search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-26 2001-12-31 2002-09-26 VU#764027 zml.cgi does not adequately validate user input thereby allowing directory traversal
2008-08-18 2008-07-28 2008-08-27 VU#778427 Intrinsic Swimage Encore does not securely manage login credentials
2007-03-06 2007-03-06 2007-03-19 VU#313225 Apple QuickTime QTIF heap buffer overflow
2005-01-05 2004-12-17 2005-01-05 VU#697598 Symantec Brightmail Anti-Spam Spamhunter UTF encoding error
2002-02-27 2002-01-10 2002-03-12 VU#717827 Multiple Oracle 9iAS sample pages contain vulnerabilities
2005-08-02 2005-07-13 2005-08-15 VU#996798 Mozilla Firefox insecurely handles content from external applications
2011-07-29 2011-05-16 2011-07-29 VU#690315 Avaya Secure Access Link (SAL) Gateway information disclosure vulnerability
2008-06-27 2008-05-12 2008-07-15 VU#516627 Microsoft Internet Explorer fails to properly restrict access to frames
2008-08-15 2008-08-07 2008-08-15 VU#661827 Cisco WebEx Meeting Manager WebexUCFObject ActiveX Control stack buffer overflow
2011-02-23 2011-01-20 2011-02-23 VU#375127 IBM WebSphere Portal Server input validation vulnerability
2006-01-19 2005-01-17 2006-03-17 VU#857412 Oracle Transparent Data Encryption master encryption key stored as plaintext
2002-09-27 2001-06-02 2003-09-23 VU#255915 WebBoard does not adequately validate user input thereby permitting arbitrary JavaScript execution
2002-05-17 2002-02-19 2005-04-29 VU#150227 HTTP proxy default configurations allow arbitrary TCP connections
2002-05-16 2002-04-05 2002-05-16 VU#772915 Computer Associates MLink "mllock" command vulnerable to buffer overflow via long string of characters
2001-11-05 2000-06-09 2001-11-05 VU#40327 OpenSSH UseLogin option allows remote execution of commands as root

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis