search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2008-01-31 2008-01-10 2008-01-31 VU#326065 Liferay Portal Enterprise Admin User-Agent HTTP header XSS
2003-03-17 2003-02-28 2003-04-03 VU#378049 Utah Raster Toolkit contains multiple vulnerabilities
2005-06-21 2005-06-14 2005-07-07 VU#459565 paFileDB fails to properly sanitize "query" parameter in "pafiledb.php"
2004-09-17 2004-09-14 2004-09-17 VU#414240 Mozilla Mail vulnerable to buffer overflow via "writeGroup()" function in "nsVCardObj.cpp"
2006-12-13 2006-12-07 2006-12-15 VU#885665 MySpace fails to properly filter user-supplied content
2002-09-06 2002-08-30 2002-09-06 VU#955065 HP Tru64 UNIX "lpd" contains buffer overflow (SSRT2275)
2006-04-19 2006-04-18 2006-05-03 VU#443265 Oracle Reporting Framework vulnerability
2003-03-06 2003-03-04 2003-03-07 VU#611865 Automatic File Content Type Recognition Tool vulnerable to stack overflow
2006-07-27 2006-07-25 2007-02-09 VU#897540 Mozilla products VCard attachment buffer overflow
2002-10-01 1999-04-21 2002-10-16 VU#39965 DHTML Edit Control for IE5 allows local files to be uploaded to web server
2007-06-01 2007-05-24 2007-06-01 VU#821865 CREDANT Mobile Guardian Shield fails to remove credentials from memory
2006-11-08 2006-11-08 2006-12-21 VU#714496 Mozilla products allow execution of arbitrary JavaScript
2001-05-01 2000-11-21 2001-06-26 VU#818496 Microsoft Windows 2000 Workstation in mixed-mode domain may ignore domain account lockout restriction due to flaw in NTLM authentication
2005-11-23 2005-11-22 2005-12-01 VU#853540 Cisco PIX fails to verify TCP checksum
2005-05-12 2005-05-08 2005-05-12 VU#113196 phpBB contains an input validation vulnerability in "includes/bbcode.php"

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis