search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2000-10-31 1999-09-10 2000-11-01 VU#29795 HHOpen ActiveX Control buffer overflow in OpenHelp method
2002-07-27 2002-07-10 2002-07-31 VU#338195 Microsoft SQL Server installation process leaves sensitive information on system
2002-09-26 2001-09-20 2002-09-26 VU#794211 Pi-Soft SpoonFTP does not adequately validate user input thereby allowing directory traversal
2006-12-20 2006-12-19 2007-02-07 VU#606260 Mozilla Layout Engine vulnerability
2001-02-18 2001-02-09 2001-02-18 VU#123384 MySQL client contains buffer overflow
2003-09-22 2003-09-04 2003-09-22 VU#792284 WS_FTP Server vulnerable to buffer overflow when supplied overly long "APPE" command
2001-11-12 2001-11-07 2003-08-11 VU#172583 Common Desktop Environment (CDE) Subprocess Control Service dtspcd contains buffer overflow
2002-02-28 2002-02-06 2002-03-15 VU#923395 Oracle9i Application Server Apache PL/SQL module vulnerable to buffer overflow via cache directory name
2006-12-04 2006-11-28 2006-12-04 VU#811384 Apple Mac OS X Security Framework Online Certificate Status Protocol (OCSP) service fails to properly retrieve certificate revocation lists
2002-09-24 2001-12-01 2002-09-24 VU#597795 Easynews does not adequately validate user input thereby disclosing server installation path via crafted URL request
2001-12-07 2001-09-27 2001-12-10 VU#905795 OpenSSH fails to properly apply source IP based access control restrictions
2001-08-17 2001-07-02 2001-08-17 VU#672683 Apache Tomcat vulnerable to Cross-Site Scripting via passing of user input directly to default error page
2011-01-27 2011-01-26 2011-01-28 VU#686084 ISC DHCP server DHCPv6 decline message processing vulnerability
2007-01-09 2007-01-09 2007-01-18 VU#122084 Microsoft Internet Explorer VML buffer overflow
2002-01-04 2002-01-02 2002-07-05 VU#877811 Buffer overflow vulnerability in pwck command line utility

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis