search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2003-02-12 2003-01-21 2003-02-12 VU#825177 Apache allows arbitrary code execution via crafted POST request containing MS-DOS device name
2003-01-24 2003-01-20 2009-08-17 VU#867593 Web servers enable HTTP TRACE method by default
2003-01-21 2003-01-20 2003-08-20 VU#650937 Concurrent Versions System (CVS) server improperly deallocates memory
2003-01-17 2003-01-17 2003-01-17 VU#862401 HP-UX XServer contains privilege escalation vulnerability
2003-02-04 2003-01-15 2003-05-30 VU#149953 ISC "dhcrelay" fails to limit hop count when malicious bootp packet is received
2003-01-15 2003-01-15 2003-03-26 VU#284857 ISC DHCPD minires library contains multiple buffer overflows
2005-06-27 2003-01-13 2005-06-29 VU#165022 Microsoft Log Sink Class ActiveX control incorrectly marked "safe for scripting"
2004-01-13 2003-01-13 2009-07-29 VU#749342 Multiple vulnerabilities in H.323 implementations
2003-01-15 2003-01-11 2003-01-20 VU#331937 BEA WebLogic Server "ResourceAllocationException" exception may disclose user password
2003-01-06 2003-01-06 2013-09-03 VU#412115 0 Network device drivers reuse old frame buffer data to pad packets
2003-04-30 2003-01-03 2003-10-21 VU#944241 rpc.walld fails to properly validate messages before broadcasting to clients
2003-02-05 2003-01-02 2003-02-06 VU#855635 Sun Solaris lockd(1M) daemon vulnerable to DoS
2005-08-02 2002-12-27 2005-08-31 VU#959203 Cisco IOS OSPF neighbor IO buffer overflow
2003-01-17 2002-12-23 2003-01-17 VU#518057 Sun Solaris AUTH_DES authentication contains vulnerability allowing user to gain escalated privileges
2003-04-17 2002-12-20 2003-04-17 VU#485057 RealNetworks Helix Universal Server vulnerable to buffer overflow when supplied an overly long string for the "Describe" field

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis