search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-08-15 2008-08-07 2008-08-15 VU#661827 Cisco WebEx Meeting Manager WebexUCFObject ActiveX Control stack buffer overflow
2011-02-23 2011-01-20 2011-02-23 VU#375127 IBM WebSphere Portal Server input validation vulnerability
2006-01-19 2005-01-17 2006-03-17 VU#857412 Oracle Transparent Data Encryption master encryption key stored as plaintext
2002-09-27 2001-06-02 2003-09-23 VU#255915 WebBoard does not adequately validate user input thereby permitting arbitrary JavaScript execution
2007-11-27 2007-11-25 2007-11-27 VU#433819 Apple Mail remote command execution vulnerability
2007-02-16 2007-02-14 2007-02-22 VU#430969 Cisco Firewall Services Module vulnerable to DoS via inspection of malformed SIP messages
2002-05-17 2002-02-19 2005-04-29 VU#150227 HTTP proxy default configurations allow arbitrary TCP connections
2001-07-17 2001-07-16 2002-12-12 VU#276944 iPlanet Directory Server contains multiple vulnerabilities in LDAP handling code
2002-05-16 2002-04-05 2002-05-16 VU#772915 Computer Associates MLink "mllock" command vulnerable to buffer overflow via long string of characters
2001-11-05 2000-06-09 2001-11-05 VU#40327 OpenSSH UseLogin option allows remote execution of commands as root
2003-05-01 2003-02-19 2003-05-01 VU#143627 RealSystem Server contains buffer overflow
2003-03-21 2002-08-01 2003-04-15 VU#671627 HP Tru64 UNIX "dxchpwd" contains buffer overflow
2006-09-15 2006-09-13 2006-11-14 VU#377369 Microsoft DirectAnimation Path ActiveX control fails to validate input
2003-10-30 2001-08-29 2003-10-30 VU#315227 KaZaA Media Desktop discloses username to remote users
2005-06-14 2005-06-14 2005-06-27 VU#851869 Microsoft HTML Help vulnerable to integer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis