search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-05-06 2004-01-26 2004-05-06 VU#297198 Gaim fails to properly validate the "value" parameter in the Yahoo login webpage
2004-04-09 2004-04-07 2004-04-09 VU#552398 KAME Racoon IKE daemon fails to properly verify client RSA signatures
2007-01-31 2007-01-25 2007-02-12 VU#102465 PGP Desktop service fails to validate user supplied data
2005-02-04 2005-01-17 2005-02-11 VU#924198 Squid LDAP authentication routines fail to check for invalid input
2000-10-31 2000-05-12 2000-10-31 VU#35626 Office 2000 UA Control incorrectly marked safe for scripting
2005-08-19 2005-03-01 2007-10-11 VU#680526 Microsoft Internet Explorer can use any COM object
2004-11-03 2004-11-03 2004-11-03 VU#858726 MailPost discloses sensitive system information when operating in debug mode
2004-07-30 2004-02-15 2004-07-31 VU#266926 Microsoft Internet Explorer contains an integer overflow in the processing of bitmap files
2004-03-23 2004-02-03 2004-03-23 VU#801526 util-linux login program discloses sensitive information
2006-04-20 2006-04-18 2006-04-20 VU#797465 Oracle Advanced Replication SQL injection vulnerability
2004-07-12 2004-07-01 2004-07-21 VU#645326 MySQL fails to properly handle overly long "scramble" values
2000-12-04 2000-09-25 2003-01-27 VU#382365 LPRng can pass user-supplied input as a format string parameter to syslog() calls
2004-03-17 2004-03-17 2004-03-26 VU#484726 OpenSSL does not adequately validate length of Kerberos ticket during SSL/TLS handshake
2005-01-20 2005-01-11 2005-02-03 VU#882926 Opera may insecurely execute binary data encoded in a URI
2011-02-04 2011-02-04 2011-03-28 VU#363726 Majordomo 2 _list_file_get() directory traversal vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis