search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-10-29 2001-10-25 2001-10-29 VU#825275 NSI RWhoisd contains format string vulnerability in print_error()
2001-07-27 2001-06-13 2001-09-17 VU#451275 Curses library vulnerable to buffer overflow
2008-05-29 2008-05-28 2008-05-29 VU#566875 Apple Help Viewer vulnerable to buffer overflow
2003-05-04 2003-02-03 2003-06-17 VU#911505 pam_xauth may insecurely forward "X MIT-Magic-Cookies" to new sessions
2002-08-10 2002-03-27 2002-08-10 VU#495275 Cisco CallManager contains memory leak
2004-04-23 2004-04-21 2004-04-23 VU#574222 BEA WebLogic Server configuration wizard stores administrative credentials in clear text log files
2004-11-17 2004-11-15 2005-04-20 VU#457622 Samba QFILEPATHINFO handling routine contains a remotely exploitable buffer overflow
2011-04-05 2011-04-05 2011-04-05 VU#648244 Oracle Solaris 10 password hashes leaked through back-out patch files
2002-03-15 1999-08-23 2002-05-03 VU#634847 XDMCP leaks sensitive information by default configuration
2002-09-27 2001-10-13 2002-09-27 VU#921547 PostNuke does not adequately validate user input thereby allowing malicious user to bypass user authentication via SQL injection
2005-06-27 2003-01-13 2005-06-29 VU#165022 Microsoft Log Sink Class ActiveX control incorrectly marked "safe for scripting"
2011-05-25 2011-05-25 2011-05-25 VU#531342 Unbound DNS resolver denial of service vulnerability
2005-02-10 2005-02-08 2005-02-22 VU#107822 Symantec products vulnerable to buffer overflow via a specially crafted UPX file
2001-12-21 2001-12-19 2003-05-14 VU#598147 Microsoft Internet Explorer does not properly handle document.open()
2005-07-12 2005-07-12 2005-07-22 VU#720742 Microsoft Color Management Module buffer overflow during profile tag validation

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis