search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2007-02-16 2007-01-20 2007-03-05 VU#794752 Apple iChat AIM URI handler format string vulnerability
2007-01-09 2007-01-09 2007-05-10 VU#831452 Kerberos administration daemon may free uninitialized pointers
2003-11-19 2003-09-10 2004-05-13 VU#652452 Microsoft Internet Explorer does not adequately validate javascript: protocol URL
2006-10-05 2006-10-02 2006-10-05 VU#842452 McAfee HTTP Server vulnerable to buffer overflow
2001-07-23 2001-04-11 2001-07-26 VU#676552 Lotus Domino vulnerable to DoS via crafted unicode GET request
2001-10-08 2000-12-20 2001-10-08 VU#570952 Redhat Linux diskcheck.pl creates predictable temporary file and fails to check for existing symbolic link of same name
2003-08-25 2003-07-11 2003-12-30 VU#993452 Sendmail fails to appropriately initialize data structures for DNS maps
2003-09-30 2003-09-04 2003-10-01 VU#732952 OpenSSL accepts unsolicited client certificate messages
2006-02-27 2006-02-14 2006-05-17 VU#567452 PostgreSQL database privilege escalation vulnerability
2001-01-18 2000-12-21 2001-07-18 VU#124352 HP-UX kermit contains local buffer overflow that allows denial-of-service
2006-05-09 2006-05-09 2006-06-22 VU#303452 Microsoft Exchange fails to properly handle vCal and iCal properties
2007-02-02 2006-11-30 2007-02-02 VU#583552 Apple Airport Extreme fails to properly process 802.11 frames
2006-12-15 2006-12-08 2007-02-06 VU#901852 Yahoo Messenger YMailAttach ActiveX control buffer overflow
2006-08-08 2006-08-08 2006-08-08 VU#884252 Microsoft PowerPoint fails to properly handle malformed records
2011-04-04 2011-04-04 2011-04-04 VU#946652 pWhois Layer Four Traceroute 3.x vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis