search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-09-16 2002-03-12 2002-12-10 VU#162723 x_news allows unauthorized users to access administrative menu
2002-09-14 2001-04-03 2003-09-23 VU#208131 Jakarta Tomcat serves JSP source code when supplied malformed HTTP request
2002-11-19 2002-10-30 2002-11-19 VU#361065 The default NTFS permissions are not applied to a converted boot partition on Microsoft Windows 2000 and Windows XP systems when CONVERT.EXE is used
2010-10-22 2010-10-21 2010-10-29 VU#402231 Adobe Shockwave Player Director file 'rcsL' chunk parsing vulnerability
2007-03-14 2007-03-13 2007-10-01 VU#559444 Apple Mac OS X ImageIO integer overflow vulnerability
2002-09-09 2002-05-22 2002-09-09 VU#115731 HP Tru64 UNIX "quot" contains buffer overflow (SSRT2191)
2001-06-15 2000-07-14 2001-08-07 VU#28565 Microsoft Internet Information Server (IIS) discloses contents of files via crafted request containing "+.htr"
2004-03-24 2004-03-19 2004-08-25 VU#132110 Apache HTTP Server vulnerable to DoS race condition in the handling of short-lived connections
2011-10-27 2011-10-27 2011-10-27 VU#402731 Enspire eClient SQL injection allows authentication bypass
2008-06-06 2008-06-04 2008-06-06 VU#526131 HP Online Support Services ActiveX RegistryString() buffer overflow
2004-07-09 2004-06-30 2004-07-09 VU#718896 Cisco Collaboration Server (CCS) ServletExec allows arbitrary file uploading
2003-07-28 2003-07-28 2003-07-29 VU#886796 Cisco Aironet AP1100 fails to provide universal login error messages thereby disclosing validity of user account
2002-06-18 2002-06-17 2002-06-18 VU#664323 webMathematica discloses the contents of arbitrary files when file is requested using the absolute path
2002-08-16 2002-08-16 2002-08-16 VU#399531 Microsoft Windows SQL Server allows arbitrary queries to be executed via "xp_execresultset" extended procedure
2011-03-21 2011-03-21 2011-04-05 VU#376500 Foolabs Xpdf contains a denial of service vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis