search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-03-09 2004-03-09 2004-03-15 VU#305206 Microsoft Outlook fails to properly filter parameters passed via "mailto:" URL
2002-09-27 2001-05-23 2002-09-27 VU#739376 Microsoft Windows Media Player creates URL shortcut that may contain HTML code in known location in Local Computer Zone
2011-01-11 2010-12-21 2011-01-12 VU#979776 Ecava IntegraXor web service allows directory traversal outside of web root
2008-12-11 2008-12-09 2008-12-11 VU#926676 Microsoft WordPad Text Converter vulnerable to remote code execution
2002-09-18 2002-01-10 2002-09-18 VU#806091 Mike Spice's My Calendar does not adequately validate user input
2004-04-14 2004-04-13 2004-04-14 VU#353956 Microsoft Windows H.323 implementation fails to handle malformed requests
2004-03-05 2004-01-22 2004-03-05 VU#584606 NTP service vulnerable to internal overflow if date / time offset is greater than 34 years
2002-10-17 2002-10-17 2003-01-06 VU#459371 Multiple IPsec implementations do not adequately validate authentication data
2004-05-07 2004-05-03 2004-05-07 VU#648406 Apple Mac OS X AppleFileServer fails to properly handle certain authentication requests
2006-08-24 2006-07-31 2006-08-29 VU#822476 VMware ESX Server management interface logs passwords in cleartext in a world-readable file
2002-08-08 2002-06-18 2008-07-21 VU#195371 SGI IRIX rpc.xfsmd does not filter shell metacharacters from user input before invoking popen() function
2001-12-21 2001-12-19 2001-12-21 VU#249491 IBM AIX login fails to adequately authenticate user when configured to use loadable authentication modules
2008-02-05 2008-02-02 2008-02-13 VU#101676 Yahoo! Music Jukebox YMP Datagrid ActiveX control stack buffer overflows
2004-12-07 2004-02-10 2005-10-26 VU#820006 XFree86 vulnerable to buffer overflow via crafted font directory in 'fonts.alias' file
2007-01-31 2007-01-23 2007-02-02 VU#611276 Computer Associates BrightStor ARCserve Backup LGSERVER.EXE stack buffer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis