search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-08-27 2001-07-11 2001-08-27 VU#557136 Cayman gateways ship with null administrative and user level passwords
2004-06-09 2004-05-05 2004-07-16 VU#722414 Perl vulnerable to buffer overflow in win32_stat()
2004-04-05 2003-11-25 2005-06-17 VU#323070 Outlook Express MHTML protocol handler does not properly validate source of alternate content
2004-08-10 2004-08-09 2004-08-31 VU#735966 AOL Instant Messenger vulnerable to buffer overflow
2006-07-11 2006-07-10 2006-07-17 VU#294036 Juniper JUNOS IPv6 denial-of-service vulnerability
2003-10-30 2003-10-03 2004-05-20 VU#473108 Cisco Lightweight Extensible Authentication Protocol (LEAP) uses passwords that are vulnerable to dictionary attacks
2004-08-13 2004-08-03 2004-08-13 VU#749870 Juniper Networks NetScreen firewall contains a DoS vulnerability in the SSHv1 service
2004-02-25 2004-02-24 2004-03-15 VU#460350 Apple Quicktime/Darwin Streaming Server fails to properly parse DESCRIBE requests
2006-07-11 2006-07-11 2006-07-13 VU#580036 Microsoft Office fails to properly handle malformed strings
2002-03-29 2001-05-29 2002-03-29 VU#233200 GnuPG contains format-string vulnerability in handling of encrypted data filename
2004-07-14 2004-07-13 2004-07-14 VU#647436 Microsoft Windows contains a buffer overflow in the POSIX subsystem
2005-05-06 2005-05-03 2005-05-16 VU#356070 Apple Terminal fails to properly sanitize input for "x-man-page" URI
2003-09-19 1999-04-03 2003-09-19 VU#41870 Sun Solstice AdminSuite ships with insecure default configuration
2007-08-14 2007-08-14 2007-08-14 VU#640136 Microsoft GDI Windows Metafile AttemptWrite integer overflow
2006-09-14 2006-09-12 2006-09-14 VU#489836 Apple QuickTime fails to properly handle FLC movies

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis