search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-07-13 2005-07-13 2005-07-14 VU#170394 WebEOC account lock-out policy may allow a denial-of-service
2004-12-13 2004-11-29 2005-03-17 VU#305294 Shortcuts may insecurely store SMB authentication information
2004-12-01 2004-10-14 2005-01-25 VU#687568 LibTIFF contains multiple integer overflows
2002-09-24 2001-10-22 2002-09-24 VU#222739 Handspring VisorPhone vulnerable to DoS via SMS image transfer
2000-10-31 1999-09-10 2000-10-31 VU#24839 Wang/Kodak Image Thumbnail ActiveX Control
2011-02-18 2011-02-18 2011-02-18 VU#175068 PivotX password reset vulnerability
2010-02-25 2009-12-14 2010-04-29 VU#166739 APC Network Management Card web interface vulnerable to cross-site scripting and cross-site request forgery
2003-06-24 2003-05-28 2003-09-18 VU#479268 Apache HTTPD contains denial of service vulnerability in basic authentication module
2005-01-14 2005-01-11 2005-01-14 VU#377368 Apple iTunes fails to properly handle overly long URLs in playlists
2006-10-25 2006-08-29 2006-10-25 VU#300368 X.Org fails to check for setuid failure on Linux systems
2006-07-11 2006-07-11 2006-07-11 VU#609868 Microsoft Office string parsing vulnerability
2002-05-30 2002-05-18 2002-06-04 VU#251339 Verisign transmits sensitive customer information in plain text when applying for a "Code Signing Digital ID"
2001-11-15 2001-09-10 2001-11-15 VU#440539 Digital Unix msgchk vulnerable to file contents disclosure via symlink redirection of profile
2005-10-11 2005-10-11 2005-10-13 VU#180868 Microsoft Distributed Transaction Coordinator vulnerable to buffer overflow via specially crafted network message
2007-08-14 2007-08-14 2007-08-15 VU#361968 Microsoft XML Core Services XMLDOM substringData() buffer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis