search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-11-12 2001-11-07 2003-08-11 VU#172583 Common Desktop Environment (CDE) Subprocess Control Service dtspcd contains buffer overflow
2002-07-27 2002-07-10 2002-07-31 VU#338195 Microsoft SQL Server installation process leaves sensitive information on system
2000-10-31 1999-09-10 2000-11-01 VU#29795 HHOpen ActiveX Control buffer overflow in OpenHelp method
2002-06-05 2002-02-21 2002-06-10 VU#393195 Yahoo! Messenger allows arbitrary users to be added to buddy list without proper authorization
2001-07-17 2001-07-16 2002-12-12 VU#869184 Oracle Internet Directory contains multiple vulnerabilities in LDAP handling code
2003-09-22 2003-09-04 2003-09-22 VU#792284 WS_FTP Server vulnerable to buffer overflow when supplied overly long "APPE" command
2011-03-21 2011-03-21 2011-04-21 VU#393783 OpenSLP denial of service vulnerability
2002-02-28 2002-02-06 2002-03-15 VU#923395 Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via cache directory name
2006-12-04 2006-11-28 2006-12-04 VU#811384 Apple Mac OS X Security Framework Online Certificate Status Protocol (OCSP) service fails to properly retrieve certificate revocation lists
2011-08-26 2011-08-24 2011-09-19 VU#405811 Apache HTTPD 1.3/2.x Range header DoS vulnerability
2003-03-13 2003-03-06 2003-03-18 VU#411489 Lotus Domino Web Retriever contains a buffer overflow vulnerability
2003-08-26 2003-08-20 2005-08-11 VU#334928 Microsoft Internet Explorer contains buffer overflow in Type attribute of OBJECT element on double-byte character set systems
2001-06-18 1999-05-30 2005-11-15 VU#23495 DNS implementations vulnerable to denial-of-service attacks via malformed DNS queries
2007-01-09 2007-01-09 2007-01-18 VU#122084 Microsoft Internet Explorer VML buffer overflow
2002-04-02 2000-03-27 2008-05-06 VU#24140 Linux kernel IP Masquerading "destination loose" (DLOOSE) configuration passes arbitrary UDP traffic

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis