search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-26 2001-08-21 2002-09-26 VU#782243 TDForum does not adequately validate user input thereby allowing users to embed malicious script code in messages
2003-11-19 2003-09-10 2003-12-05 VU#326412 Microsoft Internet Explorer execCommand method does not properly validate URL source
2001-08-21 2000-11-22 2001-08-21 VU#227312 Aladdin Ghostscript creates insecure temporary files allowing a local user to create symbolic links to other files
2002-02-28 2002-02-06 2002-03-15 VU#878603 Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via HTTP Authorization header
2002-08-23 2002-08-22 2003-07-02 VU#342243 Microsoft Windows Server Message Block (SMB) fails to properly handle SMB_COM_TRANSACTION packets requesting NetShareEnum transaction
2006-07-28 2006-07-27 2006-10-18 VU#395412 Apache mod_rewrite contains off-by-one error in ldap scheme handling
2004-10-13 2004-10-12 2004-10-13 VU#218526 Microsoft Windows contains vulnerability in Window Management API
2002-09-16 2002-09-16 2003-04-04 VU#661243 MIT Kerberos V5 KDC vulnerable to denial-of-service via null pointer dereference
2007-03-07 2007-02-23 2007-04-05 VU#377812 Mozilla Network Security Services (NSS) fails to properly process malformed SSLv2 server messages
2002-09-16 2002-04-17 2007-06-05 VU#711843 Microsoft Internet Explorer contains cross-site scripting vulnerabilities in local HTML resources
2001-07-27 2001-07-02 2001-07-30 VU#654643 Allaire JRun Java Application Server vulnerable to Cross-Site Scripting via passing of user input directly to default error page
2008-03-12 2008-03-11 2008-03-13 VU#654577 Microsoft Office Web Components Spreadsheet ActiveX control URL parsing stack buffer overflow
2004-03-15 2003-12-15 2004-03-15 VU#878526 Apple Mac OS X "cd9660.util" buffer overflow
2002-09-10 2002-08-30 2002-09-10 VU#173977 HP Tru64 UNIX "ps" contains buffer overflow (SSRT2256)
2006-04-28 2006-04-25 2006-05-23 VU#955777 Multiple vulnerabilities in DNS implementations

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis