search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-10-11 2006-10-02 2006-11-08 VU#788860 Trend Micro OfficeScan Management Console ActiveX control format string vulnerability
2003-07-18 1998-05-21 2004-02-23 VU#12212 Weaknesses in MIT magic cookie and XDM X Windows authorization
2007-01-09 2007-01-09 2007-01-26 VU#271860 Microsoft Outlook fails to properly parse Office Saved Searches (.oss) files
2004-04-07 2004-04-07 2004-04-23 VU#659228 Cisco WLSE and HSE devices contain hardcoded username and password
2001-04-10 2001-04-10 2001-04-11 VU#212088 Alcatel ADSL modems contain a null default password
2007-03-13 2007-01-28 2007-03-13 VU#363112 Apple CrashDump privilege escalation
2001-06-01 2001-02-20 2001-08-30 VU#396624 Hewlett-Packard MPE/iX NM Debug does not always handle breakpoints correctly
2007-10-19 2007-10-19 2007-10-19 VU#559977 Mozilla products vulnerable to memory corruption in the browser engine
2003-06-05 2003-04-23 2003-06-05 VU#697049 Cisco Secure ACS for Windows CSAdmin vulnerable to buffer overflow via login requests
2008-03-12 2008-03-11 2009-04-13 VU#362849 Adobe Form Designer and Advanced Form Client ActiveX controls contain multiple buffer overflows
2005-06-08 2005-04-06 2005-06-08 VU#236748 Cisco IOS Easy VPN Server fails to properly process ISAKMP profile attributes
2003-07-31 2003-07-31 2003-08-11 VU#579324 Cisco IOS HTTP Server vulnerable to buffer overflow when processing overly large malformed HTTP GET request
2006-04-20 2006-04-18 2006-04-20 VU#139049 Oracle DBMS_REPUTIL package vulnerable to SQL injection
2005-08-17 2005-08-15 2005-08-17 VU#461412 Apple Mac OS X Server servermgrd authentication vulnerable to buffer overflow
2011-12-07 2011-12-07 2011-12-09 VU#713012 CA Siteminder login.fcc form xss vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis