search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2007-05-09 2007-05-08 2007-05-09 VU#555489 Microsoft Word fails to properly parse crafted rich text content
2005-08-12 2005-08-12 2007-01-12 VU#378957 VERITAS Backup Exec uses hard-coded authentication credentials
2006-10-09 2006-10-09 2006-10-12 VU#661524 AOL YGP Pic Downloader Plugin ActiveX control buffer overflow
2007-02-22 2007-02-21 2007-02-27 VU#615857 Google Desktop vulnerable to cross-site scripting
2006-06-02 2006-06-01 2007-02-09 VU#237257 Mozilla privilege escalation using addSelectionListener
2006-05-05 2006-05-02 2006-05-17 VU#602457 MySQL fails to properly validate COM_TABLE_DUMP packets
2007-02-13 2007-02-13 2007-02-23 VU#753924 Microsoft Internet Explorer fails to properly instantiate COM objects
2005-08-12 2005-05-24 2005-08-15 VU#814557 GNOME gedit contains format string vulnerability
2008-10-30 2008-10-21 2011-07-22 VU#183657 libspf2 DNS TXT record parsing buffer overflow
2001-09-28 2000-12-01 2001-09-28 VU#872257 IBM AIX enq buffer overflow in -M argument
2007-07-12 2007-07-10 2007-07-16 VU#138457 Adobe Flash Player fails to properly validate HTTP Referers
2002-08-05 2001-12-17 2003-04-11 VU#157795 Magic Enterprise contains multiple shell scripts that allow arbitrary file overwriting via symlink redirection of temporary file
2001-12-12 2001-11-13 2002-01-31 VU#880624 Compaq Tru64 Unix inetd vulnerable to DoS
2005-09-20 2005-09-14 2005-10-04 VU#757181 TWiki does not properly sanitize URI parameters
2005-01-21 2005-01-19 2005-01-21 VU#613384 Cisco IOS embedded call processing solutions contain unspecified DoS vulnerability

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis