search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-11-03 2004-11-02 2004-12-10 VU#842160 Microsoft Internet Explorer vulnerable to buffer overflow via FRAME and IFRAME elements
2006-11-29 2006-11-28 2006-11-30 VU#870960 Apple Mac OS X PPP driver fails to properly validate PADI packets
2000-11-08 2000-10-25 2004-03-30 VU#683677 Cisco IOS software vulnerable to DoS via HTTP request containing "?/"
2005-06-14 2005-06-14 2005-07-06 VU#367077 Microsoft ISA Server 2000 vulnerable to privilege escalation via "NETBIOS" connection
2003-06-27 2003-06-22 2003-09-03 VU#823260 Microsoft Windows HTML conversion library vulnerable to buffer overflow
2001-07-12 2001-04-11 2001-07-17 VU#642760 Lotus Domino vulnerable to DoS via large crafted URL request
2004-12-16 2004-12-14 2004-12-16 VU#378160 Microsoft Windows Internet Naming Service (WINS) contains a buffer overflow
2005-10-26 2005-10-25 2005-10-31 VU#905177 Skype vulnerable to heap-based buffer overflow
2005-01-27 2005-01-04 2005-04-28 VU#702777 UW-imapd fails to properly authenticate users when using CRAM-MD5
2006-02-13 2006-02-06 2006-02-14 VU#124460 Microsoft HTML Help Workshop buffer overflow
2002-07-26 2002-07-24 2003-02-05 VU#399260 Microsoft SQL Server 2000 contains heap buffer overflow in SQL Server Resolution Service
2001-09-26 1998-07-06 2001-09-26 VU#182777 IBM AIX nslookup buffer overflow in lex routines
2005-03-17 2005-03-17 2005-04-20 VU#131828 NotifyLink web client fails to adequately restrict access to administrative functions
2006-03-14 2005-12-07 2006-03-14 VU#642428 Microsoft Excel fails to properly perform range validation when parsing document files
2004-07-14 2004-07-13 2004-07-14 VU#920060 Microsoft Windows HTML Help component fails to properly validate input data

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis