search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-04-05 2005-03-27 2005-12-22 VU#685461 Linux kernel Bluetooth support fails to properly bounds check "protocol" variable
2006-08-08 2006-08-08 2006-08-08 VU#159484 Microsoft Visual Basic for Applications buffer overflow
2006-06-05 2006-06-05 2006-06-05 VU#999884 TIBCO Rendezvous daemon components contain a buffer overflow in the HTTP administrative interface
2002-09-26 2002-09-25 2003-05-30 VU#406121 Apache mod_dav module vulnerable to DoS
2006-08-08 2006-08-08 2006-08-08 VU#908276 Microsoft Winsock buffer overflow
2007-04-30 2007-05-14 2007-05-18 VU#857153 OPeNDAP code execution vulnerability
2002-04-05 2001-01-24 2002-04-05 VU#541384 AOL Instant Messenger saves code embedded in image tag to conversation log which could be viewed/executed by a browser
2006-09-20 2006-09-20 2006-09-20 VU#658884 Cisco IPS fails to properly check fragmented IP packets
2006-07-06 2006-06-21 2009-04-13 VU#597721 eBay Enhanced Picture Services ActiveX control buffer overflow
2007-11-24 2007-11-23 2008-01-11 VU#659761 Apple QuickTime RTSP Content-Type header stack buffer overflow
2005-06-07 2005-04-15 2005-06-07 VU#366372 RSA Authentication Agent for Web fails to properly validate input
2003-08-18 2002-04-24 2003-08-18 VU#498707 IRISconsole allows login to the "iceadmin" account with incorrect password
2004-12-17 2004-12-16 2005-01-05 VU#226184 Samba vulnerable to integer overflow processing file security descriptors
2001-05-14 2000-11-28 2006-03-30 VU#959207 Lotus Notes Java VM leaks file existence through timing difference in ECLs
2003-03-06 2003-03-04 2003-03-07 VU#100937 Automatic File Content Type Recognition Tool contains memory allocation problem

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis