search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-10-12 2004-09-23 2004-10-12 VU#668206 Macromedia JRun Server is vulnerable to a cross-site scripting attack
2006-09-22 2006-09-20 2006-09-26 VU#642076 Cisco Intrusion Prevention System administration interface fails to properly handle Secure Socket Layer packets
2009-07-14 2009-07-14 2009-07-29 VU#410676 ISC DHCP dhclient stack buffer overflow
2004-03-24 2004-03-22 2004-03-25 VU#119876 Ethereal contains multiple vulnerabilities in the EIGRP protocol dissector
2001-01-28 1996-02-05 2006-04-17 VU#20276 phf CGI Script fails to guard against newline characters
2004-10-13 2004-10-12 2004-10-18 VU#431576 Microsoft Internet Explorer vulnerable to address bar spoofing on double byte character set systems
2006-07-13 2006-07-10 2006-11-14 VU#474593 Adobe Flash Player fails to properly handle malformed SWF files
2006-01-11 2006-01-10 2006-01-12 VU#921193 Apple QuickTime fails to properly handle corrupt media files
2006-07-27 2006-07-25 2007-07-17 VU#527676 Mozilla contains multiple memory corruption vulnerabilities
2010-04-06 2009-12-12 2010-04-29 VU#902793 IntelliCom NetBiter devices have default HICP passwords
2007-11-20 2007-11-20 2007-11-20 VU#512193 IBM Director fails to properly time-out connection requests from clients
2007-08-28 2007-01-31 2007-09-13 VU#166521 MSN Messenger and Windows Live Messenger webcam stream heap overflow
2002-08-27 2002-08-22 2002-08-27 VU#276321 Microsoft Windows Terminal Services Advanced Client (TSAC) contains buffer overflow in process that handles input parameters
2007-03-06 2007-03-06 2007-03-19 VU#410993 Apple QuickTime QTIF integer overflow
2007-12-17 2007-12-11 2007-12-19 VU#120593 Meridian Prolog Manager uses weak authentication to store and transmit user credentials

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis