search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-01-31 2008-01-10 2008-01-31 VU#326065 Liferay Portal Enterprise Admin User-Agent HTTP header XSS
2003-03-17 2003-02-28 2003-04-03 VU#378049 Utah Raster Toolkit contains multiple vulnerabilities
2002-08-01 2002-06-26 2002-08-28 VU#542971 Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflow via network name and address lookups
2005-06-21 2005-06-14 2005-07-07 VU#459565 paFileDB fails to properly sanitize "query" parameter in "pafiledb.php"
2000-11-16 2000-05-13 2001-01-11 VU#31994 MS ActiveMovieControl Object downloads arbitrary files
2004-09-17 2004-09-14 2004-09-17 VU#414240 Mozilla Mail vulnerable to buffer overflow via "writeGroup()" function in "nsVCardObj.cpp"
2006-12-13 2006-12-07 2006-12-15 VU#885665 MySpace fails to properly filter user-supplied content
2002-09-06 2002-08-30 2002-09-06 VU#955065 HP Tru64 UNIX "lpd" contains buffer overflow (SSRT2275)
2006-04-19 2006-04-18 2006-05-03 VU#443265 Oracle Reporting Framework vulnerability
2003-03-06 2003-03-04 2003-03-07 VU#611865 Automatic File Content Type Recognition Tool vulnerable to stack overflow
2001-07-17 2001-07-16 2002-12-12 VU#935800 Multiple versions of OpenLDAP are vulnerable to denial-of-service attacks
2006-07-27 2006-07-25 2007-02-09 VU#897540 Mozilla products VCard attachment buffer overflow
2002-01-11 2000-03-17 2002-01-11 VU#32794 iPlanet Web Server and Netscape Enterprise Server Web Publisher commands allow directory enumeration
2002-10-01 1999-04-21 2002-10-16 VU#39965 DHTML Edit Control for IE5 allows local files to be uploaded to web server
2010-11-03 2010-11-03 2010-11-03 VU#465239 NetSupport Manager Gateway transmits identifying information in plaintext

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis