search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-08-09 2005-07-15 2005-08-16 VU#965206 Microsoft Internet Explorer JPEG rendering library vulnerable to buffer overflow
2002-06-05 2002-02-21 2002-06-05 VU#952875 Yahoo! Messenger is vulnerable to DoS via multiple messages from spoofed names
2002-08-20 2002-04-22 2002-08-20 VU#809347 FreeBSD privilege elevation vulnerability
2001-12-21 2001-12-20 2002-01-09 VU#700575 Buffer overflows in Microsoft SQL Server 7.0 and SQL Server 2000
2006-10-25 2006-08-24 2006-10-25 VU#638376 Wireshark contains multiple off-by-one errors in the IPSec ESP preference parser
2002-02-09 2001-07-18 2002-02-09 VU#116875 Adobe PhotoDeluxe does not adequately restrict Java execution
2001-12-04 2001-12-04 2002-01-02 VU#157447 OpenSSH UseLogin directive permits privilege escalation
2010-08-05 2010-08-02 2010-09-14 VU#275247 FreeType 2 CFF font stack corruption vulnerability
2001-09-18 2001-06-07 2001-09-18 VU#405075 Microsoft Windows 2000 Telnet Service fails to reject oversized username input values
2002-09-24 2001-12-13 2002-09-24 VU#413875 EFTP does not adequately validate user input thereby allowing directory traversal
2002-10-11 2002-09-09 2003-11-07 VU#307306 Microsoft Java implementation JDBC classes do not properly validate DLL requests
2001-08-03 2001-07-11 2001-08-03 VU#321475 Allaire ColdFusion Server contains vulnerability allowing templates to be overwritten by zero byte file of the same name
2001-10-29 2001-10-25 2001-10-29 VU#825275 NSI RWhoisd contains format string vulnerability in print_error()
2001-07-27 2001-06-13 2001-09-17 VU#451275 Curses library vulnerable to buffer overflow
2004-04-09 2004-01-27 2004-04-12 VU#858990 BEA WebLogic Server fails to properly associate the user identity on subsequent client connections

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis