search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-06-13 2006-06-13 2009-04-13 VU#417585 Microsoft DXImageTransform Light filter fails to validate input
2002-09-24 2002-04-08 2002-09-24 VU#156123 Microsoft Office Web Components allows arbitary user to determine whether local file exists via Chart component "Load" method
2002-06-18 2002-06-17 2002-06-18 VU#664323 webMathematica discloses the contents of arbitrary files when file is requested using the absolute path
2001-11-15 2001-08-28 2001-11-15 VU#356323 Netscape vulnerable to arbitrary file overwriting via symlink redirection of temporary file
2004-11-04 2004-11-02 2004-11-05 VU#960454 Microsoft Internet Explorer does not properly interpret IFRAME elements when displaying URLs in the status bar
2005-01-14 2004-12-15 2006-05-01 VU#907729 Veritas Backup Exec registration request buffer overflow
2011-02-03 2011-02-02 2011-02-03 VU#436854 Cisco Tandberg E, EX, and C Series default root credentials
2005-08-31 2005-08-25 2005-09-01 VU#758054 Reflection for Secure IT Windows Server 6.0 changed case sensitivity of allow and deny lists
2005-02-08 2005-02-08 2005-02-08 VU#820427 Microsoft Hyperlink Object Library buffer overflow
2000-11-02 2000-08-03 2000-12-13 VU#31554 Adobe Acrobat products have buffer overflow in the CIDFont /Registry and /Ordering entries
2003-05-05 2002-12-03 2003-05-06 VU#244729 Microsoft Internet Explorer does not adequately validate window ornament parameters in dialog frames
2001-07-30 2001-07-11 2003-04-09 VU#135531 Allaire ColdFusion Server contains vulnerability allowing unauthorized user read/delete access to files
2004-03-25 2004-03-19 2004-03-25 VU#549054 Norton "WrapNISUM Class" (WrapUM.dll) ActiveX control allows remote arbitrary command execution
2004-04-06 2004-03-31 2004-04-06 VU#623854 Monit fails to properly handle negative Content-Length fields
2004-07-23 2004-07-21 2004-07-23 VU#881254 Sun Java System Portal Server fails to properly handle changes to display options

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis