search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-08-10 2002-03-27 2002-08-10 VU#495275 Cisco CallManager contains memory leak
2004-04-23 2004-04-21 2004-04-23 VU#574222 BEA WebLogic Server configuration wizard stores administrative credentials in clear text log files
2004-11-17 2004-11-15 2005-04-20 VU#457622 Samba QFILEPATHINFO handling routine contains a remotely exploitable buffer overflow
2006-02-13 2006-02-06 2006-02-14 VU#124460 Microsoft HTML Help Workshop buffer overflow
2002-03-15 1999-08-23 2002-05-03 VU#634847 XDMCP leaks sensitive information by default configuration
2002-09-27 2001-10-13 2002-09-27 VU#921547 PostNuke does not adequately validate user input thereby allowing malicious user to bypass user authentication via SQL injection
2005-06-27 2003-01-13 2005-06-29 VU#165022 Microsoft Log Sink Class ActiveX control incorrectly marked "safe for scripting"
2004-04-14 2004-04-13 2004-04-14 VU#753212 Microsoft LSA Service contains buffer overflow in DsRolepInitializeLog() function
2005-02-10 2005-02-08 2005-02-22 VU#107822 Symantec products vulnerable to buffer overflow via a specially crafted UPX file
2005-01-27 2005-01-04 2005-04-28 VU#702777 UW-imapd fails to properly authenticate users when using CRAM-MD5
2010-10-13 2010-10-13 2010-10-14 VU#989719 SAP BusinessObjects Axis2 Default Admin Password
2001-08-09 2001-02-07 2004-07-28 VU#391347 phpSecurePages allows remote code execution
2005-09-02 2005-08-30 2005-09-02 VU#619812 UMN Gopher vulnerable to buffer overflow via overly long "+VIEWS:"
2004-04-14 2004-04-13 2004-04-14 VU#526084 Microsoft Windows Utility Manager contains vulnerability in the way it launches applications
2005-10-26 2005-10-25 2005-10-31 VU#905177 Skype vulnerable to heap-based buffer overflow

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis