search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-04-16 2003-03-17 2004-04-30 VU#628849 ptrace contains vulnerability allowing for local root compromise
2004-04-22 2004-04-14 2004-04-30 VU#352110 BEA WebLogic Server internal methods may disclose sensitive information
2004-04-26 2004-04-21 2004-04-26 VU#184558 BEA WebLogic Server contains a vulnerability in the URL pattern matching
2004-04-23 2004-04-21 2004-04-23 VU#574222 BEA WebLogic Server configuration wizard stores administrative credentials in clear text log files
2004-04-23 2004-04-21 2004-04-23 VU#658878 BEA WebLogic Server allows unauthorized removal of EJB objects
2004-02-05 2004-02-04 2004-04-23 VU#790771 HTTP Parsing Vulnerabilities in Check Point Firewall-1
2004-04-07 2004-04-07 2004-04-23 VU#659228 Cisco WLSE and HSE devices contain hardcoded username and password
2004-04-22 2004-04-14 2004-04-22 VU#566390 BEA WebLogic Server fails to properly validate certificate chains
2004-04-14 2004-04-13 2004-04-22 VU#586540 Microsoft Private Communication Technology (PCT) fails to properly validate message inputs
2004-04-20 2004-04-20 2004-04-21 VU#162451 Cisco IOS fails to properly process solicited SNMP operations
2004-03-22 2004-03-15 2004-04-20 VU#413006 Oracle Application Server Web Cache contains heap overflow vulnerability
2004-04-19 2004-04-14 2004-04-19 VU#920238 BEA WebLogic Server stores database password in clear text in "config.xml"
2004-04-16 2004-04-14 2004-04-19 VU#470470 BEA WebLogic Server fails to properly associate re-created groups
2004-04-16 2004-04-03 2004-04-16 VU#900964 FTE fails to properly validate environment variables
2004-04-16 2004-04-03 2004-04-16 VU#354838 FTE fails to properly validate command line arguments

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis