search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-10-09 2003-10-06 2003-10-10 VU#715548 Hummingbird CyberDOCS error page discloses web server installation path
2005-03-30 2005-03-23 2005-12-22 VU#557948 Mozilla products vulnerable to heap overflow via specially crafted GIF file
2004-07-19 2004-07-16 2004-07-19 VU#303448 mod_ssl contains a format string vulnerability in the ssl_log() function
2001-08-21 2000-10-31 2001-08-21 VU#153653 Linux dump uses environment variables insecurely, allowing for root compromise
2003-03-26 2003-03-18 2003-03-26 VU#691153 BEA WebLogic Server fails to discard cached authentication information when web applications are updated
2003-04-24 2003-04-23 2003-04-24 VU#169753 Buffer Overflow in URLMON.DLL
2007-07-11 2007-07-10 2007-07-11 VU#348953 Microsoft Windows Active Directory fails to properly validate client sent LDAP requests
2006-11-17 2006-11-16 2006-11-17 VU#445753 NetGear wireless driver fails to properly process certain 802.11 management frames
2005-08-17 2005-08-15 2005-08-17 VU#172948 Apple Mac OS X AppKit vulnerable to buffer overflow via maliciously crafted Microsoft Word files
2005-01-11 2005-01-11 2005-01-14 VU#258905 Multiple implementations of LDAP Directory Server vulnerable to buffer overflow
2006-01-11 2006-01-10 2006-01-13 VU#150753 Apple QuickTime TIFF image "StripByteCounts" integer overflow
2004-07-14 2004-07-13 2004-07-14 VU#717748 Microsoft Internet Information Server (IIS) 4.0 contains a buffer overflow in the redirect function
2001-05-02 2001-05-01 2001-06-26 VU#516648 Microsoft Windows 2000/Internet Information Server (IIS) 5.0 Internet Printing Protocol (IPP) ISAPI contains buffer overflow (MS01-023)
2005-02-04 2005-01-31 2005-02-07 VU#823350 Squid fails to properly handle oversized reply headers
2004-06-22 2004-06-22 2004-07-13 VU#317350 ISC DHCP contains a stack buffer overflow vulnerability in handling log lines containing ASCII characters only

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis