search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-06-21 2005-06-14 2005-07-07 VU#459565 paFileDB fails to properly sanitize "query" parameter in "pafiledb.php"
2011-05-31 2011-05-23 2011-05-31 VU#567774 Imperva SecureSphere management GUI contains an XSS vulnerability
2004-09-17 2004-09-14 2004-09-17 VU#414240 Mozilla Mail vulnerable to buffer overflow via "writeGroup()" function in "nsVCardObj.cpp"
2006-12-13 2006-12-07 2006-12-15 VU#885665 MySpace fails to properly filter user-supplied content
2002-09-06 2002-08-30 2002-09-06 VU#955065 HP Tru64 UNIX "lpd" contains buffer overflow (SSRT2275)
2006-04-19 2006-04-18 2006-05-03 VU#443265 Oracle Reporting Framework vulnerability
2003-03-06 2003-03-04 2003-03-07 VU#611865 Automatic File Content Type Recognition Tool vulnerable to stack overflow
2001-02-08 2001-01-23 2001-02-08 VU#666872 Buffer Overflow in Lotus Domino Mail Server
2006-07-27 2006-07-25 2007-02-09 VU#897540 Mozilla products VCard attachment buffer overflow
2001-06-15 2001-01-08 2001-08-07 VU#264272 Microsoft Internet Information Server (IIS) discloses contents of files via crafted request containing "%3F+.htr"
2002-10-01 1999-04-21 2002-10-16 VU#39965 DHTML Edit Control for IE5 allows local files to be uploaded to web server
2004-04-30 2004-01-26 2004-05-06 VU#226974 Gaim contains an off-by-one buffer overflow vulnerability in the gaim_quotedp_decode() function
2004-03-17 2004-03-17 2004-03-26 VU#288574 OpenSSL contains null-pointer assignment in do_change_cipher_spec() function
2007-06-01 2007-05-24 2007-06-01 VU#821865 CREDANT Mobile Guardian Shield fails to remove credentials from memory
2007-03-26 2007-03-19 2007-10-16 VU#606700 file integer overflow vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis