CVE-2010-0xxx

There are 974 CVE in this subgroup.
Last updated: 
← Back to 2010
ID Summary Flags Max Score
CVE-2010-0001 Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used i...
CVE-2010-0002 The /etc/profile.d/60alias.sh script in the Mandriva bash package for Bash 2.05b, 3.0, 3.2, 3.2.48, ...
S
CVE-2010-0003 The print_fatal_signal function in kernel/signal.c in the Linux kernel before 2.6.32.4 on the i386 p...
CVE-2010-0004 ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which...
CVE-2010-0005 query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify a...
S
CVE-2010-0006 The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network ...
CVE-2010-0007 net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kerne...
S
CVE-2010-0008 The sctp_rcv_ootb function in the SCTP implementation in the Linux kernel before 2.6.23 allows remot...
S
CVE-2010-0009 Apache CouchDB 0.8.0 through 0.10.1 allows remote attackers to obtain sensitive information by measu...
S
CVE-2010-0010 Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache H...
E
CVE-2010-0011 The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl obj...
S
CVE-2010-0012 Directory traversal vulnerability in libtransmission/metainfo.c in Transmission 1.22, 1.34, 1.75, an...
S
CVE-2010-0013 Directory traversal vulnerability in slp.c in the MSN protocol plugin in libpurple in Pidgin 2.6.4 a...
S
CVE-2010-0014 System Security Services Daemon (SSSD) before 1.0.1, when the krb5 auth_provider is configured but t...
S
CVE-2010-0015 nis/nss_nis/nis-pwd.c in the GNU C Library (aka glibc or libc6) 2.7 and Embedded GLIBC (EGLIBC) 2.10...
CVE-2010-0016 The SMB client implementation in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 doe...
CVE-2010-0017 Race condition in the SMB client implementation in Microsoft Windows Server 2008 R2 and Windows 7 al...
CVE-2010-0018 Integer overflow in the Embedded OpenType (EOT) Font Engine (t2embed.dll) in Microsoft Windows 2000 ...
CVE-2010-0019 Microsoft Silverlight 3 before 3.0.50611.0 on Windows, and before 3.0.41130.0 on Mac OS X, does not ...
CVE-2010-0020 The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, ...
CVE-2010-0021 Multiple race conditions in the SMB implementation in the Server service in Microsoft Windows Vista ...
CVE-2010-0022 The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, ...
CVE-2010-0023 The Client/Server Run-time Subsystem (CSRSS) in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Serv...
CVE-2010-0024 The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 G...
S
CVE-2010-0025 The SMTP component in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Server 2008 G...
S
CVE-2010-0026 The Hyper-V server implementation in Microsoft Windows Server 2008 Gold, SP2, and R2 on the x64 plat...
CVE-2010-0027 The URL validation functionality in Microsoft Internet Explorer 5.01, 6, 6 SP1, 7 and 8, and the She...
CVE-2010-0028 Integer overflow in Microsoft Paint in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows ...
CVE-2010-0029 Buffer overflow in Microsoft Office PowerPoint 2002 SP3 allows remote attackers to execute arbitrary...
CVE-2010-0030 Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attack...
CVE-2010-0031 Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Office 200...
CVE-2010-0032 Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote atta...
CVE-2010-0033 Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execu...
CVE-2010-0034 Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execu...
CVE-2010-0035 The Key Distribution Center (KDC) in Kerberos in Microsoft Windows 2000 SP4, Server 2003 SP2, and Se...
CVE-2010-0036 Buffer overflow in CoreAudio in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute ...
S
CVE-2010-0037 Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.2 allows remote attackers to execute ...
CVE-2010-0038 Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, ...
CVE-2010-0039 The Application-Level Gateway (ALG) on the Apple Time Capsule, AirPort Extreme Base Station, and Air...
S
CVE-2010-0040 Integer overflow in ColorSync in Apple Safari before 4.0.5 on Windows, and iTunes before 9.1, allows...
S
CVE-2010-0041 ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory ac...
S
CVE-2010-0042 ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows does not ensure that memory ac...
S
CVE-2010-0043 ImageIO in Apple Safari before 4.0.5 and iTunes before 9.1 on Windows allows remote attackers to exe...
S
CVE-2010-0044 PubSub in Apple Safari before 4.0.5 does not properly implement use of the Accept Cookies preference...
S
CVE-2010-0045 Apple Safari before 4.0.5 on Windows does not properly validate external URL schemes, which allows r...
S
CVE-2010-0046 The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 4.0.5 allows remote...
S
CVE-2010-0047 Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execu...
S
CVE-2010-0048 Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execu...
CVE-2010-0049 Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execu...
S
CVE-2010-0050 Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execu...
S
CVE-2010-0051 WebKit in Apple Safari before 4.0.5 does not properly validate the cross-origin loading of styleshee...
S
CVE-2010-0052 Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execu...
S
CVE-2010-0053 Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execu...
CVE-2010-0054 Use-after-free vulnerability in WebKit in Apple Safari before 4.0.5 allows remote attackers to execu...
S
CVE-2010-0055 xar in Apple Mac OS X 10.5.8 does not properly validate package signatures, which allows attackers t...
S
CVE-2010-0056 Buffer overflow in Cocoa spell checking in AppKit in Apple Mac OS X 10.5.8 allows user-assisted remo...
S
CVE-2010-0057 AFP Server in Apple Mac OS X before 10.6.3 does not prevent guest use of AFP shares when guest acces...
S
CVE-2010-0058 freshclam in ClamAV in Apple Mac OS X 10.5.8 with Security Update 2009-005 has an incorrect launchd....
S
CVE-2010-0059 CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause...
S
CVE-2010-0060 CoreAudio in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause...
S
CVE-2010-0061 Rejected reason: This candidate is unused by its CNA....
R
CVE-2010-0062 Heap-based buffer overflow in quicktime.qts in CoreMedia and QuickTime in Apple Mac OS X before 10.6...
S
CVE-2010-0063 Incomplete blacklist vulnerability in CoreTypes in Apple Mac OS X before 10.6.3 makes it easier for ...
S
CVE-2010-0064 DesktopServices in Apple Mac OS X 10.6 before 10.6.3 preserves file ownership during an authenticate...
S
CVE-2010-0065 Disk Images in Apple Mac OS X before 10.6.3 allows user-assisted remote attackers to execute arbitra...
S
CVE-2010-0066 Unspecified vulnerability in the Access Manager Identity Server component in Oracle Application Serv...
CVE-2010-0067 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 1...
CVE-2010-0068 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.0, 9.1, 9.2MP2, an...
CVE-2010-0069 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 7.0, SP7, 8.1SP6, 9....
S
CVE-2010-0070 Unspecified vulnerability in the Oracle Containers for J2EE component in Oracle Application Server 1...
CVE-2010-0071 Unspecified vulnerability in the Listener component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5,...
CVE-2010-0072 Unspecified vulnerability in the Oracle Secure Backup component in Oracle Secure Backup 10.2.0.3 all...
CVE-2010-0073 Unspecified vulnerability in the WebLogic Server in Oracle WebLogic Server 7.0 SP7, 8.1 SP6, 9.0, 9....
S
CVE-2010-0074 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 7.0SP7, 8.1SP6, 9.0,...
CVE-2010-0075 Unspecified vulnerability in the Oracle HRMS (Self Service) component in Oracle E-Business Suite 11....
CVE-2010-0076 Unspecified vulnerability in the Application Express Application Builder component in Oracle Databas...
CVE-2010-0077 Unspecified vulnerability in the CRM Technical Foundation (mobile) component in Oracle E-Business Su...
CVE-2010-0078 Unspecified vulnerability in the WebLogic Server component in BEA Product Suite 9.0, 9.1, 9.2MP3, 10...
CVE-2010-0079 Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, ...
CVE-2010-0080 Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile component in Oracle PeopleSoft...
CVE-2010-0081 Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10...
CVE-2010-0082 Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 ...
CVE-2010-0083 Unspecified vulnerability in Oracle OpenSolaris 8, 9, and 10 allows remote attackers to affect confi...
CVE-2010-0084 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B...
CVE-2010-0085 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B...
CVE-2010-0086 Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote...
CVE-2010-0087 Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java f...
CVE-2010-0088 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B...
CVE-2010-0089 Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java f...
CVE-2010-0090 Unspecified vulnerability in the Java Web Start, Java Plug-in component in Oracle Java SE and Java f...
CVE-2010-0091 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B...
CVE-2010-0092 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B...
CVE-2010-0093 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B...
CVE-2010-0094 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B...
CVE-2010-0095 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B...
CVE-2010-0097 ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7...
CVE-2010-0098 ClamAV before 0.96 does not properly handle the (1) CAB and (2) 7z file formats, which allows remote...
S
CVE-2010-0099 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0092. Reason: This candida...
R
CVE-2010-0101 The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, includin...
CVE-2010-0103 UsbCharger.dll in the Energizer DUO USB battery charger software contains a backdoor that is impleme...
E
CVE-2010-0104 Unspecified vulnerability in the Broadcom Integrated NIC Management Firmware 1.x before 1.40.0.0 and...
S
CVE-2010-0105 The hfs implementation in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 supports hard links to dire...
E
CVE-2010-0106 The on-demand scanning in Symantec AntiVirus 10.0.x and 10.1.x before MR9, AntiVirus 10.2.x, and Cli...
CVE-2010-0107 Buffer overflow in an ActiveX control (SYMLTCOM.dll) in Symantec N360 1.0 and 2.0; Norton Internet S...
CVE-2010-0108 Buffer overflow in the cliproxy.objects.1 ActiveX control in the Symantec Client Proxy (CLIproxy.dll...
CVE-2010-0109 DBManager in Symantec Altiris Deployment Solution 6.9.x before DS 6.9 SP4 allows remote attackers to...
S
CVE-2010-0110 Multiple stack-based buffer overflows in Intel Alert Management System (aka AMS or AMS2), as used in...
CVE-2010-0111 HDNLRSVC.EXE in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert ...
CVE-2010-0112 Multiple SQL injection vulnerabilities in the Administrative Interface in the IIS extension in Syman...
CVE-2010-0113 The Symantec Norton Mobile Security application 1.0 Beta for Android records setup details, possibly...
CVE-2010-0114 fw_charts.php in the reporting module in the Manager (aka SEPM) component in Symantec Endpoint Prote...
CVE-2010-0115 SQL injection vulnerability in login.php in the GUI management console in Symantec Web Gateway 4.5 b...
CVE-2010-0116 Integer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on...
CVE-2010-0117 RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.1.4 on Windows do not prop...
CVE-2010-0118 Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspeci...
CVE-2010-0119 Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command ...
CVE-2010-0120 Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 throug...
CVE-2010-0121 The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.5, Mac Re...
CVE-2010-0122 Multiple SQL injection vulnerabilities in Employee Timeclock Software 0.99 allow remote attackers to...
CVE-2010-0123 The database backup implementation in Employee Timeclock Software 0.99 stores sensitive information ...
CVE-2010-0124 Employee Timeclock Software 0.99 places the database password on the mysqldump command line, which a...
CVE-2010-0125 RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPlayer Enterprise 2....
CVE-2010-0126 Heap-based buffer overflow in an unspecified library in Autonomy KeyView 10.4 and 10.9, as used in m...
CVE-2010-0127 Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause ...
S
CVE-2010-0128 Integer signedness error in dirapi.dll in Adobe Shockwave Player before 11.5.7.609 and Adobe Directo...
S
CVE-2010-0129 Multiple integer overflows in Adobe Shockwave Player before 11.5.7.609 allow remote attackers to cau...
S
CVE-2010-0130 Integer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers to execute...
S
CVE-2010-0131 Stack-based buffer overflow in the SpreadSheet Lotus 123 reader (wkssr.dll), as used in Autonomy Key...
CVE-2010-0132 Cross-site scripting (XSS) vulnerability in ViewVC 1.1 before 1.1.5 and 1.0 before 1.0.11, when the ...
S
CVE-2010-0133 Multiple stack-based buffer overflows in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy Ke...
CVE-2010-0134 Integer signedness error in rtfsr.dll in Autonomy KeyView 10.4 and 10.9, as used in multiple IBM, Sy...
CVE-2010-0135 Heap-based buffer overflow in the WordPerfect 5.x reader (wosr.dll), as used in Autonomy KeyView 10....
CVE-2010-0136 OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for Applications...
CVE-2010-0137 Unspecified vulnerability in the sshd_child_handler process in the SSH server in Cisco IOS XR 3.4.1 ...
S
CVE-2010-0138 Buffer overflow in Cisco CiscoWorks Internetwork Performance Monitor (IPM) 2.6 and earlier on Window...
CVE-2010-0139 Cisco Unified MeetingPlace 7 before 7.0(2.3) hotfix 5F, 6 before 6.0.639.2, and possibly 5 does not ...
S
CVE-2010-0140 Multiple unspecified vulnerabilities in the web server in Cisco Unified MeetingPlace 7 before 7.0(2....
S
CVE-2010-0141 MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote attackers to d...
S
CVE-2010-0142 MeetingTime in Cisco Unified MeetingPlace 6 before MR5, and possibly 5, allows remote authenticated ...
S
CVE-2010-0143 Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco ...
S
CVE-2010-0144 Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisc...
S
CVE-2010-0145 Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6....
S
CVE-2010-0146 Directory traversal vulnerability in the Management Center for Cisco Security Agents 6.0 allows remo...
S
CVE-2010-0147 SQL injection vulnerability in the Management Center for Cisco Security Agents 5.1 before 5.1.0.117,...
S
CVE-2010-0148 Unspecified vulnerability in Cisco Security Agent 5.2 before 5.2.0.285, when running on Linux, allow...
S
CVE-2010-0149 Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.46),...
CVE-2010-0150 Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10),...
CVE-2010-0151 The Cisco Firewall Services Module (FWSM) 4.0 before 4.0(8), as used in for the Cisco Catalyst 6500 ...
S
CVE-2010-0152 Multiple cross-site scripting (XSS) vulnerabilities in the Local Management Interface (LMI) on the I...
E
CVE-2010-0153 Multiple cross-site request forgery (CSRF) vulnerabilities in the Local Management Interface (LMI) o...
CVE-2010-0154 Directory traversal vulnerability in sla/index.php in the Local Management Interface (LMI) on the IB...
E
CVE-2010-0155 CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM Proventi...
CVE-2010-0156 Puppet 0.24.x before 0.24.9 and 0.25.x before 0.25.2 allows local users to overwrite arbitrary files...
S
CVE-2010-0157 Directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allo...
E
CVE-2010-0158 SQL injection vulnerability in the JoomlaBamboo (JB) Simpla Admin template for Joomla! allows remote...
E
CVE-2010-0159 The browser engine in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, Thunderbird before...
CVE-2010-0160 The Web Worker functionality in Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaM...
S
CVE-2010-0161 The nsAuthSSPI::Unwrap function in extensions/auth/nsAuthSSPI.cpp in Mozilla Thunderbird before 2.0....
S
CVE-2010-0162 Mozilla Firefox 3.0.x before 3.0.18 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, does not pro...
CVE-2010-0163 Mozilla Thunderbird before 2.0.0.24 and SeaMonkey before 1.1.19 process e-mail attachments with a pa...
S
CVE-2010-0164 Use-after-free vulnerability in the imgContainer::InternalAddFrameHelper function in src/imgContaine...
E
CVE-2010-0165 The TraceRecorder::traverseScopeChain function in js/src/jstracer.cpp in the browser engine in Mozil...
CVE-2010-0166 The gfxTextRun::SanitizeGlyphRuns function in gfx/thebes/src/gfxFont.cpp in the browser engine in Mo...
CVE-2010-0167 The browser engine in Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6....
S
CVE-2010-0168 The nsDocument::MaybePreLoadImage function in content/base/src/nsDocument.cpp in the image-preloadin...
S
CVE-2010-0169 The CSSLoaderImpl::DoSheetComplete function in layout/style/nsCSSLoader.cpp in Mozilla Firefox 3.0.x...
CVE-2010-0170 Mozilla Firefox 3.6 before 3.6.2 does not offer plugins the expected window.location protection mech...
CVE-2010-0171 Mozilla Firefox 3.0.x before 3.0.18, 3.5.x before 3.5.8, and 3.6.x before 3.6.2; Thunderbird before ...
S
CVE-2010-0172 toolkit/components/passwordmgr/src/nsLoginManagerPrompter.js in the asynchronous Authorization Promp...
S
CVE-2010-0173 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.9 and 3.6.x...
CVE-2010-0174 Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.0.19, 3.5.x b...
CVE-2010-0175 Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 ...
CVE-2010-0176 Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2; Thunderbird before 3.0.4;...
CVE-2010-0177 Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0....
CVE-2010-0178 Mozilla Firefox before 3.0.19, 3.5.x before 3.5.9, and 3.6.x before 3.6.2, and SeaMonkey before 2.0....
CVE-2010-0179 Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.8, and SeaMonkey before 2.0.3, when the XMLHttpRe...
CVE-2010-0180 Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6 and 3.7, when use_suexec is enabled, uses world-...
CVE-2010-0181 Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, and SeaMonkey before 2.0.4, executes a mail app...
CVE-2010-0182 The XMLDocument::load function in Mozilla Firefox before 3.5.9 and 3.6.x before 3.6.2, Thunderbird b...
CVE-2010-0183 Use-after-free vulnerability in the nsCycleCollector::MarkRoots function in Mozilla Firefox 3.5.x be...
CVE-2010-0184 The (1) domainutility and (2) domainutilitycmd components in TIBCO Domain Utility in TIBCO Runtime A...
CVE-2010-0185 The default configuration of Adobe ColdFusion 9.0 does not restrict access to collections that have ...
CVE-2010-0186 Cross-domain vulnerability in Adobe Flash Player before 10.0.45.2, Adobe AIR before 1.5.3.9130, and ...
S
CVE-2010-0187 Adobe Flash Player before 10.0.45.2 and Adobe AIR before 1.5.3.9130 allow remote attackers to cause ...
E
CVE-2010-0188 Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.1 and 9.x before 9.3.1 allows a...
KEV
CVE-2010-0189 A certain ActiveX control in NOS Microsystems getPlus Download Manager (aka DLM or Downloader) 1.5.2...
S
CVE-2010-0190 Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x befor...
S
CVE-2010-0191 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attac...
S
CVE-2010-0192 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Wind...
S
CVE-2010-0193 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Wind...
S
CVE-2010-0194 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attac...
S
CVE-2010-0195 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, do not prop...
S
CVE-2010-0196 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Wind...
S
CVE-2010-0197 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attac...
S
CVE-2010-0198 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Ma...
S
CVE-2010-0199 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Ma...
S
CVE-2010-0200 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1241. Reason: This candida...
R
CVE-2010-0201 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attac...
S
CVE-2010-0202 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Ma...
S
CVE-2010-0203 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Ma...
S
CVE-2010-0204 Adobe Reader and Acrobat 9.x before 9.3.2, and 8.x before 8.2.2 on Windows and Mac OS X, allow attac...
S
CVE-2010-0205 The png_decompress_chunk function in pngrutil.c in libpng 1.0.x before 1.0.53, 1.2.x before 1.2.43, ...
S
CVE-2010-0206 xpdf allows remote attackers to cause a denial of service (NULL pointer dereference and crash) in th...
CVE-2010-0207 In xpdf, the xref table contains an infinite loop which allows remote attackers to cause a denial of...
CVE-2010-0209 Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att...
CVE-2010-0211 The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a ca...
E S
CVE-2010-0212 OpenLDAP 2.4.22 allows remote attackers to cause a denial of service (crash) via a modrdn call with ...
E S
CVE-2010-0213 BIND 9.7.1 and 9.7.1-P1, when a recursive validating server has a trust anchor that is configured st...
CVE-2010-0214 The administrative interface on the PolyVision RoomWizard with firmware 3.2.3 places the Sync Connec...
E
CVE-2010-0215 ActiveCollab before 2.3.2 allows remote authenticated users to bypass intended access restrictions, ...
CVE-2010-0216 authenticate_ad_setup_finished.cfm in MediaCAST 8 and earlier allows remote attackers to discover us...
E
CVE-2010-0217 Zeacom Chat Server before 5.1 uses too short a random string for the JSESSIONID value, which makes i...
E
CVE-2010-0218 ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (...
S
CVE-2010-0219 Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15...
E S
CVE-2010-0220 The nsObserverList::FillObserverArray function in xpcom/ds/nsObserverList.cpp in Mozilla Firefox bef...
E S
CVE-2010-0221 Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler ...
E
CVE-2010-0222 Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler ...
CVE-2010-0223 Kingston DataTraveler BlackBox (DTBB), DataTraveler Secure Privacy Edition (DTSP), and DataTraveler ...
CVE-2010-0224 SanDisk Cruzer Enterprise USB flash drives validate passwords with a program running on the host com...
CVE-2010-0225 SanDisk Cruzer Enterprise USB flash drives use a fixed 256-bit key for obtaining access to the clear...
CVE-2010-0226 SanDisk Cruzer Enterprise USB flash drives do not prevent password replay attacks, which allows phys...
CVE-2010-0227 Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives validate passwords with...
CVE-2010-0228 Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives use a fixed 256-bit key...
CVE-2010-0229 Verbatim Corporate Secure and Corporate Secure FIPS Edition USB flash drives do not prevent password...
CVE-2010-0230 SUSE Linux Enterprise 10 SP3 (SLE10-SP3) and openSUSE 11.2 configures postfix to listen on all netwo...
CVE-2010-0231 The SMB implementation in the Server service in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, ...
CVE-2010-0232 The kernel in Microsoft Windows NT 3.1 through Windows 7, including Windows 2000 SP4, Windows XP SP2...
KEV E S
CVE-2010-0233 Double free vulnerability in the kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 S...
CVE-2010-0234 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2,...
CVE-2010-0235 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not p...
CVE-2010-0236 The kernel in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, and Vista Gold does not p...
CVE-2010-0237 The kernel in Microsoft Windows 2000 SP4 and XP SP2 and SP3 allows local users to gain privileges by...
CVE-2010-0238 Unspecified vulnerability in registry-key validation in the kernel in Microsoft Windows 2000 SP4, XP...
CVE-2010-0239 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2...
CVE-2010-0240 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2...
CVE-2010-0241 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2...
CVE-2010-0242 The TCP/IP implementation in Microsoft Windows Vista Gold, SP1, and SP2 and Server 2008 Gold and SP2...
CVE-2010-0243 Buffer overflow in MSO.DLL in Microsoft Office XP SP3 and Office 2004 for Mac allows remote attacker...
CVE-2010-0244 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which all...
CVE-2010-0245 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attack...
CVE-2010-0246 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attack...
CVE-2010-0247 Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 does not properly handle objects in memory, which...
CVE-2010-0248 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which all...
CVE-2010-0249 Use-after-free vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 on Windows 2000 SP4; ...
E S
CVE-2010-0250 Heap-based buffer overflow in DirectShow in Microsoft DirectX, as used in the AVI Filter on Windows ...
CVE-2010-0251 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-0252 The Microsoft Data Analyzer ActiveX control (aka the Office Excel ActiveX control for Data Analysis)...
CVE-2010-0253 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-0254 Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attribute...
CVE-2010-0255 Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML loca...
E
CVE-2010-0256 Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecif...
CVE-2010-0257 Microsoft Office Excel 2002 SP3 does not properly parse the Excel file format, which allows remote a...
CVE-2010-0258 Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open ...
S
CVE-2010-0259 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-0260 Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2; Office Excel Viewer SP1 and S...
CVE-2010-0261 Heap-based buffer overflow in Microsoft Office Excel 2007 SP1 and SP2 and Office Compatibility Pack ...
CVE-2010-0262 Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac do not properly parse the Excel file...
CVE-2010-0263 Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac...
CVE-2010-0264 Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter fo...
CVE-2010-0265 Buffer overflow in Microsoft Windows Movie Maker 2.1, 2.6, and 6.0, and Microsoft Producer 2003, all...
CVE-2010-0266 Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail at...
CVE-2010-0267 Microsoft Internet Explorer 6, 6 SP1, and 7 does not properly handle objects in memory, which allows...
S
CVE-2010-0268 Unspecified vulnerability in the Windows Media Player ActiveX control in Windows Media Player (WMP) ...
CVE-2010-0269 The SMB client in Microsoft Windows 2000 SP4, Windows XP SP2 and SP3, Windows Server 2003 SP2, Windo...
CVE-2010-0270 The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate fields i...
CVE-2010-0271 hald in Sun OpenSolaris snv_51 through snv_130 does not have the proc_audit privilege during unspeci...
CVE-2010-0272 Heap-based buffer overflow in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attacke...
E
CVE-2010-0273 Unspecified vulnerability in Sun Java System Web Server 7.0 Update 6 on Linux allows remote attacker...
E
CVE-2010-0274 Unspecified vulnerability in the Edit Contact scene in Ultra-light Mode in IBM Lotus iNotes (aka Dom...
CVE-2010-0275 Ultra-light Mode in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 ...
CVE-2010-0276 IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.241 for Domino 8.0.2 FP3 does not properl...
CVE-2010-0277 slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.6.6, including 2.6.4, and Adium 1.3...
CVE-2010-0278 A certain ActiveX control in msgsc.14.0.8089.726.dll in Microsoft Windows Live Messenger 2009 build ...
E
CVE-2010-0279 Unrestricted file upload vulnerability in upload.php in BTS-GI Read excel 1.1 allows remote attacker...
E
CVE-2010-0280 Array index error in Jan Eric Kyprianidis lib3ds 1.x, as used in Google SketchUp 7.x before 7.1 M2, ...
E
CVE-2010-0283 The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 before 1.7.2, and 1.8 alpha, allo...
CVE-2010-0284 Directory traversal vulnerability in the getEntry method in the PortalModuleInstallManager component...
CVE-2010-0285 gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the e...
CVE-2010-0286 Unspecified vulnerability in the OpenID Identity Authentication extension in TYPO3 4.3.0 allows remo...
S
CVE-2010-0287 Directory traversal vulnerability in the ACL Manager plugin (plugins/acl/ajax.php) in DokuWiki befor...
E
CVE-2010-0288 A typo in the administrator permission check in the ACL Manager plugin (plugins/acl/ajax.php) in Dok...
E
CVE-2010-0289 Multiple cross-site request forgery (CSRF) vulnerabilities in the ACL Manager plugin (plugins/acl/aj...
CVE-2010-0290 Unspecified vulnerability in ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2,...
CVE-2010-0291 The Linux kernel before 2.6.32.4 allows local users to gain privileges or cause a denial of service ...
S
CVE-2010-0292 The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony before 1.23.1, and 1.24-pre1, all...
S
CVE-2010-0293 The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of ...
CVE-2010-0294 chronyd in Chrony before 1.23.1, and possibly 1.24-pre1, generates a syslog message for each unautho...
S
CVE-2010-0295 lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a requ...
E S
CVE-2010-0296 The encode_name macro in misc/mntent_r.c in the GNU C Library (aka glibc or libc6) 2.11.1 and earlie...
CVE-2010-0297 Buffer overflow in the usb_host_handle_control function in the USB passthrough handling implementati...
CVE-2010-0298 The x86 emulator in KVM 83 does not use the Current Privilege Level (CPL) and I/O Privilege Level (I...
CVE-2010-0299 openSUSE 11.2 installs the devtmpfs root directory with insecure permissions (1777), which allows lo...
S
CVE-2010-0300 cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a denial of service (NULL point...
CVE-2010-0301 main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for ...
CVE-2010-0302 Use-after-free vulnerability in the abstract file-descriptor handling interface in the cupsdDoSelect...
S
CVE-2010-0303 mystring.c in hybserv in IRCD-Hybrid (aka Hybrid2 IRC Services) 1.9.2 through 1.9.4 allows remote at...
S
CVE-2010-0304 Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 throug...
E S
CVE-2010-0305 ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service (daem...
S
CVE-2010-0306 The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not...
CVE-2010-0307 The load_elf_binary function in fs/binfmt_elf.c in the Linux kernel before 2.6.32.8 on the x86_64 pl...
E
CVE-2010-0308 lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attacke...
S
CVE-2010-0309 The pit_ioport_read function in the Programmable Interval Timer (PIT) emulation in i8254.c in KVM 83...
S
CVE-2010-0310 Trusted Extensions in Sun Solaris 10 allows local users to gain privileges via vectors related to om...
S
CVE-2010-0311 Unspecified vulnerability in Sun Java System Identity Manager (aka IdM) 8.1.0.5 and 8.1.0.6, when Su...
S
CVE-2010-0312 The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.2 on Linux allows remo...
E
CVE-2010-0313 The core_get_proxyauth_dn function in ns-slapd in Sun Java System Directory Server Enterprise Editio...
E
CVE-2010-0314 Apple Safari allows remote attackers to discover a redirect's target URL, for the session of a speci...
E
CVE-2010-0315 WebKit before r53607, as used in Google Chrome before 4.0.249.89, allows remote attackers to discove...
E
CVE-2010-0316 Integer overflow in Google SketchUp before 7.1 M2 allows remote attackers to cause a denial of servi...
CVE-2010-0317 Novell Netware 6.5 SP8 allows remote attackers to cause a denial of service (NULL pointer dereferenc...
E
CVE-2010-0318 The replay functionality for ZFS Intent Log (ZIL) in FreeBSD 7.1, 7.2, and 8.0, when creating files ...
S
CVE-2010-0319 Cross-site scripting (XSS) vulnerability in index.php in Docmint 1.0 and 2.1 allows remote attackers...
E
CVE-2010-0320 Cross-site scripting (XSS) vulnerability in submitlink.php in Glitter Central Script allows remote a...
E
CVE-2010-0321 Cross-site scripting (XSS) vulnerability in jobs/index.php in Jamit Job Board 3.0 allows remote atta...
E
CVE-2010-0322 SQL injection vulnerability in the init function in MK-AnydropdownMenu (mk_anydropdownmenu) extensio...
S
CVE-2010-0323 Unspecified vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for TYPO3 a...
S
CVE-2010-0324 SQL injection vulnerability in the Customer Reference List (ref_list) extension 1.0.1 and earlier fo...
S
CVE-2010-0325 Unspecified vulnerability in the SB Folderdownload (sb_folderdownload) extension 0.2.2 and earlier f...
S
CVE-2010-0326 Cross-site scripting (XSS) vulnerability in the Developer log (devlog) extension 2.9.1 and earlier f...
S
CVE-2010-0327 Cross-site scripting (XSS) vulnerability in the KJ: Imagelightbox (kj_imagelightbox2) extension 2.0....
S
CVE-2010-0328 Cross-site scripting (XSS) vulnerability in the Unit Converter (cs2_unitconv) extension 1.0.4 for TY...
S
CVE-2010-0329 SQL injection vulnerability in the powermail extension 1.5.1 and earlier for TYPO3 allows remote att...
CVE-2010-0330 SQL injection vulnerability in the Googlemaps for tt_news (jf_easymaps) extension 1.0.2 and earlier ...
CVE-2010-0331 Cross-site scripting (XSS) vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and ea...
CVE-2010-0332 SQL injection vulnerability in the TV21 Talkshow (tv21_talkshow) extension 1.0.1 and earlier for TYP...
CVE-2010-0333 SQL injection vulnerability in the Helpdesk (mg_help) extension 1.1.6 and earlier for TYPO3 allows r...
CVE-2010-0334 SQL injection vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0.1 and earlier...
CVE-2010-0335 Cross-site scripting (XSS) vulnerability in the Vote rank for news (vote_for_tt_news) extension 1.0....
CVE-2010-0336 Unspecified vulnerability in the kiddog_mysqldumper (kiddog_mysqldumper) extension 0.0.3 and earlier...
CVE-2010-0337 SQL injection vulnerability in the tt_news Mail alert (dl3_tt_news_alerts) extension 0.2.0 and earli...
CVE-2010-0338 SQL injection vulnerability in the TT_Products editor (ttpedit) extension 0.0.2 and earlier for TYPO...
CVE-2010-0339 SQL injection vulnerability in the User Links (vm19_userlinks) extension 0.1.1 and earlier for TYPO3...
CVE-2010-0340 SQL injection vulnerability in the MJS Event Pro (mjseventpro) extension 0.2.1 and earlier for TYPO3...
CVE-2010-0341 SQL injection vulnerability in the BB Simple Jobs (bb_simplejobs) extension 0.1.0 and earlier for TY...
CVE-2010-0342 SQL injection vulnerability in the Reports for Job (job_reports) extension 0.1.0 and earlier for TYP...
CVE-2010-0343 SQL injection vulnerability in the Clan Users List (pb_clanlist) extension 0.0.1 for TYPO3 allows re...
CVE-2010-0344 SQL injection vulnerability in the zak_store_management extension 1.0.0 and earlier TYPO3 allows rem...
CVE-2010-0345 Cross-site scripting (XSS) vulnerability in the Majordomo extension 1.1.3 and earlier for TYPO3 allo...
CVE-2010-0346 Cross-site scripting (XSS) vulnerability in the Tip many friends (mimi_tipfriends) extension 0.0.2 a...
CVE-2010-0347 Cross-site scripting (XSS) vulnerability in the VD / Geomap (vd_geomap) extension 0.3.1 and earlier ...
CVE-2010-0348 Directory traversal vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote attackers...
CVE-2010-0349 Cross-site scripting (XSS) vulnerability in C3 Corp. WebCalenderC3 0.32 and earlier allows remote at...
CVE-2010-0350 Directory traversal vulnerability in the Photo Book (goof_fotoboek) extension 1.7.14 and earlier for...
CVE-2010-0356 Stack-based buffer overflow in the MOVIEPLAYER.MoviePlayerCtrl.1 ActiveX control in MoviePlayer.ocx ...
E
CVE-2010-0357 Cross-site scripting (XSS) vulnerability in the Login page in IBM Lotus Web Content Management (WCM)...
S
CVE-2010-0358 Heap-based buffer overflow in the server in IBM Lotus Domino 7 and 8.5 FP1 allows remote attackers t...
CVE-2010-0359 Buffer overflow in the SSLv2 support in Zeus Web Server before 4.3r5 allows remote attackers to caus...
E
CVE-2010-0360 Sun Java System Web Server (aka SJWS) 7.0 Update 7 allows remote attackers to overwrite memory locat...
E
CVE-2010-0361 Stack-based buffer overflow in the WebDAV implementation in webservd in Sun Java System Web Server (...
E
CVE-2010-0362 Zeus Web Server before 4.3r5 does not use random transaction IDs for DNS requests, which makes it ea...
S
CVE-2010-0363 Cross-site scripting (XSS) vulnerability in Zeus Web Server before 4.3r5, when SSL is enabled for th...
CVE-2010-0364 Stack-based buffer overflow in VideoLAN VLC Media Player 0.8.6 allows user-assisted remote attackers...
E
CVE-2010-0365 Cross-site scripting (XSS) vulnerability in search.php in BitScripts Bits Video Script 2.04 and 2.05...
E
CVE-2010-0366 Multiple unrestricted file upload vulnerabilities in (1) register.php and (2) addvideo.php in BitScr...
E
CVE-2010-0367 Multiple PHP remote file inclusion vulnerabilities in BitScripts Bits Video Script 2.05 Gold Beta, a...
E
CVE-2010-0370 Cross-site scripting (XSS) vulnerability in the Node Blocks module 5.x-1.1 and earlier, and 6.x-1.3 ...
E S
CVE-2010-0371 Multiple cross-site scripting (XSS) vulnerabilities in index.php in Hitmaaan Gallery 1.3 allow remot...
E
CVE-2010-0372 SQL injection vulnerability in the Articlemanager (com_articlemanager) component for Joomla! allows ...
E
CVE-2010-0373 SQL injection vulnerability in the libros (com_libros) component for Joomla! allows remote attackers...
E
CVE-2010-0374 Cross-site scripting (XSS) vulnerability in the Marketplace (com_marketplace) component 1.2 for Joom...
E
CVE-2010-0375 SQL injection vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2010-01-11, al...
E
CVE-2010-0376 Cross-site scripting (XSS) vulnerability in product_list.php in JCE-Tech PHP Calendars, downloaded 2...
E
CVE-2010-0377 SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 all...
E
CVE-2010-0378 Use-after-free vulnerability in Adobe Flash Player 6.0.79, as distributed in Microsoft Windows XP SP...
S
CVE-2010-0379 Multiple unspecified vulnerabilities in the Macromedia Flash ActiveX control in Adobe Flash Player 6...
CVE-2010-0380 install.php in JCE-Tech PHP Calendars, downloaded 20100121, allows remote attackers to bypass intend...
E
CVE-2010-0381 SQL injection vulnerability in modules/arcade/index.php in PHP MySpace Gold Edition 8.0 and 8.10 all...
CVE-2010-0382 ISC BIND 9.0.x through 9.3.x, 9.4 before 9.4.3-P5, 9.5 before 9.5.2-P2, 9.6 before 9.6.1-P3, and 9.7...
CVE-2010-0383 Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, uses deprecated identity keys for certain dir...
CVE-2010-0384 Tor 0.2.2.x before 0.2.2.7-alpha, when functioning as a directory mirror, does not prevent logging o...
CVE-2010-0385 Tor before 0.2.1.22, and 0.2.2.x before 0.2.2.7-alpha, when functioning as a bridge directory author...
CVE-2010-0386 The default configuration of Sun Java System Application Server 7 and 7 2004Q2 enables the HTTP TRAC...
CVE-2010-0387 Multiple heap-based buffer overflows in (1) webservd and (2) the admin server in Sun Java System Web...
E
CVE-2010-0388 Format string vulnerability in the WebDAV implementation in webservd in Sun Java System Web Server 7...
E
CVE-2010-0389 The admin server in Sun Java System Web Server 7.0 Update 6 allows remote attackers to cause a denia...
E
CVE-2010-0390 Unrestricted file upload vulnerability in maxImageUpload/index.php in PHP F1 Max's Image Uploader 1....
E
CVE-2010-0391 Multiple stack-based buffer overflows in Embarcadero Technologies InterBase SMP 2009 9.0.3.437 allow...
CVE-2010-0392 Stack-based buffer overflow in vpnconf.exe in TheGreenBow IPSec VPN Client 4.51.001, 4.65.003, and p...
S
CVE-2010-0393 The _cupsGetlang function, as used by lppasswd.c in lppasswd in CUPS 1.2.2, 1.3.7, 1.3.9, and 1.4.1,...
CVE-2010-0394 PyGIT.py in the Trac Git plugin (trac-git) before 0.0.20080710-3+lenny1 and before 0.0.20090320-1 on...
CVE-2010-0395 OpenOffice.org 2.x and 3.0 before 3.2.1 allows user-assisted remote attackers to bypass Python macro...
S
CVE-2010-0396 Directory traversal vulnerability in the dpkg-source component in dpkg before 1.14.29 allows remote ...
S
CVE-2010-0397 The xmlrpc extension in PHP 5.3.1 does not properly handle a missing methodName element in the first...
E
CVE-2010-0398 The init script in autokey before 0.61.3-2 allows local attackers to write to arbitrary files via a ...
E
CVE-2010-0400 SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbit...
S
CVE-2010-0401 OpenTTD before 1.0.1 accepts a company password for authentication in response to a request for the ...
CVE-2010-0402 OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote a...
CVE-2010-0403 Directory traversal vulnerability in about.php in phpGroupWare (phpgw) before 0.9.16.016 allows remo...
S
CVE-2010-0404 Multiple SQL injection vulnerabilities in phpGroupWare (phpgw) before 0.9.16.016 allow remote attack...
S
CVE-2010-0405 Integer overflow in the BZ2_decompress function in decompress.c in bzip2 and libbzip2 before 1.0.6 a...
CVE-2010-0406 OpenTTD before 1.0.1 allows remote attackers to cause a denial of service (file-descriptor exhaustio...
CVE-2010-0407 Multiple buffer overflows in the MSGFunctionDemarshall function in winscard_svc.c in the PC/SC Smart...
S
CVE-2010-0408 The ap_proxy_ajp_request function in mod_proxy_ajp.c in mod_proxy_ajp in the Apache HTTP Server 2.2....
S
CVE-2010-0409 Buffer overflow in the GMIME_UUENCODE_LEN macro in gmime/gmime-encodings.h in GMime before 2.4.15 al...
S
CVE-2010-0410 drivers/connector/connector.c in the Linux kernel before 2.6.32.8 allows local users to cause a deni...
S
CVE-2010-0411 Multiple integer signedness errors in the (1) __get_argv and (2) __get_compat_argv functions in taps...
E
CVE-2010-0412 stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, whic...
CVE-2010-0413 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2010-0414 gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and a...
CVE-2010-0415 The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate n...
S
CVE-2010-0416 Buffer overflow in the Unescape function in common/util/hxurl.cpp and player/hxclientkit/src/CHXClie...
E
CVE-2010-0417 Buffer overflow in common/util/rlstate.cpp in Helix Player 1.0.6 and RealPlayer allows remote attack...
CVE-2010-0418 The web interface in chumby one before 1.0.4 and chumby classic before 1.7.2 allows remote attackers...
S
CVE-2010-0419 The x86 emulator in KVM 83, when a guest is configured for Symmetric Multiprocessing (SMP), does not...
CVE-2010-0420 libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not...
S
CVE-2010-0421 Array index error in the hb_ot_layout_build_glyph_classes function in pango/opentype/hb-ot-layout.cc...
S
CVE-2010-0422 gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and...
CVE-2010-0423 gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consump...
S
CVE-2010-0424 The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows...
CVE-2010-0425 modules/arch/win32/mod_isapi.c in mod_isapi in the Apache HTTP Server 2.0.37 through 2.0.63, 2.2.0 t...
E
CVE-2010-0426 sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a mat...
S
CVE-2010-0427 sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group membe...
E S
CVE-2010-0428 libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtuali...
S
CVE-2010-0429 libspice, as used in QEMU-KVM in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtuali...
S
CVE-2010-0430 libspice, as used in QEMU-KVM in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or rhev-hy...
CVE-2010-0431 QEMU-KVM, as used in the Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV...
S
CVE-2010-0432 Multiple cross-site scripting (XSS) vulnerabilities in the Apache Open For Business Project (aka OFB...
E
CVE-2010-0433 The kssl_keytab_is_available function in ssl/kssl.c in OpenSSL before 0.9.8n, when Kerberos is enabl...
CVE-2010-0434 The ap_read_request function in server/protocol.c in the Apache HTTP Server 2.2.x before 2.2.15, whe...
S
CVE-2010-0435 The Hypervisor (aka rhev-hypervisor) in Red Hat Enterprise Virtualization (RHEV) 2.2, and KVM 83, wh...
S
CVE-2010-0436 Race condition in backend/ctrl.c in KDM in KDE Software Compilation (SC) 2.2.0 through 4.4.2 allows ...
S
CVE-2010-0437 The ip6_dst_lookup_tail function in net/ipv6/ip6_output.c in the Linux kernel before 2.6.27 does not...
E
CVE-2010-0438 Multiple SQL injection vulnerabilities in Kernel/System/Ticket.pm in OTRS-Core in Open Ticket Reques...
CVE-2010-0439 Chip Salzenberg Deliver allows local users to cause a denial of service, obtain sensitive informatio...
CVE-2010-0440 Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, an...
E S
CVE-2010-0441 Asterisk Open Source 1.6.0.x before 1.6.0.22, 1.6.1.x before 1.6.1.14, and 1.6.2.x before 1.6.2.2, a...
S
CVE-2010-0442 The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows ...
E
CVE-2010-0443 Unspecified vulnerability in Record Management Services (RMS) before VMS83A_RMS-V1100 for HP OpenVMS...
S
CVE-2010-0444 HP Operations Agent 8.51, 8.52, 8.53, and 8.60 on Solaris 10 uses a blank password for the opc_op ac...
CVE-2010-0445 Unspecified vulnerability in HP Network Node Manager (NNM) 8.10, 8.11, 8.12, and 8.13 allows remote ...
CVE-2010-0446 Unspecified vulnerability on the HP DreamScreen 100 and 130 with firmware before 1.6.0.0, when using...
S
CVE-2010-0447 The helpmanager servlet in the web server in HP OpenView Performance Insight (OVPI) 5.4 and earlier ...
CVE-2010-0448 Unspecified vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote attackers to obt...
S
CVE-2010-0449 Cross-site scripting (XSS) vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote a...
S
CVE-2010-0450 Unspecified vulnerability in HP SOA Registry Foundation 6.63 and 6.64 allows remote authenticated us...
S
CVE-2010-0451 The installation process for NFS/ONCplus B.11.31_08 and earlier on HP HP-UX B.11.31 changes the NFS_...
S
CVE-2010-0452 Multiple cross-site scripting (XSS) vulnerabilities in HP Project and Portfolio Management Center (P...
CVE-2010-0453 The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through sn...
S
CVE-2010-0454 SQL injection vulnerability in cgi/cgilua.exe/sys/start.htm in Publique! 2.3 allows remote attackers...
E
CVE-2010-0455 Cross-site scripting (XSS) vulnerability in forum/viewtopic.php in PunBB 1.3 allows remote attackers...
E
CVE-2010-0456 SQL injection vulnerability in the indianpulse Game Server (com_gameserver) component 1.2 for Joomla...
E
CVE-2010-0457 SQL injection vulnerability in home.php in magic-portal 2.1 allows remote attackers to execute arbit...
E
CVE-2010-0458 Multiple SQL injection vulnerabilities in NetArt Media Blog System 1.5 allow remote attackers to exe...
E
CVE-2010-0459 SQL injection vulnerability in the Mochigames (com_mochigames) component 0.51 and possibly other ver...
E
CVE-2010-0460 Multiple cross-site scripting (XSS) vulnerabilities in staff/index.php in Kayako SupportSuite 3.60.0...
E
CVE-2010-0461 SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attac...
E
CVE-2010-0462 Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remo...
E
CVE-2010-0463 Horde IMP 4.3.6 and earlier does not request that the web browser avoid DNS prefetching of domain na...
S
CVE-2010-0464 Roundcube 0.3.1 and earlier does not request that the web browser avoid DNS prefetching of domain na...
S
CVE-2010-0465 Cross-site scripting (XSS) vulnerability in the online Documents functionality in SugarCRM 5.2.x bef...
CVE-2010-0467 Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla!...
E
CVE-2010-0468 Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content S...
E
CVE-2010-0469 SQL injection vulnerability in Files2Links F2L 3000 appliance 4.0.0, and possibly other versions and...
E
CVE-2010-0470 Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows rem...
E
CVE-2010-0471 SQL injection vulnerability in the comment submission interface (includes/comment.php) in Enano CMS ...
S
CVE-2010-0472 kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 on Linux, allows remote attac...
E
CVE-2010-0475 Cross-site scripting (XSS) vulnerability in esp/editUser.esp in the Palo Alto Networks firewall 3.0....
E
CVE-2010-0476 The SMB client in Microsoft Windows Server 2003 SP2, Vista Gold, SP1, and SP2, and Windows Server 20...
CVE-2010-0477 The SMB client in Microsoft Windows Server 2008 R2 and Windows 7 does not properly handle (1) SMBv1 ...
CVE-2010-0478 Stack-based buffer overflow in nsum.exe in the Windows Media Unicast Service in Media Services for M...
CVE-2010-0479 Buffer overflow in Microsoft Office Publisher 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 allows remote...
CVE-2010-0480 Multiple stack-based buffer overflows in the MPEG Layer-3 audio codecs in Microsoft Windows 2000 SP4...
CVE-2010-0481 The kernel in Microsoft Windows Vista Gold, SP1, and SP2, Windows Server 2008 Gold, SP2, and R2, and...
CVE-2010-0482 The kernel in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate relocation s...
CVE-2010-0483 vbscript.dll in VBScript 5.1, 5.6, 5.7, and 5.8 in Microsoft Windows 2000 SP4, XP SP2 and SP3, and S...
E
CVE-2010-0484 The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server ...
CVE-2010-0485 The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server ...
CVE-2010-0486 The WinVerifyTrust function in Authenticode Signature Verification 5.1, 6.0, and 6.1 in Microsoft Wi...
CVE-2010-0487 The Authenticode Signature verification functionality in cabview.dll in Cabinet File Viewer Shell Ex...
CVE-2010-0488 Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 does not properly handle unspecified "encoding...
S
CVE-2010-0489 Race condition in Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, and 7 allows remote attackers to e...
S
CVE-2010-0490 Microsoft Internet Explorer 6, 6 SP1, 7, and 8 does not properly handle objects in memory, which all...
S
CVE-2010-0491 Use-after-free vulnerability in Microsoft Internet Explorer 5.01 SP4, 6, and 6 SP1 allows remote att...
S
CVE-2010-0492 Use-after-free vulnerability in mstime.dll in Microsoft Internet Explorer 8 allows remote attackers ...
S
CVE-2010-0493 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-0494 Cross-domain vulnerability in Microsoft Internet Explorer 6, 6 SP1, 7, and 8 allows user-assisted re...
S
CVE-2010-0495 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-0496 FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for iPod touch, allows remote attac...
CVE-2010-0497 Disk Images in Apple Mac OS X before 10.6.3 does not provide the expected warning for an unsafe file...
S
CVE-2010-0498 Directory Services in Apple Mac OS X before 10.6.3 does not properly perform authorization during pr...
S
CVE-2010-0499 Rejected reason: This candidate is unused by its CNA....
R
CVE-2010-0500 Event Monitor in Apple Mac OS X before 10.6.3 does not properly validate hostnames of SSH clients, w...
S
CVE-2010-0501 Directory traversal vulnerability in FTP Server in Apple Mac OS X Server before 10.6.3 allows remote...
S
CVE-2010-0502 iChat Server in Apple Mac OS X Server before 10.6.3, when group chat is used, does not perform loggi...
S
CVE-2010-0503 Use-after-free vulnerability in iChat Server in Apple Mac OS X Server 10.5.8 allows remote authentic...
S
CVE-2010-0504 Multiple stack-based buffer overflows in iChat Server in Apple Mac OS X Server before 10.6.3 allow r...
S
CVE-2010-0505 Heap-based buffer overflow in ImageIO in Apple Mac OS X before 10.6.3 allows remote attackers to exe...
S
CVE-2010-0506 Buffer overflow in Image RAW in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary c...
S
CVE-2010-0507 Buffer overflow in Image RAW in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbi...
S
CVE-2010-0508 Mail in Apple Mac OS X before 10.6.3 does not disable the filter rules associated with a deleted mai...
S
CVE-2010-0509 SFLServer in OS Services in Apple Mac OS X before 10.6.3 allows local users to gain privileges via v...
S
CVE-2010-0510 Password Server in Apple Mac OS X Server before 10.6.3 does not properly perform password replicatio...
S
CVE-2010-0511 Podcast Producer in Apple Mac OS X 10.6 before 10.6.3 deletes the access restrictions of a Podcast C...
S
CVE-2010-0512 The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account...
S
CVE-2010-0513 Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before 10.6.3 allows remote attackers...
S
CVE-2010-0514 Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to e...
S
CVE-2010-0515 QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause...
S
CVE-2010-0516 Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to e...
S
CVE-2010-0517 Heap-based buffer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to e...
S
CVE-2010-0518 QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause...
S
CVE-2010-0519 Integer overflow in QuickTime in Apple Mac OS X before 10.6.3 allows remote attackers to execute arb...
S
CVE-2010-0520 Heap-based buffer overflow in QuickTimeAuthoring.qtx in QuickTime in Apple Mac OS X before 10.6.3 al...
S
CVE-2010-0521 Server Admin in Apple Mac OS X Server before 10.6.3 does not properly enforce authentication for dir...
S
CVE-2010-0522 Server Admin in Apple Mac OS X Server 10.5.8 does not properly determine the privileges of users who...
S
CVE-2010-0523 Wiki Server in Apple Mac OS X 10.5.8 does not restrict the file types of uploaded files, which allow...
CVE-2010-0524 The default configuration of the FreeRADIUS server in Apple Mac OS X Server before 10.6.3 permits EA...
CVE-2010-0525 Mail in Apple Mac OS X before 10.6.3 does not properly enforce the key usage extension during proces...
CVE-2010-0526 Heap-based buffer overflow in QuickTimeMPEG.qtx in QuickTime in Apple Mac OS X before 10.6.3 allows ...
CVE-2010-0527 Integer overflow in Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbit...
S
CVE-2010-0528 Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a...
S
CVE-2010-0529 Heap-based buffer overflow in QuickTime.qts in Apple QuickTime before 7.6.6 on Windows allows remote...
S
CVE-2010-0530 Apple QuickTime before 7.6.9 on Windows sets weak permissions for the Apple Computer directory in th...
S
CVE-2010-0531 Apple iTunes before 9.1 allows remote attackers to cause a denial of service (infinite loop) via a c...
S
CVE-2010-0532 Race condition in the installation package in Apple iTunes before 9.1 on Windows allows local users ...
S
CVE-2010-0533 Directory traversal vulnerability in AFP Server in Apple Mac OS X before 10.6.3 allows remote attack...
S
CVE-2010-0534 Wiki Server in Apple Mac OS X 10.6 before 10.6.3 does not enforce the service access control list (S...
S
CVE-2010-0535 Dovecot in Apple Mac OS X 10.6 before 10.6.3, when Kerberos is enabled, does not properly enforce th...
CVE-2010-0536 Apple QuickTime before 7.6.6 on Windows allows remote attackers to execute arbitrary code or cause a...
S
CVE-2010-0537 DesktopServices in Apple Mac OS X 10.6 before 10.6.3 does not properly resolve pathnames in certain ...
S
CVE-2010-0538 Apple Java for Mac OS X 10.5 before Update 7 and Java for Mac OS X 10.6 before Update 2 do not prope...
S
CVE-2010-0539 Integer signedness error in the window drawing implementation in Apple Java for Mac OS X 10.5 before...
S
CVE-2010-0540 Cross-site request forgery (CSRF) vulnerability in the web interface in CUPS before 1.4.4, as used o...
S
CVE-2010-0541 Cross-site scripting (XSS) vulnerability in the WEBrick HTTP server in Ruby in Apple Mac OS X 10.5.8...
S
CVE-2010-0542 The _WriteProlog function in texttops.c in texttops in the Text Filter subsystem in CUPS before 1.4....
S
CVE-2010-0543 ImageIO in Apple Mac OS X 10.5.8, and 10.6 before 10.6.2, allows remote attackers to execute arbitra...
S
CVE-2010-0544 Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 throu...
S
CVE-2010-0545 The Finder in DesktopServices in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, does not set the exp...
S
CVE-2010-0546 Folder Manager in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, allows local users to delete arbitr...
S
CVE-2010-0547 client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) d...
CVE-2010-0548 Multiple unspecified vulnerabilities in the Network Controller and Web Server in Xerox WorkCentre 56...
S
CVE-2010-0549 Unspecified vulnerability in the Network Controller in Xerox WorkCentre 6400 System Software 060.070...
S
CVE-2010-0550 admin.htm in Geo++ GNCASTER 1.4.0.7 and earlier does not properly enforce HTTP Digest Authentication...
CVE-2010-0551 HTTP authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to ...
E
CVE-2010-0552 Geo++ GNCASTER 1.4.0.7 and earlier allows remote attackers to cause a denial of service (application...
E
CVE-2010-0553 Geo++ GNCASTER 1.4.0.7 and earlier allows remote authenticated users to cause a denial of service (a...
E
CVE-2010-0554 The HTTP Authentication implementation in Geo++ GNCASTER 1.4.0.7 and earlier uses the same nonce for...
CVE-2010-0555 Microsoft Internet Explorer 5.01 SP4, 6, 6 SP1, 7, and 8 does not prevent rendering of non-HTML loca...
E
CVE-2010-0556 browser/login/login_prompt.cc in Google Chrome before 4.0.249.89 populates an authentication dialog ...
S
CVE-2010-0557 IBM Cognos Express 9.0 allows attackers to obtain unspecified access to the Tomcat Manager component...
CVE-2010-0558 The default configuration of Oracle OpenSolaris snv_77 through snv_131 allows attackers to have an u...
CVE-2010-0559 The default configuration of Oracle OpenSolaris snv_91 through snv_131 allows attackers to have an u...
CVE-2010-0560 Unspecified vulnerability in the BIOS in Intel Desktop Board DB, DG, DH, DP, and DQ Series allows lo...
CVE-2010-0561 Integer signedness error in NetBSD 4.0, 5.0, and NetBSD-current before 2010-01-21 allows local users...
CVE-2010-0562 The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode ...
CVE-2010-0563 The Single Sign-on (SSO) functionality in IBM WebSphere Application Server (WAS) 7.0.0.0 through 7.0...
S
CVE-2010-0564 Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - B...
S
CVE-2010-0565 Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.2 before 7.2(4.45),...
CVE-2010-0566 Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10),...
CVE-2010-0567 Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10),...
CVE-2010-0568 Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10),...
CVE-2010-0569 Unspecified vulnerability in Cisco ASA 5500 Series Adaptive Security Appliance 7.0 before 7.0(8.10),...
CVE-2010-0570 Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x has a default password for the Tomcat administrati...
S
CVE-2010-0571 Unspecified vulnerability in Cisco Digital Media Manager (DMM) 5.0.x and 5.1.x allows remote authent...
S
CVE-2010-0572 Cisco Digital Media Manager (DMM) before 5.2 allows remote authenticated users to discover Cisco Dig...
S
CVE-2010-0573 Unspecified vulnerability on the Cisco Digital Media Player before 5.2 allows remote attackers to hi...
S
CVE-2010-0574 Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 ...
S
CVE-2010-0575 Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows r...
S
CVE-2010-0576 Unspecified vulnerability in Cisco IOS 12.0 through 12.4, IOS XE 2.1.x through 2.3.x before 2.3.2, a...
S
CVE-2010-0577 Cisco IOS 12.2 through 12.4, when certain PMTUD, SNAT, or window-size configurations are used, allow...
S
CVE-2010-0578 The IKE implementation in Cisco IOS 12.2 through 12.4 on Cisco 7200 and 7301 routers with VAM2+ allo...
S
CVE-2010-0579 The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of servi...
S
CVE-2010-0580 Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attacke...
S
CVE-2010-0581 Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attacke...
S
CVE-2010-0582 Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial o...
S
CVE-2010-0583 Memory leak in the H.323 implementation in Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, ...
S
CVE-2010-0584 Unspecified vulnerability in Cisco IOS 12.4, when NAT SCCP fragmentation support is enabled, allows ...
CVE-2010-0585 Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unifie...
S
CVE-2010-0586 Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unifie...
S
CVE-2010-0587 Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x befo...
S
CVE-2010-0588 Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before ...
S
CVE-2010-0589 The Web Install ActiveX control (CSDWebInstaller) in Cisco Secure Desktop (CSD) before 3.5.841 does ...
S
CVE-2010-0590 The CMSIPUtility component in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) ...
S
CVE-2010-0591 Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6.x before 6.1(5), 7.x before ...
S
CVE-2010-0592 The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x...
S
CVE-2010-0593 The Cisco RVS4000 4-port Gigabit Security Router before 1.3.2.0, PVC2300 Business Internet Video Cam...
S
CVE-2010-0594 Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows re...
CVE-2010-0595 Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0...
S
CVE-2010-0596 Unspecified vulnerability in Cisco Mediator Framework 2.2 before 2.2.1.dev.1 and 3.0 before 3.0.9.re...
S
CVE-2010-0597 Unspecified vulnerability in Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2....
S
CVE-2010-0598 Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0...
S
CVE-2010-0599 Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0...
S
CVE-2010-0600 Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0...
S
CVE-2010-0601 The MGCP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S11 allows remot...
S
CVE-2010-0602 The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S11 allows remote...
S
CVE-2010-0603 The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote...
S
CVE-2010-0604 Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software b...
S
CVE-2010-0605 SQL injection vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remote authentica...
E S
CVE-2010-0606 Cross-site scripting (XSS) vulnerability in scp/ajax.php in osTicket before 1.6.0 Stable allows remo...
E S
CVE-2010-0607 Cross-site scripting (XSS) vulnerability in Forms/status_statistics_1 in the Sterlite SAM300 AX Rout...
E
CVE-2010-0608 SQL injection vulnerability in index.php in NovaBoard 1.1.2 allows remote attackers to execute arbit...
E
CVE-2010-0609 SQL injection vulnerability in header.php in NovaBoard 1.1.2 allows remote attackers to execute arbi...
CVE-2010-0610 Multiple SQL injection vulnerabilities in the Photoblog (com_photoblog) component for Joomla! allow ...
E
CVE-2010-0611 Multiple SQL injection vulnerabilities in adminlogin.php in Baal Systems 3.8 and earlier allow remot...
E
CVE-2010-0612 Unspecified vulnerability in DocumentManager before 4.0 has unknown impact and attack vectors, relat...
S
CVE-2010-0613 Directory traversal vulnerability in viewfile.php in ARWScripts Fonts Script allows remote attackers...
CVE-2010-0614 SQL injection vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to execute arbitr...
E
CVE-2010-0615 Cross-site scripting (XSS) vulnerability in assess.php in evalSMSI 2.1.03 allows remote attackers to...
E
CVE-2010-0616 evalSMSI 2.1.03 stores passwords in cleartext in the database, which allows attackers with database ...
E
CVE-2010-0617 Cross-site scripting (XSS) vulnerability in ajax.php in evalSMSI 2.1.03 allows remote attackers to i...
CVE-2010-0618 The flood-protection feature in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Print...
CVE-2010-0619 Stack-based buffer overflow in the base, IPDS DLE, Forms DLE, Barcode DLE, Prescribe DLE, and Printc...
E
CVE-2010-0620 Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6...
E
CVE-2010-0622 The wake_futex_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly...
S
CVE-2010-0623 The futex_lock_pi function in kernel/futex.c in the Linux kernel before 2.6.33-rc7 does not properly...
S
CVE-2010-0624 Heap-based buffer overflow in the rmt_read__ function in lib/rtapelib.c in the rmt client functional...
E S
CVE-2010-0625 Stack-based buffer overflow in NWFTPD.nlm before 5.10.01 in the FTP server in Novell NetWare 5.1 thr...
CVE-2010-0628 The spnego_gss_accept_sec_context function in lib/gssapi/spnego/spnego_mech.c in the SPNEGO GSS-API ...
S
CVE-2010-0629 Use-after-free vulnerability in kadmin/server/server_stubs.c in kadmind in MIT Kerberos 5 (aka krb5)...
E S
CVE-2010-0630 SQL injection vulnerability in viewjokes.php in Evernew Free Joke Script 1.2 allows remote attackers...
E
CVE-2010-0631 Multiple SQL injection vulnerabilities in index.php in Eicra Car Rental-Script, when the plugin_id p...
E
CVE-2010-0632 SQL injection vulnerability in the Parkview Consultants SimpleFAQ (com_simplefaq) component for Joom...
E
CVE-2010-0633 Unspecified vulnerability in Citrix XenServer 5.0 Update 3 and earlier, and 5.5, allows local users ...
S
CVE-2010-0634 Unspecified vulnerability in Fast Lexical Analyzer Generator (flex) before 2.5.35 has unknown impact...
S
CVE-2010-0635 SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the J...
S
CVE-2010-0636 Multiple cross-site scripting (XSS) vulnerabilities in WebCalendar 1.2.0, and other versions before ...
CVE-2010-0637 Multiple cross-site request forgery (CSRF) vulnerabilities in WebCalendar 1.2.0, and other versions ...
CVE-2010-0638 Cross-site request forgery (CSRF) vulnerability in WebCalendar 1.2.0 allows remote attackers to hija...
CVE-2010-0639 The htcpHandleTstRequest function in htcp.c in Squid 2.x before 2.6.STABLE24 and 2.7 before 2.7.STAB...
S
CVE-2010-0640 Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when...
CVE-2010-0641 Cross-site scripting (XSS) vulnerability in webline/html/admin/wcs/LoginPage.jhtml in Cisco Collabor...
E
CVE-2010-0642 Cisco Collaboration Server (CCS) 5 allows remote attackers to read the source code of JHTML files vi...
E
CVE-2010-0643 Google Chrome before 4.0.249.89 attempts to make direct connections to web sites when all configured...
S
CVE-2010-0644 Google Chrome before 4.0.249.89, when a SOCKS 5 proxy server is configured, sends DNS queries direct...
S
CVE-2010-0645 Multiple integer overflows in factory.cc in Google V8 before r3560, as used in Google Chrome before ...
S
CVE-2010-0646 Multiple integer signedness errors in factory.cc in Google V8 before r3560, as used in Google Chrome...
E S
CVE-2010-0647 WebKit before r53525, as used in Google Chrome before 4.0.249.89, allows remote attackers to execute...
S
CVE-2010-0648 Mozilla Firefox, possibly before 3.6, allows remote attackers to discover a redirect's target URL, f...
E
CVE-2010-0649 Integer overflow in the CrossCallParamsEx::CreateFromBuffer function in sandbox/src/crosscall_server...
S
CVE-2010-0650 WebKit, as used in Google Chrome before 4.0.249.78 and Apple Safari, allows remote attackers to bypa...
E
CVE-2010-0651 WebKit before r52784, as used in Google Chrome before 4.0.249.78 and Apple Safari before 4.0.5, perm...
S
CVE-2010-0652 Microsoft Internet Explorer permits cross-origin loading of CSS stylesheets even when the stylesheet...
E
CVE-2010-0653 Opera before 10.10 permits cross-origin loading of CSS stylesheets even when the stylesheet download...
E
CVE-2010-0654 Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x...
E
CVE-2010-0655 Use-after-free vulnerability in Google Chrome before 4.0.249.78 allows user-assisted remote attacker...
S
CVE-2010-0656 WebKit before r51295, as used in Google Chrome before 4.0.249.78, presents a directory-listing page ...
S
CVE-2010-0657 Google Chrome before 4.0.249.78 on Windows does not perform the expected encoding, escaping, and quo...
CVE-2010-0658 Multiple integer overflows in Skia, as used in Google Chrome before 4.0.249.78, allow remote attacke...
S
CVE-2010-0659 The image decoder in WebKit before r52833, as used in Google Chrome before 4.0.249.78, does not prop...
S
CVE-2010-0660 Google Chrome before 4.0.249.78 sends an https URL in the Referer header of an http request in certa...
S
CVE-2010-0661 WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp in WebKit before r52401, as used in Google Chrome b...
S
CVE-2010-0662 The ParamTraits::Read function in common/common_param_traits.cc in Google Chrome before 4....
S
CVE-2010-0663 The ParamTraits::Read function in common/common_param_traits.cc in Google Chrome before 4....
S
CVE-2010-0664 Stack consumption vulnerability in the ChildProcessSecurityPolicy::CanRequestURL function in browser...
E S
CVE-2010-0665 JAG (Just Another Guestbook) 1.14 stores sensitive information under the web root with insufficient ...
E
CVE-2010-0666 Unspecified vulnerability in eMBox in Novell eDirectory 8.8 SP5 Patch 2 and earlier allows remote at...
S
CVE-2010-0667 MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations...
CVE-2010-0668 Unspecified vulnerability in MoinMoin 1.5.x through 1.7.x, 1.8.x before 1.8.7, and 1.9.x before 1.9....
S
CVE-2010-0669 MoinMoin before 1.8.7 and 1.9.x before 1.9.2 does not properly sanitize user profiles, which has uns...
CVE-2010-0670 Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! al...
CVE-2010-0671 SQL injection vulnerability in index.php in KR MEDIA Pogodny CMS allows remote attackers to execute ...
E
CVE-2010-0672 SQL injection vulnerability in index.php in WSN Guest 1.02 allows remote attackers to execute arbitr...
E
CVE-2010-0673 SQL injection vulnerability in cplphoto.php in the Copperleaf Photolog plugin 0.16, and possibly ear...
E
CVE-2010-0674 StatCounteX 3.1 stores sensitive information under the web root with insufficient access control, wh...
E
CVE-2010-0675 Cross-site scripting (XSS) vulnerability in index.php in BGSvetionik BGS CMS 2.2.1 allows remote att...
E
CVE-2010-0676 Directory traversal vulnerability in index.php in the RWCards (com_rwcards) component 3.0.18 for Joo...
E
CVE-2010-0677 SQL injection vulnerability in index.php in Katalog Stron Hurricane 1.3.5, and possibly earlier, all...
E
CVE-2010-0678 PHP remote file inclusion vulnerability in includes/moderation.php in Katalog Stron Hurricane 1.3.5,...
E
CVE-2010-0679 Multiple stack-based buffer overflows in the HyleosChemView.HLChemView ActiveX control (HyleosChemVi...
E
CVE-2010-0680 Directory traversal vulnerability in index.php in ZeusCMS 0.2 allows remote attackers to include and...
E
CVE-2010-0681 ZeusCMS 0.2 stores sensitive information under the web root with insufficient access control, which ...
E
CVE-2010-0682 WordPress 2.9 before 2.9.2 allows remote authenticated users to read trash posts from other authors ...
S
CVE-2010-0683 Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS...
S
CVE-2010-0684 Cross-site scripting (XSS) vulnerability in createDestination.action in Apache ActiveMQ before 5.3.1...
E S
CVE-2010-0685 The design of the dialplan functionality in Asterisk Open Source 1.2.x, 1.4.x, and 1.6.x; and Asteri...
E
CVE-2010-0686 WebAccess in VMware VirtualCenter 2.0.2 and 2.5, VMware Server 2.0, and VMware ESX 3.0.3 and 3.5 all...
S
CVE-2010-0688 Stack-based buffer overflow in Orbital Viewer 1.04 allows user-assisted remote attackers to execute ...
E
CVE-2010-0689 The ExecuteExe method in the DVBSExeCall Control ActiveX control 1.0.0.1 in DVBSExeCall.ocx in DATEV...
E
CVE-2010-0690 SQL injection vulnerability in index.php in CommodityRentals Video Games Rentals allows remote attac...
E
CVE-2010-0691 SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arb...
E
CVE-2010-0692 SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earli...
S
CVE-2010-0693 SQL injection vulnerability in products.php in CommodityRentals Trade Manager Script allows remote a...
E
CVE-2010-0694 SQL injection vulnerability in the PerchaGallery (com_perchagallery) component before 1.5b for Jooml...
E
CVE-2010-0695 Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to ...
E
CVE-2010-0696 Directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideo...
E S
CVE-2010-0697 Cross-site scripting (XSS) vulnerability in the iTweak Upload module 6.x-1.x before 6.x-1.2 and 6.x-...
S
CVE-2010-0698 SQL injection vulnerability in backoffice/login.asp in Dynamicsoft WSC CMS 2.2 allows remote attacke...
E
CVE-2010-0699 Cross-site scripting (XSS) vulnerability in index.php in VideoSearchScript Pro 3.5 allows remote att...
E
CVE-2010-0700 Cross-site scripting (XSS) vulnerability in index.php in WampServer 2.0i allows remote attackers to ...
E
CVE-2010-0701 SQL injection vulnerability in ForceChangePassword.jsp in Newgen Software OmniDocs allows remote att...
E
CVE-2010-0702 SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows r...
E
CVE-2010-0703 Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers ...
E
CVE-2010-0704 Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp60...
CVE-2010-0705 Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and X...
CVE-2010-0706 Cross-site scripting (XSS) vulnerability in the login/prompt component in Subex Nikira Fraud Managem...
E
CVE-2010-0707 Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 ...
E
CVE-2010-0708 Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enter...
S
CVE-2010-0709 Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2.0 allow remote attackers to (1...
E S
CVE-2010-0710 SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other...
CVE-2010-0711 Cross-site request forgery (CSRF) vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103...
E
CVE-2010-0712 Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and ot...
E
CVE-2010-0713 Multiple cross-site request forgery (CSRF) vulnerabilities in Zenoss 2.3.3, and other versions befor...
E
CVE-2010-0714 Cross-site scripting (XSS) vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content...
E S
CVE-2010-0715 Open redirect vulnerability in login.jsp in IBM WebSphere Portal, IBM Lotus Web Content Management (...
E S
CVE-2010-0716 _layouts/Upload.aspx in the Documents module in Microsoft SharePoint before 2010 uses URLs with the ...
E
CVE-2010-0717 The default configuration of cfg.packagepages_actions_excluded in MoinMoin before 1.8.7 does not pre...
CVE-2010-0718 Buffer overflow in Microsoft Windows Media Player 9 and 11.0.5721.5145 allows remote attackers to ca...
E
CVE-2010-0719 An unspecified API in Microsoft Windows 2000, Windows XP, Windows Server 2003, Windows Vista, Window...
CVE-2010-0720 SQL injection vulnerability in news.php in Erotik Auktionshaus allows remote attackers to execute ar...
E
CVE-2010-0721 SQL injection vulnerability in news.php in Auktionshaus Gelb 3.0 allows remote attackers to execute ...
E
CVE-2010-0722 SQL injection vulnerability in news.php in Php Auktion Pro allows remote attackers to execute arbitr...
E
CVE-2010-0723 SQL injection vulnerability in news.php in Ero Auktion 2.0 and 2010 allows remote attackers to execu...
E
CVE-2010-0724 SQL injection vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers to execute a...
E
CVE-2010-0725 Cross-site scripting (XSS) vulnerability in showimg.php in Arab Cart 1.0.2.0 allows remote attackers...
E
CVE-2010-0726 Cross-site scripting (XSS) vulnerability in the tb-send.rb (TrackBack transmission) plugin in tDiary...
S
CVE-2010-0727 The gfs2_lock function in the Linux kernel before 2.6.34-rc1-next-20100312, and the gfs_lock functio...
E S
CVE-2010-0728 smbd in Samba 3.3.11, 3.4.6, and 3.5.0, when libcap support is enabled, runs with the CAP_DAC_OVERRI...
CVE-2010-0729 A certain Red Hat patch for the Linux kernel in Red Hat Enterprise Linux (RHEL) 4 on the ia64 platfo...
CVE-2010-0730 The MMIO instruction decoder in the Xen hypervisor in the Linux kernel 2.6.18 in Red Hat Enterprise ...
S
CVE-2010-0731 The gnutls_x509_crt_get_serial function in the GnuTLS library before 1.2.1, when running on big-endi...
E S
CVE-2010-0732 gdk/gdkwindow.c in GTK+ before 2.18.5, as used in gnome-screensaver before 2.28.1, performs implicit...
S
CVE-2010-0733 Integer overflow in src/backend/executor/nodeHash.c in PostgreSQL 8.4.1 and earlier, and 8.5 through...
S
CVE-2010-0734 content_encoding.c in libcurl 7.10.5 through 7.19.7, when zlib is enabled, does not properly restric...
S
CVE-2010-0735 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0969. Reason: This candida...
R
CVE-2010-0736 Cross-site scripting (XSS) vulnerability in the view_queryform function in lib/viewvc.py in ViewVC b...
S
CVE-2010-0737 A missing permission check was found in The CLI in JBoss Operations Network before 2.3.1 does not pr...
S
CVE-2010-0738 The JMX-Console web application in JBossAs in Red Hat JBoss Enterprise Application Platform (aka JBo...
KEV E
CVE-2010-0739 Integer overflow in the predospecial function in dospecial.c in dvips in (1) TeX Live and (2) teTeX ...
CVE-2010-0740 The ssl3_get_record function in ssl/s3_pkt.c in OpenSSL 0.9.8f through 0.9.8m allows remote attacker...
S
CVE-2010-0741 The virtio_net_bad_features function in hw/virtio-net.c in the virtio-net driver in the Linux kernel...
CVE-2010-0742 The Cryptographic Message Syntax (CMS) implementation in crypto/cms/cms_asn1.c in OpenSSL before 0.9...
S
CVE-2010-0743 Multiple format string vulnerabilities in isns.c in (1) Linux SCSI target framework (aka tgt or scsi...
S
CVE-2010-0744 aMSN (aka Alvaro's Messenger) 0.98.3 and earlier, when SSL is used, does not verify that the server ...
CVE-2010-0745 Unspecified vulnerability in Dovecot 1.2.x before 1.2.11 allows remote attackers to cause a denial o...
S
CVE-2010-0746 Directory traversal vulnerability in DeviceKit-disks in DeviceKit, as used in Fedora 11 and 12 and p...
E S
CVE-2010-0747 drbd8 allows local users to bypass intended restrictions for certain actions via netlink packets, si...
E
CVE-2010-0748 Transmission before 1.92 allows an attacker to cause a denial of service (crash) or possibly have ot...
E S
CVE-2010-0749 Transmission before 1.92 allows attackers to prevent download of a file by corrupted data during the...
S
CVE-2010-0750 pkexec.c in pkexec in libpolkit in PolicyKit 0.96 allows local users to determine the existence of a...
E S
CVE-2010-0751 The ip_evictor function in ip_fragment.c in libnids before 1.24, as used in dsniff and possibly othe...
E
CVE-2010-0752 The week_post_page function in the Weekly Archive by Node Type module 6.x before 6.x-2.7 for Drupal ...
S
CVE-2010-0753 SQL injection vulnerability in the SQL Reports (com_sqlreport) component 1.1 for Joomla! allows remo...
E
CVE-2010-0754 Cross-site scripting (XSS) vulnerability in index.php/Special/Main/Templates in WikyBlog 1.7.2 and 1...
E
CVE-2010-0755 PHP remote file inclusion vulnerability in include/WBmap.php in WikyBlog 1.7.3 rc2 allows remote att...
E
CVE-2010-0756 Session fixation vulnerability in WikyBlog 1.7.3 rc2 allows remote attackers to hijack web sessions ...
E
CVE-2010-0757 Unrestricted file upload vulnerability in index.php/Attach in WikyBlog 1.7.3rc2 allows remote authen...
E
CVE-2010-0758 SQL injection vulnerability in news_desc.php in Softbiz Jobs allows remote attackers to execute arbi...
E
CVE-2010-0759 Directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader....
E
CVE-2010-0760 Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Jooml...
CVE-2010-0761 SQL injection vulnerability in index.php in CommodityRentals Books/eBooks Rentals Script allows remo...
E
CVE-2010-0762 SQL injection vulnerability in index.php in CommodityRentals CD Rental Software allows remote attack...
E
CVE-2010-0763 SQL injection vulnerability in index.php in CommodityRentals Vacation Rental Software allows remote ...
E
CVE-2010-0764 SQL injection vulnerability in index.php in KuwaitPHP eSmile allows remote attackers to execute arbi...
E
CVE-2010-0765 fipsForum 2.6 stores sensitive information under the web root with insufficient access control, whic...
E
CVE-2010-0766 Integer overflow in the Swap4 function in valet4.dll in Luxology Modo 401 allows user-assisted remot...
E
CVE-2010-0768 Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application ...
CVE-2010-0769 IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0....
CVE-2010-0770 IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before 6.1.0.31, and 7.0 before 7.0....
S
CVE-2010-0771 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3552. Reason: This candida...
R
CVE-2010-0772 Unspecified vulnerability in the channel process in IBM WebSphere MQ 7.0 before 7.0.1.2 allows remot...
CVE-2010-0774 The (1) JAX-RPC WS-Security 1.0 and (2) JAX-WS runtime implementations in IBM WebSphere Application ...
CVE-2010-0775 Unspecified vulnerability in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.41, 6.1 before ...
CVE-2010-0776 The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31...
CVE-2010-0777 The Web Container in IBM WebSphere Application Server (WAS) 6.0 before 6.0.2.43, 6.1 before 6.1.0.31...
CVE-2010-0778 Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application ...
CVE-2010-0779 Cross-site scripting (XSS) vulnerability in the Administration Console in IBM WebSphere Application ...
CVE-2010-0780 IBM WebSphere MQ 7.x before 7.0.1.4 allows remote attackers to cause a denial of service (disk consu...
CVE-2010-0781 Unspecified vulnerability in the administrative console in IBM WebSphere Application Server (WAS) 6....
CVE-2010-0782 IBM WebSphere MQ 6.x before 6.0.2.10 and 7.x before 7.0.1.3 allows remote attackers to spoof X.509 c...
CVE-2010-0783 Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application ...
CVE-2010-0784 Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application ...
CVE-2010-0785 Cross-site request forgery (CSRF) vulnerability in the Administrative Console in IBM WebSphere Appli...
CVE-2010-0786 The Web Services Security component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.13 do...
CVE-2010-0787 client/mount.cifs.c in mount.cifs in smbfs in Samba 3.0.22, 3.0.28a, 3.2.3, 3.3.2, 3.4.0, and 3.4.5 ...
S
CVE-2010-0788 ncpfs 2.2.6 allows local users to cause a denial of service, obtain sensitive information, or possib...
CVE-2010-0789 fusermount in FUSE before 2.7.5, and 2.8.x before 2.8.2, allows local users to unmount an arbitrary ...
S
CVE-2010-0790 sutil/ncpumount.c in ncpumount in ncpfs 2.2.6 produces certain detailed error messages about the res...
S
CVE-2010-0791 The (1) ncpmount, (2) ncpumount, and (3) ncplogin programs in ncpfs 2.2.6 do not properly create loc...
S
CVE-2010-0792 fcrontab in fcron before 3.0.5 allows local users to read arbitrary files via a symlink attack on an...
S
CVE-2010-0793 Buffer overflow in BarnOwl before 1.5.1 allows remote attackers to cause a denial of service (crash)...
S
CVE-2010-0795 SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla...
E
CVE-2010-0796 SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows...
E
CVE-2010-0797 Cross-site scripting (XSS) vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows ...
S
CVE-2010-0798 SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attack...
S
CVE-2010-0799 Directory traversal vulnerability in misc/tell_a_friend/tell.php in phpunity.newsmanager allows remo...
E
CVE-2010-0800 SQL injection vulnerability in the Ossolution Team Documents Seller (aka DMS) (com_dms) component 2....
E
CVE-2010-0801 Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla!...
E
CVE-2010-0802 SQL injection vulnerability in index.php in (nv2) Awards 1.1.0, a modification for Invision Power Bo...
E
CVE-2010-0803 SQL injection vulnerability in the jVideoDirect (com_jvideodirect) component 1.1 RC3b for Joomla! al...
E
CVE-2010-0804 Cross-site scripting (XSS) vulnerability in index.php in iBoutique 4.0 allows remote attackers to in...
E
CVE-2010-0805 The Tabular Data Control (TDC) ActiveX control in Microsoft Internet Explorer 5.01 SP4, 6 on Windows...
S
CVE-2010-0806 Use-after-free vulnerability in the Peer Objects component (aka iepeers.dll) in Microsoft Internet E...
S
CVE-2010-0807 Microsoft Internet Explorer 7 does not properly handle objects in memory, which allows remote attack...
S
CVE-2010-0808 Microsoft Internet Explorer 6 and 7 on Windows XP and Vista does not prevent script from simulating ...
CVE-2010-0809 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-0810 The kernel in Microsoft Windows Vista Gold, SP1, and SP2, and Windows Server 2008 Gold and SP2, does...
CVE-2010-0811 Multiple unspecified vulnerabilities in the Microsoft Internet Explorer 8 Developer Tools ActiveX co...
CVE-2010-0812 Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 Gold an...
CVE-2010-0813 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-0814 The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 and 2007 SP1 ...
CVE-2010-0815 VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visu...
CVE-2010-0816 Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Ma...
E
CVE-2010-0817 Cross-site scripting (XSS) vulnerability in _layouts/help.aspx in Microsoft SharePoint Server 2007 1...
E
CVE-2010-0818 The MPEG-4 codec in the Windows Media codecs in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, V...
CVE-2010-0819 Unspecified vulnerability in the Windows OpenType Compact Font Format (CFF) driver in Microsoft Wind...
CVE-2010-0820 Heap-based buffer overflow in the Local Security Authority Subsystem Service (LSASS), as used in Act...
CVE-2010-0821 Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 200...
CVE-2010-0822 Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for...
CVE-2010-0823 Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 200...
CVE-2010-0824 Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote a...
CVE-2010-0825 lib-src/movemail.c in movemail in emacs 22 and 23 allows local users to read, modify, or delete arbi...
CVE-2010-0826 The Free Software Foundation (FSF) Berkeley DB NSS module (aka libnss-db) 2.2.3pre1 reads the DB_CON...
CVE-2010-0827 Integer overflow in dvips in TeX Live 2009 and earlier, and teTeX, allows remote attackers to cause ...
CVE-2010-0828 Cross-site scripting (XSS) vulnerability in action/Despam.py in the Despam action module in MoinMoin...
E S
CVE-2010-0829 Multiple array index errors in set.c in dvipng 1.11 and 1.12, and teTeX, allow remote attackers to c...
S
CVE-2010-0830 Integer signedness error in the elf_get_dynamic_info function in elf/dynamic-link.h in ld.so in the ...
S
CVE-2010-0831 Directory traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allows re...
E
CVE-2010-0832 pam_motd (aka the MOTD module) in libpam-modules before 1.1.0-2ubuntu1.1 in PAM on Ubuntu 9.10 and l...
E S
CVE-2010-0833 The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234...
S
CVE-2010-0834 The base-files package before 5.0.0ubuntu7.1 on Ubuntu 9.10 and before 5.0.0ubuntu20.10.04.2 on Ubun...
S
CVE-2010-0835 Unspecified vulnerability in the Wireless component in Oracle Fusion Middleware 10.1.2.3 allows remo...
CVE-2010-0836 Unspecified vulnerability in the Oracle Knowledge Management component in Oracle E-Business Suite 11...
CVE-2010-0837 Unspecified vulnerability in the Pack200 component in Oracle Java SE and Java for Business 6 Update ...
CVE-2010-0838 Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update ...
CVE-2010-0839 Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18...
CVE-2010-0840 Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B...
KEV S
CVE-2010-0841 Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update ...
CVE-2010-0842 Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18...
CVE-2010-0843 Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18...
CVE-2010-0844 Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 18...
CVE-2010-0845 Unspecified vulnerability in the HotSpot Server component in Oracle Java SE and Java for Business 6 ...
CVE-2010-0846 Unspecified vulnerability in the ImageIO component in Oracle Java SE and Java for Business 6 Update ...
CVE-2010-0847 Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update ...
CVE-2010-0848 Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update ...
CVE-2010-0849 Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 6 Update ...
CVE-2010-0850 Unspecified vulnerability in the Java 2D component in Oracle Java SE and Java for Business 1.3.1_27 ...
CVE-2010-0851 Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, a...
CVE-2010-0852 Unspecified vulnerability in the XML DB component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, a...
CVE-2010-0853 Unspecified vulnerability in the Oracle Internet Directory component in Oracle Database 9.2.0.8, 9.2...
CVE-2010-0854 Unspecified vulnerability in the Audit component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10...
CVE-2010-0855 Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 allows remote...
CVE-2010-0856 Unspecified vulnerability in the Portal component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.2 ...
CVE-2010-0857 Unspecified vulnerability in the Oracle Workflow Cartridge component in Oracle E-Business Suite 11.5...
CVE-2010-0858 Unspecified vulnerability in the E-Business Intelligence component in Oracle E-Business Suite 11.5.1...
CVE-2010-0859 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2010-0860 Unspecified vulnerability in the Core RDBMS component in Oracle Database 9.2.0.8, 9.2.0.8DV, 10.1.0....
CVE-2010-0861 Unspecified vulnerability in the Oracle HRMS (Self Service) component in Oracle E-Business Suite 11....
CVE-2010-0862 Unspecified vulnerability in the Retail - Oracle Retail Markdown Optimization component in Oracle In...
CVE-2010-0863 Unspecified vulnerability in the Retail - Oracle Retail Plan In-Season component in Oracle Industry ...
CVE-2010-0864 Unspecified vulnerability in the Retail - Oracle Retail Place In-Season component in Oracle Industry...
CVE-2010-0865 Unspecified vulnerability in the Oracle Agile Engineering Data Management component in Oracle E-Busi...
CVE-2010-0866 Unspecified vulnerability in the JavaVM component in Oracle Database 11.1.0.7 and 11.2.0.1 allows re...
CVE-2010-0867 Unspecified vulnerability in the JavaVM component in Oracle Database 10.2.0.4, 11.1.0.7, and 11.2.0....
CVE-2010-0868 Unspecified vulnerability in the Oracle iStore component in Oracle E-Business Suite 11.5.10.2, 12.0....
CVE-2010-0869 Unspecified vulnerability in the Oracle Transportation Management component in Oracle E-Business Sui...
CVE-2010-0870 Unspecified vulnerability in the Change Data Capture component in Oracle Database 9.2.0.8 and 9.2.0....
CVE-2010-0871 Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Su...
CVE-2010-0872 Unspecified vulnerability in the Oracle Internet Directory component in Oracle Fusion Middleware 10....
CVE-2010-0873 Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0...
CVE-2010-0874 Unspecified vulnerability in the Communications - Oracle Communications Unified Inventory Management...
CVE-2010-0875 Unspecified vulnerability in the Life Sciences - Oracle Thesaurus Management System component in Ora...
CVE-2010-0876 Unspecified vulnerability in the Life Sciences - Oracle Clinical Remote Data Capture Option componen...
CVE-2010-0877 Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edward...
CVE-2010-0878 Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edward...
CVE-2010-0879 Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edward...
CVE-2010-0880 Unspecified vulnerability in the PeopleTools component in Oracle PeopleSoft Enterprise and JD Edward...
CVE-2010-0881 Unspecified vulnerability in the User Interface Components in Oracle Collaboration Suite 10.1.2.4 al...
CVE-2010-0882 Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris sn...
CVE-2010-0883 Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allow...
CVE-2010-0884 Unspecified vulnerability in the Sun Cluster component in Oracle Sun Product Suite 3.1 and 3.2 allow...
CVE-2010-0885 Unspecified vulnerability in the Sun Java System Communications Express component in Oracle Sun Prod...
CVE-2010-0886 Unspecified vulnerability in the Java Deployment Toolkit component in Oracle Java SE and Java for Bu...
S
CVE-2010-0887 Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business ...
CVE-2010-0888 Unspecified vulnerability in the Sun Ray Server Software component in Oracle Sun Product Suite 4.0, ...
CVE-2010-0889 Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_68 th...
CVE-2010-0890 Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite 10 and OpenSolaris sn...
CVE-2010-0891 Unspecified vulnerability in the Sun Management Center component in Oracle Sun Product Suite 3.6.1 a...
CVE-2010-0892 Unspecified vulnerability in the Application Express component in Oracle Database Server 3.2.0.00.27...
CVE-2010-0893 Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows re...
CVE-2010-0894 Unspecified vulnerability in the Sun Java System Access Manager component in Oracle Sun Product Suit...
CVE-2010-0895 Unspecified vulnerability in the Solaris component in Oracle Sun Product Suite OpenSolaris snv_119 a...
CVE-2010-0896 Unspecified vulnerability in the Sun Convergence component in Oracle Sun Product Suite 1.0 allows re...
CVE-2010-0897 Unspecified vulnerability in the Sun Java System Directory Server component in Oracle Sun Product Su...
CVE-2010-0898 Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect confide...
CVE-2010-0899 Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote authenticated users to affe...
CVE-2010-0900 Unspecified vulnerability in the Network Layer component in Oracle Database Server 9.2.0.8, 10.1.0.5...
CVE-2010-0901 Unspecified vulnerability in the Export component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1...
CVE-2010-0902 Unspecified vulnerability in the Oracle OLAP component in Oracle Database Server 9.2.0.8, 9.2.0.8DV,...
CVE-2010-0903 Unspecified vulnerability in the Net Foundation Layer component in Oracle Database Server 9.2.0.8, 1...
CVE-2010-0904 Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect integri...
CVE-2010-0905 Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11...
CVE-2010-0906 Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote authenticated users to affe...
CVE-2010-0907 Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect confide...
CVE-2010-0908 Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ...
CVE-2010-0909 Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ...
CVE-2010-0910 Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0...
CVE-2010-0911 Unspecified vulnerability in the Listener component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10...
CVE-2010-0912 Unspecified vulnerability in the Oracle Applications Framework component in Oracle E-Business Suite ...
CVE-2010-0913 Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11...
CVE-2010-0914 Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote attackers to affect confidenti...
CVE-2010-0915 Unspecified vulnerability in the Oracle Advanced Product Catalog component in Oracle E-Business Suit...
CVE-2010-0916 Unspecified vulnerability in Oracle OpenSolaris 10 allows local users to affect confidentiality, int...
CVE-2010-0917 Stack-based buffer overflow in VBScript in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 20...
E
CVE-2010-0918 Multiple unspecified vulnerabilities in the UltraLite functionality in IBM Lotus iNotes (aka Domino ...
CVE-2010-0919 Stack-based buffer overflow in the Lotus Domino Web Access ActiveX control in IBM Lotus iNotes (aka ...
S
CVE-2010-0920 Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 2...
CVE-2010-0921 Cross-site request forgery (CSRF) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) b...
CVE-2010-0922 Unspecified vulnerability in secldapclntd in IBM AIX 5.3 with SP 5300-11-02 allows attackers to caus...
CVE-2010-0923 Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC ...
S
CVE-2010-0924 cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.3 and 4.0....
E
CVE-2010-0925 cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.4 on Windo...
E
CVE-2010-0926 The default configuration of smbd in Samba before 3.3.11, 3.4.x before 3.4.6, and 3.5.x before 3.5.0...
CVE-2010-0927 Cross-site scripting (XSS) vulnerability in help/readme.nsf/Header in the Help component in IBM Lotu...
E
CVE-2010-0928 OpenSSL 0.9.8i on the Gaisler Research LEON3 SoC on the Xilinx Virtex-II Pro FPGA uses a Fixed Width...
CVE-2010-0929 The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial o...
E
CVE-2010-0930 The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial o...
E
CVE-2010-0931 The Perforce service (p4s.exe) in Perforce Server 2008.1 allows remote attackers to cause a denial o...
E
CVE-2010-0932 The FTP server in Perforce Server 2008.1 allows remote attackers to cause a denial of service (NULL ...
E
CVE-2010-0933 Directory traversal vulnerability in Perforce Server 2008.1 allows remote authenticated users to cre...
E
CVE-2010-0934 The triggers functionality in Perforce Server 2008.1 allows remote authenticated users with super pr...
E
CVE-2010-0935 Perforce Server 2009.2 and earlier, when the protection table is empty, allows remote authenticated ...
E
CVE-2010-0936 Cross-site scripting (XSS) vulnerability in auth.asp on the D-LINK DKVM-IP8 with firmware 2282_dlink...
E
CVE-2010-0937 Multiple unspecified vulnerabilities in Visualization Library before 2009.08.812 have unknown impact...
CVE-2010-0938 Cross-site scripting (XSS) vulnerability in todooforum.php in Todoo Forum 2.0 allows remote attacker...
E
CVE-2010-0939 Visialis ABB Forum 1.1 stores sensitive information under the web root with insufficient access cont...
E
CVE-2010-0940 Cross-site scripting (XSS) vulnerability in guestbook.php in Simple PHP Guestbook 1.0 allows remote ...
E
CVE-2010-0941 Multiple cross-site scripting (XSS) vulnerabilities in eTek Systems Hit Counter 2.0 allow remote att...
E
CVE-2010-0942 Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allow...
E
CVE-2010-0943 Directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows r...
E
CVE-2010-0944 Directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows ...
E
CVE-2010-0945 SQL injection vulnerability in the HotBrackets Tournament Brackets (com_hotbrackets) component for J...
E
CVE-2010-0946 SQL injection vulnerability in the Keep It Simple Stupid (KISS) Software Advertiser (com_ksadvertise...
E
CVE-2010-0947 Cross-site scripting (XSS) vulnerability in post.aspx in Max Network Technology BBSMAX 3.0, 4.1, and...
E
CVE-2010-0948 SQL injection vulnerability in profil.php in Bigforum 4.5, when magic_quotes_gpc is disabled, allows...
E
CVE-2010-0949 Multiple cross-site scripting (XSS) vulnerabilities in Natychmiast CMS allow remote attackers to inj...
E
CVE-2010-0950 Multiple SQL injection vulnerabilities in Natychmiast CMS allow remote attackers to execute arbitrar...
E
CVE-2010-0951 SQL injection vulnerability in go_target.php in dev4u CMS allows remote attackers to execute arbitra...
E
CVE-2010-0952 SQL injection vulnerability in index.php in OneCMS 2.5, when magic_quotes_gpc is disabled, allows re...
E
CVE-2010-0953 Directory traversal vulnerability in mod.php in phpCOIN 1.2.1 allows remote attackers to read arbitr...
E
CVE-2010-0954 SQL injection vulnerability in search_result.asp in Pre Projects Pre E-Learning Portal allows remote...
E
CVE-2010-0955 SQL injection vulnerability in index.php in Bild Flirt Community 2.0 allows remote attackers to exec...
E
CVE-2010-0956 SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitr...
E
CVE-2010-0957 Directory traversal vulnerability in content.php in Saskia's Shopsystem beta1 and earlier allows rem...
E
CVE-2010-0958 Directory traversal vulnerability in modules/hayoo/index.php in Tribisur 2.1, 2.0, and earlier, when...
E
CVE-2010-0959 Cross-site scripting (XSS) vulnerability in WebEditor/Authentication/LoginPage.aspx in IBM ENOVIA Sm...
E
CVE-2010-0960 Buffer overflow in qosmod in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to ga...
CVE-2010-0961 Buffer overflow in qoslist in bos.net.tcp.server in IBM AIX 6.1 and VIOS 2.1 allows local users to g...
CVE-2010-0962 The FTP proxy server in Apple AirPort Express, AirPort Extreme, and Time Capsule with firmware 7.5 d...
E
CVE-2010-0963 Cross-site scripting (XSS) vulnerability in index.php in dl Download Ticket Service before 0.7 allow...
S
CVE-2010-0964 SQL injection vulnerability in start.php in Eros Webkatalog allows remote attackers to execute arbit...
E
CVE-2010-0965 Jevci Siparis Formu Scripti stores sensitive information under the web root with insufficient access...
E
CVE-2010-0966 PHP remote file inclusion vulnerability in inc/config.php in deV!L`z Clanportal (DZCP) 1.5.2, when r...
E
CVE-2010-0967 Multiple directory traversal vulnerabilities in Geekhelps ADMP 1.01, when magic_quotes_gpc is disabl...
E
CVE-2010-0968 SQL injection vulnerability in bannershow.php in Geekhelps ADMP 1.01 allows remote attackers to exec...
E
CVE-2010-0969 Unbound before 1.4.3 does not properly align structures on 64-bit platforms, which allows remote att...
S
CVE-2010-0970 SQL injection vulnerability in phpmylogon.php in PhpMyLogon 2 allows remote attackers to execute arb...
E
CVE-2010-0971 Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users...
E
CVE-2010-0972 Directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allow...
E
CVE-2010-0973 SQL injection vulnerability in index.php in phppool media Domain Verkaus and Auktions Portal allows ...
E
CVE-2010-0974 Multiple SQL injection vulnerabilities in PHPCityPortal allow remote attackers to execute arbitrary ...
E
CVE-2010-0975 PHP remote file inclusion vulnerability in external.php in PHPCityPortal allows remote attackers to ...
E
CVE-2010-0976 Acidcat CMS 3.5.x does not prevent access to install.asp after installation finishes, which might al...
E
CVE-2010-0977 PD PORTAL 4.0 stores sensitive information under the web root with insufficient access control, whic...
E
CVE-2010-0978 KMSoft Guestbook (aka GBook) 1.0 stores sensitive information under the web root with insufficient a...
E
CVE-2010-0979 Cross-site scripting (XSS) vulnerability in display.php in Obsession-Design Image-Gallery (ODIG) 1.1...
E
CVE-2010-0980 SQL injection vulnerability in player.php in Left 4 Dead (L4D) Stats 1.1 allows remote attackers to ...
E
CVE-2010-0981 SQL injection vulnerability in the TPJobs (com_tpjobs) component for Joomla! allows remote attackers...
E
CVE-2010-0982 Directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! a...
E
CVE-2010-0983 PHP remote file inclusion vulnerability in include/mail.inc.php in Rezervi 3.0.2 and earlier, when r...
E
CVE-2010-0984 Acidcat CMS 3.5.3 and earlier stores sensitive information under the web root with insufficient acce...
E
CVE-2010-0985 Directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla...
E
CVE-2010-0986 Adobe Shockwave Player before 11.5.7.609 does not properly process asset entries, which allows remot...
S
CVE-2010-0987 Heap-based buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow remote attackers ...
S
CVE-2010-0988 Multiple unspecified vulnerabilities in Pulse CMS before 1.2.3 allow (1) remote attackers to write t...
CVE-2010-0989 Directory traversal vulnerability in delete.php in Pulse CMS before 1.2.3 allows remote authenticate...
CVE-2010-0990 Stack-based buffer overflow in Creative Software AutoUpdate Engine ActiveX Control 2.0.12.0, as used...
CVE-2010-0991 Multiple heap-based buffer overflows in imlib2 1.4.3 allow context-dependent attackers to execute ar...
CVE-2010-0992 Multiple cross-site request forgery (CSRF) vulnerabilities in Pulse CMS Basic 1.2.2 and 1.2.3, and p...
S
CVE-2010-0993 Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.2 and 1.2.3, and possibly Pulse Pro be...
S
CVE-2010-0994 Multiple buffer overflows in src/vl/vlDAT.cpp in Visualization Library 2009.08.812 allow user-assist...
CVE-2010-0995 Stack-based buffer overflow in Internet Download Manager (IDM) before 5.19 allows remote attackers t...
CVE-2010-0996 Unrestricted file upload vulnerability in e107 before 0.7.20 allows remote authenticated users to ex...
S
CVE-2010-0997 Cross-site scripting (XSS) vulnerability in 107_plugins/content/content_manager.php in the Content M...
S
CVE-2010-0998 Multiple stack-based buffer overflows in Free Download Manager (FDM) before 3.0.852 allow remote att...
CVE-2010-0999 Directory traversal vulnerability in Free Download Manager (FDM) before 3.0.852 allows remote attack...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.