search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-09-20 2006-09-12 2006-11-14 VU#168372 Adobe Flash Player allowScriptAccess protection bypass vulnerability
2004-09-02 2004-08-31 2004-09-03 VU#866472 MIT Kerberos 5 ASN.1 decoding function krb5_rd_cred() insecurely deallocates memory (double-free)
2002-08-26 2002-08-21 2002-08-26 VU#355707 Microsoft Office Web Components allows reading of local files via "LoadText" method by using URL redirection
2002-07-29 2002-04-17 2003-05-19 VU#117139 Sambar Web Server vulnerable to sourcecode disclosure due to improper parsing of scripts
2006-12-05 2006-12-04 2006-12-05 VU#914617 Microsoft Windows Print Spooler service fails to properly handle RPC requests
2001-01-10 2001-01-11 2001-01-10 VU#403307 Seagate Crystal Reports exposes cleartext username/password pairs when embedded in URL or HTTP request
2000-10-05 2001-01-18 2002-03-05 VU#665372 SSH connections using RC4 and password authentication can be replayed
2002-08-07 2002-01-10 2002-08-07 VU#245707 Nevrona Designs MiraMail stores all configuration and user account information in unencrypted text file
2006-12-19 2006-11-21 2006-12-20 VU#653076 Novell NetWare Client for Windows EnumPrinters() function vulnerable to buffer overflow
2003-10-16 2003-10-15 2003-10-22 VU#967668 Microsoft Windows ListBox and ComboBox controls vulnerable to buffer overflow when supplied crafted Windows message
2008-06-26 2008-06-18 2008-06-27 VU#923508 Microsoft Internet Explorer 6 contains a cross-domain vulnerability
2006-10-27 2006-10-24 2007-02-23 VU#589272 ADODB.Connection ActiveX control memory corruption vulnerability
2008-01-08 2008-01-08 2008-01-14 VU#921339 SSH Tectia Client and Server ssh-signer local privilege escalation
2002-08-05 2002-03-05 2002-08-05 VU#159907 Talentsoft Web+ contains buffer overflow in "webpsvc.exe"
2002-06-27 2002-06-26 2003-04-16 VU#803539 Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflows

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis