search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-07-12 2001-04-11 2001-07-17 VU#642760 Lotus Domino vulnerable to DoS via large crafted URL request
2010-11-19 2009-09-30 2010-11-19 VU#479051 OSIsoft PI Server provides an insecure authentication mechanism
2006-09-19 2006-06-19 2011-07-22 VU#933712 gzip NULL dereference in huft_build()
2011-02-03 2010-09-21 2011-02-03 VU#660688 SCADA Engine BACnet OPC Client buffer overflow vulnerability
2007-12-04 2007-11-05 2007-12-04 VU#237888 Mortbay Jetty Dump Servlet vulnerable to cross-site scripting
2004-01-22 2004-01-19 2004-01-23 VU#927630 NetScreen-Security Manager fails to encrypt communications with managed devices
2001-09-27 2001-01-30 2001-09-27 VU#115112 Sun Solaris catman creates temporary files insecurely
2005-06-14 2005-06-14 2005-07-06 VU#367077 Microsoft ISA Server 2000 vulnerable to privilege escalation via "NETBIOS" connection
2007-12-04 2007-11-03 2007-12-04 VU#212984 Mortbay Jetty vulnerable to HTTP response splitting
2006-10-02 2006-09-29 2006-10-02 VU#897628 Apple Mac OS X may allow network accounts to bypass service access controls
2006-09-27 2006-07-18 2006-10-10 VU#753044 Microsoft Windows WebViewFolderIcon ActiveX integer overflow
2008-01-22 2008-01-17 2008-04-29 VU#248184 Skype does not properly filter input from external websites
2005-12-02 2005-11-28 2006-01-13 VU#974188 Sun Java Runtime Environment "reflection" API privilege elevation vulnerabilities
2001-06-01 2001-02-20 2001-08-30 VU#112912 Hewlett-Packard MPE/iX linkeditor permits privilege escalation
2000-11-08 2000-10-25 2004-03-30 VU#683677 Cisco IOS software vulnerable to DoS via HTTP request containing "?/"

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis