search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-06-11 2002-03-01 2002-06-13 VU#259435 AOL Instant Messenger vulnerable to buffer overflow via crafted "addbuddy" URI sent in message
2007-04-23 2007-04-23 2008-10-14 VU#184473 Microgaming Download Helper ActiveX control stack buffer overflow
2003-02-07 2003-02-06 2003-02-07 VU#666073 AbsoluteTelnet vulnerable to buffer overflow via overly long window title
2007-10-20 2007-10-18 2007-11-15 VU#871673 RealPlayer playlist name stack buffer overflow
2007-07-27 2007-07-24 2008-08-06 VU#252735 ISC BIND generates cryptographically weak DNS query IDs
2008-05-27 2008-05-27 2008-06-09 VU#395473 Adobe Flash player code execution vulnerability
2007-12-11 2007-12-11 2007-12-11 VU#601073 Microsoft Windows Vista privilege escalation vulnerability
2003-05-20 2003-05-03 2003-07-14 VU#397604 GnuPG contains flaw in key validation code
2006-10-02 2006-09-29 2006-10-04 VU#838404 Apple kernel exception handling vulnerability
2002-12-05 2002-11-27 2002-12-06 VU#683673 Sun Solaris priocntl(2) does not adequately validate path to kernel modules that implement lightweight process (LWP) scheduling policy
2006-05-12 2006-05-11 2006-05-12 VU#519473 Apple Safari fails to properly handle archive files containing symbolic links
2004-08-11 2004-08-09 2004-08-11 VU#139504 Sun Solaris X Display Manager does not properly handle invalid XDMCP requests
2008-03-18 2008-03-18 2008-04-28 VU#329673 BusinessObjects RptViewerAX ActiveX control stack buffer overflow
2002-10-23 2002-09-30 2003-02-26 VU#875073 Kerberos administration daemon vulnerable to buffer overflow
2007-03-17 2007-03-16 2007-03-20 VU#647273 CA BrightStor ARCserver Tape Engine denial-of-service vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis