search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-06-18 2002-06-17 2002-06-18 VU#664323 webMathematica discloses the contents of arbitrary files when file is requested using the absolute path
2006-10-25 2006-08-25 2006-10-25 VU#696896 Wireshark SSCOP dissector fails to properly handle malformed packets
2001-09-10 2001-08-03 2001-09-13 VU#920931 phpBB does not adequately validate user input for language selection thereby allowing user to execute arbitrary php code
2004-11-04 2004-11-02 2004-11-05 VU#960454 Microsoft Internet Explorer does not properly interpret IFRAME elements when displaying URLs in the status bar
2006-09-28 2004-08-02 2007-02-09 VU#423396 X.509 certificate verification may be vulnerable to resource exhaustion
2006-07-27 2006-07-25 2007-02-09 VU#687396 Mozilla products fail to properly validate JavaScript constructors
2005-01-14 2004-12-15 2006-05-01 VU#907729 Veritas Backup Exec registration request buffer overflow
2010-10-04 2010-10-04 2010-10-04 VU#236703 ActiveCollab permissions failure
2002-08-16 2002-08-16 2002-08-16 VU#939675 Microsoft Windows SQL Server allows arbitrary queries to be executed via "xp_printstatements" extended procedure
2001-05-17 2001-01-05 2001-06-20 VU#451096 Oliver Debon Flash plug-in vulnerable to buffer overflow processing incorrectly formatted sound file
2002-09-13 2002-08-30 2002-09-13 VU#693803 HP Tru64 UNIX "dxpause" contains buffer overflow (SSRT2275)
2001-12-20 2001-05-23 2001-12-20 VU#110803 CrushFTP Server does not adequately filter user input thereby permitting directory traversal
2005-08-31 2005-08-25 2005-09-01 VU#758054 Reflection for Secure IT Windows Server 6.0 changed case sensitivity of allow and deny lists
2005-06-08 2005-02-24 2005-06-08 VU#360296 Cisco ACNS may be vulnerable to DoS via malformed IP packets
2004-03-10 2004-03-09 2004-03-11 VU#982630 Microsoft Windows Media Services fails to properly validate TCP requests

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis