search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-09-02 2004-08-31 2005-05-10 VU#795632 MIT Kerberos 5 ASN.1 decoding functions insecurely deallocate memory (double-free)
2004-03-17 2004-03-17 2005-05-06 VU#465542 OpenSSL does not properly handle unknown message types
2005-04-12 2005-04-12 2005-05-03 VU#233754 Microsoft Windows does not adequately validate IP options
2005-04-19 2005-04-12 2005-04-29 VU#982109 Oracle contains multiple SQL injection vulnerabilities
2002-05-17 2002-02-19 2005-04-29 VU#150227 HTTP proxy default configurations allow arbitrary TCP connections
2005-03-17 2005-03-17 2005-04-28 VU#581068 NotifyLink server provides inadequate protection for cryptographic key material
2005-01-27 2005-01-04 2005-04-28 VU#702777 UW-imapd fails to properly authenticate users when using CRAM-MD5
2005-04-27 2005-04-12 2005-04-28 VU#948486 Oracle products contain multiple vulnerabilities
2005-03-17 2005-03-17 2005-04-20 VU#131828 NotifyLink web client fails to adequately restrict access to administrative functions
2005-03-17 2005-03-17 2005-04-20 VU#264097 NotifyLink contains multiple SQL injection vulnerabilities
2005-03-17 2005-03-17 2005-04-20 VU#770532 NotifyLink administrative interface displays user passwords in clear text
2005-01-18 2004-10-20 2005-04-20 VU#685456 Veritas NetBackup "bpjava-susvc" process contains an input validation error
2004-11-17 2004-11-15 2005-04-20 VU#457622 Samba QFILEPATHINFO handling routine contains a remotely exploitable buffer overflow
2004-08-03 2004-08-02 2005-04-14 VU#714584 BlackJumboDog contains buffer overflow vulnerability
2005-04-13 2005-04-12 2005-04-14 VU#775933 Microsoft Windows Kernel Vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis