search menu icon-carat-right cmu-wordmark
Carnegie Mellon University
Please be aware that VINCE will be down for maintenance from 12 noon EST until 4 PM EST on November 19, 2025.

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2009-09-15 2009-09-14 2009-09-21 VU#180065 0 Nginx ngx_http_parse_complex_uri() buffer underflow vulnerability
2009-09-10 2009-09-07 2009-09-16 VU#135940 Windows SMB version 2 vulnerability
2009-09-09 2009-09-07 2009-09-11 VU#336053 Cyrus IMAPd buffer overflow vulnerability
2009-04-29 2009-04-28 2009-09-05 VU#970180 0 Adobe Reader and Acrobat customDictionaryOpen() and getAnnots() JavaScript vulnerabilities
2009-08-31 2009-08-31 2009-09-02 VU#276653 0 Microsoft Internet Information Server (IIS) FTP server NLST stack buffer overflow
2009-07-28 2009-07-28 2009-08-27 VU#725188 ISC BIND 9 vulnerable to denial of service via dynamic update request
2009-07-15 2009-07-13 2009-08-27 VU#545228 0 Microsoft Office Web Components Spreadsheet ActiveX control vulnerability
2009-05-14 2009-04-08 2009-08-26 VU#238019 Cyrus SASL library buffer overflow vulnerability
2009-08-21 2009-08-18 2009-08-21 VU#582244 0 Libpurple buffer overflow vulnerability
2009-08-18 2009-08-16 2009-08-18 VU#485961 Acer AcerCtrls.APlunch ActiveX Control fails to properly restrict access to methods
2003-01-24 2003-01-20 2009-08-17 VU#867593 Web servers enable HTTP TRACE method by default
2009-05-18 2009-05-18 2009-08-12 VU#853097 0 ntpd autokey stack buffer overflow
2009-07-22 2009-07-22 2009-08-07 VU#259425 0 Adobe Flash vulnerability affects Flash Player and other Adobe products
2009-07-14 2009-07-14 2009-08-05 VU#466161 XML signature HMAC truncation authentication bypass
2003-08-25 2003-08-20 2009-07-30 VU#865940 Microsoft Internet Explorer does not properly evaluate "application/hta" MIME type referenced by DATA attribute of OBJECT element

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis