search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-05-15 2006-05-11 2006-05-17 VU#570689 Apple QuickTime FlashPix integer overflow
2002-09-05 2002-08-30 2002-09-05 VU#629289 HP Tru64 UNIX "traceroute" contains buffer overflow (SSRT2261)
2006-05-16 2006-05-11 2006-05-16 VU#186944 EMC Retrospect Client buffer overflow vulnerability
2003-10-16 2003-10-15 2003-10-16 VU#435444 Microsoft Outlook Web Access (OWA) contains cross-site scripting vulnerability in the "Compose New Message" form
2001-12-15 1999-12-07 2001-12-15 VU#13217 Problem with HP r-cmnds
2002-10-01 2002-02-11 2002-10-01 VU#355971 Microsoft Internet Explorer executes scripts when scripting has been disabled after bypassing initial security checks
2003-05-02 2003-04-30 2003-05-07 VU#195644 Sun ONE Directory Server "ns-ldapd" can be terminated by unprivileged user
2007-03-14 2007-03-13 2007-10-01 VU#559444 Apple Mac OS X ImageIO integer overflow vulnerability
2008-03-07 2008-03-05 2008-03-07 VU#512491 GNOME Evolution format string vulnerability
2002-04-10 2002-04-10 2002-04-10 VU#883091 Microsoft Internet Information Server (IIS) contains cross-site scripting vulnerability in IIS Help Files search facility
2005-02-21 2004-12-22 2005-02-21 VU#372968 WinAmp contains a flaw in metadata handling in .mpa and .mp4 files
2002-08-01 2002-06-26 2002-08-28 VU#542971 Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflow via network name and address lookups
2005-02-01 2004-09-05 2005-02-03 VU#577566 QNX PPPoEd daemon vulnerable to command spoofing
2002-01-31 2001-08-14 2002-01-31 VU#726891 Novell Groupwise contains protocol implementation vulnerability allowing email to be viewed by unauthorized user
2007-09-06 2006-12-01 2007-09-06 VU#311192 VUPlayer malformed playlist buffer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis