search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-10-26 2005-10-25 2005-12-19 VU#668193 Skype VCARD handling routine contains a buffer overflow
2002-01-14 2002-01-09 2002-01-14 VU#833459 Cisco SN 5420 Storage Router fails to properly authenticate user before granting read access to configuration file
2002-02-27 2002-02-06 2002-03-12 VU#547459 Oracle 9iAS creates temporary files when processing JSP requests that are world-readable
2002-03-04 2002-02-21 2002-03-06 VU#613459 Squid Proxy Server contains buffer overflow in parsing of the authentication portion of FTP URLs
2002-09-27 2000-04-03 2002-09-27 VU#26493 MS Excel XLM Text Macro execution fails to trigger warning when default medium security set
2003-02-14 2003-02-11 2003-07-24 VU#849993 Some implementations of mod_dav contain a format string vulnerability in "ap_log_rerror()" function
2001-08-21 2001-06-12 2001-11-15 VU#655259 OpenSSH allows arbitrary file deletion via symlink redirection of temporary file
2001-09-27 2001-09-14 2001-09-27 VU#914859 Microsoft Windows Index Server discloses sensitive configuration information via crafted request to SQLQHit.asp sample application
2001-12-12 2001-12-12 2002-04-11 VU#569272 System V derived login contains a remotely exploitable buffer overflow
2001-12-08 2001-06-19 2004-01-14 VU#105259 Oracle Database Server vulnerable to DoS via repeated requests to Oracle listener without connecting to redirected port
2005-10-11 2005-10-11 2005-10-27 VU#214572 Microsoft Plug and Play fails to properly validate user supplied data
2009-12-08 2009-12-08 2011-07-22 VU#568372 NTP mode 7 denial-of-service vulnerability
2001-09-18 2001-06-07 2001-09-18 VU#215259 Microsoft Windows 2000 Telnet Service contains handle leak
2001-04-05 2001-04-04 2008-05-22 VU#970472 Network Time Protocol ([x]ntpd) daemon contains buffer overflow in ntp_control:ctl_getitem() function
2001-08-23 2001-07-02 2001-08-23 VU#560659 IBM WebSphere vulnerable to Cross-Site Scripting via passing of user input directly to default error page

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis