search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2007-03-02 2007-02-28 2007-03-22 VU#472412 Cisco Catalyst Systems with a NAM may allow system access via spoofing the SNMP communication
2004-08-04 2004-08-04 2005-06-01 VU#477512 libpng png_handle_sPLT() integer overflow
2004-07-27 2004-07-21 2004-08-05 VU#800384 Multiple Cisco ONS control cards fail to properly handle malformed TCP packets
2003-09-30 2003-09-30 2003-10-01 VU#255484 OpenSSL contains integer overflow handling ASN.1 tags (1)
2001-08-21 2000-11-04 2001-08-21 VU#960877 Red Hat linux restore uses insecure environment variables allowing root compromise
2005-11-22 2005-05-28 2005-12-13 VU#887861 Microsoft Internet Explorer vulnerable to code execution via mismatched DOM objects
2006-11-06 2006-10-19 2006-11-16 VU#245984 The Red Hat Enterprise Linux 3 SMP Kernel fails to properly handle IPC shared-memory
2003-07-24 2003-07-23 2003-07-30 VU#561284 Microsoft Windows DirectX MIDI library does not adequately validate Text or Copyright parameters in MIDI files
2006-06-06 2006-05-18 2006-06-07 VU#466428 Skype URI handler fails to properly parse parameters
2002-11-19 2002-11-01 2002-12-10 VU#930161 NetScreen Secure Command Shell (SCS) denial-of-service vulnerability
2005-02-08 2005-02-08 2005-02-08 VU#927889 Microsoft OLE buffer overflow
2004-08-03 2004-08-02 2005-04-14 VU#714584 BlackJumboDog contains buffer overflow vulnerability
2003-06-24 2003-05-28 2003-09-18 VU#479268 Apache HTTPD contains denial of service vulnerability in basic authentication module
2006-04-11 2006-04-11 2006-11-02 VU#234812 RDS.Dataspace ActiveX control bypasses ActiveX security model
2008-01-15 2008-01-15 2008-07-22 VU#347812 UPnP enabled by default in multiple devices

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis