search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2001-03-27 2001-03-22 2001-03-31 VU#869360 Unauthentic "Microsoft Corporation" certificates issued by Verisign to an unidentifed person
2004-11-03 2004-11-03 2004-11-03 VU#858726 MailPost discloses sensitive system information when operating in debug mode
2004-07-30 2004-02-15 2004-07-31 VU#266926 Microsoft Internet Explorer contains an integer overflow in the processing of bitmap files
2004-03-23 2004-02-03 2004-03-23 VU#801526 util-linux login program discloses sensitive information
2006-12-13 2006-12-12 2007-01-05 VU#901584 Microsoft Windows SNMP Memory Corruption Vulnerability
2006-05-30 2006-05-30 2006-05-30 VU#346377 Secure Elements Class 5 AVR uses the same encryption key and initialization vector for every message session
2004-10-19 2004-10-13 2004-12-06 VU#673134 Microsoft MSN "Hrtbeat.ocx" ActiveX control contains unspecified vulnerability
2005-05-18 2005-05-18 2005-08-23 VU#637934 TCP does not adequately validate segments before updating timestamp value
2007-04-09 2007-04-03 2007-04-10 VU#388377 Yahoo! Messenger AudioConf ActiveX Control buffer overflow vulnerability
2000-12-04 2000-09-25 2003-01-27 VU#382365 LPRng can pass user-supplied input as a format string parameter to syslog() calls
2004-03-17 2004-03-17 2004-03-26 VU#484726 OpenSSL does not adequately validate length of Kerberos ticket during SSL/TLS handshake
2005-01-20 2005-01-11 2005-02-03 VU#882926 Opera may insecurely execute binary data encoded in a URI
2005-12-02 2005-11-28 2006-01-12 VU#355284 Sun Java Runtime Environment applet privilege escalation vulnerability
2004-02-27 2004-02-13 2004-02-27 VU#150326 Internet Security Systems' BlackICE and RealSecure contain a heap overflow in the processing of SMB packets
2002-05-06 2002-05-05 2002-05-14 VU#635811 Sun Solaris cachefsd vulnerable to heap overflow in cfsd_calloc() function via long string of characters

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis