search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-01-15 2003-12-22 2004-01-16 VU#281356 Sun Solaris tcsh(1) contains vulnerability in the built-in ls-F command
2006-10-25 2006-08-24 2006-10-25 VU#638376 Wireshark contains multiple off-by-one errors in the IPSec ESP preference parser
2006-10-11 2006-10-10 2006-11-17 VU#534276 Microsoft Office fails to properly parse malformed chart records
2006-05-30 2006-05-30 2006-06-07 VU#288121 Secure Elements Class 5 AVR client fails to validate source address of messages
2002-10-11 2002-09-09 2003-11-07 VU#307306 Microsoft Java implementation JDBC classes do not properly validate DLL requests
2004-12-07 2004-02-10 2005-10-26 VU#820006 XFree86 vulnerable to buffer overflow via crafted font directory in 'fonts.alias' file
2008-02-05 2008-02-02 2008-02-13 VU#101676 Yahoo! Music Jukebox YMP Datagrid ActiveX control stack buffer overflows
2006-08-24 2006-07-31 2006-08-29 VU#822476 VMware ESX Server management interface logs passwords in cleartext in a world-readable file
2004-05-07 2004-05-03 2004-05-07 VU#648406 Apple Mac OS X AppleFileServer fails to properly handle certain authentication requests
2004-03-05 2004-01-22 2004-03-05 VU#584606 NTP service vulnerable to internal overflow if date / time offset is greater than 34 years
2004-04-14 2004-04-13 2004-04-14 VU#353956 Microsoft Windows H.323 implementation fails to handle malformed requests
2011-01-11 2010-12-21 2011-01-12 VU#979776 Ecava IntegraXor web service allows directory traversal outside of web root
2002-09-27 2001-05-23 2002-09-27 VU#739376 Microsoft Windows Media Player creates URL shortcut that may contain HTML code in known location in Local Computer Zone
2004-03-09 2004-03-09 2004-03-15 VU#305206 Microsoft Outlook fails to properly filter parameters passed via "mailto:" URL
2006-04-20 2006-04-18 2006-05-03 VU#940729 Oracle Diagnostics Interfaces vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis