search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2007-10-19 2007-10-19 2007-10-19 VU#559977 Mozilla products vulnerable to memory corruption in the browser engine
2006-05-03 2006-04-26 2006-07-25 VU#932124 Oracle DBMS_EXPORT_EXTENSION package vulnerable to SQL injection
2007-05-14 2007-05-14 2009-04-22 VU#739224 HTTP content scanning systems full-width/half-width Unicode encoding bypass
2000-09-26 2000-03-01 2004-04-12 VU#25249 HHControl Object (showHelp) may execute shortcuts embedded in help files
2005-08-17 2005-08-15 2005-08-17 VU#461412 Apple Mac OS X Server servermgrd authentication vulnerable to buffer overflow
2011-12-07 2011-12-07 2011-12-09 VU#713012 CA Siteminder login.fcc form xss vulnerability
2006-10-24 2006-10-17 2006-10-24 VU#736324 Oracle SYS.DBMS_CDC_IMPDP package vulnerable to PL/SQL injection
2001-05-10 2000-11-19 2001-06-19 VU#197477 AT&T WinVNC allows user access to passwords and configuration via weak registry permissions
2002-10-15 2002-02-22 2002-10-16 VU#868219 Multiple vendors' HTTP content/virus scanners do not check data tunneled via HTTP CONNECT method
2004-10-13 2004-10-12 2005-01-24 VU#640488 Microsoft Windows contains an unchecked buffer in the NetDDE services
2000-10-06 2000-08-24 2000-11-29 VU#747124 ADK flaw in recent versions of PGP
2005-03-29 2005-03-28 2005-12-22 VU#291924 Multiple Telnet clients fail to properly handle the "LINEMODE" SLC suboption
2005-10-05 2005-09-23 2005-12-16 VU#160012 Ruby safe-level security model bypass
2001-08-27 2000-05-05 2001-08-27 VU#36312 Cayman gateways are vulnerable to a denial of sevices via a long username or password
2001-07-17 2001-07-16 2002-12-12 VU#688960 Teamware Office contains multiple vulnerabilities in LDAP handling code

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis