search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2007-07-11 2007-07-10 2007-11-15 VU#730785 Adobe Flash Player FLV integer overflow
2008-03-18 2008-03-18 2008-03-18 VU#992585 Check Point VPN-1 information disclosure vulnerability
2005-08-16 2005-08-16 2005-10-04 VU#606857 EMC Legato NetWorker uses weak AUTH_UNIX authentication
2002-06-25 2002-06-12 2002-08-08 VU#139931 Microsoft SQLXML HTTP components vulnerable to cross-site scripting via root parameter
2008-06-20 2008-06-19 2008-06-20 VU#127185 Apple Safari automatically executes downloaded files based on Internet Explorer zone settings
2007-12-12 2007-12-11 2007-12-13 VU#319385 Microsoft Windows Media Format Runtime ASF handling buffer overflow
2006-05-30 2006-05-30 2006-06-07 VU#584329 Secure Elements Class 5 AVR server contains hard-coded user ID and password
2005-09-09 2005-08-31 2006-10-18 VU#744929 mod_ssl fails to properly enforce client certificates authentication
2007-06-26 2007-06-26 2007-08-14 VU#554257 MIT Kerberos kadmind principal renaming stack buffer overflow
2008-03-22 2007-11-16 2008-05-13 VU#936529 Microsoft Jet Engine stack buffer overflow
2008-02-12 2008-02-09 2008-05-09 VU#140129 Adobe Reader EScript.api arbitrary code execution
2009-12-15 2009-12-14 2010-06-18 VU#508357 Adobe Acrobat and Reader contain a use-after-free vulnerability in the JavaScript Doc.media.newPlayer method
2008-04-18 2008-04-16 2008-04-18 VU#705529 Apple Safari WebKit fails to properly handle a crafted URL
2003-04-16 2003-04-15 2003-05-20 VU#139129 Heap overflow in Snort "stream4" preprocessor
2007-05-29 2007-05-29 2007-05-30 VU#603529 Zenturi ProgramChecker ActiveX buffer overflow vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis