search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-07-18 1998-05-21 2004-02-23 VU#12212 Weaknesses in MIT magic cookie and XDM X Windows authorization
2008-01-15 2008-01-15 2008-07-22 VU#347812 UPnP enabled by default in multiple devices
2006-04-11 2006-04-11 2006-11-02 VU#234812 RDS.Dataspace ActiveX control bypasses ActiveX security model
2004-08-04 2004-08-04 2005-06-01 VU#477512 libpng png_handle_sPLT() integer overflow
2007-03-02 2007-02-28 2007-03-22 VU#472412 Cisco Catalyst Systems with a NAM may allow system access via spoofing the SNMP communication
2007-09-06 2007-09-06 2007-09-25 VU#589188 Earth Resource Mapping NCSView ActiveX control stack buffer overflows
2001-08-10 2000-05-30 2001-08-10 VU#26188 Keys generated with PGP5i batch mode do not contain sufficient randomness on systems that use /dev/random
2001-06-01 2001-02-20 2001-08-30 VU#112912 Hewlett-Packard MPE/iX linkeditor permits privilege escalation
2005-12-02 2005-11-28 2006-01-13 VU#974188 Sun Java Runtime Environment "reflection" API privilege elevation vulnerabilities
2001-09-27 2001-01-30 2001-09-27 VU#115112 Sun Solaris catman creates temporary files insecurely
2006-09-19 2006-06-19 2011-07-22 VU#933712 gzip NULL dereference in huft_build()
2007-08-09 2007-08-08 2007-08-10 VU#201984 Cisco IOS fails to properly handle Next Hop Resolution Protocol packets
2000-10-31 1999-09-10 2000-10-31 VU#23412 Wang/Kodak Image Annotation ActiveX Control
2001-07-12 2001-04-11 2001-07-17 VU#601312 Lotus Domino vulnerable to DoS via crafted HTTP header requests
2001-09-18 2001-03-01 2001-09-18 VU#796584 Microsoft Windows 2000 Internet Information Server (IIS) and Exchange 2000 vulnerable to DoS via malformed URL (MS01-014)

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis