search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2002-03-11 2002-03-11 2005-07-08 VU#368819 Double Free Bug in zlib Compression Library Corrupts malloc's Internal Data Structures
2010-08-04 2010-08-04 2010-08-05 VU#703189 Invensys Wonderware Archestra ConfigurationAccessComponent ActiveX control stack buffer overflow
2003-06-24 2003-05-28 2003-09-18 VU#479268 Apache HTTPD contains denial of service vulnerability in basic authentication module
2006-04-11 2006-04-11 2006-11-02 VU#234812 RDS.Dataspace ActiveX control bypasses ActiveX security model
2008-01-15 2008-01-15 2008-07-22 VU#347812 UPnP enabled by default in multiple devices
2006-07-27 2006-07-25 2007-02-09 VU#239124 Mozilla fails to properly handle simultaneous XPCOM events
2003-07-18 1998-05-21 2004-02-23 VU#12212 Weaknesses in MIT magic cookie and XDM X Windows authorization
2006-10-11 2006-10-02 2006-11-08 VU#788860 Trend Micro OfficeScan Management Console ActiveX control format string vulnerability
2006-06-06 2006-05-18 2006-06-07 VU#466428 Skype URI handler fails to properly parse parameters
2007-06-15 2004-08-30 2007-06-21 VU#793433 Novell exteNd Director 4.1 LocalExec ActiveX control fails to restrict access to dangerous methods
2001-04-10 2001-04-10 2001-04-11 VU#212088 Alcatel ADSL modems contain a null default password
2001-05-01 2001-03-26 2004-02-23 VU#249224 Hewlett-Packard HP-UX newgrp command does not function properly
2007-01-09 2007-01-09 2007-01-26 VU#271860 Microsoft Outlook fails to properly parse Office Saved Searches (.oss) files
2006-08-08 2006-07-26 2006-08-24 VU#580124 MIT Kerberos (krb5) krshd and v4rcp do not properly validate setuid() or seteuid() calls
2007-03-13 2007-01-28 2007-03-13 VU#363112 Apple CrashDump privilege escalation

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis