search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-09-20 1998-07-27 2003-04-11 VU#5648 Buffer Overflows in various email clients
2002-07-23 2002-05-27 2003-04-11 VU#612843 Sun iPlanet and ONE Web Servers contain a buffer overflow in the search engine
2000-10-19 2000-05-16 2003-04-11 VU#38336 MIT Kerberos 5 ksu may allow either the '-r' or '-l' time-interval parameter to overflow the stack with the characters ''d', 'h', 'm', or 's'
2002-08-05 2001-12-17 2003-04-11 VU#157795 Magic Enterprise contains multiple shell scripts that allow arbitrary file overwriting via symlink redirection of temporary file
2002-09-23 2001-10-22 2003-04-11 VU#147587 Mac OS X utility gm4 contains format string vulnerability
2003-04-02 2001-04-11 2003-04-11 VU#527736 mkpasswd uses weak random number generator
2003-04-10 2003-04-09 2003-04-10 VU#447569 Microsoft Windows Virtual Machine (VM) ByteCode Verifier fails to properly check Java applets for malicious code
2001-05-10 2001-05-10 2003-04-09 VU#106392 Cisco IOS vulnerable to DoS via unrecognized transitive attribute in BGP UPDATE
2002-10-10 2002-10-09 2003-04-09 VU#538033 ypxfrd daemon fails to properly validate user supplied arguments in "getdbm" procedure
2001-07-09 2001-07-09 2003-04-09 VU#310295 Check Point RDP Bypass Vulnerability
2001-07-30 2001-07-11 2003-04-09 VU#135531 Allaire ColdFusion Server contains vulnerability allowing unauthorized user read/delete access to files
2001-12-27 2001-09-26 2003-04-09 VU#500027 3Com HomeConnect Cable Modem vulnerable to DoS via long string of characters
2001-07-24 2001-02-10 2003-04-09 VU#249579 klogd does not adequately handle NULL byte when parsing text using LogLine( )
2002-03-12 2002-01-10 2003-04-09 VU#168795 Oracle 9iAS allows anonymous remote users to view sensitive Apache services by default
2002-11-04 2002-11-04 2003-04-09 VU#266817 Multiple Sun RPC-based libc implementations fails to provide time-out mechanism when reading data from TCP connections

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis