search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated ID CVSS Title
2006-07-27 2006-07-25 2007-02-09 VU#670060 Mozilla fails to properly release JavaScript references
2007-08-14 2007-08-13 2007-08-15 VU#993544 Apache Tomcat fails to properly handle cookies containing single quotes
2006-06-27 2006-06-27 2007-08-16 VU#701121 Gracenote CDDB ActiveX control buffer overflow
2002-06-13 1999-05-19 2002-06-25 VU#13121 Microsoft Remote Access Service API contains buffer overflow vulnerability via phonebook entries
2003-06-02 2003-05-12 2003-06-02 VU#272644 Yahoo! Audio Conferencing ActiveX control vulnerable to buffer overflow
2004-04-14 2004-04-13 2004-04-14 VU#547028 Microsoft Windows contains buffer overflow in processing of WMF and EMF image formats
2003-03-04 2003-02-26 2003-05-08 VU#489721 Microsoft Windows Me and XP Help and Support Center does not adequately validate hcp:// URI parameters
2006-07-24 2006-07-12 2006-07-24 VU#167228 Adobe Acrobat fails to properly convert files to PDF
2003-06-05 2003-05-27 2003-06-05 VU#799060 Various Axis products allow unauthorized remote privileged access
2008-03-27 2008-03-25 2008-03-27 VU#466521 Mozilla JavaScript privilege escalation
2006-05-30 2006-05-30 2006-06-07 VU#635721 Secure Elements Class 5 AVR client fails to properly validate a messages target CEID
2004-01-21 2003-11-14 2004-01-21 VU#530660 Microsoft Exchange Server 2003 fails to assign user credentials to proper mailbox
2006-02-14 2006-02-14 2006-02-22 VU#739844 Microsoft Windows Korean Input Method Editor vulnerability
2006-04-03 1999-04-19 2006-05-02 VU#808921 eBay contains a cross-site scripting vulnerability
2001-07-12 2001-04-11 2001-07-12 VU#890128 Lotus Domino vulnerable to a denial of service via DOS device request

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis