search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-05-23 2003-02-22 2008-06-06 VU#142121 zlib "gzprintf()" function vulnerable to buffer overflow
2002-09-26 2002-09-25 2003-05-30 VU#406121 Apache mod_dav module vulnerable to DoS
2007-07-11 2007-07-10 2007-07-11 VU#101321 Microsoft Windows Vista Teredo IPv6 interface firewall bypass vulnerability
2006-07-06 2006-06-21 2009-04-13 VU#597721 eBay Enhanced Picture Services ActiveX control buffer overflow
2005-06-07 2005-04-15 2005-06-07 VU#366372 RSA Authentication Agent for Web fails to properly validate input
2003-08-18 2002-04-24 2003-08-18 VU#498707 IRISconsole allows login to the "iceadmin" account with incorrect password
2001-05-14 2000-11-28 2006-03-30 VU#959207 Lotus Notes Java VM leaks file existence through timing difference in ECLs
2001-06-22 2001-05-08 2002-12-16 VU#795707 ScreamingMedia SITEware does not adequately validate user input thereby allowing arbitrary file disclosure via directory traversal
2007-01-09 2006-12-19 2007-06-04 VU#427972 Mozilla denial of service vulnerability
2001-10-01 2001-01-10 2001-11-08 VU#396272 mgetty creates temporary files insecurely
2001-10-12 2001-10-01 2001-10-31 VU#639507 Cisco PIX Firewall Manager stores enable password in plain text
2002-09-18 2002-01-09 2002-09-18 VU#250107 Mike Spice's Vote does not adequately validate user input
2002-08-01 2002-01-09 2002-08-01 VU#181907 Directory-traversal vulnerability in Mike Spice's My Classifieds CGI script
2002-10-11 2002-09-09 2003-08-13 VU#140898 Microsoft Java implementation allows execution of malicious code
2002-02-27 2002-01-10 2002-03-05 VU#936507 Oracle 9iAS allows access to CGI script source code within CGI-BIN directory

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis