search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-26 2001-04-23 2002-09-26 VU#951632 WebCalendar does not adequately validate user input
2010-11-30 2010-08-18 2011-01-03 VU#870532 AWStats fails to properly handle "\\" when specifying a configuration file directory
2003-04-30 2003-04-30 2003-04-30 VU#609137 ScriptLogic RPC service allows local users to modify arbitrary registry settings
2007-02-07 2007-02-05 2007-03-29 VU#649732 Samba AFS ACL mapping VFS plug-in format string vulnerability
2003-04-30 2003-04-30 2003-05-01 VU#813737 ScriptLogic sets insecure permissions on "LOGS$" share
2003-06-13 2002-10-14 2003-06-13 VU#248337 HP-UX fails to apply standard UNIX filesystem security measures when using OnLineJFS
2003-06-23 2003-06-16 2003-06-23 VU#758932 Sun Management Center (SunMC) allows user to create or overwrite arbitrary files
2001-05-05 2001-01-26 2001-06-25 VU#987632 NewsDaemon does not adequately filter user input to $user_username
2006-10-25 2006-08-24 2006-12-20 VU#808832 Wireshark contains an unspecified vulnerability in the SCSI dissector
2005-05-05 2005-04-27 2005-05-11 VU#327037 Debian CVS "pserver" remote access authentication bypass vulnerability
2005-05-19 2005-05-19 2005-05-26 VU#232232 Groove Virtual Office may not correctly display file names
2007-02-08 2007-02-07 2007-03-15 VU#276432 Trend Micro AntiVirus fails to properly process malformed UPX packed executables
2002-05-29 2002-05-29 2003-04-09 VU#703835 Macromedia JRun ISAPI DLL filter vulnerable to buffer overflow via request for long Host header field
2005-02-09 2005-02-08 2005-02-09 VU#698835 Microsoft DHTML Drag-and-Drop events insufficiently validated
2008-01-03 2007-12-28 2008-01-23 VU#553235 Jetty fails to properly process URLs that contain double / characters

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis