search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-05-16 2005-05-03 2005-05-25 VU#331694 Apple Mac OS X chpass/chfn/chsh utilities do not properly validate external programs
2001-05-15 2001-05-14 2001-09-18 VU#789543 IIS decodes filenames superfluously after applying security checks
2002-06-11 2002-05-29 2003-04-03 VU#159203 Novell NetWare default installation contains sample files that disclose sensitive server information
2006-07-11 2006-07-11 2006-07-13 VU#257164 Microsoft DHCP Client service contains a buffer overflow
2012-02-01 2012-02-01 2012-02-01 VU#763355 802.1X password exploit on many HTC Android devices
2001-08-21 2000-11-22 2001-08-21 VU#227312 Aladdin Ghostscript creates insecure temporary files allowing a local user to create symbolic links to other files
2002-06-05 2002-02-26 2002-06-05 VU#755755 Yahoo! Messenger contains a buffer overflow in "set_buddygrp" when adding users to a buddy list via the web
2006-03-03 2005-12-22 2006-03-06 VU#351217 Apple Safari WebKit component vulnerable to buffer overflow
2002-07-25 2002-04-18 2003-02-05 VU#796313 Microsoft SQL Server service account registry key has weak permissions that permit privilege escalation
2006-07-28 2006-07-27 2006-10-18 VU#395412 Apache mod_rewrite contains off-by-one error in ldap scheme handling
2002-09-16 2002-03-28 2002-12-10 VU#152955 IBM AIX FC contains buffer overflow exploitable during session setup
2002-09-20 2002-08-01 2002-09-20 VU#137555 HP Tru64 UNIX "chfn" contains buffer overflow (SSRT2259)
2006-05-30 2006-05-30 2006-06-07 VU#921017 Secure Elements Class 5 AVR client sends messages in cleartext
2002-09-16 2002-09-16 2003-04-04 VU#661243 MIT Kerberos V5 KDC vulnerable to denial-of-service via null pointer dereference
2001-04-10 2001-04-10 2001-04-11 VU#490344 Alcatel ADSL modems provide unauthenticated TFTP access via physical WAN interface

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis