search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-02-08 2005-02-08 2005-02-08 VU#927889 Microsoft OLE buffer overflow
2003-06-24 2003-05-28 2003-09-18 VU#479268 Apache HTTPD contains denial of service vulnerability in basic authentication module
2006-04-11 2006-04-11 2006-11-02 VU#234812 RDS.Dataspace ActiveX control bypasses ActiveX security model
2008-01-15 2008-01-15 2008-07-22 VU#347812 UPnP enabled by default in multiple devices
2006-10-11 2006-10-02 2006-11-08 VU#788860 Trend Micro OfficeScan Management Console ActiveX control format string vulnerability
2007-04-19 2007-04-19 2007-04-23 VU#312424 Apple AFP Client privilege escalation vulnerability
2003-07-18 1998-05-21 2004-02-23 VU#12212 Weaknesses in MIT magic cookie and XDM X Windows authorization
2006-07-27 2006-07-25 2007-02-09 VU#239124 Mozilla fails to properly handle simultaneous XPCOM events
2007-01-09 2007-01-09 2007-01-26 VU#271860 Microsoft Outlook fails to properly parse Office Saved Searches (.oss) files
2004-04-07 2004-04-07 2004-04-23 VU#659228 Cisco WLSE and HSE devices contain hardcoded username and password
2001-04-10 2001-04-10 2001-04-11 VU#212088 Alcatel ADSL modems contain a null default password
2007-06-15 2004-08-30 2007-06-21 VU#793433 Novell exteNd Director 4.1 LocalExec ActiveX control fails to restrict access to dangerous methods
2007-03-13 2007-01-28 2007-03-13 VU#363112 Apple CrashDump privilege escalation
2001-05-01 2001-03-26 2004-02-23 VU#249224 Hewlett-Packard HP-UX newgrp command does not function properly
2007-10-19 2007-10-19 2007-10-19 VU#559977 Mozilla products vulnerable to memory corruption in the browser engine

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis