search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-06-06 2008-06-04 2008-06-06 VU#754403 0 HP Online Support Services ActiveX ExtractCab() buffer overflow
2004-09-10 2001-10-21 2004-10-27 VU#490708 0 Microsoft Internet Explorer window.createPopup() method creates chromeless windows
2010-11-18 2010-11-16 2010-11-19 VU#300785 0 PGP Desktop unsigned data injection vulnerability
2005-01-07 2004-12-23 2014-04-23 VU#177584 0 Microsoft Windows kernel vulnerable to a denial-of-service condition via animated cursor (.ani) frame number
2004-01-05 2003-12-28 2004-01-09 VU#288308 0 Microsoft Internet Information Server (IIS) vulnerable to cross-site scripting via HTTP TRACK method
2008-12-24 2008-12-09 2009-02-11 VU#696644 0 Microsoft SQL Server fails to properly validate parameters to the sp_replwritetovarbin extended stored procedure
2011-09-27 2002-02-08 2011-12-08 VU#864643 0 SSL 3.0 and TLS 1.0 allow chosen plaintext attack in CBC modes
2004-10-21 2004-10-12 2004-10-22 VU#203126 0 Microsoft IIS contains vulnerability in NNTP service
2003-03-06 1970-01-01 2017-07-10 VU#789985 0 Physical access to a computer system can be used to bypass software-based access control mechanisms
2008-12-02 2008-09-26 2009-01-13 VU#976484 0 RealFlex RealWin buffer overflow
2009-07-22 2009-07-22 2009-08-07 VU#259425 0 Adobe Flash vulnerability affects Flash Player and other Adobe products
2005-11-10 2005-11-10 2017-04-12 VU#102014 0 Optimistic TCP acknowledgements can cause denial of service
2005-02-21 2004-12-21 2005-02-22 VU#260421 0 Squid fails to parse empty access control lists correctly
2007-11-09 2007-08-03 2007-11-20 VU#310057 0 Guidance EnCase fails to detect more than 25 partitions
2009-01-28 2009-01-11 2009-01-28 VU#202753 0 Autonomy Ultraseek URL redirection vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis