search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-05-05 2003-04-24 2004-02-23 VU#443257 Cisco Catalyst switches allow access to "enable mode" without password
2007-04-10 2007-04-10 2007-04-11 VU#728057 Microsoft Windows Agent fails to properly process crafted URLs
2000-12-19 2000-12-09 2001-01-11 VU#602625 KTH Kerberos environment variables krb4proxy and KRBCONFDIR may be used insecurely
2004-03-24 2004-03-22 2004-03-25 VU#864884 Ethereal contains multiple vulnerabilities in the IGAP protocol dissector
2003-01-15 2003-01-15 2003-03-26 VU#284857 ISC DHCPD minires library contains multiple buffer overflows
2007-05-29 2007-05-29 2007-05-30 VU#210257 British Telecommunications Business Connect webhelper ActiveX control buffer overflows
2005-08-12 2005-08-12 2007-01-12 VU#378957 VERITAS Backup Exec uses hard-coded authentication credentials
2006-10-09 2006-10-09 2006-10-12 VU#661524 AOL YGP Pic Downloader Plugin ActiveX control buffer overflow
2007-02-22 2007-02-21 2007-02-27 VU#615857 Google Desktop vulnerable to cross-site scripting
2006-06-02 2006-06-01 2007-02-09 VU#237257 Mozilla privilege escalation using addSelectionListener
2006-05-05 2006-05-02 2006-05-17 VU#602457 MySQL fails to properly validate COM_TABLE_DUMP packets
2007-02-13 2007-02-13 2007-02-23 VU#753924 Microsoft Internet Explorer fails to properly instantiate COM objects
2005-08-12 2005-05-24 2005-08-15 VU#814557 GNOME gedit contains format string vulnerability
2008-10-30 2008-10-21 2011-07-22 VU#183657 libspf2 DNS TXT record parsing buffer overflow
2001-09-28 2000-12-01 2001-09-28 VU#872257 IBM AIX enq buffer overflow in -M argument

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis