search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-03-04 2003-02-26 2003-05-08 VU#489721 Microsoft Windows Me and XP Help and Support Center does not adequately validate hcp:// URI parameters
2002-04-29 1999-02-01 2003-03-26 VU#2558 File Transfer Protocol allows data connection hijacking via PASV mode race condition
2001-06-21 2001-06-08 2001-09-06 VU#952171 Hewlett Packard OpenView and Tivoli NetView do not adequately validate SNMP trap arguments
2006-05-16 2006-05-16 2008-09-22 VU#190617 LiveData ICCP Server heap buffer overflow vulnerability
2008-03-27 2008-03-25 2008-03-27 VU#466521 Mozilla JavaScript privilege escalation
2006-05-30 2006-05-30 2006-06-07 VU#635721 Secure Elements Class 5 AVR client fails to properly validate a messages target CEID
2001-07-24 2001-02-10 2003-04-09 VU#249579 klogd does not adequately handle NULL byte when parsing text using LogLine( )
2006-02-14 2006-02-14 2006-02-22 VU#739844 Microsoft Windows Korean Input Method Editor vulnerability
2006-04-03 1999-04-19 2006-05-02 VU#808921 eBay contains a cross-site scripting vulnerability
2006-10-10 2006-10-10 2007-02-27 VU#706668 Microsoft Excel fails to properly process malformed DATETIME records
2003-12-01 2003-11-26 2004-01-05 VU#734644 ISC BIND 8 vulnerable to cache poisoning via negative responses
2004-04-14 2004-04-02 2004-04-14 VU#705958 HAHTsite Scenario Server fails to handle overly long URLs
2008-03-18 2008-03-18 2011-07-22 VU#374121 MIT Kerberos contains array overrun in RPC library used by kadmind
2004-11-23 2004-11-22 2004-11-23 VU#760344 Sun Java Plug-in fails to restrict access to private Java packages
2002-09-26 2001-09-20 2002-09-26 VU#794211 Pi-Soft SpoonFTP does not adequately validate user input thereby allowing directory traversal

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis