search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-12-04 2001-12-04 2002-01-02 VU#157447 OpenSSH UseLogin directive permits privilege escalation
2010-08-05 2010-08-02 2010-09-14 VU#275247 FreeType 2 CFF font stack corruption vulnerability
2001-09-18 2001-06-07 2001-09-18 VU#405075 Microsoft Windows 2000 Telnet Service fails to reject oversized username input values
2002-09-24 2001-12-13 2002-09-24 VU#413875 EFTP does not adequately validate user input thereby allowing directory traversal
2001-08-03 2001-07-11 2001-08-03 VU#321475 Allaire ColdFusion Server contains vulnerability allowing templates to be overwritten by zero byte file of the same name
2001-10-29 2001-10-25 2001-10-29 VU#825275 NSI RWhoisd contains format string vulnerability in print_error()
2001-07-27 2001-06-13 2001-09-17 VU#451275 Curses library vulnerable to buffer overflow
2008-05-29 2008-05-28 2008-05-29 VU#566875 Apple Help Viewer vulnerable to buffer overflow
2002-08-10 2002-03-27 2002-08-10 VU#495275 Cisco CallManager contains memory leak
2004-04-23 2004-04-21 2004-04-23 VU#574222 BEA WebLogic Server configuration wizard stores administrative credentials in clear text log files
2004-11-17 2004-11-15 2005-04-20 VU#457622 Samba QFILEPATHINFO handling routine contains a remotely exploitable buffer overflow
2002-03-15 1999-08-23 2002-05-03 VU#634847 XDMCP leaks sensitive information by default configuration
2002-09-27 2001-10-13 2002-09-27 VU#921547 PostNuke does not adequately validate user input thereby allowing malicious user to bypass user authentication via SQL injection
2005-06-27 2003-01-13 2005-06-29 VU#165022 Microsoft Log Sink Class ActiveX control incorrectly marked "safe for scripting"
2005-02-10 2005-02-08 2005-02-22 VU#107822 Symantec products vulnerable to buffer overflow via a specially crafted UPX file

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis