search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-12-20 2001-12-20 2001-12-21 VU#411059 Microsoft Windows Universal Plug and Play service (UPNP) fails to limit the data returned in response to a NOTIFY message
2002-07-22 2000-04-14 2002-08-30 VU#458659 Microsoft Windows domain name resolver service accepts responses from non-queried DNS servers by default
2005-08-24 2005-08-24 2005-11-02 VU#778916 pam_ldap authentication bypass vulnerability
2004-12-16 2004-12-14 2004-12-16 VU#378160 Microsoft Windows Internet Naming Service (WINS) contains a buffer overflow
2003-08-20 2002-04-30 2003-08-20 VU#888459 SGI IRIX contains buffer overflow vulnerability in "cpr" program
2010-11-19 2009-09-30 2010-11-19 VU#479051 OSIsoft PI Server provides an insecure authentication mechanism
2006-09-27 2006-07-18 2006-10-10 VU#753044 Microsoft Windows WebViewFolderIcon ActiveX integer overflow
2001-08-20 2001-01-30 2003-05-29 VU#417216 sort creates temporary files insecurely
2002-06-04 2002-05-27 2003-06-02 VU#301059 Oracle TNS Listener Control Utility (LSNRCTL) contains format string vulnerability
2001-09-26 2001-05-24 2001-09-26 VU#426459 Beck GmbH IPC@Chip FtpD allows an attacker to gain access to the device
2009-07-28 2009-07-28 2009-08-27 VU#725188 ISC BIND 9 vulnerable to denial of service via dynamic update request
2005-01-14 2005-01-11 2005-01-14 VU#377368 Apple iTunes fails to properly handle overly long URLs in playlists
2004-04-14 2004-04-13 2004-04-14 VU#260588 Microsoft Windows Help and Support Center (HCP) fails to validate HCP URLs
2006-06-22 2006-06-11 2006-07-07 VU#912588 WinSCP URI handlers fails to properly parse command line switches
2000-10-31 1999-09-10 2000-10-31 VU#23412 Wang/Kodak Image Annotation ActiveX Control

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis