search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-09-18 2001-06-07 2001-09-18 VU#855723 Microsoft Windows 2000 Telnet Service fails to enforce timeouts on idle telnet sessions
2005-08-19 2005-03-01 2007-10-11 VU#680526 Microsoft Internet Explorer can use any COM object
2004-11-03 2004-11-03 2004-11-03 VU#858726 MailPost discloses sensitive system information when operating in debug mode
2004-07-30 2004-02-15 2004-07-31 VU#266926 Microsoft Internet Explorer contains an integer overflow in the processing of bitmap files
2004-03-23 2004-02-03 2004-03-23 VU#801526 util-linux login program discloses sensitive information
2001-05-25 2000-05-11 2001-08-07 VU#35085 Microsoft Internet Information Server (IIS) discloses contents of files via crafted request for .htr file
2006-04-20 2006-04-18 2006-04-20 VU#797465 Oracle Advanced Replication SQL injection vulnerability
2007-08-14 2007-08-14 2007-08-15 VU#361968 Microsoft XML Core Services XMLDOM substringData() buffer overflow
2004-07-12 2004-07-01 2004-07-21 VU#645326 MySQL fails to properly handle overly long "scramble" values
2004-10-13 2004-10-12 2004-10-13 VU#637760 Microsoft Internet Explorer Install Engine contains a buffer overflow vulnerability
2000-12-04 2000-09-25 2003-01-27 VU#382365 LPRng can pass user-supplied input as a format string parameter to syslog() calls
2004-03-17 2004-03-17 2004-03-26 VU#484726 OpenSSL does not adequately validate length of Kerberos ticket during SSL/TLS handshake
2005-01-20 2005-01-11 2005-02-03 VU#882926 Opera may insecurely execute binary data encoded in a URI
2011-02-04 2011-02-04 2011-03-28 VU#363726 Majordomo 2 _list_file_get() directory traversal vulnerability
2002-04-05 2001-10-06 2002-04-05 VU#710347 AOL Instant Messenger vulnerable to DoS via crafted GIF file

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis