search menu icon-carat-right cmu-wordmark
Carnegie Mellon University
Please be aware that VINCE will be down for maintenance from 12 noon EST until 4 PM EST on November 19, 2025.

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-01-22 2008-01-17 2008-04-29 VU#248184 Skype does not properly filter input from external websites
2008-01-15 2008-01-15 2008-07-22 VU#347812 UPnP enabled by default in multiple devices
2008-01-10 2008-01-10 2008-02-07 VU#112179 Apple QuickTime RTSP Response message Reason-Phrase buffer overflow vulnerability
2008-01-10 2008-01-08 2008-01-29 VU#115083 Microsoft Windows IGMPv3 and MLDv2 processing vulnerability
2008-01-09 2008-01-09 2008-01-31 VU#568681 AOL Radio AOLMediaPlaybackControl.exe stack buffer overflow
2008-01-08 2008-01-08 2009-04-13 VU#735441 Gateway CWebLaunchCtl ActiveX control buffer overflow
2008-01-08 2008-01-08 2008-01-08 VU#410025 Microsoft Windows LSASS privilege escalation vulnerability
2008-01-08 2008-01-08 2008-01-14 VU#921339 SSH Tectia Client and Server ssh-signer local privilege escalation
2008-01-03 2007-11-30 2008-01-03 VU#150249 OpenSSL FIPS Object Module fails to properly generate random seeds
2008-01-03 2007-12-28 2008-01-23 VU#553235 Jetty fails to properly process URLs that contain double / characters
2008-01-02 2007-05-18 2008-06-16 VU#249337 Flash authoring tools create Flash files that contain cross-site scripting vulnerabilities
2007-12-21 2007-12-20 2009-04-13 VU#963889 IBM Lotus Domino Web Access ActiveX control stack buffer overflows
2007-12-19 2007-12-19 2008-01-15 VU#758769 Adobe Flash Player asfunction protocol may enable cross-site scripting
2007-12-18 2007-12-18 2008-01-07 VU#905292 Apple Safari code execution vulnerability
2007-12-17 2007-12-11 2007-12-19 VU#120593 Meridian Prolog Manager uses weak authentication to store and transmit user credentials

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis