search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-05-06 2002-05-05 2002-05-14 VU#635811 Sun Solaris cachefsd vulnerable to heap overflow in cfsd_calloc() function via long string of characters
2007-04-09 2007-04-03 2007-04-10 VU#388377 Yahoo! Messenger AudioConf ActiveX Control buffer overflow vulnerability
2006-05-30 2006-05-30 2006-05-30 VU#346377 Secure Elements Class 5 AVR uses the same encryption key and initialization vector for every message session
2001-03-27 2001-03-22 2001-03-31 VU#869360 Unauthentic "Microsoft Corporation" certificates issued by Verisign to an unidentifed person
2002-02-14 2002-02-11 2002-03-29 VU#932283 Microsoft Internet Explorer HTML rendering engine contains buffer overflow processing SRC attribute of HTML <EMBED> directive
2001-07-27 2001-06-27 2001-07-27 VU#677611 SCO UnixWare bnuconvert contains buffer overflow via long string of characters sent as command line argument
2001-09-18 2001-08-15 2001-09-18 VU#959211 Microsoft IIS vulnerable to DoS via invalid request for very long WebDAV requests
2002-01-04 2002-01-02 2002-07-05 VU#877811 Buffer overflow vulnerability in pwck command line utility
2001-08-17 2001-07-02 2001-08-17 VU#672683 Apache Tomcat vulnerable to Cross-Site Scripting via passing of user input directly to default error page
2001-11-12 2001-11-07 2003-08-11 VU#172583 Common Desktop Environment (CDE) Subprocess Control Service dtspcd contains buffer overflow
2002-09-26 2001-09-20 2002-09-26 VU#794211 Pi-Soft SpoonFTP does not adequately validate user input thereby allowing directory traversal
2001-06-21 2001-06-19 2001-08-31 VU#484011 Solaris Line Printer Daemon (in.lpd) vulnerable to buffer overflow via transfer job routine
2011-03-21 2011-03-21 2011-04-21 VU#393783 OpenSLP denial of service vulnerability
2001-11-29 2001-10-10 2001-11-29 VU#952611 Microsoft Internet Explorer (IE) calls telnet.exe with unsafe command-line arguments ("Telnet Invocation")
2011-08-26 2011-08-24 2011-09-19 VU#405811 Apache HTTPD 1.3/2.x Range header DoS vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis