search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-18 2002-01-09 2002-09-18 VU#250107 Mike Spice's Vote does not adequately validate user input
2001-10-12 2001-10-01 2001-10-31 VU#639507 Cisco PIX Firewall Manager stores enable password in plain text
2001-05-06 2001-03-13 2002-04-02 VU#154976 Sun Solaris SNMP proxy agent /opt/SUNWssp/bin/snmpd contains buffer overflow
2001-12-13 1998-03-01 2001-12-18 VU#228186 Hot Standby Router Protocol (HSRP) uses weak authentication
2001-10-01 2001-01-10 2001-11-08 VU#396272 mgetty creates temporary files insecurely
2007-01-09 2006-12-19 2007-06-04 VU#427972 Mozilla denial of service vulnerability
2001-06-22 2001-05-08 2002-12-16 VU#795707 ScreamingMedia SITEware does not adequately validate user input thereby allowing arbitrary file disclosure via directory traversal
2001-05-14 2000-11-28 2006-03-30 VU#959207 Lotus Notes Java VM leaks file existence through timing difference in ECLs
2004-10-19 2004-08-31 2004-10-19 VU#925166 PhpWebSite calendar module contains a SQL injection vulnerability
2002-08-09 2002-04-03 2002-12-10 VU#128491 Macromedia Flash Player continues to download flash files until browser is closed
2002-05-22 2002-05-15 2002-05-30 VU#686939 Cisco Content Service Switch performs soft reset when XML data is sent to web management interface
2003-08-18 2002-04-24 2003-08-18 VU#498707 IRISconsole allows login to the "iceadmin" account with incorrect password
2005-06-07 2005-04-15 2005-06-07 VU#366372 RSA Authentication Agent for Web fails to properly validate input
2000-12-12 2000-12-10 2000-12-12 VU#17566 sysback makes call to hostname without a fully qualified path specification
2006-07-06 2006-06-21 2009-04-13 VU#597721 eBay Enhanced Picture Services ActiveX control buffer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis