search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-02-04 2005-01-28 2005-02-08 VU#886006 Squid vulnerable to buffer overflow via an overly long WCCP message
2002-03-07 2002-03-07 2002-04-02 VU#408419 OpenSSH contains a one-off overflow of an array in the channel handling code
2002-11-19 2002-11-19 2004-10-18 VU#457875 Various DNS service implementations generate multiple simultaneous queries for the same resource record
2007-11-14 2007-11-05 2007-11-14 VU#797875 Apple QuickTime code execution vulnerability
2002-02-28 2002-02-06 2002-03-15 VU#659043 Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via Database Access Descriptor password
2005-09-21 2005-02-22 2005-10-28 VU#215006 unace buffer overflow vulnerability
2003-01-24 2003-01-20 2009-08-17 VU#867593 Web servers enable HTTP TRACE method by default
2002-09-27 2001-11-29 2003-04-15 VU#453475 PGPMail.pl does not adequately validate user input thereby allowing arbitrary command execution
2004-03-22 2004-03-15 2004-04-20 VU#413006 Oracle Application Server Web Cache contains heap overflow vulnerability
2007-02-15 2007-02-15 2007-02-23 VU#522393 LizardTech DjVu Browser Plug-in buffer overflow vulnerabilities
2007-02-21 2007-02-20 2007-02-21 VU#349393 Trend Micro ServerProtect ENG_SendEMail() stack buffer overflow
2000-11-02 1999-07-21 2000-11-02 VU#22919 SystemWizard Registry Object ActiveX Control lacks authentication
2001-10-16 2001-08-27 2001-11-09 VU#966075 HP-UX vulnerable to buffer overflow in line printer daemon (rlpdaemon) via crafted print request
2001-11-15 2001-09-10 2002-09-10 VU#916443 HP Tru64 UNIX "msgchk" contains buffer overflow (SSRT2275)
2006-09-12 2006-09-12 2006-09-13 VU#455516 Microsoft PGM vulnerable to remote code execution

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis