search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-12-16 2002-12-16 2003-06-18 VU#389665 Multiple vendors' SSH transport layer protocol implementations contain vulnerabilities in key exchange and initialization
2004-10-19 2004-10-13 2004-12-06 VU#673134 Microsoft MSN "Hrtbeat.ocx" ActiveX control contains unspecified vulnerability
2005-05-18 2005-05-18 2005-08-23 VU#637934 TCP does not adequately validate segments before updating timestamp value
2007-04-09 2007-04-03 2007-04-10 VU#388377 Yahoo! Messenger AudioConf ActiveX Control buffer overflow vulnerability
2007-12-12 2007-12-11 2007-12-12 VU#520465 Microsoft SMBv2 signing vulnerability
2005-12-02 2005-11-28 2006-01-12 VU#355284 Sun Java Runtime Environment applet privilege escalation vulnerability
2002-05-06 2002-05-05 2002-05-14 VU#635811 Sun Solaris cachefsd vulnerable to heap overflow in cfsd_calloc() function via long string of characters
2010-05-10 2010-05-07 2010-07-27 VU#943165 Apple Safari window object invalid pointer vulnerability
2007-02-15 2007-02-13 2007-02-22 VU#240796 Microsoft Windows Shell vulnerable to privilege escalation
2001-11-15 2001-07-09 2001-11-15 VU#349019 Tripwire vulnerable to arbitrary file overwriting via symlink redirection of temporary file
2006-09-01 2006-09-01 2006-09-08 VU#649289 Retro64 / Miniclip CR64Loader ActiveX control buffer overflow
2006-10-25 2006-08-29 2006-10-25 VU#300368 X.Org fails to check for setuid failure on Linux systems
2006-11-30 2006-11-01 2006-11-30 VU#191336 Apple AirPort driver fails to properly handle probe response frames
2002-10-01 2002-10-01 2003-04-15 VU#738331 Domain Name System (DNS) resolver libraries vulnerable to read buffer overflow
2001-09-17 2001-04-15 2001-09-17 VU#401808 exuberant-ctags creates temporary files insecurely

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis