search menu icon-carat-right cmu-wordmark
ATTENTION: VINCE web interface and API interfaces will be down for maintenance from 1200 EDT on Tuesday, March 19, 2024, until no later than 0900 EDT Wednesday, March 20, 2024.

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-01-10 2001-01-09 2001-01-11 VU#247371 Borland/Inprise Interbase SQL database server contains backdoor superuser account with known password
2006-11-30 2006-11-17 2007-03-19 VU#198908 Adobe Acrobat AcroPDF ActiveX control fails to properly handle malformed input
2005-10-11 2005-10-11 2005-10-11 VU#922708 Microsoft Windows Shell fails to handle shortcut files properly
2002-06-13 2002-05-27 2002-06-25 VU#855811 Microsoft Remote Access Service API contains additional buffer overflow vulnerability via phonebook entries
2002-08-01 2002-06-26 2002-08-28 VU#542971 Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflow via network name and address lookups
2003-10-30 2003-10-03 2004-05-20 VU#473108 Cisco Lightweight Extensible Authentication Protocol (LEAP) uses passwords that are vulnerable to dictionary attacks
2010-12-01 2010-12-01 2010-12-01 VU#510208 ISC BIND named allow-query vulnerability
2001-07-24 2001-07-18 2002-04-16 VU#745371 Multiple vendor telnet daemons vulnerable to buffer overflow via crafted protocol options
2006-06-13 2006-06-13 2006-06-13 VU#909508 Microsoft Graphics Rendering Engine fails to properly handle WMF images
2002-10-01 2002-02-11 2002-10-01 VU#355971 Microsoft Internet Explorer executes scripts when scripting has been disabled after bypassing initial security checks
2003-08-26 2003-08-20 2003-09-03 VU#813208 Microsoft Internet Explorer does not properly render input type tag
2008-02-11 2008-02-07 2008-02-11 VU#309608 Mozilla products may allow directory traversal
2005-02-08 2005-02-08 2005-02-09 VU#823971 Microsoft Internet Explorer contains a Channel Definition Format (CDF) cross-domain vulnerability
2002-08-12 2002-08-14 2004-02-09 VU#287771 Multiple vendors' Internet Key Exchange (IKE) implementations do not properly handle IKE response packets
2002-06-25 2002-06-12 2002-08-08 VU#811371 Microsoft SQLXML ISAPI filter vulnerable to buffer overflow via contenttype parameter

Sponsored by CISA.