search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2004-12-13 2004-11-29 2005-03-17 VU#305294 Shortcuts may insecurely store SMB authentication information
2004-11-29 2004-11-26 2004-12-17 VU#145134 Microsoft Windows Internet Naming Service (WINS) replication protocol contains a heap-based buffer overflow
2005-02-21 2004-11-23 2005-02-21 VU#986504 WinAmp playlist handling may allow a remote buffer overflow and arbitrary code execution
2005-03-04 2004-11-22 2005-04-04 VU#698302 nfs-utils vulnerable to buffer overflow in "getquotainfo()" in "rquota_server.c"
2004-11-23 2004-11-22 2004-11-23 VU#760344 Sun Java Plug-in fails to restrict access to private Java packages
2004-12-21 2004-11-19 2005-06-29 VU#497400 phpBB viewtopic.php fails to properly sanitize input passed to the "highlight" parameter
2005-02-02 2004-11-17 2006-04-19 VU#726198 SMB filesystem read system call vulnerable to buffer overflow
2004-12-17 2004-11-17 2004-12-17 VU#743974 Microsoft Internet Explorer execCommand() method SaveAs command uses misleading "Save HTML Document" dialog
2004-11-17 2004-11-15 2005-04-20 VU#457622 Samba QFILEPATHINFO handling routine contains a remotely exploitable buffer overflow
2004-11-10 2004-11-10 2004-11-11 VU#630104 Cisco IOS fails to properly handle malformed DHCP packets
2005-03-09 2004-11-08 2005-08-01 VU#448384 ISC DHCP contains a format string vulnerabilty in errwarn.c
2004-11-03 2004-11-03 2004-11-03 VU#107998 MailPost vulnerable to cross-site scripting in the 'append' variable passed to the file as part of an HTTP GET request
2004-11-03 2004-11-03 2004-11-03 VU#306086 MailPost vulnerable file system information disclosure via HTTP GET request
2004-11-03 2004-11-03 2004-11-03 VU#858726 MailPost discloses sensitive system information when operating in debug mode
2004-11-03 2004-11-03 2004-11-03 VU#596046 MailPost vulnerable to cross-site scripting via an executable requested with a trailing slash appended to the filename

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis