search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2007-08-28 2007-08-28 2009-04-13 VU#474433 Oracle JInitiator ActiveX control stack buffer overflows
2005-01-20 2004-12-14 2005-03-09 VU#253024 Adobe Acrobat Reader for UNIX contains a buffer overflow in mailListIsPdf()
2006-06-16 2006-06-16 2006-07-11 VU#802324 Microsoft Excel vulnerability
2001-08-29 2001-06-06 2001-08-30 VU#149424 Outlook Web Access (OWA) executes scripts contained in email attachment opened via Microsoft Internet Explorer (IE)
2005-01-14 2005-01-11 2005-01-14 VU#377368 Apple iTunes fails to properly handle overly long URLs in playlists
2005-10-21 2005-10-18 2005-10-21 VU#512716 Oracle Application Server Web Cache vulnerability
2006-11-22 2006-11-20 2007-03-20 VU#367424 Apple Mac OS X fails to properly handle corrupted DMG image structures
2004-04-14 2004-04-13 2004-04-14 VU#255924 Microsoft Windows ASN.1 library contains a memory management vulnerability
2007-04-19 2007-04-19 2007-04-23 VU#312424 Apple AFP Client privilege escalation vulnerability
2007-09-07 2007-09-07 2009-04-13 VU#466433 Web sites may transmit authentication tokens unencrypted
2006-07-27 2006-07-25 2007-02-09 VU#239124 Mozilla fails to properly handle simultaneous XPCOM events
2003-06-24 2003-05-28 2003-09-18 VU#479268 Apache HTTPD contains denial of service vulnerability in basic authentication module
2010-02-25 2009-12-14 2010-04-29 VU#166739 APC Network Management Card web interface vulnerable to cross-site scripting and cross-site request forgery
2001-02-06 1998-01-20 2001-10-25 VU#19124 SSH authentication agent follows symlinks via a UNIX domain socket
2007-06-15 2004-08-30 2007-06-21 VU#793433 Novell exteNd Director 4.1 LocalExec ActiveX control fails to restrict access to dangerous methods

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis