search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-12-13 2006-09-21 2006-12-20 VU#262352 Sun Secure Global Desktop Software (SSGD) contains multiple cross-site scripting vulnerabilities
2003-08-02 2003-05-01 2003-08-12 VU#208052 Microsoft Internet Explorer and Outlook Express MHTML rendering engine incorrectly executes script in Local Computer Zone
2001-06-27 2001-06-27 2004-03-30 VU#812515 Cisco IOS HTTP server authentication vulnerability allows remote attackers to execute arbitrary commands
2002-08-09 2001-06-21 2002-08-09 VU#139315 SurfControl SuperScout does not filter web requests fragmented in multiple packets
2002-06-05 2002-05-27 2002-06-05 VU#172315 Yahoo! Messenger "addview" function allows for the automatic execution of malicious script contained in web pages
2002-05-08 2002-05-08 2003-01-13 VU#854315 ISC DHCPD contains format string vulnerability when logging DNS-update requests
2002-09-27 2002-02-27 2003-10-09 VU#874115 Microsoft Windows SMTP Service fails to properly handle responses from the NTLM authentication layer
2002-05-29 2002-03-08 2002-05-29 VU#970915 Quake II Server performs console variable expansion on client-supplied input values
2002-06-05 2002-05-27 2002-06-06 VU#137115 Yahoo! Messenger contains a buffer overflow in the URI handler
2003-10-30 2001-08-07 2003-10-30 VU#742115 Avaya Argent Office uses weak authentication for TFTP-based administrative control
2001-07-29 2001-07-12 2004-02-23 VU#656315 Cisco IOS vulnerable to DoS via crafted PPTP packet sent to port 1723/tcp
2010-07-02 2010-06-25 2010-07-12 VU#643615 libpng fails to limit number of rows in header
2002-07-22 2002-07-22 2003-05-30 VU#929115 PHP fails to properly parse the headers of HTTP POST requests
2005-01-12 2004-12-21 2005-04-12 VU#972415 Microsoft Windows HTML Help ActiveX control does not adequately validate window source
2002-05-16 2002-04-13 2004-01-22 VU#403315 Nortel Networks CVX 1800 discloses privileged information

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis