CERT Vulnerability Notes Database

Published	Public	Updated	ID	CVSS	Title
2008-03-19	2008-03-18	2008-03-19	VU#766019		Apple Safari vulnerable to xss via the processing of JavaScript URLs
2008-03-19	2008-01-17	2008-03-19	VU#203220		X.Org PCF font parser buffer overflow
2008-03-18	2008-03-18	2008-03-18	VU#992585		Check Point VPN-1 information disclosure vulnerability
2008-03-15	2008-02-01	2008-03-17	VU#721460		UltraVNC buffer overflow vulnerability
2007-06-08	2007-06-04	2008-03-14	VU#143297		Mozilla Firefox allows cross-domain iframe access via JavaScript
2008-03-12	2008-03-11	2008-03-13	VU#654577		Microsoft Office Web Components Spreadsheet ActiveX control URL parsing stack buffer overflow
2008-03-06	2008-03-06	2008-03-07	VU#223028		Sun Java WebStart stack buffer overflow
2008-03-07	2008-03-05	2008-03-07	VU#512491		GNOME Evolution format string vulnerability
2008-03-06	2008-01-24	2008-03-06	VU#158609		IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) allows buffer overflow via HTTP request
2008-03-06	2008-02-26	2008-03-06	VU#661651		Mozilla Thunderbird external-body MIME type buffer overflow
2008-02-29	2008-02-29	2008-02-29	VU#524857		Learn2 STRunner ActiveX control stack buffer overflows
2006-05-16	2006-05-15	2008-02-26	VU#117929		RealVNC Server does not validate client authentication method
2007-11-19	2007-11-19	2008-02-26	VU#138633	0	Invensys Wonderware InTouch creates insecure NetDDE share
2008-02-20	2007-12-10	2008-02-25	VU#438395		Samba "send_mailslot()" function buffer overflow
2008-02-22	2008-02-13	2008-02-25	VU#264385		OpenCA allows Cross site request forgery (XSRF)

Software Engineering Institute