| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2010-1000 | Directory traversal vulnerability in KGet in KDE SC 4.0.0 through 4.4.3 allows remote attackers to c... | | |
| CVE-2010-1003 | Directory traversal vulnerability in www/editor/tiny_mce/langs/language.php in eFront 3.5.x through ... | E S | |
| CVE-2010-1004 | SQL injection vulnerability in the Yet another TYPO3 search engine (YATSE) extension before 0.3.2 fo... | S | |
| CVE-2010-1005 | Cross-site scripting (XSS) vulnerability in the Yet another TYPO3 search engine (YATSE) extension be... | S | |
| CVE-2010-1006 | SQL injection vulnerability in the Brainstorming extension 0.1.8 and earlier for TYPO3 allows remote... | | |
| CVE-2010-1007 | Unspecified vulnerability in the Power Extension Manager (ch_lightem) extension 1.0.34 and earlier f... | | |
| CVE-2010-1008 | Cross-site scripting (XSS) vulnerability in the Sellector.com Widget Integration (chsellector) exten... | S | |
| CVE-2010-1009 | SQL injection vulnerability in the Educator extension 0.1.5 for TYPO3 allows remote attackers to exe... | | |
| CVE-2010-1010 | SQL injection vulnerability in the MK Wastebasket (mk_wastebasket) extension 2.1.0 and earlier for T... | | |
| CVE-2010-1011 | Cross-site scripting (XSS) vulnerability in the myDashboard (mydashboard) extension 0.1.13 and earli... | | |
| CVE-2010-1012 | SQL injection vulnerability in the CleanDB (nf_cleandb) extension 1.0.7 and earlier for TYPO3 allows... | | |
| CVE-2010-1013 | SQL injection vulnerability in the Diocese of Portsmouth Database (pd_diocesedatabase) extension bef... | S | |
| CVE-2010-1014 | Cross-site scripting (XSS) vulnerability in the Reports Logfile View (reports_logview) extension 1.2... | | |
| CVE-2010-1015 | SQL injection vulnerability in the SAV Filter Alphabetic (sav_filter_abc) extension before 1.0.9 for... | S | |
| CVE-2010-1016 | SQL injection vulnerability in the SAV Filter Selectors (sav_filter_selectors) extension before 1.0.... | S | |
| CVE-2010-1017 | SQL injection vulnerability in the SAV Filter Months (sav_filter_months) extension before 1.0.5 for ... | S | |
| CVE-2010-1018 | SQL injection vulnerability in the Book Reviews (sk_bookreview) extension 0.0.12 and earlier for TYP... | | |
| CVE-2010-1019 | SQL injection vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 and earlier for... | | |
| CVE-2010-1020 | Cross-site scripting (XSS) vulnerability in the Simple Gallery (sk_simplegallery) extension 0.0.9 an... | | |
| CVE-2010-1021 | Cross-site scripting (XSS) vulnerability in the Typo3 Quixplorer (t3quixplorer) extension before 1.7... | S | |
| CVE-2010-1022 | The TYPO3 Security - Salted user password hashes (t3sec_saltedpw) extension before 0.2.13 for TYPO3 ... | S | |
| CVE-2010-1023 | Cross-site scripting (XSS) vulnerability in the UserTask Center, Recent (taskcenter_recent) extensio... | S | |
| CVE-2010-1024 | SQL injection vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for TYPO3 allows ... | S | |
| CVE-2010-1025 | Cross-site scripting (XSS) vulnerability in the TGM-Newsletter (tgm_newsletter) extension 0.0.2 for ... | S | |
| CVE-2010-1026 | SQL injection vulnerability in the CleanDB - DBAL (tmsw_cleandb) extension 2.1.0 and earlier for TYP... | | |
| CVE-2010-1027 | SQL injection vulnerability in the Meet Travelmates (travelmate) extension 0.1.1 and earlier for TYP... | | |
| CVE-2010-1028 | Integer overflow in the decompression functionality in the Web Open Fonts Format (WOFF) decoder in M... | | |
| CVE-2010-1029 | Stack consumption vulnerability in the WebCore::CSSSelector function in WebKit, as used in Apple Saf... | E | |
| CVE-2010-1030 | Unspecified vulnerability in HP-UX B.11.31, with AudFilter rules enabled, allows local users to caus... | S | |
| CVE-2010-1031 | Unspecified vulnerability in HP Insight Control for Linux (aka IC-Linux or ICE-LX) 2.11 and earlier ... | S | |
| CVE-2010-1032 | Unspecified vulnerability in HP HP-UX B.11.11 allows local users to cause a denial of service via un... | | |
| CVE-2010-1033 | Multiple stack-based buffer overflows in a certain Tetradyne ActiveX control in HP Operations Manage... | | |
| CVE-2010-1034 | Unspecified vulnerability in HP System Management Homepage (SMH) 6.0 before 6.0.0-95 on Linux, and 6... | | |
| CVE-2010-1035 | Multiple unspecified vulnerabilities in HP Virtual Machine Manager (VMM) before 6.0 allow remote aut... | | |
| CVE-2010-1036 | Cross-site scripting (XSS) vulnerability in HP System Insight Manager before 6.0 allows remote attac... | | |
| CVE-2010-1037 | Cross-site request forgery (CSRF) vulnerability in HP System Insight Manager before 6.0 allows remot... | | |
| CVE-2010-1038 | Unspecified vulnerability in HP System Insight Manager before 6.0 allows remote authenticated users ... | | |
| CVE-2010-1039 | Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; ... | S | |
| CVE-2010-1040 | The "IP address range limitation" function in OpenPNE 1.6 through 1.8, 2.0 through 2.8, 2.10 through... | | |
| CVE-2010-1041 | Unspecified vulnerability in the single sign-on functionality in the Web Services implementation in ... | S | |
| CVE-2010-1042 | Microsoft Windows Media Player 11 does not properly perform colorspace conversion, which allows remo... | E | |
| CVE-2010-1043 | Directory traversal vulnerability in index.php in jaxCMS 1.0 allows remote attackers to include and ... | E | |
| CVE-2010-1044 | SQL injection vulnerability in Login.do in ManageEngine OpUtils 5.0 allows remote attackers to execu... | E | |
| CVE-2010-1045 | SQL injection vulnerability in the Productbook (com_productbook) component 1.0.4 for Joomla! allows ... | E | |
| CVE-2010-1046 | Multiple SQL injection vulnerabilities in index.php in Rostermain 1.1 and earlier allow remote attac... | E | |
| CVE-2010-1047 | SQL injection vulnerability in index.php in MASA2EL Music City 1.0 and 1.1 allows remote attackers t... | E | |
| CVE-2010-1048 | Cross-site scripting (XSS) vulnerability in blog/index.php in Uiga Business Portal allows remote att... | E | |
| CVE-2010-1049 | Multiple SQL injection vulnerabilities in Uiga Business Portal allow remote attackers to execute arb... | E | |
| CVE-2010-1050 | SQL injection vulnerability in index.php in AudiStat 1.3 allows remote attackers to execute arbitrar... | E | |
| CVE-2010-1051 | Multiple SQL injection vulnerabilities in index.php in AudiStat 1.3 allow remote attackers to execut... | | |
| CVE-2010-1052 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in AudiStat 1.3 allow remote attack... | | |
| CVE-2010-1053 | Multiple SQL injection vulnerabilities in Zen Time Tracking 2.2 and earlier, when magic_quotes_gpc i... | E | |
| CVE-2010-1054 | Multiple SQL injection vulnerabilities in ParsCMS allow remote attackers to execute arbitrary SQL co... | E | |
| CVE-2010-1055 | Multiple PHP remote file inclusion vulnerabilities in osDate 2.1.9 and 2.5.4, when magic_quotes_gpc ... | E | |
| CVE-2010-1056 | Directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for ... | E S | |
| CVE-2010-1057 | Multiple directory traversal vulnerabilities in Phpkobo AdFreely (aka Ad Board Script) 1.01, when ma... | E | |
| CVE-2010-1058 | Directory traversal vulnerability in codelib/cfg/common.inc.php in Phpkobo Address Book Script 1.09,... | E | |
| CVE-2010-1059 | Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Address Book Script 1.09, w... | E | |
| CVE-2010-1060 | Directory traversal vulnerability in staff/app/common.inc.php in Phpkobo Short URL 1.01, when magic_... | E | |
| CVE-2010-1061 | Multiple directory traversal vulnerabilities in Phpkobo Short URL 1.01, when magic_quotes_gpc is dis... | E | |
| CVE-2010-1062 | Directory traversal vulnerability in codelib/sys/common.inc.php in Phpkobo Free Real Estate Contact ... | E | |
| CVE-2010-1063 | Multiple directory traversal vulnerabilities in Phpkobo Free Real Estate Contact Form 1.09, when mag... | E | |
| CVE-2010-1064 | Erolife AjxGaleri VT stores sensitive information under the web root with insufficient access contro... | E | |
| CVE-2010-1065 | Lebisoft Ziyaretci Defteri 7.4 and 7.5 stores sensitive information under the web root with insuffic... | E | |
| CVE-2010-1066 | AR Web Content Manager (AWCM) 2.1 stores sensitive information under the web root with insufficient ... | E | |
| CVE-2010-1067 | E-membres 1.0 stores sensitive information under the web root with insufficient access control, whic... | E | |
| CVE-2010-1068 | Multiple cross-site scripting (XSS) vulnerabilities in surgeftpmgr.cgi in NetWin SurgeFTP 2.3a6 allo... | E | |
| CVE-2010-1069 | SQL injection vulnerability in games/game.php in ProArcadeScript allows remote attackers to execute ... | E | |
| CVE-2010-1070 | SQL injection vulnerability in index.php in ImagoScripts Deviant Art Clone allows remote attackers t... | E | |
| CVE-2010-1071 | SQL injection vulnerability in profil.php in phpMDJ 1.0.3 allows remote attackers to execute arbitra... | E | |
| CVE-2010-1072 | Cross-site scripting (XSS) vulnerability in search.php in Sniggabo CMS 2.21 allows remote attackers ... | E | |
| CVE-2010-1073 | SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows r... | E | |
| CVE-2010-1074 | Cross-site scripting (XSS) vulnerability in the Currency Exchange module before 6.x-1.2 for Drupal a... | S | |
| CVE-2010-1075 | SQL injection vulnerability in index.php in Entry Level CMS (EL CMS) allows remote attackers to exec... | E | |
| CVE-2010-1076 | Cross-site scripting (XSS) vulnerability in index.php in Entry Level CMS (EL CMS) allows remote atta... | | |
| CVE-2010-1077 | Directory traversal vulnerability in vbseo.php in Crawlability vBSEO plugin 3.1.0 for vBulletin allo... | E | |
| CVE-2010-1078 | SQL injection vulnerability in archive.php in XlentProjects SphereCMS 1.1 alpha allows remote attack... | E | |
| CVE-2010-1079 | Cross-site scripting (XSS) vulnerability in Sawmill before 7.2.18 allows remote attackers to inject ... | | |
| CVE-2010-1080 | Cross-site scripting (XSS) vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to i... | E | |
| CVE-2010-1081 | Directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and p... | E | |
| CVE-2010-1082 | Multiple directory traversal vulnerabilities in OI.Blogs 1.0.0, when magic_quotes_gpc is disabled, a... | | |
| CVE-2010-1083 | The processcompl_compat function in drivers/usb/core/devio.c in Linux kernel 2.6.x through 2.6.32, a... | S | |
| CVE-2010-1084 | Linux kernel 2.6.18 through 2.6.33, and possibly other versions, allows remote attackers to cause a ... | S | |
| CVE-2010-1085 | The azx_position_ok function in hda_intel.c in Linux kernel 2.6.33-rc4 and earlier, when running on ... | S | |
| CVE-2010-1086 | The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux ker... | S | |
| CVE-2010-1087 | The nfs_wait_on_request function in fs/nfs/pagelist.c in Linux kernel 2.6.x through 2.6.33-rc5 allow... | S | |
| CVE-2010-1088 | fs/namei.c in Linux kernel 2.6.18 through 2.6.34 does not always follow NFS automount "symlinks," wh... | S | |
| CVE-2010-1089 | SQL injection vulnerability in vedi_faq.php in PHP Trouble Ticket 2.2 allows remote attackers to exe... | E | |
| CVE-2010-1090 | SQL injection vulnerability in index.php in phpMySite allows remote attackers to execute arbitrary S... | E | |
| CVE-2010-1091 | Multiple cross-site scripting (XSS) vulnerabilities in contact.php in phpMySite allow remote attacke... | E | |
| CVE-2010-1092 | Multiple SQL injection vulnerabilities in login.php in ScriptsFeed Business Directory Software allow... | E | |
| CVE-2010-1093 | SQL injection vulnerability in rss.php in 1024 CMS 2.1.1, when magic_quotes_gpc is disabled, allows ... | | |
| CVE-2010-1094 | SQL injection vulnerability in news.php in DZ EROTIK Auktionshaus V4rgo allows remote attackers to e... | E | |
| CVE-2010-1095 | Cross-site scripting (XSS) vulnerability in login_reset_password_page.php in Tracking Requirements &... | | |
| CVE-2010-1096 | Multiple SQL injection vulnerabilities in searchmatch.php in ScriptsFeed Dating Software allow remot... | | |
| CVE-2010-1097 | include/userlogin.class.php in DeDeCMS 5.5 GBK, when session.auto_start is enabled, allows remote at... | E | |
| CVE-2010-1098 | The ANI parser in Microsoft Windows before 7 on the x86 platform, as used in Internet Explorer and o... | E | |
| CVE-2010-1099 | Integer overflow in Apple Safari allows remote attackers to bypass intended port restrictions on out... | | |
| CVE-2010-1100 | Integer overflow in Arora allows remote attackers to bypass intended port restrictions on outbound T... | | |
| CVE-2010-1101 | Integer overflow in Alexander Clauss iCab allows remote attackers to bypass intended port restrictio... | | |
| CVE-2010-1102 | Integer overflow in OmniWeb allows remote attackers to bypass intended port restrictions on outbound... | | |
| CVE-2010-1103 | Integer overflow in Stainless allows remote attackers to bypass intended port restrictions on outbou... | | |
| CVE-2010-1104 | Cross-site scripting (XSS) vulnerability in Zope 2.8.x before 2.8.12, 2.9.x before 2.9.12, 2.10.x be... | S | |
| CVE-2010-1105 | Cross-site scripting (XSS) vulnerability in cgi/index.php in AdvertisementManager 3.1.0 and 3.6 allo... | E | |
| CVE-2010-1106 | PHP remote file inclusion vulnerability in cgi/index.php in AdvertisementManager 3.1.0 allows remote... | E | |
| CVE-2010-1107 | Cross-site scripting (XSS) vulnerability in the Recent Comments module 5.x through 5.x-1.2 and 6.x t... | S | |
| CVE-2010-1108 | Cross-site scripting (XSS) vulnerability in the Control Panel module 5.x through 5.x-1.5 and 6.x thr... | S | |
| CVE-2010-1109 | Multiple SQL injection vulnerabilities in index.php in phpMySport 1.4, when magic_quotes_gpc is disa... | E | |
| CVE-2010-1110 | Directory traversal vulnerability in index.php in phpMySport 1.4 allows remote attackers to list arb... | E | |
| CVE-2010-1111 | Multiple cross-site scripting (XSS) vulnerabilities in Jokes Complete Website allow remote attackers... | E | |
| CVE-2010-1112 | Cross-site scripting (XSS) vulnerability in cat.php in KloNews 2.0 allows remote attackers to inject... | E | |
| CVE-2010-1113 | Cross-site scripting (XSS) vulnerability in the forum page in Web Server Creator - Web Portal 0.1 al... | E | |
| CVE-2010-1114 | Multiple PHP remote file inclusion vulnerabilities in Web Server Creator - Web Portal 0.1 allow remo... | E | |
| CVE-2010-1115 | Directory traversal vulnerability in news/include/customize.php in Web Server Creator - Web Portal 0... | E | |
| CVE-2010-1116 | LookMer Music Portal stores sensitive information under the web root with insufficient access contro... | E | |
| CVE-2010-1117 | Heap-based buffer overflow in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to ... | E | |
| CVE-2010-1118 | Unspecified vulnerability in Internet Explorer 8 on Microsoft Windows 7 allows remote attackers to e... | E | |
| CVE-2010-1119 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1120 | Unspecified vulnerability in Safari 4 on Apple Mac OS X 10.6 allows remote attackers to execute arbi... | | |
| CVE-2010-1121 | Mozilla Firefox 3.6.x before 3.6.3 does not properly manage the scopes of DOM nodes that are moved f... | | |
| CVE-2010-1122 | Unspecified vulnerability in Mozilla Firefox 3.5.x through 3.5.8 allows remote attackers to cause a ... | | |
| CVE-2010-1123 | Chip Salzenberg Deliver does not properly associate a lockfile with the user who created the file, w... | | |
| CVE-2010-1124 | bos.rte.libc 5.3.9.4 on IBM AIX 5.3 does not properly support reading a certain address field after ... | | |
| CVE-2010-1125 | The JavaScript implementation in Mozilla Firefox 3.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMo... | | |
| CVE-2010-1126 | The JavaScript implementation in WebKit allows remote attackers to send selected keystrokes to a for... | | |
| CVE-2010-1127 | Microsoft Internet Explorer 6 and 7 does not initialize certain data structures during execution of ... | E | |
| CVE-2010-1128 | The Linear Congruential Generator (LCG) in PHP before 5.2.13 does not provide the expected entropy, ... | E S | |
| CVE-2010-1129 | The safe_mode implementation in PHP before 5.2.13 does not properly handle directory pathnames that ... | S | |
| CVE-2010-1130 | session.c in the session extension in PHP before 5.2.13, and 5.3.1, does not properly interpret ; (s... | E S | |
| CVE-2010-1131 | JavaScriptCore.dll, as used in Apple Safari 4.0.5 on Windows XP SP3, allows remote attackers to caus... | E | |
| CVE-2010-1132 | The mlfi_envrcpt function in spamass-milter.cpp in SpamAssassin Milter Plugin 0.3.1, when using the ... | E | |
| CVE-2010-1133 | Multiple SQL injection vulnerabilities in TikiWiki CMS/Groupware 4.x before 4.2 allow remote attacke... | E S | |
| CVE-2010-1134 | SQL injection vulnerability in the _find function in searchlib.php in TikiWiki CMS/Groupware 3.x bef... | S | |
| CVE-2010-1135 | The user_logout function in TikiWiki CMS/Groupware 4.x before 4.2 does not properly delete user logi... | E S | |
| CVE-2010-1136 | The Standard Remember method in TikiWiki CMS/Groupware 3.x before 3.5 allows remote attackers to byp... | | |
| CVE-2010-1137 | Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMwa... | S | |
| CVE-2010-1138 | The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation... | S | |
| CVE-2010-1139 | Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 ... | S | |
| CVE-2010-1140 | The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0... | S | |
| CVE-2010-1141 | VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4... | S | |
| CVE-2010-1142 | VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4... | S | |
| CVE-2010-1143 | Cross-site scripting (XSS) vulnerability in VMware View (formerly Virtual Desktop Manager or VDM) 3.... | S | |
| CVE-2010-1144 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-0751, CVE-2010-1277. Reaso... | R | |
| CVE-2010-1145 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-4498. Reason: This candida... | R | |
| CVE-2010-1146 | The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or ... | E S | |
| CVE-2010-1147 | Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows r... | E | |
| CVE-2010-1148 | The cifs_create function in fs/cifs/dir.c in the Linux kernel 2.6.33.2 and earlier allows local user... | E S | |
| CVE-2010-1149 | probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to ud... | | |
| CVE-2010-1150 | MediaWiki before 1.15.3, and 1.6.x before 1.16.0beta2, does not properly handle a correctly authenti... | E S | |
| CVE-2010-1151 | Race condition in the mod_auth_shadow module for the Apache HTTP Server allows remote attackers to b... | S | |
| CVE-2010-1152 | memcached.c in memcached before 1.4.3 allows remote attackers to cause a denial of service (daemon h... | E S | |
| CVE-2010-1153 | PHP remote file inclusion vulnerability in the autoloader in TYPO3 4.3.x before 4.3.3 allows remote ... | | |
| CVE-2010-1154 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2010-1155 | Irssi before 0.8.15, when SSL is used, does not verify that the server hostname matches a domain nam... | S | |
| CVE-2010-1156 | core/nicklist.c in Irssi before 0.8.15 allows remote attackers to cause a denial of service (NULL po... | S | |
| CVE-2010-1157 | Apache Tomcat 5.5.0 through 5.5.29 and 6.0.0 through 6.0.26 might allow remote attackers to discover... | S | |
| CVE-2010-1158 | Integer overflow in the regular expression engine in Perl 5.8.x allows context-dependent attackers t... | E | |
| CVE-2010-1159 | Multiple heap-based buffer overflows in Aircrack-ng before 1.1 allow remote attackers to cause a den... | | |
| CVE-2010-1160 | GNU nano before 2.2.4 does not verify whether a file has been changed before it is overwritten in a ... | | |
| CVE-2010-1161 | Race condition in GNU nano before 2.2.4, when run by root to edit a file that is not owned by root, ... | | |
| CVE-2010-1162 | The release_one_tty function in drivers/char/tty_io.c in the Linux kernel before 2.6.34-rc4 omits ce... | | |
| CVE-2010-1163 | The command matching functionality in sudo 1.6.8 through 1.7.2p5 does not properly handle when a fil... | | |
| CVE-2010-1164 | Multiple cross-site scripting (XSS) vulnerabilities in Atlassian JIRA 3.12 through 4.1 allow remote ... | S | |
| CVE-2010-1165 | Atlassian JIRA 3.12 through 4.1 allows remote authenticated administrators to execute arbitrary code... | S | |
| CVE-2010-1166 | The fbComposite function in fbpict.c in the Render extension in the X server in X.Org X11R7.1 allows... | E S | |
| CVE-2010-1167 | fetchmail 4.6.3 through 6.3.16, when debug mode is enabled, does not properly handle invalid charact... | S | |
| CVE-2010-1168 | The Safe (aka Safe.pm) module before 2.25 for Perl allows context-dependent attackers to bypass inte... | | |
| CVE-2010-1169 | PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.... | S | |
| CVE-2010-1170 | The PL/Tcl implementation in PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2... | S | |
| CVE-2010-1171 | Red Hat Network (RHN) Satellite 5.3 and 5.4 exposes a dangerous, obsolete XML-RPC API, which allows ... | | |
| CVE-2010-1172 | DBus-GLib 0.73 disregards the access flag of exported GObject properties, which allows local users t... | | |
| CVE-2010-1173 | The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and ear... | E S | |
| CVE-2010-1174 | Cisco TFTP Server 1.1 allows remote attackers to cause a denial of service (daemon crash) via a craf... | E | |
| CVE-2010-1175 | Microsoft Internet Explorer 7.0 on Windows XP and Windows Server 2003 allows remote attackers to hav... | | |
| CVE-2010-1176 | Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service ... | E | |
| CVE-2010-1177 | Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service ... | E | |
| CVE-2010-1178 | Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service ... | E | |
| CVE-2010-1179 | Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service ... | E | |
| CVE-2010-1180 | Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service ... | E | |
| CVE-2010-1181 | Safari on Apple iPhone OS 3.1.3 for iPod touch allows remote attackers to cause a denial of service ... | E | |
| CVE-2010-1182 | Multiple unspecified vulnerabilities in the administrative console in IBM WebSphere Application Serv... | | |
| CVE-2010-1183 | Certain patch-installation scripts in Oracle Solaris allow local users to append data to arbitrary f... | | |
| CVE-2010-1184 | The Microsoft wireless keyboard uses XOR encryption with a key derived from the MAC address, which m... | E | |
| CVE-2010-1185 | Stack-based buffer overflow in serv.exe in SAP MaxDB 7.4.3.32, and 7.6.0.37 through 7.6.06 allows re... | E | |
| CVE-2010-1186 | Cross-site scripting (XSS) vulnerability in xml/media-rss.php in the NextGEN Gallery plugin before 1... | E S | |
| CVE-2010-1187 | The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through ... | | |
| CVE-2010-1188 | Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel 2.6 before 2.6.20, when IPV... | S | |
| CVE-2010-1189 | MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in... | S | |
| CVE-2010-1190 | thumb.php in MediaWiki before 1.15.2, when used with access-restriction mechanisms such as img_auth.... | S | |
| CVE-2010-1191 | Sahana disaster management system 0.6.2.2, and possibly other versions, allows remote attackers to b... | | |
| CVE-2010-1192 | libESMTP, probably 1.0.4 and earlier, does not properly handle a '\0' character in a domain name in ... | | |
| CVE-2010-1193 | Cross-site scripting (XSS) vulnerability in WebAccess in VMware Server 2.0 allows remote attackers t... | S | |
| CVE-2010-1194 | The match_component function in smtp-tls.c in libESMTP 1.0.3.r1, and possibly other versions includi... | S | |
| CVE-2010-1195 | Cross-site scripting (XSS) vulnerability in the htmlscrubber component in ikiwiki 2.x before 2.53.5 ... | | |
| CVE-2010-1196 | Integer overflow in the nsGenericDOMDataNode::SetTextInternal function in Mozilla Firefox 3.5.x befo... | | |
| CVE-2010-1197 | Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaMonkey before 2.0.5, does not pro... | | |
| CVE-2010-1198 | Use-after-free vulnerability in Mozilla Firefox 3.5.x before 3.5.10 and 3.6.x before 3.6.4, and SeaM... | | |
| CVE-2010-1199 | Integer overflow in the XSLT node sorting implementation in Mozilla Firefox 3.5.x before 3.5.10 and ... | E | |
| CVE-2010-1200 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.10 an... | | |
| CVE-2010-1201 | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.10, Thunderbird ... | E | |
| CVE-2010-1202 | Multiple unspecified vulnerabilities in the JavaScript engine in Mozilla Firefox 3.5.x before 3.5.10... | | |
| CVE-2010-1203 | The JavaScript engine in Mozilla Firefox 3.6.x before 3.6.4 allow remote attackers to cause a denial... | | |
| CVE-2010-1204 | Search.pm in Bugzilla 2.17.1 through 3.2.6, 3.3.1 through 3.4.6, 3.5.1 through 3.6, and 3.7 allows r... | | |
| CVE-2010-1205 | Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive... | E S | |
| CVE-2010-1206 | The startDocumentLoad function in browser/base/content/browser.js in Mozilla Firefox 3.5.x before 3.... | E S | |
| CVE-2010-1207 | Mozilla Firefox before 3.6.7 and Thunderbird before 3.1.1 do not properly implement read restriction... | | |
| CVE-2010-1208 | Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Moz... | S | |
| CVE-2010-1209 | Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.... | | |
| CVE-2010-1210 | intl/uconv/util/nsUnicodeDecodeHelper.cpp in Mozilla Firefox before 3.6.7 and Thunderbird before 3.1... | | |
| CVE-2010-1211 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.11 an... | | |
| CVE-2010-1212 | js/src/jstracer.cpp in the browser engine in Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.... | | |
| CVE-2010-1213 | The importScripts Web Worker method in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, T... | | |
| CVE-2010-1214 | Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before... | | |
| CVE-2010-1215 | Mozilla Firefox 3.6.x before 3.6.7 and Thunderbird 3.1.x before 3.1.1 do not properly implement acce... | | |
| CVE-2010-1216 | PHP remote file inclusion vulnerability in templates/template.php in notsoPureEdit 1.4.1 and earlier... | E | |
| CVE-2010-1217 | Directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when ... | E | |
| CVE-2010-1218 | Cross-site scripting (XSS) vulnerability in the mm_forum extension 1.8.2 and earlier for TYPO3 allow... | S | |
| CVE-2010-1219 | Directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remot... | E | |
| CVE-2010-1221 | CA XOsoft r12.0 and r12.5 does not properly perform authentication, which allows remote attackers to... | S | |
| CVE-2010-1222 | CA XOsoft r12.5 does not properly perform authentication, which allows remote attackers to obtain po... | S | |
| CVE-2010-1223 | Multiple buffer overflows in CA XOsoft r12.0 and r12.5 allow remote attackers to execute arbitrary c... | S | |
| CVE-2010-1224 | main/acl.c in Asterisk Open Source 1.6.0.x before 1.6.0.25, 1.6.1.x before 1.6.1.17, and 1.6.2.x bef... | S | |
| CVE-2010-1225 | The memory-management implementation in the Virtual Machine Monitor (aka VMM or hypervisor) in Micro... | E | |
| CVE-2010-1226 | The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS al... | E | |
| CVE-2010-1227 | Cross-site scripting (XSS) vulnerability in Sun Java System Communications Express 6.2 and 6.3 allow... | | |
| CVE-2010-1228 | Multiple race conditions in the sandbox infrastructure in Google Chrome before 4.1.249.1036 have uns... | | |
| CVE-2010-1229 | The sandbox infrastructure in Google Chrome before 4.1.249.1036 does not properly use pointers, whic... | | |
| CVE-2010-1230 | Google Chrome before 4.1.249.1036 does not have the expected behavior for attempts to delete Web SQL... | | |
| CVE-2010-1231 | Google Chrome before 4.1.249.1036 processes HTTP headers before invoking the SafeBrowsing feature, w... | | |
| CVE-2010-1232 | Google Chrome before 4.1.249.1036 allows remote attackers to cause a denial of service (memory error... | | |
| CVE-2010-1233 | Multiple integer overflows in Google Chrome before 4.1.249.1036 allow remote attackers to have an un... | E | |
| CVE-2010-1234 | Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to truncate t... | E | |
| CVE-2010-1235 | Unspecified vulnerability in Google Chrome before 4.1.249.1036 allows remote attackers to trigger th... | E | |
| CVE-2010-1236 | The protocolIs function in platform/KURLGoogle.cpp in WebCore in WebKit before r55822, as used in Go... | E | |
| CVE-2010-1237 | Google Chrome 4.1 BETA before 4.1.249.1036 allows remote attackers to cause a denial of service (mem... | | |
| CVE-2010-1238 | MoinMoin 1.7.1 allows remote attackers to bypass the textcha protection mechanism by modifying the t... | | |
| CVE-2010-1239 | Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a... | E S | |
| CVE-2010-1240 | Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, do not rest... | E | |
| CVE-2010-1241 | Heap-based buffer overflow in the custom heap management system in Adobe Reader and Acrobat 9.x befo... | E | |
| CVE-2010-1242 | Multiple cross-site scripting (XSS) vulnerabilities in the IBM Web Interface for Content Management ... | S | |
| CVE-2010-1243 | The IBM Web Interface for Content Management (aka WEBi) before 1.0.4 creates persistent cookies on c... | S | |
| CVE-2010-1244 | Cross-site request forgery (CSRF) vulnerability in createDestination.action in Apache ActiveMQ befor... | E S | |
| CVE-2010-1245 | Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for M... | | |
| CVE-2010-1246 | Stack-based buffer overflow in Microsoft Office Excel 2002 SP3 allows remote attackers to execute ar... | | |
| CVE-2010-1247 | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbi... | | |
| CVE-2010-1248 | Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers t... | | |
| CVE-2010-1249 | Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Op... | | |
| CVE-2010-1250 | Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for ... | | |
| CVE-2010-1251 | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote a... | | |
| CVE-2010-1252 | Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote a... | | |
| CVE-2010-1253 | Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open X... | | |
| CVE-2010-1254 | The installation for Microsoft Open XML File Format Converter for Mac sets insecure ACLs for the /Ap... | | |
| CVE-2010-1255 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server ... | | |
| CVE-2010-1256 | Unspecified vulnerability in Microsoft IIS 6.0, 7.0, and 7.5, when Extended Protection for Authentic... | | |
| CVE-2010-1257 | Cross-site scripting (XSS) vulnerability in the toStaticHTML API, as used in Microsoft Office InfoPa... | | |
| CVE-2010-1258 | Microsoft Internet Explorer 6, 7, and 8 does not properly determine the origin of script code, which... | | |
| CVE-2010-1259 | Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary cod... | | |
| CVE-2010-1260 | The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted re... | | |
| CVE-2010-1261 | The IE8 Developer Toolbar in Microsoft Internet Explorer 8 SP1, SP2, and SP3 allows user-assisted re... | | |
| CVE-2010-1262 | Microsoft Internet Explorer 6 SP1 and SP2, 7, and 8 allows remote attackers to execute arbitrary cod... | | |
| CVE-2010-1263 | Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vist... | | |
| CVE-2010-1264 | Unspecified vulnerability in Microsoft Windows SharePoint Services 3.0 SP1 and SP2 allows remote att... | | |
| CVE-2010-1265 | SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attacker... | E | |
| CVE-2010-1266 | Multiple PHP remote file inclusion vulnerabilities in WebMaid CMS 0.2-6 Beta and earlier allow remot... | E | |
| CVE-2010-1267 | Multiple directory traversal vulnerabilities in WebMaid CMS 0.2-6 Beta and earlier allow remote atta... | E | |
| CVE-2010-1268 | Directory traversal vulnerability in index.php in justVisual CMS 2.0, when magic_quotes_gpc is disab... | E | |
| CVE-2010-1269 | SQL injection vulnerability in auktion.php in phpscripte24 Niedrig Gebote Pro Auktions System II all... | E | |
| CVE-2010-1270 | SQL injection vulnerability in auktion.php in Multi Auktions Komplett System 2 allows remote attacke... | E | |
| CVE-2010-1271 | SQL injection vulnerability in showplugs.php in smartplugs 1.3 allows remote attackers to execute ar... | E | |
| CVE-2010-1272 | PHP remote file inclusion vulnerability in includes/tgpinc.php in Gnat-TGP 1.2.20 and earlier allows... | E | |
| CVE-2010-1273 | Emweb Wt before 3.1.1 does not validate the UTF-8 encoding of (1) form values and (2) JSignal argume... | S | |
| CVE-2010-1274 | Cross-site scripting (XSS) vulnerability in Emweb Wt before 3.1.1 allows remote attackers to inject ... | | |
| CVE-2010-1275 | Cross-site scripting (XSS) vulnerability in ShowPost.asp in BBSXP 2008 allows remote attackers to in... | E | |
| CVE-2010-1276 | Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2 allow remote attackers to inje... | | |
| CVE-2010-1277 | SQL injection vulnerability in the user.authenticate method in the API in Zabbix 1.8 before 1.8.2 al... | E S | |
| CVE-2010-1278 | Buffer overflow in the Atlcom.get_atlcom ActiveX control in gp.ocx in Adobe Download Manager, as use... | S | |
| CVE-2010-1279 | Multiple unspecified vulnerabilities in Adobe Photoshop CS4 11.x before 11.0.1 allow user-assisted r... | S | |
| CVE-2010-1280 | Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause ... | E S | |
| CVE-2010-1281 | iml32.dll in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file ... | S | |
| CVE-2010-1282 | Adobe Shockwave Player before 11.5.7.609 allows remote attackers to cause a denial of service (infin... | S | |
| CVE-2010-1283 | Adobe Shockwave Player before 11.5.7.609 does not properly parse 3D objects in .dir (aka Director) f... | S | |
| CVE-2010-1284 | Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corru... | S | |
| CVE-2010-1285 | Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attac... | S | |
| CVE-2010-1286 | Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corru... | S | |
| CVE-2010-1287 | Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corru... | S | |
| CVE-2010-1288 | Buffer overflow in Adobe Shockwave Player before 11.5.7.609 might allow attackers to execute arbitra... | S | |
| CVE-2010-1289 | Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corru... | S | |
| CVE-2010-1290 | Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corru... | S | |
| CVE-2010-1291 | Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corru... | S | |
| CVE-2010-1292 | The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not v... | S | |
| CVE-2010-1293 | Cross-site scripting (XSS) vulnerability in the Administrator page in Adobe ColdFusion 8.0, 8.0.1, a... | S | |
| CVE-2010-1294 | Unspecified vulnerability in Adobe ColdFusion 8.0, 8.0.1, and 9.0 allows local users to obtain sensi... | S | |
| CVE-2010-1295 | Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attac... | S | |
| CVE-2010-1296 | Multiple buffer overflows in Adobe Photoshop CS4 before 11.0.2 allow user-assisted remote attackers ... | E S | |
| CVE-2010-1297 | Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Ad... | KEV E | |
| CVE-2010-1298 | Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to read arb... | | |
| CVE-2010-1299 | Multiple PHP remote file inclusion vulnerabilities in DynPG CMS 4.1.0, and possibly earlier, when ma... | E | |
| CVE-2010-1300 | SQL injection vulnerability in index.php in Yamamah (aka Dove Photo Album) 1.00 allows remote attack... | E | |
| CVE-2010-1301 | SQL injection vulnerability in main.php in Centreon 2.1.5 allows remote attackers to execute arbitra... | E | |
| CVE-2010-1302 | Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) compone... | E | |
| CVE-2010-1303 | Multiple cross-site scripting (XSS) vulnerabilities in the Taxonomy Filter module 6.x before 6.x-1.1... | S | |
| CVE-2010-1304 | Directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.... | E | |
| CVE-2010-1305 | Directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.2... | E S | |
| CVE-2010-1306 | Directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joom... | E | |
| CVE-2010-1307 | Directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! all... | E | |
| CVE-2010-1308 | Directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote... | E | |
| CVE-2010-1309 | Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) 0.6 BETA2 allows remote attacker... | E | |
| CVE-2010-1310 | Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, whi... | | |
| CVE-2010-1311 | The qtm_decompress function in libclamav/mspack.c in ClamAV before 0.96 allows remote attackers to c... | S | |
| CVE-2010-1312 | Directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for J... | E | |
| CVE-2010-1313 | Directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 ... | E | |
| CVE-2010-1314 | Directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joo... | E | |
| CVE-2010-1315 | Directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) c... | E | |
| CVE-2010-1316 | Multiple stack-based buffer overflows in Tembria Server Monitor before 5.6.1 allow remote attackers ... | | |
| CVE-2010-1317 | Heap-based buffer overflow in the NTLM authentication functionality in RealNetworks Helix Server and... | | |
| CVE-2010-1318 | Stack-based buffer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in Re... | | |
| CVE-2010-1319 | Integer overflow in the AgentX::receive_agentx function in AgentX++ 1.4.16, as used in RealNetworks ... | | |
| CVE-2010-1320 | Double free vulnerability in do_tgs_req.c in the Key Distribution Center (KDC) in MIT Kerberos 5 (ak... | E | |
| CVE-2010-1321 | The kg_accept_krb5 function in krb5/accept_sec_context.c in the GSS-API library in MIT Kerberos 5 (a... | S | |
| CVE-2010-1322 | The merge_authdata function in kdc_authdata.c in the Key Distribution Center (KDC) in MIT Kerberos 5... | S | |
| CVE-2010-1323 | MIT Kerberos 5 (aka krb5) 1.3.x, 1.4.x, 1.5.x, 1.6.x, 1.7.x, and 1.8.x through 1.8.3 does not proper... | S | |
| CVE-2010-1324 | MIT Kerberos 5 (aka krb5) 1.7.x and 1.8.x through 1.8.3 does not properly determine the acceptabilit... | S | |
| CVE-2010-1325 | Cross-site request forgery (CSRF) vulnerability in the apache2-slms package in SUSE Lifecycle Manage... | | |
| CVE-2010-1326 | perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 befo... | | |
| CVE-2010-1327 | Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to e... | E | |
| CVE-2010-1328 | Multiple cross-site scripting (XSS) vulnerabilities in TornadoStore 1.4.3 and earlier allow remote a... | E | |
| CVE-2010-1329 | Imperva SecureSphere Web Application Firewall and Database Firewall 5.0.0.5082 through 7.0.0.7078 al... | S | |
| CVE-2010-1330 | The regular expression engine in JRuby before 1.4.1, when $KCODE is set to 'u', does not properly ha... | E S | |
| CVE-2010-1331 | SQL injection vulnerability in Heartlogic HL-SiteManager allows remote attackers to execute arbitrar... | | |
| CVE-2010-1332 | Cross-site scripting (XSS) vulnerability in PrettyBook PrettyFormMail allows remote attackers to inj... | | |
| CVE-2010-1333 | Multiple cross-site scripting (XSS) vulnerabilities in Almas Inc. Compiere J300_A02 and earlier allo... | S | |
| CVE-2010-1334 | Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.4 allows remote authenticated users to... | | |
| CVE-2010-1335 | Multiple PHP remote file inclusion vulnerabilities in Insky CMS 006-0111, when register_globals is e... | E | |
| CVE-2010-1336 | Multiple SQL injection vulnerabilities in INVOhost 3.4 allow remote attackers to execute arbitrary S... | E | |
| CVE-2010-1337 | Multiple PHP remote file inclusion vulnerabilities in definitions.php in Lussumo Vanilla 1.1.10, and... | E | |
| CVE-2010-1338 | SQL injection vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab ... | E | |
| CVE-2010-1339 | Cross-site scripting (XSS) vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier... | | |
| CVE-2010-1340 | Directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for J... | E | |
| CVE-2010-1341 | SQL injection vulnerability in index.php in Systemsoftware Community Black Forum allows remote attac... | E | |
| CVE-2010-1342 | Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10.2, when register_globals is e... | E | |
| CVE-2010-1343 | SQL injection vulnerability in photo.php in SiteX 0.7.4 beta allows remote attackers to execute arbi... | E | |
| CVE-2010-1344 | SQL injection vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! a... | E S | |
| CVE-2010-1345 | Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joo... | E | |
| CVE-2010-1346 | SQL injection vulnerability in admin/login.php in Mini CMS RibaFS 1.0, when magic_quotes_gpc is disa... | E | |
| CVE-2010-1347 | Director Agent 6.1 before 6.1.2.3 in IBM Systems Director on AIX and Linux uses incorrect permission... | | |
| CVE-2010-1348 | Unspecified vulnerability in the login process in IBM WebSphere Portal 6.0.1.1, and 6.1.0.x before 6... | S | |
| CVE-2010-1349 | Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via ... | E S | |
| CVE-2010-1350 | SQL injection vulnerability in the JP Jobs (com_jp_jobs) component 1.4.1 and earlier for Joomla! all... | E S | |
| CVE-2010-1351 | Multiple PHP remote file inclusion vulnerabilities in Nodesforum 1.033 and 1.045, when register_glob... | E | |
| CVE-2010-1352 | Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Jo... | E | |
| CVE-2010-1353 | Directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows re... | E | |
| CVE-2010-1354 | Directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allow... | E | |
| CVE-2010-1355 | Cross-site scripting (XSS) vulnerability on the TANDBERG Video Communication Server (VCS) before X5.... | | |
| CVE-2010-1356 | Unspecified vulnerability on the TANDBERG Video Communication Server (VCS) before X5.0 allows remote... | | |
| CVE-2010-1357 | Cross-site scripting (XSS) vulnerability in editors/logindialogue.php in SBD Directory Software 4.0 ... | E | |
| CVE-2010-1358 | Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 an... | S | |
| CVE-2010-1359 | SQL injection vulnerability in bluegate_seo.inc.php in the Direct URL module for xt:Commerce, when m... | | |
| CVE-2010-1360 | Multiple PHP remote file inclusion vulnerabilities in FAQEngine 4.24.00 allow remote attackers to ex... | E | |
| CVE-2010-1361 | Cross-site scripting (XSS) vulnerability in shop/USER_ARTIKEL_HANDLING_AUFRUF.php in PHPepperShop 2.... | E S | |
| CVE-2010-1362 | Cross-site scripting (XSS) vulnerability in the Own Term module 6.x-1.0 for Drupal allows remote aut... | S | |
| CVE-2010-1363 | SQL injection vulnerability in the JProjects (com_j-projects) component for Joomla! allows remote at... | E | |
| CVE-2010-1364 | SQL injection vulnerability in index.php in Uiga Personal Portal, as downloaded on 20100301, allows ... | E | |
| CVE-2010-1365 | SQL injection vulnerability in index.php in Uiga Fan Club, as downloaded on 20100310, allows remote ... | E | |
| CVE-2010-1366 | Multiple SQL injection vulnerabilities in admin/admin_login.php in Uiga Fan Club 1.0 and earlier all... | E | |
| CVE-2010-1367 | Multiple cross-site scripting (XSS) vulnerabilities in admin/admin_login.php in Uiga Fan Club, as do... | | |
| CVE-2010-1368 | SQL injection vulnerability in index.php in GameScript (GS) 3.0 allows remote attackers to execute a... | E | |
| CVE-2010-1369 | SQL injection vulnerability in signup.asp in Pre Classified Listings ASP allows remote attackers to ... | E | |
| CVE-2010-1370 | SQL injection vulnerability in detailad.asp in Pre Classified Listings ASP allows remote attackers t... | E | |
| CVE-2010-1371 | Cross-site scripting (XSS) vulnerability in signup.asp in Pre Classified Listings ASP allows remote ... | E | |
| CVE-2010-1372 | SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows ... | E | |
| CVE-2010-1373 | Cross-site scripting (XSS) vulnerability in Help Viewer in Apple Mac OS X 10.6 before 10.6.4 allows ... | S | |
| CVE-2010-1374 | Directory traversal vulnerability in iChat in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, when AI... | S | |
| CVE-2010-1375 | NetAuthSysAgent in Network Authorization in Apple Mac OS X 10.5.8 does not have the expected authori... | S | |
| CVE-2010-1376 | Multiple format string vulnerabilities in Network Authorization in Apple Mac OS X 10.6 before 10.6.4... | S | |
| CVE-2010-1377 | Open Directory in Apple Mac OS X 10.6 before 10.6.4 creates an unencrypted connection upon certain S... | S | |
| CVE-2010-1378 | OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows re... | S | |
| CVE-2010-1379 | Printer Setup in Apple Mac OS X 10.6 before 10.6.4 does not properly interpret character encoding, w... | S | |
| CVE-2010-1380 | Integer overflow in the cgtexttops CUPS filter in Printing in Apple Mac OS X 10.6 before 10.6.4 allo... | S | |
| CVE-2010-1381 | The default configuration of SMB File Server in Apple Mac OS X 10.5.8, and 10.6 before 10.6.4, enabl... | S | |
| CVE-2010-1382 | Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8, and 10.6 before 10... | S | |
| CVE-2010-1383 | CFNetwork in Apple Safari before 5.0.6 on Windows allows remote web servers to execute arbitrary cod... | S | |
| CVE-2010-1384 | Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac OS X 10.4, ... | S | |
| CVE-2010-1385 | Use-after-free vulnerability in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, a... | S | |
| CVE-2010-1386 | page/Geolocation.cpp in WebCore in WebKit before r56188 and before 1.2.5 does not properly restrict ... | | |
| CVE-2010-1387 | Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and ... | | |
| CVE-2010-1388 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6, and before 4.1 on Mac OS X 10.4, do... | S | |
| CVE-2010-1389 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 throu... | S | |
| CVE-2010-1390 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 throu... | S | |
| CVE-2010-1391 | Multiple directory traversal vulnerabilities in the (a) Local Storage and (b) Web SQL database imple... | S | |
| CVE-2010-1392 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1393 | The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.... | S | |
| CVE-2010-1394 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 throu... | S | |
| CVE-2010-1395 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 throu... | S | |
| CVE-2010-1396 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1397 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1398 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1399 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1400 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1401 | Use-after-free vulnerability in the Cascading Style Sheets (CSS) implementation in WebKit in Apple S... | S | |
| CVE-2010-1402 | Double free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Win... | S | |
| CVE-2010-1403 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1404 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1405 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1406 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1407 | WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.re... | | |
| CVE-2010-1408 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1409 | Incomplete blacklist vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.... | S | |
| CVE-2010-1410 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1411 | Multiple integer overflows in the Fax3SetupState function in tif_fax3.c in the FAX3 decoder in LibTI... | S | |
| CVE-2010-1412 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1413 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1414 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1415 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1416 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1417 | The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10.... | S | |
| CVE-2010-1418 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 throu... | S | |
| CVE-2010-1419 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1420 | Cross-site scripting (XSS) vulnerability in CFNetwork in Apple Safari before 5.0.6 allows remote att... | S | |
| CVE-2010-1421 | The execCommand JavaScript function in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10... | S | |
| CVE-2010-1422 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1423 | Argument injection vulnerability in the URI handler in (a) Java NPAPI plugin and (b) Java Deployment... | E S | |
| CVE-2010-1424 | Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government 2006 through 2010 allows u... | S | |
| CVE-2010-1425 | F-Secure Internet Security 2010 and earlier; Anti-Virus for Microsoft Exchange 9 and earlier, and fo... | S | |
| CVE-2010-1426 | SQL injection vulnerability in MODx Evolution before 1.0.3 allows remote attackers to execute arbitr... | S | |
| CVE-2010-1427 | Cross-site scripting (XSS) vulnerability in the SearchHighlight plugin in MODx Evolution before 1.0.... | S | |
| CVE-2010-1428 | The Web Console (aka web-console) in JBossAs in Red Hat JBoss Enterprise Application Platform (aka J... | KEV E | |
| CVE-2010-1429 | Red Hat JBoss Enterprise Application Platform (aka JBoss EAP or JBEAP) 4.2 before 4.2.0.CP09 and 4.3... | E | |
| CVE-2010-1430 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2010-1431 | SQL injection vulnerability in templates_export.php in Cacti 0.8.7e and earlier allows remote attack... | S | |
| CVE-2010-1432 | Joomla! Core is prone to an information disclosure vulnerability. Attackers can exploit this issue t... | | |
| CVE-2010-1433 | Joomla! Core is prone to a vulnerability that lets attackers upload arbitrary files because the appl... | | |
| CVE-2010-1434 | Joomla! Core is prone to a session fixation vulnerability. An attacker may leverage this issue to hi... | | |
| CVE-2010-1435 | Joomla! Core is prone to a security bypass vulnerability. Exploiting this issue may allow attackers ... | | |
| CVE-2010-1436 | gfs2 in the Linux kernel 2.6.18, and possibly other versions, does not properly handle when the gfs2... | E | |
| CVE-2010-1437 | Race condition in the find_keyring_by_name function in security/keys/keyring.c in the Linux kernel 2... | E S | |
| CVE-2010-1438 | Web Application Finger Printer (WAFP) 0.01-26c3 uses fixed pathnames under /tmp for temporary files ... | | |
| CVE-2010-1439 | yum-rhn-plugin in Red Hat Network Client Tools (aka rhn-client-tools) on Red Hat Enterprise Linux (R... | | |
| CVE-2010-1440 | Multiple integer overflows in dvipsk/dospecial.c in dvips in TeX Live 2009 and earlier, and teTeX, a... | | |
| CVE-2010-1441 | Multiple heap-based buffer overflows in VideoLAN VLC media player before 1.0.6 allow remote attacker... | | |
| CVE-2010-1442 | VideoLAN VLC media player before 1.0.6 allows remote attackers to cause a denial of service (invalid... | | |
| CVE-2010-1443 | The parse_track_node function in modules/demux/playlist/xspf.c in the XSPF playlist parser in VideoL... | | |
| CVE-2010-1444 | The ZIP archive decompressor in VideoLAN VLC media player before 1.0.6 allows remote attackers to ca... | | |
| CVE-2010-1445 | Heap-based buffer overflow in VideoLAN VLC media player before 1.0.6 allows remote attackers to caus... | | |
| CVE-2010-1446 | arch/powerpc/mm/fsl_booke_mmu.c in KGDB in the Linux kernel 2.6.30 and other versions before 2.6.33,... | S | |
| CVE-2010-1447 | The Safe (aka Safe.pm) module 2.26, and certain earlier versions, for Perl, as used in PostgreSQL 7.... | S | |
| CVE-2010-1448 | Cross-site scripting (XSS) vulnerability in lib/LXR/Common.pm in LXR Cross Referencer before 0.9.8 a... | S | |
| CVE-2010-1449 | Integer overflow in rgbimgmodule.c in the rgbimg module in Python 2.5 allows remote attackers to hav... | S | |
| CVE-2010-1450 | Multiple buffer overflows in the RLE decoder in the rgbimg module in Python 2.5 allow remote attacke... | S | |
| CVE-2010-1451 | The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on th... | E S | |
| CVE-2010-1452 | The (1) mod_cache and (2) mod_dav modules in the Apache HTTP Server 2.2.x before 2.2.16 allow remote... | S | |
| CVE-2010-1453 | Cross-site scripting (XSS) vulnerability in the Login form in Piwik 0.1.6 through 0.5.5 allows remot... | S | |
| CVE-2010-1454 | com.springsource.tcserver.serviceability.rmi.JmxSocketListener in VMware SpringSource tc Server Runt... | | |
| CVE-2010-1455 | The DOCSIS dissector in Wireshark 0.9.6 through 1.0.12 and 1.2.0 through 1.2.7 allows user-assisted ... | S | |
| CVE-2010-1456 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1455. Reason: This candida... | R | |
| CVE-2010-1457 | Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 allows local users to read arbitrary files vi... | E S | |
| CVE-2010-1458 | Stack-based buffer overflow in Create and Extract Zips TweakFS Zip Utility 1.0 for Flight Simulator ... | E | |
| CVE-2010-1459 | The default configuration of ASP.NET in Mono before 2.6.4 has a value of FALSE for the EnableViewSta... | | |
| CVE-2010-1460 | The IBM BladeCenter with Advanced Management Module (AMM) firmware before bpet50g does not properly ... | E S | |
| CVE-2010-1461 | Directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! ... | E | |
| CVE-2010-1462 | Directory traversal vulnerability in WebAsyst Shop-Script FREE has unknown impact and attack vectors... | | |
| CVE-2010-1463 | Multiple SQL injection vulnerabilities in WebAsyst Shop-Script FREE allow attackers to execute arbit... | | |
| CVE-2010-1464 | Multiple cross-site scripting (XSS) vulnerabilities in WebAsyst Shop-Script FREE allow remote attack... | | |
| CVE-2010-1465 | Stack-based buffer overflow in Trellian FTP client 3.01, including 3.1.3.1789, allows remote attacke... | E | |
| CVE-2010-1466 | Directory traversal vulnerability in scr/soustab.php in openUrgence Vaccin 1.03 allows remote attack... | E | |
| CVE-2010-1467 | Multiple PHP remote file inclusion vulnerabilities in openUrgence Vaccin 1.03 allow remote attackers... | E | |
| CVE-2010-1468 | SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager (aka MVRMM or com_mv_restaura... | E | |
| CVE-2010-1469 | Directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager)... | E | |
| CVE-2010-1470 | Directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote ... | E | |
| CVE-2010-1471 | Directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! a... | E | |
| CVE-2010-1472 | Directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla!... | E | |
| CVE-2010-1473 | Directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! al... | E | |
| CVE-2010-1474 | Directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla... | E | |
| CVE-2010-1475 | Directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 f... | E | |
| CVE-2010-1476 | Directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for J... | E | |
| CVE-2010-1477 | SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joom... | E S | |
| CVE-2010-1478 | Directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1... | E | |
| CVE-2010-1479 | SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote... | E S | |
| CVE-2010-1480 | SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote... | | |
| CVE-2010-1481 | Cross-site scripting (XSS) vulnerability in the table feature in PmWiki 2.2.15 allows remote authent... | E | |
| CVE-2010-1482 | Cross-site scripting (XSS) vulnerability in admin/editprefs.php in the backend in CMS Made Simple (C... | E S | |
| CVE-2010-1486 | Multiple cross-site scripting (XSS) vulnerabilities in _invoice.asp in CactuShop before 6.155 allow ... | | |
| CVE-2010-1487 | IBM Lotus Notes 7.0, 8.0, and 8.5 stores administrative credentials in cleartext in SURunAs.exe, whi... | | |
| CVE-2010-1488 | The proc_oom_score function in fs/proc/base.c in the Linux kernel before 2.6.34-rc4 uses inappropria... | | |
| CVE-2010-1489 | The XSS Filter in Microsoft Internet Explorer 8 does not properly perform neutering for the SCRIPT t... | E | |
| CVE-2010-1490 | Unspecified vulnerability in IBM Cognos 8 Business Intelligence before 8.4.1 FP1 has unknown impact ... | | |
| CVE-2010-1491 | Directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows r... | E | |
| CVE-2010-1492 | Directory traversal vulnerability in help/frameRight.php in Elastix 1.6.0 allows remote attackers to... | | |
| CVE-2010-1493 | SQL injection vulnerability in the AWDwall (com_awdwall) component before 1.5.5 for Joomla! allows r... | E | |
| CVE-2010-1494 | Directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows re... | E | |
| CVE-2010-1495 | Directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows rem... | E | |
| CVE-2010-1496 | SQL injection vulnerability in the JoltCard (com_joltcard) component 1.2.1 for Joomla! allows remote... | E | |
| CVE-2010-1497 | Cross-site scripting (XSS) vulnerability in download_proc.php in dl_stats before 2.0 allows remote a... | E | |
| CVE-2010-1498 | Multiple SQL injection vulnerabilities in dl_stats before 2.0 allow remote attackers to execute arbi... | E | |
| CVE-2010-1499 | SQL injection vulnerability in genre_artists.php in MusicBox 3.3 allows remote attackers to execute ... | E | |
| CVE-2010-1500 | Google Chrome before 4.1.249.1059 does not properly support forms, which has unknown impact and atta... | | |
| CVE-2010-1501 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1767. Reason: This candida... | R | |
| CVE-2010-1502 | Unspecified vulnerability in Google Chrome before 4.1.249.1059 allows remote attackers to access loc... | | |
| CVE-2010-1503 | Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attacker... | | |
| CVE-2010-1504 | Cross-site scripting (XSS) vulnerability in Google Chrome before 4.1.249.1059 allows remote attacker... | | |
| CVE-2010-1505 | Google Chrome before 4.1.249.1059 does not prevent pages from loading with the New Tab page's privil... | | |
| CVE-2010-1506 | The Google V8 bindings in Google Chrome before 4.1.249.1059 allow attackers to cause a denial of ser... | | |
| CVE-2010-1507 | WebYaST in yast2-webclient in SUSE Linux Enterprise (SLE) 11 on the WebYaST appliance uses a fixed s... | | |
| CVE-2010-1508 | Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to exe... | S | |
| CVE-2010-1509 | IrfanView before 4.27 does not properly handle an unspecified integer variable during processing of ... | | |
| CVE-2010-1510 | Heap-based buffer overflow in IrfanView before 4.27 allows remote attackers to cause a denial of ser... | | |
| CVE-2010-1511 | KGet 2.4.2 in KDE SC 4.0.0 through 4.4.3 does not properly request download confirmation from the us... | | |
| CVE-2010-1512 | Directory traversal vulnerability in aria2 before 1.9.3 allows remote attackers to create arbitrary ... | S | |
| CVE-2010-1513 | Multiple integer overflows in src/image.c in Ziproxy before 3.0.1 allow remote attackers to execute ... | | |
| CVE-2010-1514 | Unrestricted file upload vulnerability in TomatoCMS 2.0.6 and earlier allows remote authenticated us... | | |
| CVE-2010-1515 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 and earlier allo... | | |
| CVE-2010-1516 | Multiple integer overflows in SWFTools 0.9.1 allow remote attackers to execute arbitrary code via (1... | | |
| CVE-2010-1517 | The GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows remote attackers to (1) download arbitrary pro... | | |
| CVE-2010-1518 | Array index error in the SetDLInfo method in the GIGABYTE Dldrv2 ActiveX control 1.4.206.11 allows r... | | |
| CVE-2010-1519 | Multiple integer overflows in glpng.c in glpng 1.45 allow context-dependent attackers to execute arb... | | |
| CVE-2010-1520 | Cross-site scripting (XSS) vulnerability in logout.php in TaskFreak! Original multi user before 0.6.... | S | |
| CVE-2010-1521 | SQL injection vulnerability in include/classes/tzn_user.php in TaskFreak! Original multi user before... | S | |
| CVE-2010-1522 | Multiple SQL injection vulnerabilities in the BookLibrary Basic (com_booklibrary) component 1.5.3 be... | S | |
| CVE-2010-1523 | Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build... | | |
| CVE-2010-1524 | The SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9, as used in multiple ... | | |
| CVE-2010-1525 | Integer underflow in the SpreadSheet Lotus 123 reader (wkssr.dll) in Autonomy KeyView 10.4 and 10.9,... | | |
| CVE-2010-1526 | Multiple integer overflows in libgdiplus 2.6.7, as used in Mono, allow attackers to execute arbitrar... | | |
| CVE-2010-1527 | Stack-based buffer overflow in Novell iPrint Client before 5.44 allows remote attackers to execute a... | | |
| CVE-2010-1528 | PHP remote file inclusion vulnerability in include/template.php in Uiga Proxy, when register_globals... | E | |
| CVE-2010-1529 | SQL injection vulnerability in the Freestyle FAQs Lite (com_fsf) component, possibly 1.3, for Joomla... | E | |
| CVE-2010-1530 | Multiple cross-site scripting (XSS) vulnerabilities in the Internationalization module 6.x before 6.... | S | |
| CVE-2010-1531 | Directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows re... | E | |
| CVE-2010-1532 | Directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for... | E | |
| CVE-2010-1533 | Directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows re... | E | |
| CVE-2010-1534 | Directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows re... | E | |
| CVE-2010-1535 | Directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! all... | E | |
| CVE-2010-1536 | Cross-site scripting (XSS) vulnerability in the AddThis Button module 5.x before 5.x-2.2 and 6.x bef... | S | |
| CVE-2010-1537 | Multiple directory traversal vulnerabilities in phpCDB 1.0 and earlier allow remote attackers to inc... | E | |
| CVE-2010-1538 | SQL injection vulnerability in print_raincheck.php in phpRAINCHECK 1.0.1 and earlier allows remote a... | E | |
| CVE-2010-1539 | Cross-site scripting (XSS) vulnerability in the Workflow module 5.x-2.x before 5.x-2.6 and 6.x-1.x b... | S | |
| CVE-2010-1540 | Directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joom... | E | |
| CVE-2010-1541 | Multiple cross-site scripting (XSS) vulnerabilities in DFD Cart 1.198, 1.197, and earlier allow remo... | | |
| CVE-2010-1542 | Multiple cross-site request forgery (CSRF) vulnerabilities in admin/configure.php in DFD Cart 1.198,... | | |
| CVE-2010-1543 | Cross-site scripting (XSS) vulnerability in the eTracker module before 6.x-1.2 for Drupal allows rem... | S | |
| CVE-2010-1544 | micro_httpd on the RCA DCM425 cable modem allows remote attackers to cause a denial of service (devi... | E | |
| CVE-2010-1546 | Multiple eval injection vulnerabilities in the import functionality in the Chaos Tool Suite (aka CTo... | S | |
| CVE-2010-1547 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Chaos Tool Suite (aka CTools) modu... | S | |
| CVE-2010-1548 | The auto-complete functionality in the Chaos Tool Suite (aka CTools) module 6.x before 6.x-1.4 for D... | S | |
| CVE-2010-1549 | Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before... | E | |
| CVE-2010-1550 | Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7.01... | | |
| CVE-2010-1551 | Stack-based buffer overflow in the _OVParseLLA function in ov.dll in netmon.exe in Network Monitor i... | | |
| CVE-2010-1552 | Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Man... | | |
| CVE-2010-1553 | Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.5... | | |
| CVE-2010-1554 | Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.5... | E | |
| CVE-2010-1555 | Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.5... | | |
| CVE-2010-1556 | Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 Update 1, and 6.0 allows remo... | | |
| CVE-2010-1557 | Multiple cross-site scripting (XSS) vulnerabilities in HP Insight Control Server Migration before 6.... | | |
| CVE-2010-1558 | Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.... | | |
| CVE-2010-1559 | SQL injection vulnerability in the SermonSpeaker (com_sermonspeaker) component before 3.2.1 for Joom... | | |
| CVE-2010-1560 | Buffer overflow in the REPEAT function in IBM DB2 9.1 before FP9 allows remote authenticated users t... | S | |
| CVE-2010-1561 | The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.7(3)S before 9.7(3)S11 and 9... | S | |
| CVE-2010-1562 | The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.7(3)S before 9.7(3)S9 and 9.... | S | |
| CVE-2010-1563 | The SIP implementation on the Cisco PGW 2200 Softswitch with software 9.7(3)S before 9.7(3)S9 and 9.... | S | |
| CVE-2010-1564 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-1564. Reason: This candidat... | R | |
| CVE-2010-1565 | Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software 9... | S | |
| CVE-2010-1567 | The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.8(1)S5 allows remote ... | S | |
| CVE-2010-1568 | The Send Secure functionality in the Cisco IronPort Desktop Flag Plug-in for Outlook before 6.5.0-00... | | |
| CVE-2010-1570 | The computer telephony integration (CTI) server component in Cisco Unified Contact Center Express (U... | S | |
| CVE-2010-1571 | Directory traversal vulnerability in the bootstrap service in Cisco Unified Contact Center Express (... | S | |
| CVE-2010-1572 | Unspecified vulnerability in the tech support diagnostic shell in Cisco Application Extension Platfo... | S | |
| CVE-2010-1573 | Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemt... | E | |
| CVE-2010-1574 | IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a comm... | | |
| CVE-2010-1575 | The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data t... | E | |
| CVE-2010-1576 | The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Con... | E | |
| CVE-2010-1577 | Directory traversal vulnerability in Cisco Internet Streamer, as used in Cisco Content Delivery Syst... | S | |
| CVE-2010-1578 | Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (AS... | S | |
| CVE-2010-1579 | Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (AS... | S | |
| CVE-2010-1580 | Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (AS... | S | |
| CVE-2010-1581 | Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Sec... | S | |
| CVE-2010-1583 | SQL injection vulnerability in the loadByKey function in the TznDbConnection class in tzn_mysql.php ... | E | |
| CVE-2010-1584 | Cross-site scripting (XSS) vulnerability in the Context module before 6.x-2.0-rc4 for Drupal allows ... | E S | |
| CVE-2010-1585 | The nsIScriptableUnescapeHTML.parseFragment method in the ParanoidFragmentSink protection mechanism ... | E | |
| CVE-2010-1586 | Open redirect vulnerability in red2301.html in HP System Management Homepage (SMH) 2.x.x.x allows re... | E | |
| CVE-2010-1587 | The Jetty ResourceHandler in Apache ActiveMQ 5.x before 5.3.2 and 5.4.x before 5.4.0 allows remote a... | E S | |
| CVE-2010-1588 | SQL injection vulnerability in the Getwebsess function in shopsessionsubs.asp in Rocksalt Internatio... | E | |
| CVE-2010-1589 | Directory traversal vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Shopping C... | E | |
| CVE-2010-1590 | Cross-site scripting (XSS) vulnerability in shopsessionsubs.asp in Rocksalt International VP-ASP Sho... | E | |
| CVE-2010-1591 | Beijing Rising International Rising Antivirus 2008 through 2010 does not properly validate input to ... | E | |
| CVE-2010-1592 | sandra.sys 15.18.1.1 and earlier in the Sandra Device Driver in SiSoftware Sandra 16.10.2010.1 and e... | E | |
| CVE-2010-1593 | Multiple cross-site scripting (XSS) vulnerabilities in SilverStripe before 2.3.5 allow remote attack... | E S | |
| CVE-2010-1594 | Multiple cross-site scripting (XSS) vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02... | E | |
| CVE-2010-1595 | Multiple SQL injection vulnerabilities in ocsreports/index.php in OCS Inventory NG 1.02.1 allow remo... | E | |
| CVE-2010-1596 | Support Incident Tracker before 3.51, when using LDAP authentication with anonymous binds, allows re... | S | |
| CVE-2010-1597 | Stack-based buffer overflow in zgtips.dll in ZipGenius 6.3.1.2552 allows user-assisted remote attack... | E | |
| CVE-2010-1598 | phpThumb.php in phpThumb() 1.7.9 and possibly other versions, when ImageMagick is installed, allows ... | | |
| CVE-2010-1599 | SQL injection vulnerability in loadorder.php in NKInFoWeb 2.5 and 5.2.2.0 allows remote attackers to... | E | |
| CVE-2010-1600 | SQL injection vulnerability in the Media Mall Factory (com_mediamall) component 1.0.4 for Joomla! al... | E | |
| CVE-2010-1601 | Directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows rem... | E | |
| CVE-2010-1602 | Directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! ... | E | |
| CVE-2010-1603 | Directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in t... | E | |
| CVE-2010-1604 | Multiple SQL injection vulnerabilities in admin_login.php in NCT Jobs Portal Script allow remote att... | E | |
| CVE-2010-1605 | Multiple SQL injection vulnerabilities in isearch.php in NCT Jobs Portal Script allow remote attacke... | | |
| CVE-2010-1606 | Multiple cross-site scripting (XSS) vulnerabilities in NCT Jobs Portal Script allow remote attackers... | E | |
| CVE-2010-1607 | Directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_... | E | |
| CVE-2010-1608 | Stack-based buffer overflow in IBM Lotus Notes 8.5 and 8.5fp1, and possibly other versions, allows r... | | |
| CVE-2010-1609 | Cross-site scripting (XSS) vulnerability in SAP NetWeaver 2004 before SP21 and 2004s before SP13 all... | S | |
| CVE-2010-1610 | Cross-site request forgery (CSRF) vulnerability in index.php in OpenCart 1.4 allows remote attackers... | | |
| CVE-2010-1611 | Cross-site request forgery (CSRF) vulnerability in AlegroCart 1.1 allows remote attackers to hijack ... | E S | |
| CVE-2010-1612 | The IBM WebSphere DataPower XML Accelerator XA35, Low Latency Appliance XM70, Integration Appliance ... | S | |
| CVE-2010-1613 | Moodle 1.8.x and 1.9.x before 1.9.8 does not enable the "Regenerate session id during login" setting... | | |
| CVE-2010-1614 | Multiple cross-site scripting (XSS) vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1... | | |
| CVE-2010-1615 | Multiple SQL injection vulnerabilities in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 allow re... | | |
| CVE-2010-1616 | Moodle 1.8.x and 1.9.x before 1.9.8 can create new roles when restoring a course, which allows teach... | | |
| CVE-2010-1617 | user/view.php in Moodle 1.8.x before 1.8.12 and 1.9.x before 1.9.8 does not properly check a role, w... | | |
| CVE-2010-1618 | Cross-site scripting (XSS) vulnerability in the phpCAS client library before 1.1.0, as used in Moodl... | | |
| CVE-2010-1619 | Cross-site scripting (XSS) vulnerability in the fix_non_standard_entities function in the KSES HTML ... | | |
| CVE-2010-1620 | Integer overflow in the load_iface function in Tools/gdomap.c in gdomap in GNUstep Base before 1.20.... | E S | |
| CVE-2010-1621 | The mysql_uninstall_plugin function in sql/sql_plugin.cc in MySQL 5.1 before 5.1.46 does not check p... | | |
| CVE-2010-1622 | SpringSource Spring Framework 2.5.x before 2.5.6.SEC02, 2.5.7 before 2.5.7.SR01, and 3.0.x before 3.... | E | |
| CVE-2010-1623 | Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable R... | S | |
| CVE-2010-1624 | The msn_emoticon_msg function in slp.c in the MSN protocol plugin in libpurple in Pidgin before 2.7.... | S | |
| CVE-2010-1625 | Cross-site scripting (XSS) vulnerability in LXR Cross Referencer before 0.9.7 allows remote attacker... | | |
| CVE-2010-1626 | MySQL before 5.1.46 allows local users to delete the data and index files of another user's MyISAM t... | S | |
| CVE-2010-1627 | feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows... | S | |
| CVE-2010-1628 | Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute ar... | E | |
| CVE-2010-1629 | Cross-site scripting (XSS) vulnerability in Phorum before 5.2.15 allows remote attackers to inject a... | S | |
| CVE-2010-1630 | Unspecified vulnerability in posting.php in phpBB before 3.0.5 has unknown impact and attack vectors... | | |
| CVE-2010-1631 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2010-1632 | Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, I... | | |
| CVE-2010-1633 | RSA verification recovery in the EVP_PKEY_verify_recover function in OpenSSL 1.x before 1.0.0a, as u... | S | |
| CVE-2010-1634 | Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow... | S | |
| CVE-2010-1635 | The chain_reply function in process.c in smbd in Samba before 3.4.8 and 3.5.x before 3.5.2 allows re... | E | |
| CVE-2010-1636 | The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.... | E S | |
| CVE-2010-1637 | The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass... | S | |
| CVE-2010-1638 | The IMP plugin in Horde allows remote attackers to bypass firewall restrictions and use Horde as a p... | | |
| CVE-2010-1639 | The cli_pdf function in libclamav/pdf.c in ClamAV before 0.96.1 allows remote attackers to cause a d... | S | |
| CVE-2010-1640 | Off-by-one error in the parseicon function in libclamav/pe_icons.c in ClamAV 0.96 allows remote atta... | | |
| CVE-2010-1641 | The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not ve... | S | |
| CVE-2010-1642 | The reply_sesssetup_and_X_spnego function in sesssetup.c in smbd in Samba before 3.4.8 and 3.5.x bef... | E | |
| CVE-2010-1643 | mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not proper... | | |
| CVE-2010-1644 | Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7f, as used in Red Hat High ... | S | |
| CVE-2010-1645 | Cacti before 0.8.7f, as used in Red Hat High Performance Computing (HPC) Solution and other products... | | |
| CVE-2010-1646 | The secure path feature in env.c in sudo 1.3.1 through 1.6.9p22 and 1.7.0 through 1.7.2p6 does not p... | E S | |
| CVE-2010-1647 | Cross-site scripting (XSS) vulnerability in MediaWiki 1.15 before 1.15.4 and 1.16 before 1.16 beta 3... | | |
| CVE-2010-1648 | Cross-site request forgery (CSRF) vulnerability in the login interface in MediaWiki 1.15 before 1.15... | S | |
| CVE-2010-1649 | Multiple cross-site scripting (XSS) vulnerabilities in the back end in Joomla! 1.5 through 1.5.17 al... | | |
| CVE-2010-1650 | IBM WebSphere Application Server (WAS) 6.0.x before 6.0.2.41, 6.1.x before 6.1.0.31, and 7.0.x befor... | S | |
| CVE-2010-1651 | IBM WebSphere Application Server (WAS) 6.1.x before 6.1.0.31 and 7.0.x before 7.0.0.11, when Basic a... | S | |
| CVE-2010-1652 | Directory traversal vulnerability in the HelpCenter module in Help Center Live (HCL) 2.0.6 and 2.1.7... | E | |
| CVE-2010-1653 | Directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and... | E | |
| CVE-2010-1654 | Multiple SQL injection vulnerabilities in system_member_login.php in Infocus Real Estate Enterprise ... | E | |
| CVE-2010-1655 | Cross-site scripting (XSS) vulnerability in User/User_ChkLogin.asp in PowerEasy 2006 and PowerEasy S... | E | |
| CVE-2010-1656 | SQL injection vulnerability in the Airiny ABC (com_abc) component 1.1.7 for Joomla! allows remote at... | E | |
| CVE-2010-1657 | Directory traversal vulnerability in the SmartSite (com_smartsite) component 1.0.0 for Joomla! allow... | E | |
| CVE-2010-1658 | Directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for... | E | |
| CVE-2010-1659 | Directory traversal vulnerability in the Ultimate Portfolio (com_ultimateportfolio) component 1.0 fo... | E | |
| CVE-2010-1660 | SQL injection vulnerability in help-details.php in CLScript Classifieds Script allows remote attacke... | E | |
| CVE-2010-1661 | Multiple SQL injection vulnerabilities in PHP-Quick-Arcade (PHPQA) 3.0.21 allow remote attackers to ... | E | |
| CVE-2010-1662 | Cross-site scripting (XSS) vulnerability in acpmoderate.php in PHP-Quick-Arcade (PHPQA) 3.0.21 allow... | E | |
| CVE-2010-1663 | The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows ... | E | |
| CVE-2010-1664 | Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attacker... | S | |
| CVE-2010-1665 | Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to c... | | |
| CVE-2010-1666 | Buffer overflow in Dan Pascu python-cjson 1.0.5, when UCS-4 encoding is enabled, allows context-depe... | | |
| CVE-2010-1667 | Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.0.15, 1.1.x before 1.1.9, and... | S | |
| CVE-2010-1668 | Multiple cross-site request forgery (CSRF) vulnerabilities in Mahara before 1.0.15, 1.1.x before 1.1... | | |
| CVE-2010-1669 | SQL injection vulnerability in Mahara 1.1.x before 1.1.9 and 1.2.x before 1.2.5 allows remote attack... | S | |
| CVE-2010-1670 | Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has improper configuration options ... | | |
| CVE-2010-1671 | hsolinkcontrol in hsolink 1.0.118 allows local users to gain privileges via shell metacharacters in ... | | |
| CVE-2010-1673 | A cross-site scripting (XSS) vulnerability in ikiwiki before 3.20101112 allows remote attackers to i... | | |
| CVE-2010-1674 | The extended-community parser in bgpd in Quagga before 0.99.18 allows remote attackers to cause a de... | | |
| CVE-2010-1675 | bgpd in Quagga before 0.99.18 allows remote attackers to cause a denial of service (session reset) v... | | |
| CVE-2010-1676 | Heap-based buffer overflow in Tor before 0.2.1.28 and 0.2.2.x before 0.2.2.20-alpha allows remote at... | S | |
| CVE-2010-1677 | MHonArc 2.6.16 allows remote attackers to cause a denial of service (CPU consumption) via start tags... | | |
| CVE-2010-1678 | Mapserver 5.2, 5.4 and 5.6 before 5.6.5-2 improperly validates symbol index values during Mapfile pa... | | |
| CVE-2010-1679 | Directory traversal vulnerability in dpkg-source in dpkg before 1.14.31 and 1.15.x allows user-assis... | | |
| CVE-2010-1680 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2010-1681 | Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted re... | E S | |
| CVE-2010-1685 | Stack-based buffer overflow in CursorArts ZipWrangler 1.20 allows user-assisted remote attackers to ... | | |
| CVE-2010-1686 | Stack-based buffer overflow in (1) Urgent Backup 3.20, and (2) ABC Backup Pro 5.20 and ABC Backup 5.... | | |
| CVE-2010-1687 | Stack-based buffer overflow in lpd.exe in Mocha W32 LPD 1.9 allows remote attackers to cause a denia... | | |
| CVE-2010-1688 | Stack-based buffer overflow in 2BrightSparks SyncBack Freeware 3.2.20.0, and possibly other versions... | E S | |
| CVE-2010-1689 | The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier... | | |
| CVE-2010-1690 | The DNS implementation in smtpsvc.dll before 6.0.2600.5949 in Microsoft Windows 2000 SP4 and earlier... | S | |
| CVE-2010-1691 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-1692 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-1693 | openibd in OpenFabrics Enterprise Distribution (OFED) 1.5.2 allows local users to overwrite arbitrar... | | |
| CVE-2010-1694 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-1695 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-1696 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-1697 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-1698 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-1699 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-1700 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-1701 | SQL injection vulnerability in browse.html in PHP Video Battle Script allows remote attackers to exe... | E | |
| CVE-2010-1702 | SQL injection vulnerability in submitticket.php in WHMCompleteSolution (WHMCS) 4.2 allows remote att... | E | |
| CVE-2010-1703 | Multiple cross-site scripting (XSS) vulnerabilities in index_search.php in 2daybiz Polls (aka Advanc... | E | |
| CVE-2010-1704 | Multiple SQL injection vulnerabilities in 2daybiz Polls (aka Advanced Poll) Script allow remote atta... | E | |
| CVE-2010-1705 | SQL injection vulnerability in casting_view.php in Modelbook allows remote attackers to execute arbi... | E | |
| CVE-2010-1706 | Multiple SQL injection vulnerabilities in login.php in 2daybiz Auction Script allow remote attackers... | E | |
| CVE-2010-1707 | Multiple cross-site scripting (XSS) vulnerabilities in register.php in Piwigo 2.0.9 and earlier allo... | S | |
| CVE-2010-1708 | Multiple SQL injection vulnerabilities in agentadmin.php in Free Realty allow remote attackers to ex... | E | |
| CVE-2010-1709 | Multiple cross-site scripting (XSS) vulnerabilities in upload.cgi in G5-Scripts Auto-Img-Gallery 1.1... | E | |
| CVE-2010-1710 | Directory traversal vulnerability in login.php in Siestta 2.0, when register_globals is enabled, all... | E | |
| CVE-2010-1711 | Cross-site scripting (XSS) vulnerability in carga_foto_al.php in Siestta 2.0, when register_globals ... | E | |
| CVE-2010-1712 | Multiple cross-site scripting (XSS) vulnerabilities in base/Comments.php in Webmobo WB News 2.3.3 al... | E | |
| CVE-2010-1713 | SQL injection vulnerability in modules.php in PostNuke 0.764 allows remote attackers to execute arbi... | E | |
| CVE-2010-1714 | Directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! al... | E | |
| CVE-2010-1715 | Directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) comp... | E | |
| CVE-2010-1716 | SQL injection vulnerability in the Agenda Address Book (com_agenda) component 1.0.1 for Joomla! allo... | E | |
| CVE-2010-1717 | Directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! a... | E | |
| CVE-2010-1718 | Directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) com... | E | |
| CVE-2010-1719 | Directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! a... | E | |
| CVE-2010-1720 | SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla... | E | |
| CVE-2010-1721 | SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component ... | E | |
| CVE-2010-1722 | Directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows... | E | |
| CVE-2010-1723 | Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component... | E | |
| CVE-2010-1724 | Multiple cross-site scripting (XSS) vulnerabilities in Zikula Application Framework 1.2.2, and possi... | | |
| CVE-2010-1725 | SQL injection vulnerability in offers_buy.php in Alibaba Clone Platinum allows remote attackers to e... | E | |
| CVE-2010-1726 | SQL injection vulnerability in offers_buy.php in EC21 Clone 3.0 allows remote attackers to execute a... | E | |
| CVE-2010-1727 | SQL injection vulnerability in type.asp in JobPost 1.0 allows remote attackers to execute arbitrary ... | E | |
| CVE-2010-1728 | Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modificatio... | E | |
| CVE-2010-1729 | WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to ca... | E | |
| CVE-2010-1730 | Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause a denial of service (applicat... | E | |
| CVE-2010-1731 | Google Chrome on the HTC Hero allows remote attackers to cause a denial of service (application cras... | | |
| CVE-2010-1732 | Cross-site request forgery (CSRF) vulnerability in the users module in Zikula Application Framework ... | | |
| CVE-2010-1733 | Multiple SQL injection vulnerabilities in OCS Inventory NG before 1.02.3 allow remote attackers to e... | | |
| CVE-2010-1734 | The SfnINSTRING function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 2003 ... | E | |
| CVE-2010-1735 | The SfnLOGONNOTIFY function in win32k.sys in the kernel in Microsoft Windows 2000, XP, and Server 20... | E | |
| CVE-2010-1736 | KrM Haber 1.0 stores sensitive information under the web root with insufficient access control, whic... | E | |
| CVE-2010-1737 | PHP remote file inclusion vulnerability in core/includes/gfw_smarty.php in Gallo 0.1.0, when magic_q... | E | |
| CVE-2010-1738 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1448. Reason: This candida... | R | |
| CVE-2010-1739 | SQL injection vulnerability in the Newsfeeds (com_newsfeeds) component for Joomla! allows remote att... | E | |
| CVE-2010-1740 | SQL injection vulnerability in newsletter.php in GuppY 4.5.18 allows remote attackers to execute arb... | E | |
| CVE-2010-1741 | SQL injection vulnerability in request_account.php in Billwerx RC 5.2.2 PL2 allows remote attackers ... | E | |
| CVE-2010-1742 | Cross-site scripting (XSS) vulnerability in projects.php in Scratcher allows remote attackers to inj... | E | |
| CVE-2010-1743 | SQL injection vulnerability in projects.php in Scratcher allows remote attackers to execute arbitrar... | E | |
| CVE-2010-1744 | SQL injection vulnerability in product.html in B2B Gold Script allows remote attackers to execute ar... | E | |
| CVE-2010-1745 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1867. Reason: This candida... | R | |
| CVE-2010-1746 | Multiple cross-site scripting (XSS) vulnerabilities in the Table JX (com_grid) component for Joomla!... | E | |
| CVE-2010-1748 | The cgi_initialize_string function in cgi-bin/var.c in the web interface in CUPS before 1.4.4, as us... | S | |
| CVE-2010-1749 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1750 | Use-after-free vulnerability in Apple Safari before 5.0 on Windows allows remote attackers to execut... | S | |
| CVE-2010-1751 | Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-librar... | | |
| CVE-2010-1752 | Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows r... | | |
| CVE-2010-1753 | ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitr... | | |
| CVE-2010-1754 | Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-base... | | |
| CVE-2010-1755 | Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Coo... | | |
| CVE-2010-1756 | The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report... | | |
| CVE-2010-1757 | WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary res... | | |
| CVE-2010-1758 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1759 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1760 | loader/DocumentThreadableLoader.cpp in the XMLHttpRequest implementation in WebCore in WebKit before... | | |
| CVE-2010-1761 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1762 | Cross-site scripting (XSS) vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 throu... | S | |
| CVE-2010-1763 | Unspecified vulnerability in WebKit in Apple iTunes before 9.2 on Windows has unknown impact and att... | | |
| CVE-2010-1764 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1765 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-1766 | Off-by-one error in the WebSocketHandshake::readServerHandshake function in websockets/WebSocketHand... | | |
| CVE-2010-1767 | Cross-site request forgery (CSRF) vulnerability in loader/DocumentThreadableLoader.cpp in WebCore in... | | |
| CVE-2010-1768 | Unspecified vulnerability in Apple iTunes before 9.1 allows local users to gain console privileges v... | | |
| CVE-2010-1769 | WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, a... | | |
| CVE-2010-1770 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, Apple Safari before 4.1... | S | |
| CVE-2010-1771 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1772 | Use-after-free vulnerability in page/Geolocation.cpp in WebCore in WebKit before r59859, as used in ... | E S | |
| CVE-2010-1773 | Off-by-one error in the toAlphabetic function in rendering/RenderListMarker.cpp in WebCore in WebKit... | S | |
| CVE-2010-1774 | WebKit in Apple Safari before 5.0 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1 on Mac O... | S | |
| CVE-2010-1775 | Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically... | | |
| CVE-2010-1776 | Find My iPhone on iOS 2.0 through 3.1.3 for iPhone 3G and later and iOS 2.1 through 3.1.3 for iPod t... | | |
| CVE-2010-1777 | Buffer overflow in Apple iTunes before 9.2.1 allows remote attackers to execute arbitrary code or ca... | S | |
| CVE-2010-1778 | Cross-site scripting (XSS) vulnerability in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 ... | S | |
| CVE-2010-1779 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-1780 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 an... | S | |
| CVE-2010-1781 | Double free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remo... | | |
| CVE-2010-1782 | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on M... | S | |
| CVE-2010-1783 | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on M... | S | |
| CVE-2010-1784 | The counters functionality in the Cascading Style Sheets (CSS) implementation in WebKit in Apple Saf... | S | |
| CVE-2010-1785 | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on M... | S | |
| CVE-2010-1786 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 an... | S | |
| CVE-2010-1787 | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on M... | S | |
| CVE-2010-1788 | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on M... | S | |
| CVE-2010-1789 | Heap-based buffer overflow in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and ... | S | |
| CVE-2010-1790 | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on M... | S | |
| CVE-2010-1791 | Integer signedness error in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Wi... | S | |
| CVE-2010-1792 | WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.1 on M... | S | |
| CVE-2010-1793 | Multiple use-after-free vulnerabilities in WebKit in Apple Safari before 5.0.1 on Mac OS X 10.5 thro... | S | |
| CVE-2010-1794 | The webdav_mount function in webdav_vfsops.c in the WebDAV kernel extension (aka webdav_fs.kext) for... | | |
| CVE-2010-1795 | Untrusted search path vulnerability in Apple iTunes before 9.1, when running on Windows 7, Vista, an... | | |
| CVE-2010-1796 | The AutoFill feature in Apple Safari before 5.0.1 on Mac OS X 10.5 through 10.6 and Windows, and bef... | S | |
| CVE-2010-1797 | Multiple stack-based buffer overflows in the cff_decoder_parse_charstrings function in the CFF Type2... | E | |
| CVE-2010-1798 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-1799 | Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Wi... | | |
| CVE-2010-1800 | CFNetwork in Apple Mac OS X 10.6.3 and 10.6.4 supports anonymous SSL and TLS connections, which allo... | S | |
| CVE-2010-1801 | Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attacke... | S | |
| CVE-2010-1802 | libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name... | S | |
| CVE-2010-1803 | Time Machine in Apple Mac OS X 10.6.x before 10.6.5 does not verify the unique identifier of its rem... | S | |
| CVE-2010-1804 | Unspecified vulnerability in the network bridge functionality on the Apple Time Capsule, AirPort Ext... | S | |
| CVE-2010-1805 | Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows... | S | |
| CVE-2010-1806 | Use-after-free vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 allows remote att... | S | |
| CVE-2010-1807 | WebKit in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2; Android before 2.2; and webkitgtk befo... | S | |
| CVE-2010-1808 | Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.4 allows ... | S | |
| CVE-2010-1809 | The Accessibility component in Apple iOS before 4.1 on the iPhone and iPod touch does not perform th... | | |
| CVE-2010-1810 | FaceTime in Apple iOS before 4.1 on the iPhone and iPod touch does not properly handle invalid X.509... | | |
| CVE-2010-1811 | ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbi... | | |
| CVE-2010-1812 | Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and web... | | |
| CVE-2010-1813 | WebKit in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attackers to execute arbit... | | |
| CVE-2010-1814 | WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and webkitgtk before 1.2.6, allows remo... | | |
| CVE-2010-1815 | Use-after-free vulnerability in WebKit in Apple iOS before 4.1 on the iPhone and iPod touch, and web... | | |
| CVE-2010-1816 | Buffer overflow in ImageIO in Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10... | | |
| CVE-2010-1817 | Buffer overflow in ImageIO in Apple iOS before 4.1 on the iPhone and iPod touch allows remote attack... | | |
| CVE-2010-1818 | The IPersistPropertyBag2::Read function in QTPlugin.ocx in Apple QuickTime 6.x, 7.x before 7.6.8, an... | E | |
| CVE-2010-1819 | Untrusted search path vulnerability in the Picture Viewer in Apple QuickTime before 7.6.8 allows loc... | S | |
| CVE-2010-1820 | Apple Filing Protocol (AFP) Server in Apple Mac OS X 10.6.x through 10.6.4 does not properly handle ... | S | |
| CVE-2010-1821 | Apple Mac OS X 10.6 through 10.6.3 and Mac OS X Server 10.6 through 10.6.3 allows local users to obt... | | |
| CVE-2010-1822 | WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472... | E | |
| CVE-2010-1823 | Use-after-free vulnerability in WebKit before r65958, as used in Google Chrome before 6.0.472.59, al... | S | |
| CVE-2010-1824 | Use-after-free vulnerability in WebKit, as used in Apple iTunes before 10.2 on Windows, Apple Safari... | E | |
| CVE-2010-1825 | Use-after-free vulnerability in WebKit, as used in Google Chrome before 6.0.472.59, allows remote at... | E S | |
| CVE-2010-1826 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-1827 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-1828 | AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to cause a deni... | S | |
| CVE-2010-1829 | Directory traversal vulnerability in AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 al... | S | |
| CVE-2010-1830 | AFP Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 generates different error messages depe... | S | |
| CVE-2010-1831 | Buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allow... | S | |
| CVE-2010-1832 | Stack-based buffer overflow in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 and 10.6.x before ... | S | |
| CVE-2010-1833 | Apple Type Services (ATS) in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute ... | S | |
| CVE-2010-1834 | CFNetwork in Apple Mac OS X 10.6.x before 10.6.5 does not properly validate the domains of cookies, ... | S | |
| CVE-2010-1835 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-1836 | Stack-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows... | S | |
| CVE-2010-1837 | CoreText in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitr... | S | |
| CVE-2010-1838 | Directory Services in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly handle errors... | S | |
| CVE-2010-1839 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-1840 | Stack-based buffer overflow in the password-validation functionality in Directory Services in Apple ... | S | |
| CVE-2010-1841 | Disk Images in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arb... | S | |
| CVE-2010-1842 | Buffer overflow in AppKit in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute ... | S | |
| CVE-2010-1843 | Networking in Apple Mac OS X 10.6.2 through 10.6.4 allows remote attackers to cause a denial of serv... | S | |
| CVE-2010-1844 | Unspecified vulnerability in Image Capture in Apple Mac OS X 10.6.x before 10.6.5 allows remote atta... | S | |
| CVE-2010-1845 | ImageIO in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attackers to execute arbitra... | S | |
| CVE-2010-1846 | Heap-based buffer overflow in Image RAW in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows rem... | S | |
| CVE-2010-1847 | The kernel in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform memory management associ... | S | |
| CVE-2010-1848 | Directory traversal vulnerability in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote au... | | |
| CVE-2010-1849 | The my_net_skip_rest function in sql/net_serv.cc in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 a... | | |
| CVE-2010-1850 | Buffer overflow in MySQL 5.0 through 5.0.91 and 5.1 before 5.1.47 allows remote authenticated users ... | | |
| CVE-2010-1851 | Google Chrome, when the Invisible Hand extension is enabled, uses cookies during background HTTP req... | | |
| CVE-2010-1852 | Microsoft Internet Explorer, when the Invisible Hand extension is enabled, uses cookies during backg... | | |
| CVE-2010-1853 | Multiple stack-based buffer overflows in the tr_magnetParse function in libtransmission/magnet.c in ... | S | |
| CVE-2010-1854 | Cross-site scripting (XSS) vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allow... | | |
| CVE-2010-1855 | SQL injection vulnerability in auktion.php in Pay Per Watch & Bid Auktions System allows remote atta... | E | |
| CVE-2010-1856 | Cross-site scripting (XSS) vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quote... | E | |
| CVE-2010-1857 | SQL injection vulnerability in index.php in RepairShop2 1.9.023 Trial, when magic_quotes_gpc is disa... | | |
| CVE-2010-1858 | Directory traversal vulnerability in the SMEStorage (com_smestorage) component before 1.1 for Joomla... | E | |
| CVE-2010-1859 | SQL injection vulnerability in newpost.php in DeluxeBB 1.3 and earlier, when magic_quotes_gpc is dis... | E | |
| CVE-2010-1860 | The html_entity_decode function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-depen... | E | |
| CVE-2010-1861 | The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent atta... | E | |
| CVE-2010-1862 | The chunk_split function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent at... | E | |
| CVE-2010-1863 | SQL injection vulnerability in the shoutbox module (modules/shoutbox.php) in ClanTiger 1.1.3 and ear... | E | |
| CVE-2010-1864 | The addcslashes function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent at... | E | |
| CVE-2010-1865 | Multiple SQL injection vulnerabilities in ClanSphere 2009.0.3 and earlier allow remote attackers to ... | E S | |
| CVE-2010-1866 | The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows c... | E | |
| CVE-2010-1867 | SQL injection vulnerability in the ArticleAttachment::GetAttachmentsByArticleNumber method in javasc... | E | |
| CVE-2010-1868 | The (1) sqlite_single_query and (2) sqlite_array_query functions in ext/sqlite/sqlite.c in PHP 5.2 t... | E | |
| CVE-2010-1869 | Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-depen... | | |
| CVE-2010-1870 | The OGNL extensive expression evaluation capability in XWork in Struts 2.0.0 through 2.1.8.1, as use... | E | |
| CVE-2010-1871 | JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat Linux... | KEV | |
| CVE-2010-1872 | Cross-site scripting (XSS) vulnerability in cPlayer.php in FlashCard 2.6.5 and 3.0.1 allows remote a... | E | |
| CVE-2010-1873 | SQL injection vulnerability in the Jvehicles (com_jvehicles) component 1.0, 2.0, and 2.1111 for Joom... | E | |
| CVE-2010-1874 | SQL injection vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 for Joo... | E | |
| CVE-2010-1875 | Directory traversal vulnerability in the Real Estate Property (com_properties) component 3.1.22-03 f... | E | |
| CVE-2010-1876 | SQL injection vulnerability in index.php in AJ Shopping Cart 1.0 allows remote attackers to execute ... | E | |
| CVE-2010-1877 | SQL injection vulnerability in the JTM Reseller (com_jtm) component 1.9 Beta for Joomla! allows remo... | E | |
| CVE-2010-1878 | Directory traversal vulnerability in the OrgChart (com_orgchart) component 1.0.0 for Joomla! allows ... | E | |
| CVE-2010-1879 | Unspecified vulnerability in Quartz.dll for DirectShow; Windows Media Format Runtime 9, 9.5, and 11;... | | |
| CVE-2010-1880 | Unspecified vulnerability in Quartz.dll for DirectShow on Microsoft Windows 2000 SP4, XP SP2 and SP3... | | |
| CVE-2010-1881 | The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Off... | | |
| CVE-2010-1882 | Multiple buffer overflows in the MPEG Layer-3 Audio Codec for Microsoft DirectShow in l3codecx.ax in... | | |
| CVE-2010-1883 | Integer overflow in the Embedded OpenType (EOT) Font Engine in Microsoft Windows XP SP2 and SP3, Win... | | |
| CVE-2010-1884 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-1885 | The MPC::HexToNum function in helpctr.exe in Microsoft Windows Help and Support Center in Windows XP... | E | |
| CVE-2010-1886 | Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server... | S | |
| CVE-2010-1887 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 20... | | |
| CVE-2010-1888 | Race condition in the kernel in Microsoft Windows XP SP3 allows local users to gain privileges via v... | | |
| CVE-2010-1889 | Double free vulnerability in the kernel in Microsoft Windows Vista SP1 and SP2, and Windows Server 2... | | |
| CVE-2010-1890 | The kernel in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Window... | | |
| CVE-2010-1891 | The Client/Server Runtime Subsystem (aka CSRSS) in the Win32 subsystem in Microsoft Windows XP SP2 a... | | |
| CVE-2010-1892 | The TCP/IP stack in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and ... | | |
| CVE-2010-1893 | Integer overflow in the TCP/IP stack in Microsoft Windows Vista SP1, Windows Server 2008 Gold and R2... | | |
| CVE-2010-1894 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Serve... | | |
| CVE-2010-1895 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, and Windows Serve... | | |
| CVE-2010-1896 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 20... | | |
| CVE-2010-1897 | The Windows kernel-mode drivers in win32k.sys in Microsoft Windows XP SP2 and SP3, Windows Server 20... | | |
| CVE-2010-1898 | The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.... | | |
| CVE-2010-1899 | Stack consumption vulnerability in the ASP implementation in Microsoft Internet Information Services... | | |
| CVE-2010-1900 | Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open... | | |
| CVE-2010-1901 | Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open... | | |
| CVE-2010-1902 | Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and... | | |
| CVE-2010-1903 | Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to exec... | | |
| CVE-2010-1904 | SQL injection vulnerability in EMC RSA Key Manager (RKM) C Client 1.5.x allows user-assisted remote ... | E | |
| CVE-2010-1905 | Multiple cross-site scripting (XSS) vulnerabilities in Consona Live Assistance, Dynamic Agent, and S... | E S | |
| CVE-2010-1906 | tgsrv.exe in the Repair Service in Consona Dynamic Agent, Repair Manager, Subscriber Activation, and... | E S | |
| CVE-2010-1907 | The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and S... | E S | |
| CVE-2010-1908 | The SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and S... | E S | |
| CVE-2010-1909 | Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Conso... | E S | |
| CVE-2010-1910 | The Forgot Password implementation in Consona Live Assistance, Dynamic Agent, and Subscriber Assista... | S | |
| CVE-2010-1911 | The site-locking implementation in the SdcWebSecureBase interface in tgctlcm.dll in Consona Live Ass... | E S | |
| CVE-2010-1912 | The SdcWebSecureBase interface in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscri... | E S | |
| CVE-2010-1913 | The default configuration of pluginlicense.ini for the SdcWebSecureBase interface in tgctlcm.dll in ... | E S | |
| CVE-2010-1914 | The Zend Engine in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers t... | E | |
| CVE-2010-1915 | The preg_quote function in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent att... | | |
| CVE-2010-1916 | The dynamic configuration feature in Xinha WYSIWYG editor 0.96 Beta 2 and earlier, as used in Serend... | E | |
| CVE-2010-1917 | Stack consumption vulnerability in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-depen... | E | |
| CVE-2010-1918 | SQL injection vulnerability in ask_chat.php in eFront 3.6.2 and earlier allows remote attackers to e... | E | |
| CVE-2010-1919 | Unspecified vulnerability in EMC Avamar 4.1.x and 5.0 before SP1 allows remote attackers to cause a ... | | |
| CVE-2010-1920 | Directory traversal vulnerability in scr/soustab.php in OpenMairie openAnnuaire 2.00, when register_... | E | |
| CVE-2010-1921 | Multiple PHP remote file inclusion vulnerabilities in OpenMairie openAnnuaire 2.00, when register_gl... | E | |
| CVE-2010-1922 | Multiple PHP remote file inclusion vulnerabilities in 29o3 CMS 0.1 allow remote attackers to execute... | E | |
| CVE-2010-1923 | SQL injection vulnerability in user.php in Hi Web Wiesbaden Web 2.0 Social Network Freunde Community... | E | |
| CVE-2010-1924 | SQL injection vulnerability in index.php in Hi Web Wiesbaden Live Shopping Multi Portal System allow... | E | |
| CVE-2010-1925 | SQL injection vulnerability in makale.php in tekno.Portal 0.1b allows remote attackers to execute ar... | E | |
| CVE-2010-1926 | Directory traversal vulnerability in scr/soustab.php in openMairie openCourrier 2.02 and 2.03 beta, ... | E | |
| CVE-2010-1927 | Multiple PHP remote file inclusion vulnerabilities in openMairie openCourrier 2.02 and 2.03 beta, wh... | E | |
| CVE-2010-1928 | Directory traversal vulnerability in scr/soustab.php in openMairie openPlanning 1.00, when register_... | E | |
| CVE-2010-1929 | Multiple stack-based buffer overflows in the jclient._Java_novell_jclient_JClient_defineClass@20 fun... | E | |
| CVE-2010-1930 | Off-by-one error in Novell iManager 2.7, 2.7.3, and 2.7.3 FTF2 allows remote attackers to cause a de... | E | |
| CVE-2010-1931 | SQL injection vulnerability in includes/content/cart.inc.php in CubeCart PHP Shopping cart 4.3.4 thr... | E S | |
| CVE-2010-1932 | Heap-based buffer overflow in XnView 1.97.4 and possibly earlier allows remote attackers to execute ... | E | |
| CVE-2010-1934 | Multiple PHP remote file inclusion vulnerabilities in openMairie openPlanning 1.00, when register_gl... | E | |
| CVE-2010-1935 | Directory traversal vulnerability in scr/soustab.php in openMairie Openpresse 1.01, when register_gl... | E | |
| CVE-2010-1936 | Directory traversal vulnerability in scr/soustab.php in openMairie openComInterne 1.01, when registe... | E | |
| CVE-2010-1937 | Heap-based buffer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB before 1.3.8 might allow re... | | |
| CVE-2010-1938 | Off-by-one error in the __opiereadrec function in readrec.c in libopie in OPIE 2.4.1-test1 and earli... | E | |
| CVE-2010-1939 | Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arb... | E S | |
| CVE-2010-1940 | Apple Safari 4.0.5 on Windows sends the "Authorization: Basic" header appropriate for one web site t... | | |
| CVE-2010-1941 | Unspecified vulnerability in NEC WebSAM DeploymentManager 5.13 and earlier, as used in SigmaSystemCe... | | |
| CVE-2010-1942 | Unspecified vulnerability in the Servlet service in Fujitsu Limited Interstage Application Server 3.... | S | |
| CVE-2010-1943 | Unspecified vulnerability in NEC CapsSuite Small Edition PatchMeister 2.0 Update2 and earlier allows... | | |
| CVE-2010-1944 | Multiple PHP remote file inclusion vulnerabilities in openMairie openCimetiere 2.01, when register_g... | E | |
| CVE-2010-1945 | Multiple PHP remote file inclusion vulnerabilities in openMairie Openfoncier 2.00, when register_glo... | E | |
| CVE-2010-1946 | Multiple PHP remote file inclusion vulnerabilities in openMairie Openregistrecil 1.02, when register... | E | |
| CVE-2010-1947 | Directory traversal vulnerability in scr/soustab.php in openMairie Openregistrecil 1.02, when regist... | E | |
| CVE-2010-1948 | Directory traversal vulnerability in scr/soustab.php in openMairie Openfoncier 2.00, when register_g... | E | |
| CVE-2010-1949 | SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joom... | E | |
| CVE-2010-1950 | SQL injection vulnerability in the Online News Paper Manager (com_jnewspaper) component 1.0 for Joom... | | |
| CVE-2010-1951 | Multiple directory traversal vulnerabilities in 60cycleCMS allow remote attackers to include and exe... | E | |
| CVE-2010-1952 | Directory traversal vulnerability in the BeeHeard (com_beeheard) and BeeHeard Lite (com_beeheardlite... | E | |
| CVE-2010-1953 | Directory traversal vulnerability in the iNetLanka Multiple Map (com_multimap) component 1.0 for Joo... | E | |
| CVE-2010-1954 | Directory traversal vulnerability in the iNetLanka Multiple root (com_multiroot) component 1.0 and 1... | E | |
| CVE-2010-1955 | Directory traversal vulnerability in the Deluxe Blog Factory (com_blogfactory) component 1.1.2 for J... | E | |
| CVE-2010-1956 | Directory traversal vulnerability in the Gadget Factory (com_gadgetfactory) component 1.0.0 and 1.5.... | E S | |
| CVE-2010-1957 | Directory traversal vulnerability in the Love Factory (com_lovefactory) component 1.3.4 for Joomla! ... | E | |
| CVE-2010-1958 | Cross-site scripting (XSS) vulnerability in the FileField module 5.x before 5.x-2.5 and 6.x before 6... | S | |
| CVE-2010-1959 | Unspecified vulnerability in HP TestDirector for Quality Center 9.2 before Patch8 allows remote atta... | | |
| CVE-2010-1960 | Buffer overflow in the error handling functionality in ovwebsnmpsrv.exe in HP OpenView Network Node ... | S | |
| CVE-2010-1961 | Buffer overflow in ovutil.dll in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 ... | S | |
| CVE-2010-1962 | Unspecified vulnerability in HP StorageWorks Storage Mirroring 5 before 5.2.1.870.0 allows remote at... | | |
| CVE-2010-1963 | Cross-site scripting (XSS) vulnerability in HP ServiceCenter allows remote attackers to inject arbit... | | |
| CVE-2010-1964 | Buffer overflow in ovwebsnmpsrv.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allow... | S | |
| CVE-2010-1965 | Unspecified vulnerability in HP Insight Orchestration for Windows before 6.1 allows remote attackers... | | |
| CVE-2010-1966 | Unspecified vulnerability in HP Insight Control power management for Windows before 6.1 allows local... | | |
| CVE-2010-1967 | Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users... | | |
| CVE-2010-1968 | Cross-site request forgery (CSRF) vulnerability in HP Insight Software Installer for Windows before ... | | |
| CVE-2010-1969 | Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterprise Manager for Windows before... | | |
| CVE-2010-1970 | Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users... | | |
| CVE-2010-1971 | Cross-site request forgery (CSRF) vulnerability in HP Insight Software Installer for Windows before ... | | |
| CVE-2010-1972 | The default configuration of HP Client Automation (HPCA) Enterprise Infrastructure (aka Radia) allow... | | |
| CVE-2010-1973 | Unspecified vulnerability in the Auditing subsystem in HP OpenVMS 8.3, 8.2, 7.3-2, and earlier on th... | S | |
| CVE-2010-1974 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1168. Reason: This candida... | R | |
| CVE-2010-1975 | PostgreSQL 7.4 before 7.4.29, 8.0 before 8.0.25, 8.1 before 8.1.21, 8.2 before 8.2.17, 8.3 before 8.... | | |
| CVE-2010-1976 | Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb module 6.x before 6.x-1.1 for Dr... | S | |
| CVE-2010-1977 | Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla!... | E | |
| CVE-2010-1978 | PHP remote file inclusion vulnerability in default_theme.php in FreePHPBlogSoftware 1.0, when regist... | E | |
| CVE-2010-1979 | Directory traversal vulnerability in the Affiliate Datafeeds (com_datafeeds) component build 880 for... | E | |
| CVE-2010-1980 | Directory traversal vulnerability in joomlaflickr.php in the Joomla Flickr (com_joomlaflickr) compon... | E S | |
| CVE-2010-1981 | Directory traversal vulnerability in the Fabrik (com_fabrik) component 2.0 for Joomla! allows remote... | E | |
| CVE-2010-1982 | Directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows rem... | E | |
| CVE-2010-1983 | Directory traversal vulnerability in the redTWITTER (com_redtwitter) component 1.0.x including 1.0b1... | E | |
| CVE-2010-1984 | Cross-site scripting (XSS) vulnerability in the Taxonomy Breadcrumb module 5.x before 5.x-1.5 and 6.... | S | |
| CVE-2010-1985 | Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in Six Apar... | | |
| CVE-2010-1986 | Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory... | E | |
| CVE-2010-1987 | Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (memory... | E | |
| CVE-2010-1988 | Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (NULL p... | E | |
| CVE-2010-1989 | Opera 9.52 executes a mail application in situations where an IMG element has a SRC attribute that i... | E | |
| CVE-2010-1990 | Mozilla Firefox 3.6.x, 3.5.x, 3.0.19, and earlier, and SeaMonkey, executes a mail application in sit... | E | |
| CVE-2010-1991 | Microsoft Internet Explorer 6.0.2900.2180, 7, and 8.0.7600.16385 executes a mail application in situ... | E | |
| CVE-2010-1992 | Google Chrome 1.0.154.48 executes a mail application in situations where an IFRAME element has a mai... | E | |
| CVE-2010-1993 | Opera 9.52 does not properly handle an IFRAME element with a mailto: URL in its SRC attribute, which... | E | |
| CVE-2010-1994 | SQL injection vulnerability in index.php in TomatoCMS before 2.0.5 allows remote attackers to execut... | | |
| CVE-2010-1995 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS before 2.0.5 allow rem... | | |
| CVE-2010-1996 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS before 2.0.5 allow rem... | | |
| CVE-2010-1997 | Cross-site scripting (XSS) vulnerability in admin/edit.php in Saurus CMS 4.7.0 allows remote authent... | E | |
| CVE-2010-1998 | Cross-site scripting (XSS) vulnerability in the CCK TableField module 6.x before 6.x-1.2 for Drupal ... | S | |
| CVE-2010-1999 | Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when registe... | E |