search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-12-02 2005-11-28 2006-01-12 VU#355284 Sun Java Runtime Environment applet privilege escalation vulnerability
2002-09-14 2001-04-03 2003-09-23 VU#208131 Jakarta Tomcat serves JSP source code when supplied malformed HTTP request
2002-05-06 2002-05-05 2002-05-14 VU#635811 Sun Solaris cachefsd vulnerable to heap overflow in cfsd_calloc() function via long string of characters
2010-10-22 2010-10-21 2010-10-29 VU#402231 Adobe Shockwave Player Director file 'rcsL' chunk parsing vulnerability
2001-11-15 2001-07-09 2001-11-15 VU#349019 Tripwire vulnerable to arbitrary file overwriting via symlink redirection of temporary file
2006-09-01 2006-09-01 2006-09-08 VU#649289 Retro64 / Miniclip CR64Loader ActiveX control buffer overflow
2006-10-25 2006-08-29 2006-10-25 VU#300368 X.Org fails to check for setuid failure on Linux systems
2001-09-17 2001-04-15 2001-09-17 VU#401808 exuberant-ctags creates temporary files insecurely
2005-05-16 2005-05-03 2005-05-18 VU#582934 Apple Mac OS X Foundation Framework vulnerable to buffer overflow via incorrect handling of an environmental variable
2008-06-06 2008-06-04 2008-06-06 VU#526131 HP Online Support Services ActiveX RegistryString() buffer overflow
2004-07-09 2004-06-30 2004-07-09 VU#718896 Cisco Collaboration Server (CCS) ServletExec allows arbitrary file uploading
2003-07-28 2003-07-28 2003-07-29 VU#886796 Cisco Aironet AP1100 fails to provide universal login error messages thereby disclosing validity of user account
2004-11-29 2004-11-26 2004-12-17 VU#145134 Microsoft Windows Internet Naming Service (WINS) replication protocol contains a heap-based buffer overflow
2002-08-16 2002-08-16 2002-08-16 VU#399531 Microsoft Windows SQL Server allows arbitrary queries to be executed via "xp_execresultset" extended procedure
2005-07-13 2005-07-13 2005-07-20 VU#258834 WebEOC privileges are based on client-side authorization

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis