search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-08-09 2001-06-21 2002-08-09 VU#139315 SurfControl SuperScout does not filter web requests fragmented in multiple packets
2002-08-08 2002-06-20 2002-08-08 VU#521147 SGI IRIX rpc.xfsmd uses weak authentication mechanism for RPC authentication
2002-06-25 2002-06-12 2002-08-08 VU#139931 Microsoft SQLXML HTTP components vulnerable to cross-site scripting via root parameter
2002-06-25 2002-06-12 2002-08-08 VU#811371 Microsoft SQLXML ISAPI filter vulnerable to buffer overflow via contenttype parameter
2002-08-07 2002-01-10 2002-08-07 VU#245707 Nevrona Designs MiraMail stores all configuration and user account information in unencrypted text file
2001-08-09 2001-06-22 2002-08-06 VU#109475 Microsoft Windows NT and 2000 Domain Name Servers allow non-authoritative RRs to be cached by default
2002-08-05 2002-03-05 2002-08-05 VU#159907 Talentsoft Web+ contains buffer overflow in "webpsvc.exe"
2002-08-01 2002-01-09 2002-08-01 VU#181907 Directory-traversal vulnerability in Mike Spice's My Classifieds CGI script
2002-07-31 2001-02-13 2002-07-31 VU#161576 Certain implementations of SSH1 may reveal internal cryptologic state
2002-07-31 2002-04-01 2002-07-31 VU#158323 Oracle Configurator discloses version and host information via "test" argument passed to servlet
2001-09-26 2002-01-17 2002-07-31 VU#361600 Web-based email services filtering systems vulnerable to malicous script execution
2002-07-27 2002-07-10 2002-07-31 VU#338195 Microsoft SQL Server installation process leaves sensitive information on system
2002-03-29 2001-04-13 2002-07-30 VU#125235 Apache Web Server vulnerable to DoS via crafted HTTP request
2002-03-28 2002-02-19 2002-07-29 VU#619707 Microsoft SQL Server contains buffer overflows in openrowset and opendatasource macros
2002-07-26 2002-03-12 2002-07-29 VU#627275 Microsoft SQL Server contains buffer overflow vulnerabilities in multiple extended stored procedures

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis