CERT home
vulnerabilities & fixesevaluations & practicesresearch & analysistraining & education
homesearchFAQsite indexcontact
Vulnerability
Notes
Database

Search Vulnerability Notes

Vulnerability Notes Help Information
 

 View Notes By
Name

ID Number

CVE Name

Date Public

Date Published

Date Updated

Severity Metric



Welcome to the CERT Coordination Center Vulnerability Notes Database!

CERT/CC publishes information on a wide variety of vulnerabilities. Descriptions of these vulnerabilities are available from this web site in a searchable database format, and are published as "Vulnerability Notes." While we track every vulnerability we are aware of, we only publish information about certain vulnerabilities. Factors that determine whether or not we publish include the impact of the vulnerability, population of affected systems, and the availability of accurate information from other sources.

You can search or browse Vulnerability Notes by several key fields, including name, vulnerability ID number, CVE name, date updated, date public, or metric. You can also customize database queries to obtain specific information, such as the ten most recently updated vulnerabilities or the twenty vulnerabilities with the largest metric score.

The Vulnerability Notes database is cross-referenced with the Common Vulnerabilities and Exposures (CVE) catalog. You can search for vulnerabilities by CVE name or browse our list of vulnerabilities in CVE name order. This information allows you to easily cross reference vulnerabilities described here with those at other sites. More information about CVE can be found at their web site.

Detailed descriptions of the fields in Vulnerability Notes are available from our help page. Help is also available for customizing search queries and view features.

Your comments and suggestions on this database are greatly appreciated!
 

 Search Vulnerability Notes
 Customized Search
 
Recent Vulnerability Notes
VU#343355Apache Tomcat UTF8 Directory Traversal Vulnerability
VU#938323Postfix local privilege escalation
VU#778427Intrinsic Swimage Encore does not securely manage login credentials
VU#661827Cisco WebEx Meeting Manager WebexUCFObject ActiveX Control stack buffer overflow
VU#309739Microsoft Color Management System (MSCMS) module remote code execution
VU#663763Apache mod_proxy_ftp XSS vulnerability
VU#716387Oracle Weblogic Apache connector vulnerable to buffer overflow
VU#298651RealNetworks RealPlayer Shockwave Flash (SWF) file vulnerability
VU#461187RealPlayer file deletion overflow vulnerability
VU#329772NetApp Data ONTAP contains multiple vulnerabilities

Copyright 2008 Carnegie Mellon University