search menu icon-carat-right cmu-wordmark
Carnegie Mellon University

Software Engineering Institute

CERT Coordination Center

CERT/CC Vulnerability Notes Database


Published Public Updated VU# CVSS Title
2002-08-01 2002-06-26 2002-08-28 VU#542971 Multiple vendors' Domain Name System (DNS) stub resolvers vulnerable to buffer overflow via network name and address lookups
2006-12-18 2006-12-06 2007-01-19 VU#296681 Intel network drivers privilege escalation vulnerability
2006-05-09 2006-05-09 2006-06-22 VU#303452 Microsoft Exchange fails to properly handle vCal and iCal properties
2004-03-17 2004-03-17 2004-03-26 VU#484726 OpenSSL does not adequately validate length of Kerberos ticket during SSL/TLS handshake
2007-02-16 2007-01-20 2007-03-05 VU#794752 Apple iChat AIM URI handler format string vulnerability
2002-05-08 2002-04-08 2002-05-08 VU#744139 AOL Instant Messenger installer adds "http://free.aol.com" to Trusted Sites Zone in Microsoft Internet Explorer
2001-11-07 1998-06-11 2003-05-20 VU#13877 Weak CRC allows packet injection into SSH sessions encrypted with block ciphers
2006-11-15 2006-11-14 2006-11-17 VU#197852 Microsoft Internet Explorer fails to properly interpret HTML with certain layout combinations
2005-06-14 2005-06-14 2005-06-27 VU#189754 Microsoft Internet Explorer buffer overflow in PNG image rendering component
2008-03-18 2008-03-18 2008-03-18 VU#992585 Check Point VPN-1 information disclosure vulnerability
2004-06-15 2004-06-14 2004-08-23 VU#973654 Linux kernel fails to properly handle floating point signals generated by "fsave" and "frstor"
2004-03-24 2004-03-22 2004-04-05 VU#124454 Ethereal crashes when processing malformed RADIUS packets
2005-02-08 2005-02-08 2005-02-09 VU#823971 Microsoft Internet Explorer contains a Channel Definition Format (CDF) cross-domain vulnerability
2004-03-25 2004-03-19 2004-03-25 VU#549054 Norton "WrapNISUM Class" (WrapUM.dll) ActiveX control allows remote arbitrary command execution
2004-03-20 2004-03-08 2009-06-12 VU#947254 Internet Security Systems Protocol Analysis Module (PAM) does not properly handle ICQ server response messages

Sponsored by CISA.

Download PGP Key

Read CERT/CC Blog

Learn about Vulnerability Analysis