search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-05-19 2005-05-19 2005-06-14 VU#155610 Groove Virtual Office COM objects may be accessed insecurely
2006-02-07 2006-02-02 2006-02-09 VU#759273 Mozilla QueryInterface memory corruption vulnerability
2003-01-13 2002-04-23 2003-01-13 VU#772563 Lotus Domino web server vulnerable to buffer overflow via long HTTP authentication header containing non-ASCII characters
2004-04-22 2004-04-14 2004-04-30 VU#352110 BEA WebLogic Server internal methods may disclose sensitive information
2008-03-12 2008-03-11 2008-03-13 VU#654577 Microsoft Office Web Components Spreadsheet ActiveX control URL parsing stack buffer overflow
2006-04-03 1999-04-19 2006-05-02 VU#808921 eBay contains a cross-site scripting vulnerability
2004-03-15 2003-12-15 2004-03-15 VU#878526 Apple Mac OS X "cd9660.util" buffer overflow
2002-06-26 2002-06-24 2002-12-06 VU#369347 OpenSSH vulnerabilities in challenge response handling
2002-09-10 2002-08-30 2002-09-10 VU#173977 HP Tru64 UNIX "ps" contains buffer overflow (SSRT2256)
2003-10-30 2001-09-01 2003-10-30 VU#246147 Morpheus discloses username to remote users
2005-06-14 2005-06-14 2005-06-15 VU#300373 Microsoft Outlook Web Access vulnerable to cross-site scripting
2003-04-10 2003-04-07 2003-07-10 VU#267873 Samba contains multiple buffer overflows
2004-08-27 2004-03-19 2004-08-27 VU#996177 Multiple memory leak vulnerabilities in isakmpd
2003-12-01 2003-11-26 2004-01-05 VU#734644 ISC BIND 8 vulnerable to cache poisoning via negative responses
2001-10-04 2001-07-05 2002-12-18 VU#327281 Solaris rpc.yppasswdd does not adequately check input allowing users to execute arbitrary code

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis