search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-04-10 2001-04-10 2001-04-11 VU#212088 Alcatel ADSL modems contain a null default password
2007-01-09 2007-01-09 2007-01-26 VU#271860 Microsoft Outlook fails to properly parse Office Saved Searches (.oss) files
2003-07-18 1998-05-21 2004-02-23 VU#12212 Weaknesses in MIT magic cookie and XDM X Windows authorization
2008-01-15 2008-01-15 2008-07-22 VU#347812 UPnP enabled by default in multiple devices
2006-04-11 2006-04-11 2006-11-02 VU#234812 RDS.Dataspace ActiveX control bypasses ActiveX security model
2006-06-06 2006-05-18 2006-06-07 VU#466428 Skype URI handler fails to properly parse parameters
2005-02-08 2005-02-08 2005-02-08 VU#927889 Microsoft OLE buffer overflow
2004-08-04 2004-08-04 2005-06-01 VU#477512 libpng png_handle_sPLT() integer overflow
2007-03-02 2007-02-28 2007-03-22 VU#472412 Cisco Catalyst Systems with a NAM may allow system access via spoofing the SNMP communication
2007-09-06 2007-09-06 2007-09-25 VU#589188 Earth Resource Mapping NCSView ActiveX control stack buffer overflows
2001-08-10 2000-05-30 2001-08-10 VU#26188 Keys generated with PGP5i batch mode do not contain sufficient randomness on systems that use /dev/random
2006-11-29 2006-11-28 2006-11-30 VU#870960 Apple Mac OS X PPP driver fails to properly validate PADI packets
2001-06-01 2001-02-20 2001-08-30 VU#112912 Hewlett-Packard MPE/iX linkeditor permits privilege escalation
2005-12-02 2005-11-28 2006-01-13 VU#974188 Sun Java Runtime Environment "reflection" API privilege elevation vulnerabilities
2003-06-05 2003-04-23 2003-06-05 VU#697049 Cisco Secure ACS for Windows CSAdmin vulnerable to buffer overflow via login requests

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis