search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-10-25 2001-10-18 2003-04-09 VU#649979 Oracle9iAS Web Cache vulnerable to buffer overflow
2007-01-02 2006-10-27 2007-01-02 VU#363992 Wireshark HTTP dissector vulnerability
2008-09-16 2008-09-16 2008-11-28 VU#837092 InstallShield / Macrovision / Acresso FLEXnet Connect insecurely retrieves and executes scripts
2006-10-10 2006-07-03 2006-10-10 VU#143292 Microsoft Excel fails to properly process malformed STYLE records
2003-07-31 2003-07-31 2003-08-15 VU#743092 realpath(3) function contains off-by-one buffer overflow
2004-09-17 2004-09-14 2004-10-26 VU#113192 Mozilla allows signed scripts calling "enablePrivilege" to change contents of a "grant" dialog
2004-10-19 2004-09-18 2004-10-27 VU#424358 sudoedit can expose protected file contents
2007-06-26 2007-06-26 2007-08-08 VU#365313 MIT Kerberos kadmind RPC library gssrpc__svcauth_unix() integer conversion error
2005-02-11 2005-02-08 2005-02-11 VU#544392 Sun Java Plugin may create temporary files with predictable names
2007-01-17 2006-12-23 2007-01-31 VU#863313 Novell NetMail IMAP vulnerable to buffer overflow when processing "SUBSCRIBE" commands
2007-09-06 2006-12-01 2007-09-06 VU#311192 VUPlayer malformed playlist buffer overflow
2006-11-08 2006-11-08 2007-01-23 VU#335392 The Mozilla Network Security Services library fails to properly verify RSA signatures
2009-10-13 2009-09-01 2009-10-27 VU#257117 Adobe Acrobat and Reader contain vulnerabilities in multiple Document Object JavaScript methods
2004-09-02 2004-08-31 2004-09-03 VU#350792 MIT Kerberos krb524d insecurely deallocates memory (double-free)
2003-09-15 2003-09-10 2003-09-15 VU#516492 MySQL fails to validate length of password field

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis