search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-02-05 2008-02-02 2008-02-13 VU#101676 Yahoo! Music Jukebox YMP Datagrid ActiveX control stack buffer overflows
2002-08-10 2002-03-27 2002-08-10 VU#495275 Cisco CallManager contains memory leak
2004-04-23 2004-04-21 2004-04-23 VU#574222 BEA WebLogic Server configuration wizard stores administrative credentials in clear text log files
2004-11-17 2004-11-15 2005-04-20 VU#457622 Samba QFILEPATHINFO handling routine contains a remotely exploitable buffer overflow
2004-05-07 2004-05-03 2004-05-07 VU#648406 Apple Mac OS X AppleFileServer fails to properly handle certain authentication requests
2002-03-15 1999-08-23 2002-05-03 VU#634847 XDMCP leaks sensitive information by default configuration
2002-09-27 2001-10-13 2002-09-27 VU#921547 PostNuke does not adequately validate user input thereby allowing malicious user to bypass user authentication via SQL injection
2005-06-27 2003-01-13 2005-06-29 VU#165022 Microsoft Log Sink Class ActiveX control incorrectly marked "safe for scripting"
2004-04-14 2004-04-13 2004-04-14 VU#353956 Microsoft Windows H.323 implementation fails to handle malformed requests
2005-02-10 2005-02-08 2005-02-22 VU#107822 Symantec products vulnerable to buffer overflow via a specially crafted UPX file
2001-12-21 2001-12-19 2003-05-14 VU#598147 Microsoft Internet Explorer does not properly handle document.open()
2002-09-27 2001-05-23 2002-09-27 VU#739376 Microsoft Windows Media Player creates URL shortcut that may contain HTML code in known location in Local Computer Zone
2001-08-09 2001-02-07 2004-07-28 VU#391347 phpSecurePages allows remote code execution
2004-03-09 2004-03-09 2004-03-15 VU#305206 Microsoft Outlook fails to properly filter parameters passed via "mailto:" URL
2006-03-24 2006-03-06 2006-04-26 VU#314540 Pubcookie application server modules contain cross-site scripting vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis