search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2009-05-06 2008-12-04 2009-05-08 VU#576996 0 NuPoint Messenger server transmits authentication credentials in plain text
2005-11-10 2005-11-10 2017-04-12 VU#102014 0 Optimistic TCP acknowledgements can cause denial of service
2009-07-14 2009-07-09 2009-07-17 VU#443060 0 Mozilla Firefox 3.5 TraceMonkey JavaScript engine uninitialized memory vulnerability
2009-02-05 2009-02-01 2011-05-12 VU#882619 0 Rockwell Automation ControlLogix 1756-ENBT/A EtherNet/IP Bridge cross-site scripting vulnerability
2005-08-15 2005-08-11 2005-08-22 VU#213165 0 Novell eDirectory iMonitor vulnerable to buffer overflow
2018-09-05 2018-09-05 2018-10-23 VU#598349 0 Automatic DNS registration and proxy autodiscovery allow spoofing of network services
2007-11-19 2007-11-19 2008-02-26 VU#138633 0 Invensys Wonderware InTouch creates insecure NetDDE share
2008-10-31 2007-09-20 2008-12-19 VU#981849 0 Automated Solutions Modbus TCP Slave ActiveX Control Vulnerability
2007-06-05 2007-06-04 2007-06-07 VU#471361 0 Microsoft Internet Explorer cross-domain frame race condition
2006-04-28 2006-04-21 2006-05-31 VU#167033 0 Winny contains a buffer overflow
2005-11-11 2005-11-07 2006-05-09 VU#146284 0 Macromedia Flash Player fails to properly validate the frame type identifier read from a "SWF" file
2008-10-02 2008-09-05 2008-10-02 VU#889484 0 libpng off-by-one vulnerability
2012-12-17 2012-12-17 2014-05-15 VU#323161 0 Adobe Shockwave player provides vulnerable Flash runtime
2010-01-20 2009-12-18 2010-06-03 VU#144233 0 Rockwell Automation Allen-Bradley MicroLogix PLC authentication and authorization vulnerabilities
2008-06-10 2008-05-31 2009-07-16 VU#878044 0 SNMPv3 improper HMAC validation allows authentication bypass

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis