search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-03-23 2004-02-16 2004-04-01 VU#779438 ModSecurity for Apache vulnerable to off-by-one overflow when directive "SecFilterScanPost" is enabled
2004-04-19 2004-04-14 2004-04-19 VU#920238 BEA WebLogic Server stores database password in clear text in "config.xml"
2008-04-08 2008-04-08 2008-04-29 VU#155563 Microsoft Office Project vulnerable to remote code execution via specially crafted Project file
2004-04-16 2004-04-03 2004-04-16 VU#354838 FTE fails to properly validate command line arguments
2005-05-18 2005-05-12 2005-05-25 VU#937838 Extreme Networks switches with ExtremeWare XOS allow arbitrary command execution
2002-01-08 2002-01-08 2002-01-09 VU#191763 iPlanet Web Server Enterprise Edition and Netscape Enterprise Server malformed Web Publisher command causes denial-of-service
2001-08-18 2001-07-05 2001-08-18 VU#435963 Microsoft Windows 2000 SMTP service fails to properly authenticate credentials of unauthorized user (MS01-037)
2003-10-09 2003-10-06 2003-10-10 VU#989580 Hummingbird CyberDOCS sets insecure permissions on script source code files
2004-07-14 2004-07-13 2004-07-14 VU#868580 Microsoft Windows Utility Manager launches applications with system privileges
2003-04-25 2002-04-17 2007-06-05 VU#728563 Microsoft Internet Explorer does not adequately validate source of dialog frame
2006-09-11 2006-09-07 2006-09-11 VU#400780 AOL ICQ Pro fails to properly handle incoming message lengths
2006-10-11 2006-10-10 2006-10-11 VU#807780 Microsoft Office fails to properly parse malformed Smart Tags
2003-10-06 2003-06-03 2003-10-07 VU#668380 Microsoft Internet Explorer fails to properly handle Dynamic HTML (DHTML) behaviors in restricted zones
2002-07-25 2002-07-24 2003-02-06 VU#508387 Microsoft SQL Server contains SQL injection vulnerability in replication stored procedures
2001-05-01 2001-02-27 2002-03-05 VU#976280 Multiple networking devices allow SNMP objects to be viewed/modified via ILMI community string

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis