search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-03-17 2005-03-17 2005-04-28 VU#581068 NotifyLink server provides inadequate protection for cryptographic key material
2001-10-16 2000-01-08 2001-11-09 VU#30308 lpd hostname authentication bypassed with spoofed DNS
2008-03-18 2008-03-18 2011-07-22 VU#374121 MIT Kerberos contains array overrun in RPC library used by kadmind
2003-12-01 2003-11-26 2004-01-05 VU#734644 ISC BIND 8 vulnerable to cache poisoning via negative responses
2004-04-14 2004-04-02 2004-04-14 VU#705958 HAHTsite Scenario Server fails to handle overly long URLs
2004-11-23 2004-11-22 2004-11-23 VU#760344 Sun Java Plug-in fails to restrict access to private Java packages
2006-04-03 1999-04-19 2006-05-02 VU#808921 eBay contains a cross-site scripting vulnerability
2006-02-14 2006-02-14 2006-02-22 VU#739844 Microsoft Windows Korean Input Method Editor vulnerability
2001-07-24 2001-02-10 2003-04-09 VU#249579 klogd does not adequately handle NULL byte when parsing text using LogLine( )
2006-10-10 2006-10-10 2007-02-27 VU#706668 Microsoft Excel fails to properly process malformed DATETIME records
2011-11-22 2011-11-16 2012-01-06 VU#606539 ISC BIND 9 resolver denial of service vulnerability
2006-05-30 2006-05-30 2006-06-07 VU#635721 Secure Elements Class 5 AVR client fails to properly validate a messages target CEID
2008-03-27 2008-03-25 2008-03-27 VU#466521 Mozilla JavaScript privilege escalation
2008-06-09 2008-05-21 2009-04-23 VU#626979 Icon Labs SSH server vulnerabilities
2003-03-04 2003-02-26 2003-05-08 VU#489721 Microsoft Windows Me and XP Help and Support Center does not adequately validate hcp:// URI parameters

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis