search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-09-18 2001-06-07 2001-09-18 VU#648131 Microsoft Windows 2000 Telnet Service allows unprivileged local users to terminate sessions via unprotected system calls
2001-11-15 1998-03-24 2001-11-15 VU#4923 Windows NT SNMP agent leaks memory
2002-09-14 2001-04-03 2003-09-23 VU#208131 Jakarta Tomcat serves JSP source code when supplied malformed HTTP request
2002-11-19 2002-10-30 2002-11-19 VU#361065 The default NTFS permissions are not applied to a converted boot partition on Microsoft Windows 2000 and Windows XP systems when CONVERT.EXE is used
2010-10-22 2010-10-21 2010-10-29 VU#402231 Adobe Shockwave Player Director file 'rcsL' chunk parsing vulnerability
2006-06-13 2006-06-13 2009-04-13 VU#417585 Microsoft DXImageTransform Light filter fails to validate input
2002-09-09 2002-05-22 2002-09-09 VU#115731 HP Tru64 UNIX "quot" contains buffer overflow (SSRT2191)
2001-06-15 2000-07-14 2001-08-07 VU#28565 Microsoft Internet Information Server (IIS) discloses contents of files via crafted request containing "+.htr"
2004-03-24 2004-03-19 2004-08-25 VU#132110 Apache HTTP Server vulnerable to DoS race condition in the handling of short-lived connections
2011-10-27 2011-10-27 2011-10-27 VU#402731 Enspire eClient SQL injection allows authentication bypass
2008-06-06 2008-06-04 2008-06-06 VU#526131 HP Online Support Services ActiveX RegistryString() buffer overflow
2004-07-09 2004-06-30 2004-07-09 VU#718896 Cisco Collaboration Server (CCS) ServletExec allows arbitrary file uploading
2003-07-28 2003-07-28 2003-07-29 VU#886796 Cisco Aironet AP1100 fails to provide universal login error messages thereby disclosing validity of user account
2002-09-24 2002-04-08 2002-09-24 VU#156123 Microsoft Office Web Components allows arbitary user to determine whether local file exists via Chart component "Load" method
2011-03-21 2011-03-21 2011-04-05 VU#376500 Foolabs Xpdf contains a denial of service vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis