search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2000-12-14 1999-07-29 2001-08-10 VU#3062 Cenroll ActiveX Control allows creation of arbitrary files.
2000-11-02 1999-07-21 2000-11-02 VU#22919 SystemWizard Registry Object ActiveX Control lacks authentication
2001-06-18 1999-05-30 2005-11-15 VU#23495 DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries
2002-06-13 1999-05-19 2002-06-25 VU#13121 Microsoft Remote Access Service API contains buffer overflow vulnerability via phonebook entries
2002-10-01 1999-04-21 2002-10-16 VU#39965 DHTML Edit Control for IE5 allows local files to be uploaded to web server
2006-04-03 1999-04-19 2006-05-02 VU#808921 eBay contains a cross-site scripting vulnerability
2003-09-19 1999-04-03 2003-09-19 VU#41870 Sun Solstice AdminSuite ships with insecure default configuration
2002-05-23 1999-02-22 2002-05-23 VU#28370 Taskpads ActiveX Control incorrectly marked safe-for-scripting
2002-04-29 1999-02-01 2003-03-26 VU#2558 File Transfer Protocol allows data connection hijacking via PASV mode race condition
2000-09-29 1999-01-03 2001-06-26 VU#18287 statd bounce vulnerability
2002-01-04 1998-08-31 2002-01-04 VU#5053 Older Versions of Cisco PIX Firewall Manager permits retrieval of files
2001-09-20 1998-07-27 2003-04-11 VU#5648 Buffer Overflows in various email clients
2002-01-04 1998-07-15 2002-01-04 VU#6733 PIX 'established' and 'conduit' command may have unexpected interactions
2001-09-26 1998-07-06 2001-09-26 VU#182777 IBM AIX nslookup buffer overflow in lex routines
2001-11-07 1998-06-11 2003-05-20 VU#13877 Weak CRC allows packet injection into SSH sessions encrypted with block ciphers

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis