search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-09-18 2001-06-07 2001-09-18 VU#648131 Microsoft Windows 2000 Telnet Service allows unprivileged local users to terminate sessions via unprotected system calls
2005-12-02 2005-11-28 2006-01-12 VU#355284 Sun Java Runtime Environment applet privilege escalation vulnerability
2005-05-16 2005-05-03 2005-05-18 VU#582934 Apple Mac OS X Foundation Framework vulnerable to buffer overflow via incorrect handling of an environmental variable
2002-11-19 2002-10-30 2002-11-19 VU#361065 The default NTFS permissions are not applied to a converted boot partition on Microsoft Windows 2000 and Windows XP systems when CONVERT.EXE is used
2010-10-22 2010-10-21 2010-10-29 VU#402231 Adobe Shockwave Player Director file 'rcsL' chunk parsing vulnerability
2004-07-14 2004-07-13 2004-07-14 VU#920060 Microsoft Windows HTML Help component fails to properly validate input data
2001-11-15 2001-07-09 2001-11-15 VU#349019 Tripwire vulnerable to arbitrary file overwriting via symlink redirection of temporary file
2002-12-09 2002-12-06 2002-12-09 VU#961489 University of Washington IMAP Server vulnerable to buffer overflow after login
2006-10-25 2006-08-29 2006-10-25 VU#300368 X.Org fails to check for setuid failure on Linux systems
2011-10-27 2011-10-27 2011-10-27 VU#402731 Enspire eClient SQL injection allows authentication bypass
2001-09-17 2001-04-15 2001-09-17 VU#401808 exuberant-ctags creates temporary files insecurely
2004-07-09 2004-06-30 2004-07-09 VU#718896 Cisco Collaboration Server (CCS) ServletExec allows arbitrary file uploading
2003-07-28 2003-07-28 2003-07-29 VU#886796 Cisco Aironet AP1100 fails to provide universal login error messages thereby disclosing validity of user account
2004-11-29 2004-11-26 2004-12-17 VU#145134 Microsoft Windows Internet Naming Service (WINS) replication protocol contains a heap-based buffer overflow
2005-07-13 2005-07-13 2005-07-20 VU#258834 WebEOC privileges are based on client-side authorization

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis