search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2007-01-09 2007-01-09 2007-01-26 VU#271860 Microsoft Outlook fails to properly parse Office Saved Searches (.oss) files
2006-10-11 2006-10-02 2006-11-08 VU#788860 Trend Micro OfficeScan Management Console ActiveX control format string vulnerability
2001-08-21 2000-11-04 2001-08-21 VU#960877 Red Hat linux restore uses insecure environment variables allowing root compromise
2004-11-03 2004-11-02 2004-12-10 VU#842160 Microsoft Internet Explorer vulnerable to buffer overflow via FRAME and IFRAME elements
2006-11-29 2006-11-28 2006-11-30 VU#870960 Apple Mac OS X PPP driver fails to properly validate PADI packets
2000-11-08 2000-10-25 2004-03-30 VU#683677 Cisco IOS software vulnerable to DoS via HTTP request containing "?/"
2005-06-14 2005-06-14 2005-07-06 VU#367077 Microsoft ISA Server 2000 vulnerable to privilege escalation via "NETBIOS" connection
2001-07-12 2001-04-11 2001-07-17 VU#642760 Lotus Domino vulnerable to DoS via large crafted URL request
2004-12-16 2004-12-14 2004-12-16 VU#378160 Microsoft Windows Internet Naming Service (WINS) contains a buffer overflow
2005-10-26 2005-10-25 2005-10-31 VU#905177 Skype vulnerable to heap-based buffer overflow
2005-01-27 2005-01-04 2005-04-28 VU#702777 UW-imapd fails to properly authenticate users when using CRAM-MD5
2006-02-13 2006-02-06 2006-02-14 VU#124460 Microsoft HTML Help Workshop buffer overflow
2002-07-26 2002-07-24 2003-02-05 VU#399260 Microsoft SQL Server 2000 contains heap buffer overflow in SQL Server Resolution Service
2001-09-26 1998-07-06 2001-09-26 VU#182777 IBM AIX nslookup buffer overflow in lex routines
2004-07-14 2004-07-13 2004-07-14 VU#920060 Microsoft Windows HTML Help component fails to properly validate input data

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis