-18 2000-07-03 2001-06-18 VU#35842 man 'makewhatis' insecurely uses /tmp
2001-08-03 2001-07-11 2001-08-03 VU#321475 Allaire ColdFusion Server contains vulnerability allowing templates to be overwritten by zero byte file of the same name

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis