search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-02-05 2008-02-03 2008-02-13 VU#340860 Yahoo! Music Jukebox Yahoo! MediaGrid ActiveX control stack buffer overflow
2002-10-17 2002-09-26 2002-10-17 VU#600777 gv contains buffer overflow in sscanf() function
2001-07-12 2000-10-18 2001-07-12 VU#118277 The Oracle Internet Directory LDAP (oidldapd) contains buffer overflow
2001-07-17 2001-07-16 2002-12-12 VU#688960 Teamware Office contains multiple vulnerabilities in LDAP handling code
2002-08-28 2001-06-21 2002-08-28 VU#351219 Sun Solaris ptexec does not adequately validate argument passed via -o option
2001-05-10 2000-11-19 2001-06-19 VU#197477 AT&T WinVNC allows user access to passwords and configuration via weak registry permissions
2007-10-19 2007-10-19 2007-10-19 VU#559977 Mozilla products vulnerable to memory corruption in the browser engine
2007-01-09 2007-01-09 2007-01-26 VU#271860 Microsoft Outlook fails to properly parse Office Saved Searches (.oss) files
2006-10-11 2006-10-02 2006-11-08 VU#788860 Trend Micro OfficeScan Management Console ActiveX control format string vulnerability
2006-06-06 2006-05-18 2006-06-07 VU#466428 Skype URI handler fails to properly parse parameters
2001-08-21 2000-11-04 2001-08-21 VU#960877 Red Hat linux restore uses insecure environment variables allowing root compromise
2004-11-03 2004-11-02 2004-12-10 VU#842160 Microsoft Internet Explorer vulnerable to buffer overflow via FRAME and IFRAME elements
2006-11-29 2006-11-28 2006-11-30 VU#870960 Apple Mac OS X PPP driver fails to properly validate PADI packets
2000-11-08 2000-10-25 2004-03-30 VU#683677 Cisco IOS software vulnerable to DoS via HTTP request containing "?/"
2004-03-08 2004-01-28 2004-03-15 VU#902374 Apple Mac OS X TruBlueEnvironment vulnerable to buffer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis