search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2005-09-07 2005-09-07 2005-09-09 VU#236045 Cisco IOS Firewall Authentication Proxy vulnerable to buffer overflow via specially crafted user authentication credentials
2008-01-25 2008-01-24 2008-12-18 VU#339345 GE Fanuc Proficy Information Portal allows arbitrary file upload and execution
2007-05-08 2007-05-08 2007-05-09 VU#343145 Microsoft Exchange Server fails to properly decode MIME email messages
2008-06-11 2008-06-11 2008-10-08 VU#476345 Citect CitectSCADA ODBC service buffer overflow
2002-07-31 2002-04-01 2002-07-31 VU#158323 Oracle Configurator discloses version and host information via "test" argument passed to servlet
2003-03-03 2003-03-03 2003-05-20 VU#916785 Buffer overflow in Snort RPC preprocessor
2002-09-20 2002-09-11 2003-02-06 VU#603945 Slash-based bulletin boards contain a "quick login" feature that may disclose username and password
2004-08-27 2004-03-19 2004-08-27 VU#785945 isakmpd crashes when handling ISAKMP packets with malformed "Security Association Payload"
2006-05-15 2006-05-11 2006-05-17 VU#570689 Apple QuickTime FlashPix integer overflow
2002-10-28 2002-04-15 2002-10-28 VU#582923 webalizer vulnerable to buffer overflow when performing reverse DNS lookups
2001-12-20 2001-10-10 2001-12-21 VU#140723 Advanced Poll does not adequately authenticate users
2003-06-27 2003-06-22 2003-09-03 VU#823260 Microsoft Windows HTML conversion library vulnerable to buffer overflow
2008-02-22 2008-02-13 2008-02-25 VU#264385 OpenCA allows Cross site request forgery (XSRF)
2000-10-02 2000-06-23 2001-02-19 VU#29823 Format string input validation error in wu-ftpd site_exec() function
2007-08-29 2007-08-27 2007-08-30 VU#281977 Quiksoft EasyMail SMTP ActiveX control stack buffer overflow vulnerabilities

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis