search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-11-01 2006-10-05 2007-01-12 VU#361792 Computer Associates Discovery Service buffer overflow
2006-11-01 2006-11-01 2009-01-05 VU#854856 WMI Object Broker ActiveX Control bypasses ActiveX security model
2006-10-27 2006-10-24 2007-02-23 VU#589272 ADODB.Connection ActiveX control memory corruption vulnerability
2006-10-27 2006-10-25 2006-12-08 VU#449092 AOL Nullsoft Winamp Lyrics3 heap buffer overflow
2006-10-26 2006-10-03 2006-10-26 VU#796956 Novell GroupWise Messenger fails to properly handle HTTP POST requests.
2006-10-26 2006-10-25 2006-10-26 VU#347188 Microsoft Internet Explorer 7 may allow address bar spoofing
2006-10-25 2006-08-29 2006-10-25 VU#300368 X.Org fails to check for setuid failure on Linux systems
2006-10-25 2006-08-25 2006-10-25 VU#696896 Wireshark SSCOP dissector fails to properly handle malformed packets
2006-10-25 2006-08-24 2006-10-25 VU#638376 Wireshark contains multiple off-by-one errors in the IPSec ESP preference parser
2006-10-25 2006-08-24 2006-12-20 VU#808832 Wireshark contains an unspecified vulnerability in the SCSI dissector
2006-10-24 2006-10-17 2006-10-24 VU#484380 Opera Web Browser fails to properly process overly long URLs
2006-10-24 2006-10-18 2007-01-19 VU#521252 Integer overflow vulnerability in Asterisk driver for Cisco SCCP-enabled phones
2006-10-24 2006-10-17 2006-10-24 VU#446100 Oracle CREATE_CHANGE_TABLE procedure vulnerable to PL/SQL injection
2006-10-24 2006-10-17 2006-10-24 VU#736324 Oracle SYS.DBMS_CDC_IMPDP package vulnerable to PL/SQL injection
2006-10-24 2006-10-17 2006-10-24 VU#318764 Oracle DISABLE_HIERARCHY_INTERNAL procedure vulnerable to PL/SQL injection

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis