CVE-2010-2xxx

There are 973 CVE in this subgroup.
Last updated: 
← Back to 2010
ID Summary Flags Max Score
CVE-2010-2000 Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 an...
S
CVE-2010-2001 Cross-site scripting (XSS) vulnerability in the CiviRegister module before 6.x-1.1 for Drupal allows...
S
CVE-2010-2002 Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before ...
S
CVE-2010-2003 Cross-site scripting (XSS) vulnerability in misc/get_admin.php in Advanced Poll 2.08 allows remote a...
E
CVE-2010-2004 Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free, and possibly other versions...
E
CVE-2010-2005 Multiple PHP remote file inclusion vulnerabilities in DataLife Engine (DLE) 8.3 allow remote attacke...
E
CVE-2010-2006 Directory traversal vulnerability in op/op.Login.php in LetoDMS (formerly MyDMS) 1.7.2 and earlier a...
CVE-2010-2007 Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) 1.7.2 and ear...
E
CVE-2010-2008 MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a deni...
E
CVE-2010-2009 Stack-based buffer overflow in the media library in BS.Global BS.Player 2.51 build 1022, 2.41 build ...
E
CVE-2010-2010 Multiple cross-site scripting (XSS) vulnerabilities in the Chaos Tool Suite (aka CTools) module 6.x ...
S
CVE-2010-2011 Microsoft Dynamics GP uses a substitution cipher to encrypt the system password field and unspecifie...
CVE-2010-2012 SQL injection vulnerability in function.php in MigasCMS 1.1, when magic_quotes_gpc is disabled, allo...
E
CVE-2010-2013 Cross-site scripting (XSS) vulnerability in cp/edit_email.php in LiSK CMS 4.4 allows remote attacker...
E
CVE-2010-2014 Cross-site scripting (XSS) vulnerability in cp/list_content.php in LiSK CMS 4.4 allows remote attack...
E
CVE-2010-2015 Multiple SQL injection vulnerabilities in LiSK CMS 4.4 allow remote attackers to execute arbitrary S...
E
CVE-2010-2016 SQL injection vulnerability in details.php in Iceberg CMS allows remote attackers to execute arbitra...
E
CVE-2010-2017 Cross-site scripting (XSS) vulnerability in hasil-pencarian.html in Lokomedia CMS 1.4.1 and 2.0 allo...
E
CVE-2010-2018 Directory traversal vulnerability in downlot.php in Lokomedia CMS 1.4.1 and 2.0 allows remote attack...
E
CVE-2010-2019 SQL injection vulnerability in downlot.php in Lokomedia CMS 1.4.1, when magic_quotes_gpc is disabled...
CVE-2010-2020 sys/nfsclient/nfs_vfsops.c in the NFS client in the kernel in FreeBSD 7.2 through 8.1-PRERELEASE, wh...
E
CVE-2010-2021 Open redirect vulnerability in the Global Redirect module 6.x-1.x before 6.x-1.4 and 7.x-1.x before ...
S
CVE-2010-2022 jail.c in jail in FreeBSD 8.0 and 8.1-PRERELEASE, when the "-l -U root" options are omitted, does no...
S
CVE-2010-2023 transports/appendfile.c in Exim before 4.72, when a world-writable sticky-bit mail directory is used...
S
CVE-2010-2024 transports/appendfile.c in Exim before 4.72, when MBX locking is enabled, allows local users to chan...
S
CVE-2010-2025 Multiple cross-site request forgery (CSRF) vulnerabilities in the web interface on the Cisco Scienti...
E
CVE-2010-2026 The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r...
E
CVE-2010-2027 Mathematica 7, when running on Linux, allows local users to overwrite arbitrary files via a symlink ...
CVE-2010-2028 Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause ...
E
CVE-2010-2029 Cybozu Office 7 Ktai and Dotsales do not properly restrict access to the login page, which allows re...
CVE-2010-2030 Cross-site scripting (XSS) vulnerability in the External Link Page module 5.x before 5.x-1.0 and 6.x...
S
CVE-2010-2031 KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows loc...
E
CVE-2010-2032 Multiple cross-site scripting (XSS) vulnerabilities in resin-admin/digest.php in Caucho Technology R...
E
CVE-2010-2033 Directory traversal vulnerability in the Percha Multicategory Article (com_perchacategoriestree) com...
E
CVE-2010-2034 Directory traversal vulnerability in the Percha Image Attach (com_perchaimageattach) component 1.1 f...
E
CVE-2010-2035 Directory traversal vulnerability in the Percha Gallery (com_perchagallery) component 1.6 Beta for J...
E
CVE-2010-2036 Directory traversal vulnerability in the Percha Fields Attach (com_perchafieldsattach) component 1.x...
E
CVE-2010-2037 Directory traversal vulnerability in the Percha Downloads Attach (com_perchadownloadsattach) compone...
E
CVE-2010-2038 Cross-site scripting (XSS) vulnerability in include/tool/editing_files.php in gpEasy CMS 1.6.2 allow...
E S
CVE-2010-2039 Cross-site request forgery (CSRF) vulnerability in gpEasy CMS 1.6.2, 1.6.1, and earlier allows remot...
E
CVE-2010-2040 Cross-site scripting (XSS) vulnerability in search.php in V-EVA Shopzilla Affiliate Script PHP allow...
E
CVE-2010-2041 Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP-Calendar before 2.0 Beta7 al...
S
CVE-2010-2042 SQL injection vulnerability in search.php in ECShop 2.7.2 allows remote attackers to execute arbitra...
E
CVE-2010-2043 Cross-site scripting (XSS) vulnerability in Home.aspx in DataTrack System 3.5 and 3.5.8019.4 allows ...
E
CVE-2010-2044 SQL injection vulnerability in the Konsultasi (com_konsultasi) component 1.0.0 for Joomla! allows re...
E
CVE-2010-2045 Directory traversal vulnerability in the Dione Form Wizard (aka FDione or com_dioneformwizard) compo...
E
CVE-2010-2046 Multiple cross-site scripting (XSS) vulnerabilities in the ActiveHelper LiveHelp (com_activehelper_l...
E
CVE-2010-2047 SQL injection vulnerability in index.php in JE CMS 1.0.0 and 1.1 allows remote attackers to execute ...
E
CVE-2010-2048 Multiple cross-site scripting (XSS) vulnerabilities in the Heartbeat module 6.x before 6.x-4.9 for D...
S
CVE-2010-2049 Cross-site scripting (XSS) vulnerability in jsp/audit/reports/ExportReport.jsp in ManageEngine ADAud...
CVE-2010-2050 Directory traversal vulnerability in the Moron Solutions MS Comment (com_mscomment) component 0.8.0b...
E
CVE-2010-2051 SQL injection vulnerability in article.php in Debliteck DBCart allows remote attackers to execute ar...
E
CVE-2010-2052 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-2155. Reason: This candida...
R
CVE-2010-2053 emesenelib/ProfileManager.py in emesene before 1.6.2 allows local users to overwrite arbitrary files...
S
CVE-2010-2054 Integer overflow in httpAdapter.c in httpAdapter in SBLIM SFCB 1.3.4 through 1.3.7, when the configu...
CVE-2010-2055 Ghostscript 8.71 and earlier reads initialization files from the current working directory, which al...
E S
CVE-2010-2056 GNU gv before 3.7.0 allows local users to overwrite arbitrary files via a symlink attack on a tempor...
S
CVE-2010-2057 shared/util/StateUtils.java in Apache MyFaces 1.1.x before 1.1.8, 1.2.x before 1.2.9, and 2.0.x befo...
S
CVE-2010-2058 setup.py in Prewikka 0.9.14 installs prewikka.conf with world-readable permissions, which allows loc...
S
CVE-2010-2059 lib/fsm.c in RPM 4.8.0 and unspecified 4.7.x and 4.6.x versions, and RPM before 4.4.3, does not prop...
S
CVE-2010-2060 The put command functionality in beanstalkd 1.4.5 and earlier allows remote attackers to execute arb...
CVE-2010-2061 rpcbind 0.2.0 does not properly validate (1) /tmp/portmap.xdr and (2) /tmp/rpcbind.xdr, which can be...
CVE-2010-2062 Integer underflow in the real_get_rdt_chunk function in real.c, as used in modules/access/rtsp/real....
E
CVE-2010-2063 Buffer overflow in the SMB1 packet chaining implementation in the chain_reply function in process.c ...
S
CVE-2010-2064 rpcbind 0.2.0 allows local users to write to arbitrary files or gain privileges via a symlink attack...
CVE-2010-2065 Integer overflow in the TIFFroundup macro in LibTIFF before 3.9.3 allows remote attackers to cause a...
CVE-2010-2066 The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows ...
S
CVE-2010-2067 Stack-based buffer overflow in the TIFFFetchSubjectDistance function in tif_dirread.c in LibTIFF bef...
CVE-2010-2068 mod_proxy_http.c in mod_proxy_http in the Apache HTTP Server 2.2.9 through 2.2.15, 2.3.4-alpha, and ...
S
CVE-2010-2069 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was wi...
R
CVE-2010-2070 arch/ia64/xen/faults.c in Xen 3.4 and 4.0 in Linux kernel 2.6.18, and possibly other kernel versions...
CVE-2010-2071 The btrfs_xattr_set_acl function in fs/btrfs/acl.c in btrfs in the Linux kernel 2.6.34 and earlier d...
E S
CVE-2010-2072 Pyftpd 0.8.4 creates log files with predictable names in a temporary directory, which allows local u...
CVE-2010-2073 auth_db_config.py in Pyftpd 0.8.4 contains hard-coded usernames and passwords for the (1) test, (2) ...
S
CVE-2010-2074 istream.c in w3m 0.5.2 and possibly other versions, when ssl_verify_server is enabled, does not prop...
CVE-2010-2075 UnrealIRCd 3.2.8.1, as distributed on certain mirror sites from November 2009 through June 2010, con...
E
CVE-2010-2076 Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache Servi...
E S
CVE-2010-2077 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1640. Reason: This candida...
R
CVE-2010-2078 DataTrack System 3.5 allows remote attackers to list the root directory via a (1) /%u0085/ or (2) /%...
E
CVE-2010-2079 DataTrack System 3.5 allows remote attackers to bypass intended restrictions on file extensions, and...
E
CVE-2010-2080 Multiple cross-site scripting (XSS) vulnerabilities in Open Ticket Request System (OTRS) 2.3.x befor...
CVE-2010-2082 The web interface on the Cisco Scientific Atlanta WebSTAR DPC2100R2 cable modem with firmware 2.0.2r...
E
CVE-2010-2083 Microsoft Dynamics GP has a default value of ACCESS for the system password, which might make it eas...
CVE-2010-2084 Microsoft ASP.NET 2.0 does not prevent setting the InnerHtml property on a control that inherits fro...
CVE-2010-2085 The default configuration of ASP.NET in Microsoft .NET before 1.1 has a value of FALSE for the Enabl...
E
CVE-2010-2086 Apache MyFaces 1.1.7 and 1.2.8, as used in IBM WebSphere Application Server and other applications, ...
CVE-2010-2087 Oracle Mojarra 1.2_14 and 2.0.2, as used in IBM WebSphere Application Server, Caucho Resin, and othe...
E
CVE-2010-2088 ASP.NET in Microsoft .NET 3.5 does not properly handle an unencrypted view state, which allows remot...
E
CVE-2010-2089 The audioop module in Python 2.7 and 3.2 does not verify the relationships between size arguments an...
S
CVE-2010-2090 The npb_protocol_error function in sna V5router64 in IBM Communications Server for Windows 6.1.3 and...
CVE-2010-2091 Microsoft Outlook Web Access (OWA) 8.2.254.0, when Internet Explorer 7 on Windows Server 2003 is use...
E
CVE-2010-2092 SQL injection vulnerability in graph.php in Cacti 0.8.7e and earlier allows remote attackers to exec...
E
CVE-2010-2093 Use-after-free vulnerability in the request shutdown functionality in PHP 5.2 before 5.2.13 and 5.3 ...
E
CVE-2010-2094 Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-d...
E
CVE-2010-2095 SQL injection vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers to exec...
E
CVE-2010-2096 Directory traversal vulnerability in index.php in CMSQlite 1.2 and earlier allows remote attackers t...
E
CVE-2010-2097 The (1) iconv_mime_decode, (2) iconv_substr, and (3) iconv_mime_encode functions in PHP 5.2 through ...
E
CVE-2010-2098 Incomplete blacklist vulnerability in usersettings.php in e107 0.7.20 and earlier allows remote atta...
CVE-2010-2099 bbcode/php.bb in e107 0.7.20 and earlier does not perform access control checks for all inputs that ...
E
CVE-2010-2100 The (1) htmlentities, (2) htmlspecialchars, (3) str_getcsv, (4) http_build_query, (5) strpbrk, and (...
E
CVE-2010-2101 The (1) strip_tags, (2) setcookie, (3) strtok, (4) wordwrap, (5) str_word_count, and (6) str_pad fun...
E
CVE-2010-2102 Buffer overflow in Webby Webserver 1.01 allows remote attackers to execute arbitrary code via a long...
E
CVE-2010-2103 Cross-site scripting (XSS) vulnerability in axis2-admin/axis2-admin/engagingglobally in the administ...
E
CVE-2010-2104 Directory traversal vulnerability in Orbit Downloader 3.0.0.4 and 3.0.0.5 allows user-assisted remot...
CVE-2010-2105 Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requireme...
CVE-2010-2106 Unspecified vulnerability in Google Chrome before 5.0.375.55 might allow remote attackers to spoof t...
CVE-2010-2107 Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of s...
CVE-2010-2108 Unspecified vulnerability in Google Chrome before 5.0.375.55 allows remote attackers to bypass the w...
CVE-2010-2109 Unspecified vulnerability in Google Chrome before 5.0.375.55 allows user-assisted remote attackers t...
CVE-2010-2110 Google Chrome before 5.0.375.55 does not properly execute JavaScript code in the extension context, ...
CVE-2010-2111 Cross-site request forgery (CSRF) vulnerability in user/user-set.do in Pacific Timesheet 6.74 build ...
CVE-2010-2112 Directory traversal vulnerability in the FTP service in FileCOPA before 5.03 allows remote attackers...
CVE-2010-2113 Multiple cross-site request forgery (CSRF) vulnerabilities in The Uniform Server 5.6.5 allow remote ...
E
CVE-2010-2114 Cross-site request forgery (CSRF) vulnerability in pbx/gate in Brekeke PBX 2.4.4.8 allows remote att...
E
CVE-2010-2115 SolarWinds TFTP Server 10.4.0.10 allows remote attackers to cause a denial of service (no new connec...
E
CVE-2010-2116 The web interface in McAfee Email Gateway (formerly IronMail) 6.7.1 allows remote authenticated user...
E
CVE-2010-2117 Mozilla Firefox 3.0.19, 3.5.x, and 3.6.x allows remote attackers to cause a denial of service (resou...
E
CVE-2010-2118 Microsoft Internet Explorer 6.0.2900.2180 and 8.0.7600.16385 allows remote attackers to cause a deni...
E
CVE-2010-2119 Microsoft Internet Explorer 6.0.2900.2180 allows remote attackers to cause a denial of service (reso...
E
CVE-2010-2120 Google Chrome 1.0.154.48 allows remote attackers to cause a denial of service (resource consumption)...
E
CVE-2010-2121 Opera 9.52 allows remote attackers to cause a denial of service (resource consumption) via JavaScrip...
E
CVE-2010-2122 Directory traversal vulnerability in the SimpleDownload (com_simpledownload) component before 0.9.6 ...
E S
CVE-2010-2123 Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 ...
E S
CVE-2010-2124 SQL injection vulnerability in firma.php in Bartels Schone ConPresso 4.0.7 allows remote attackers t...
E
CVE-2010-2125 Multiple cross-site scripting (XSS) vulnerabilities in the Rotor Banner module 5.x before 5.x-1.8 an...
S
CVE-2010-2126 Multiple PHP remote file inclusion vulnerabilities in Snipe Gallery 3.1.5 allow remote attackers to ...
E
CVE-2010-2127 PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote attac...
E
CVE-2010-2128 Directory traversal vulnerability in the JE Quotation Form (com_jequoteform) component 1.0b1 for Joo...
E
CVE-2010-2129 Directory traversal vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component ...
E
CVE-2010-2130 Cross-site scripting (XSS) vulnerability in wflogin.jsp in Aris Global ARISg 5.0 allows remote attac...
E
CVE-2010-2131 SQL injection vulnerability in the Calendar Base (cal) extension before 1.3.2 for TYPO3 allows remot...
S
CVE-2010-2132 Multiple PHP remote file inclusion vulnerabilities in Open Education System (OES) 0.1 beta allow rem...
E
CVE-2010-2133 SQL injection vulnerability in contact.php in My Little Forum allows remote attackers to execute arb...
E
CVE-2010-2134 Multiple SQL injection vulnerabilities in login.php in Project Man 1.0 and earlier allow remote atta...
E
CVE-2010-2135 Multiple SQL injection vulnerabilities in login.php in HazelPress Lite 0.0.4 and earlier allow remot...
E
CVE-2010-2136 Directory traversal vulnerability in admin/index.php in Article Friendly, when magic_quotes_gpc is d...
E
CVE-2010-2137 PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 and earlier allows remote att...
E
CVE-2010-2138 Multiple directory traversal vulnerabilities in ProMan 0.1.1 and earlier allow remote attackers to i...
E
CVE-2010-2139 SQL injection vulnerability in pages.php in Multishop CMS allows remote attackers to execute arbitra...
CVE-2010-2140 SQL injection vulnerability in itemdetail.php in Multishop CMS allows remote attackers to execute ar...
CVE-2010-2141 SQL injection vulnerability in index.php in NITRO Web Gallery allows remote attackers to execute arb...
E
CVE-2010-2142 SQL injection vulnerability in default.asp in Cyberhost allows remote attackers to execute arbitrary...
E
CVE-2010-2143 Directory traversal vulnerability in index.php in Symphony CMS 2.0.7 allows remote attackers to read...
E
CVE-2010-2144 Cross-site scripting (XSS) vulnerability in signinform.php in Zeeways eBay Clone Auction Script allo...
E
CVE-2010-2145 Multiple PHP remote file inclusion vulnerabilities in ClearSite Beta 4.50, and possibly other versio...
CVE-2010-2146 PHP remote file inclusion vulnerability in banned.php in Visitor Logger allows remote attackers to e...
E
CVE-2010-2147 Cross-site scripting (XSS) vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows ...
E
CVE-2010-2148 SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attack...
E
CVE-2010-2149 Session fixation vulnerability in Fujitsu e-Pares V01 L01, L03, L10, L20, L30 allows remote attacker...
CVE-2010-2150 Cross-site scripting (XSS) vulnerability Fujitsu e-Pares V01 L01 allows remote attackers to inject a...
CVE-2010-2151 Cross-site request forgery (CSRF) vulnerability in Fujitsu e-Pares V01 L01 V01 L01, L03, L10, L20, L...
CVE-2010-2152 Unspecified vulnerability in JustSystems Ichitaro 2004 through 2009, Ichitaro Government 2006 throug...
S
CVE-2010-2153 Unrestricted file upload vulnerability in admin/code/tce_functions_tcecode_editor.php in TCExam 10.1...
E
CVE-2010-2154 Cross-site scripting (XSS) vulnerability in the Search Site in CMScout 2.09, and possibly other vers...
E
CVE-2010-2155 Multiple cross-site scripting (XSS) vulnerabilities in zc/publisher/html.rb in ZoneCheck 2.1.0 allow...
S
CVE-2010-2156 ISC DHCP 4.1 before 4.1.1-P1 and 4.0 before 4.0.2-P1 allows remote attackers to cause a denial of se...
E
CVE-2010-2157 Unspecified vulnerability in CA ARCserve Backup r11.5 SP4, r12.0 SP2, and r12.5 SP1 on Windows allow...
S
CVE-2010-2158 Multiple cross-site scripting (XSS) vulnerabilities in the Storm module 5.x and 6.x before 6.x-1.33 ...
S
CVE-2010-2159 Dameng DM Database Server allows remote authenticated users to cause a denial of service (crash) and...
E
CVE-2010-2160 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2161 Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR b...
S
CVE-2010-2162 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2163 Multiple unspecified vulnerabilities in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53....
S
CVE-2010-2164 Use-after-free vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and ...
S
CVE-2010-2165 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2166 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2167 Multiple heap-based buffer overflows in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53....
S
CVE-2010-2168 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attac...
S
CVE-2010-2169 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2170 Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR be...
S
CVE-2010-2171 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2172 Adobe Flash Player 9 before 9.0.277.0 on unspecified UNIX platforms allows attackers to cause a deni...
S
CVE-2010-2173 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, mi...
S
CVE-2010-2174 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, mi...
S
CVE-2010-2175 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2176 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2177 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2178 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2179 Cross-site scripting (XSS) vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1...
S
CVE-2010-2180 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2181 Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR be...
S
CVE-2010-2182 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2183 Integer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR be...
S
CVE-2010-2184 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2185 Buffer overflow in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR bef...
S
CVE-2010-2186 Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Ado...
S
CVE-2010-2187 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2188 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, al...
S
CVE-2010-2189 Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, wh...
S
CVE-2010-2190 The (1) trim, (2) ltrim, (3) rtrim, and (4) substr_replace functions in PHP 5.2 through 5.2.13 and 5...
E
CVE-2010-2191 The (1) parse_str, (2) preg_match, (3) unpack, and (4) pack functions; the (5) ZEND_FETCH_RW, (6) ZE...
E
CVE-2010-2192 The make_lockdir_name function in policy.c in pmount 0.9.18 allow local users to overwrite arbitrary...
S
CVE-2010-2193 Multiple unspecified vulnerabilities in the CA (1) PSFormX and (2) WebScan ActiveX controls, as dist...
CVE-2010-2195 bozotic HTTP server (aka bozohttpd) 20090522 through 20100512 allows attackers to cause a denial of ...
S
CVE-2010-2197 rpmbuild in RPM 4.8.0 and earlier does not properly parse the syntax of spec files, which allows use...
CVE-2010-2198 lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during...
CVE-2010-2199 lib/fsm.c in RPM 4.8.0 and earlier does not properly reset the metadata of an executable file during...
CVE-2010-2201 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attac...
S
CVE-2010-2202 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attac...
S
CVE-2010-2203 Adobe Reader and Acrobat 9.x before 9.3.3 on UNIX allow attackers to execute arbitrary code or cause...
S
CVE-2010-2204 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Wind...
S
CVE-2010-2205 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, access unin...
S
CVE-2010-2206 Array index error in AcroForm.api in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3...
S
CVE-2010-2207 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attac...
S
CVE-2010-2208 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, dereference...
S
CVE-2010-2209 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attac...
S
CVE-2010-2210 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attac...
S
CVE-2010-2211 Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attac...
S
CVE-2010-2212 Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Ma...
S
CVE-2010-2213 Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att...
S
CVE-2010-2214 Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att...
CVE-2010-2215 Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att...
CVE-2010-2216 Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows att...
CVE-2010-2217 Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arb...
S
CVE-2010-2218 Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a den...
CVE-2010-2219 Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, al...
CVE-2010-2220 Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a den...
CVE-2010-2221 Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (a...
CVE-2010-2222 The _ger_parse_control function in Red Hat Directory Server 8 and the 389 Directory Server allows at...
S
CVE-2010-2223 Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization Hypervisor (aka RHEV-H or...
S
CVE-2010-2224 The snapshot merging functionality in Red Hat Enterprise Virtualization Manager (aka RHEV-M) before ...
S
CVE-2010-2225 Use-after-free vulnerability in the SplObjectStorage unserializer in PHP 5.2.x and 5.3.x through 5.3...
E
CVE-2010-2226 The xfs_swapext function in fs/xfs/xfs_dfrag.c in the Linux kernel before 2.6.35 does not properly c...
CVE-2010-2227 Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an...
S
CVE-2010-2228 Cross-site scripting (XSS) vulnerability in the MNET access-control interface in Moodle before 1.8.1...
CVE-2010-2229 Multiple cross-site scripting (XSS) vulnerabilities in blog/index.php in Moodle before 1.8.13 and 1....
S
CVE-2010-2230 The KSES text cleaning filter in lib/weblib.php in Moodle before 1.8.13 and 1.9.x before 1.9.9 does ...
S
CVE-2010-2231 Cross-site request forgery (CSRF) vulnerability in report/overview/report.php in the quiz module in ...
S
CVE-2010-2232 In Apache Derby 10.1.2.1, 10.2.2.0, 10.3.1.4, and 10.4.1.3, Export processing may allow an attacker ...
S
CVE-2010-2233 tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not prop...
S
CVE-2010-2234 Cross-site request forgery (CSRF) vulnerability in Apache CouchDB 0.8.0 through 0.11.0 allows remote...
CVE-2010-2235 template_api.py in Cobbler before 2.0.7, as used in Red Hat Network Satellite Server and other produ...
S
CVE-2010-2236 The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite ...
E S
CVE-2010-2237 Red Hat libvirt, possibly 0.6.1 through 0.8.2, looks up disk backing stores without referring to the...
CVE-2010-2238 Red Hat libvirt, possibly 0.7.2 through 0.8.2, recurses into disk-image backing stores without extra...
CVE-2010-2239 Red Hat libvirt, possibly 0.6.0 through 0.8.2, creates new images without setting the user-defined b...
CVE-2010-2240 The do_anonymous_page function in mm/memory.c in the Linux kernel before 2.6.27.52, 2.6.32.x before ...
E
CVE-2010-2241 The (1) setup-ds.pl and (2) setup-ds-admin.pl setup scripts for Red Hat Directory Server 8 before 8....
CVE-2010-2242 Red Hat libvirt 0.2.0 through 0.8.2 creates iptables rules with improper mappings of privileged sour...
CVE-2010-2243 A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-G...
S
CVE-2010-2244 The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows...
CVE-2010-2245 XML External Entity (XXE) vulnerability in Apache Wink 1.1.1 and earlier allows remote attackers to ...
CVE-2010-2246 feh before 1.8, when the --wget-timestamp option is enabled, might allow remote attackers to execute...
E
CVE-2010-2247 makepasswd 1.10 default settings generate insecure passwords...
CVE-2010-2248 fs/cifs/cifssmb.c in the CIFS implementation in the Linux kernel before 2.6.34-rc4 allows remote att...
S
CVE-2010-2249 Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers t...
S
CVE-2010-2250 Drupal 5.x and 6.x before 6.16 uses a user-supplied value in output during site installation which c...
S
CVE-2010-2251 The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provi...
CVE-2010-2252 GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine t...
CVE-2010-2253 lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . ...
CVE-2010-2254 SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attacker...
E
CVE-2010-2255 SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Surve...
E
CVE-2010-2256 Multiple cross-site scripting (XSS) vulnerabilities in Pay Per Minute Video Chat Script 2.0 and 2.1 ...
E
CVE-2010-2257 SQL injection vulnerability in index_ie.php in Pay Per Minute Video Chat Script 2.0 and 2.1 allows r...
E
CVE-2010-2258 Cross-site scripting (XSS) vulnerability in signupconfirm.php in phpBannerExchange 1.2 Arabic allows...
CVE-2010-2259 Directory traversal vulnerability in the BF Survey (com_bfsurvey) component for Joomla! allows remot...
E
CVE-2010-2260 Multiple cross-site scripting (XSS) vulnerabilities in Gambit Design Bandwidth Meter, 0.72 and possi...
E
CVE-2010-2261 Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands ...
CVE-2010-2262 Galileo Students Team Weborf before 0.12.1 allows remote attackers to cause a denial of service (cra...
CVE-2010-2263 nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to o...
E
CVE-2010-2264 The Cascading Style Sheets (CSS) implementation in WebKit in Apple Safari before 5.0 on Mac OS X 10....
S
CVE-2010-2265 Cross-site scripting (XSS) vulnerability in the GetServerName function in sysinfo/commonFunc.js in M...
E
CVE-2010-2266 nginx 0.8.36 allows remote attackers to cause a denial of service (crash) via certain encoded direct...
E
CVE-2010-2267 Multiple cross-site scripting (XSS) vulnerabilities in Accoria Web Server (aka Rock Web Server) 1.4....
E
CVE-2010-2268 Cross-site request forgery (CSRF) vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web S...
E
CVE-2010-2269 Directory traversal vulnerability in loadstatic.cgi in Accoria Web Server (aka Rock Web Server) 1.4....
E
CVE-2010-2270 Accoria Web Server (aka Rock Web Server) 1.4.7 uses a predictable httpmod-sessionid cookie, which ma...
E
CVE-2010-2271 Format string vulnerability in authcfg.cgi in Accoria Web Server (aka Rock Web Server) 1.4.7 allows ...
E
CVE-2010-2272 Unspecified vulnerability in iframe_history.html in Dojo 0.4.x before 0.4.4 has unknown impact and r...
S
CVE-2010-2273 Multiple cross-site scripting (XSS) vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, ...
E S
CVE-2010-2274 Multiple open redirect vulnerabilities in Dojo 1.0.x before 1.0.3, 1.1.x before 1.1.2, 1.2.x before ...
S
CVE-2010-2275 Cross-site scripting (XSS) vulnerability in dijit/tests/_testCommon.js in Dojo Toolkit SDK before 1....
E
CVE-2010-2276 The default configuration of the build process in Dojo 0.4.x before 0.4.4, 1.0.x before 1.0.3, 1.1.x...
S
CVE-2010-2277 Multiple cross-site scripting (XSS) vulnerabilities in IBM Lotus Connections 2.5.x before 2.5.0.2 al...
S
CVE-2010-2278 The bookmarklet pop-up in the Bookmarks component in IBM Lotus Connections 2.5.x before 2.5.0.2 does...
S
CVE-2010-2279 The Top Updates implementation in the Homepage component in IBM Lotus Connections 2.5.x before 2.5.0...
S
CVE-2010-2280 Open redirect vulnerability in the Mobile component in IBM Lotus Connections 2.5.x before 2.5.0.2 al...
S
CVE-2010-2281 Multiple cross-site scripting (XSS) vulnerabilities in index.php in TomatoCMS 2.0.6 allow remote att...
CVE-2010-2282 Cross-site request forgery (CSRF) vulnerability in TomatoCMS 2.0.6 allows remote attackers to hijack...
CVE-2010-2283 The SMB dissector in Wireshark 0.99.6 through 1.0.13, and 1.2.0 through 1.2.8 allows remote attacker...
S
CVE-2010-2284 Buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.13 and 1.2.0 through 1.2...
S
CVE-2010-2285 The SMB PIPE dissector in Wireshark 0.8.20 through 1.0.13 and 1.2.0 through 1.2.8 allows remote atta...
S
CVE-2010-2286 The SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.7 through 1.0.13 and ...
S
CVE-2010-2287 Buffer overflow in the SigComp Universal Decompressor Virtual Machine dissector in Wireshark 0.10.8 ...
S
CVE-2010-2288 Cross-site scripting (XSS) vulnerability in dana/nc/ncrun.cgi in Juniper Networks IVE 6.5R1 (Build 1...
E
CVE-2010-2289 Open redirect vulnerability in dana/home/homepage.cgi in Juniper Networks IVE 6.5R1 (Build 14599) an...
E
CVE-2010-2290 Cross-site scripting (XSS) vulnerability in cgi-bin/cgix/help in McAfee Unified Threat Management (U...
E S
CVE-2010-2291 Unspecified vulnerability in the web interface in snom VoIP Phone firmware 8 before 8.2.35 allows re...
CVE-2010-2292 Cross-site scripting (XSS) vulnerability in the Ping tools web interface in Dlink Di-604 router allo...
CVE-2010-2293 The Ping tools web interface in Dlink Di-604 router allows remote authenticated users to cause a den...
CVE-2010-2294 Cross-site request forgery (CSRF) vulnerability in Plume CMS 1.2.4 and possibly earlier allows remot...
CVE-2010-2295 page/EventHandler.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 does not properly hand...
CVE-2010-2296 The implementation of unspecified DOM methods in Google Chrome before 5.0.375.70 allows remote attac...
CVE-2010-2297 rendering/FixedTableLayout.cpp in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote...
CVE-2010-2298 browser/renderer_host/database_dispatcher_host.cc in Google Chrome before 5.0.375.70 on Linux does n...
CVE-2010-2299 The Clipboard::DispatchObject function in app/clipboard/clipboard.cc in Google Chrome before 5.0.375...
CVE-2010-2300 Use-after-free vulnerability in the Element::normalizeAttributes function in dom/Element.cpp in WebC...
CVE-2010-2301 Cross-site scripting (XSS) vulnerability in editing/markup.cpp in WebCore in WebKit in Google Chrome...
E S
CVE-2010-2302 Use-after-free vulnerability in WebCore in WebKit in Google Chrome before 5.0.375.70 allows remote a...
CVE-2010-2303 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1772. Reason: This candida...
R
CVE-2010-2304 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1773. Reason: This candida...
R
CVE-2010-2305 Buffer overflow in an ActiveX control in SSHelper.dll for Symantec Sygate Personal Firewall 5.6 buil...
E
CVE-2010-2306 The default installation of Sourcefire 3D Sensor 1000, 2000, and 9900; and Defense Center 1000; uses...
CVE-2010-2307 Multiple directory traversal vulnerabilities in the web server for Motorola SURFBoard cable modem SB...
E
CVE-2010-2308 Unspecified vulnerability in the filter driver (savonaccessfilter.sys) in Sophos Anti-Virus before 7...
CVE-2010-2309 Buffer overflow in the web server for EvoLogical EvoCam 3.6.6 and 3.6.7 allows remote attackers to e...
E
CVE-2010-2310 SolarWinds TFTP Server 10.4.0.13 allows remote attackers to cause a denial of service (crash) via a ...
E
CVE-2010-2311 Stack-based buffer overflow in Power Tab Editor 1.7 build 80 allows user-assisted remote attackers t...
E
CVE-2010-2312 SQL injection vulnerability in index.php in HauntmAx Haunted House Directory Listing CMS allows remo...
E
CVE-2010-2313 Directory traversal vulnerability in index.php in Anodyne Productions SIMM Management System (SMS) 2...
E
CVE-2010-2314 PHP remote file inclusion vulnerability in nucleus/plugins/NP_Twitter.php in the NP_Twitter Plugin 0...
E
CVE-2010-2315 PHP remote file inclusion vulnerability in picturelib.php in SmartISoft phpBazar 2.1.1 allows remote...
E
CVE-2010-2316 Multiple cross-site scripting (XSS) vulnerabilities in default.asp in WmsCms 2.0 and earlier allow r...
E
CVE-2010-2317 Multiple SQL injection vulnerabilities in WmsCms 2.0 and earlier allow remote attackers to execute a...
E
CVE-2010-2318 Cross-site scripting (XSS) vulnerability in cms_data.php in PHPCityPortal 1.3 allows remote attacker...
E
CVE-2010-2319 SQL injection vulnerability in index.php in IDevSpot TextAds 2.08 allows remote attackers to execute...
E
CVE-2010-2320 bozotic HTTP server (aka bozohttpd) before 20100621 allows remote attackers to list the contents of ...
E
CVE-2010-2321 Buffer overflow in Adobe InDesign CS3 10.0 allows user-assisted remote attackers to execute arbitrar...
E
CVE-2010-2322 Absolute path traversal vulnerability in the extract_jar function in jartool.c in FastJar 0.98 allow...
E
CVE-2010-2323 IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS might allow attackers to obtain s...
CVE-2010-2324 IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 on z/OS allows attackers to perform unspe...
CVE-2010-2325 Cross-site scripting (XSS) vulnerability in the administrative console in IBM WebSphere Application ...
CVE-2010-2326 IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11, when addNode -trace is used during node ...
CVE-2010-2327 mod_ibm_ssl in IBM HTTP Server 6.0 before 6.0.2.43, 6.1 before 6.1.0.33, and 7.0 before 7.0.0.11, as...
CVE-2010-2328 The HTTP Channel in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.11 allows remote attacke...
S
CVE-2010-2329 Buffer overflow in Rosoft Audio Converter 4.4.4 allows remote attackers to execute arbitrary code vi...
E
CVE-2010-2330 Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to cause a ...
E
CVE-2010-2331 Stack-based buffer overflow in iSharer File Sharing Wizard 1.5.0 allows remote attackers to execute ...
E
CVE-2010-2332 Impact Financials, Inc. Impact PDF Reader 2.0, 1.2, and other versions for iPhone and iPod touch all...
E
CVE-2010-2333 LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the ...
E S
CVE-2010-2334 Directory traversal vulnerability in themes/default/download.php in Yamamah Photo Gallery 1.00, as d...
E S
CVE-2010-2335 SQL injection vulnerability in index.php in Yamamah Photo Gallery 1.00, as distributed before 201006...
E S
CVE-2010-2336 index.php in Yamamah Photo Gallery 1.00 allows remote attackers to obtain the source code of executa...
E S
CVE-2010-2337 Open redirect vulnerability in RSA Federated Identity Manager 4.0 before 4.0.25 and 4.1 before 4.1.2...
CVE-2010-2338 Multiple SQL injection vulnerabilities in redir.asp in VU Web Visitor Analyst allow remote attackers...
E
CVE-2010-2339 SQL injection vulnerability in admin/pages.php in Subdreamer CMS 3.x.x allows remote attackers to ex...
CVE-2010-2340 SQL injection vulnerability in members.php in Arab Portal 2.2, when magic_quotes_gpc is disabled, al...
E
CVE-2010-2341 PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in EZPX P...
E
CVE-2010-2342 SQL injection vulnerability in onlinenotebookmanager.asp in DMXReady Online Notebook Manager 1.0 all...
E
CVE-2010-2343 Stack-based buffer overflow in D.R. Software Audio Converter 8.1, 2007, and 8.05 allows remote attac...
E
CVE-2010-2344 Multiple cross-site scripting (XSS) vulnerabilities in odCMS 1.06, and possibly earlier, allow remot...
CVE-2010-2345 Cross-site request forgery (CSRF) vulnerability in odCMS 1.06, and possibly earlier, allows remote a...
CVE-2010-2347 The Telnet interface in the SAP J2EE Engine Core (SAP-JEECOR) 6.40 through 7.02, and Server Core (SE...
CVE-2010-2348 Stack-based buffer overflow in Batch Audio Converter Lite Edition 1.0.0.0 and earlier allows remote ...
E
CVE-2010-2349 H264WebCam 3.7 allows remote attackers to cause a denial of service (crash) via a long URI in a GET ...
E
CVE-2010-2350 Heap-based buffer overflow in the PNG decoder in Ziproxy 3.1.0 allows remote attackers to cause a de...
S
CVE-2010-2351 Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and...
E S
CVE-2010-2352 The Node Reference module in Content Construction Kit (CCK) module 5.x before 5.x-1.11 and 6.x befor...
S
CVE-2010-2353 The Node Reference module in Content Construction Kit (CCK) module 6.x before 6.x-2.7 for Drupal doe...
S
CVE-2010-2354 SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to...
E
CVE-2010-2355 Cross-site scripting (XSS) vulnerability in error.php in Pilot Group (PG) eLMS Pro allows remote att...
CVE-2010-2356 Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote...
E
CVE-2010-2357 SQL injection vulnerability in index.php in Eicra Realestate Script 1.0 and 1.6.0 allows remote atta...
E
CVE-2010-2358 PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2, when...
E
CVE-2010-2359 SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com eWebquiz 8 allows remote attac...
E
CVE-2010-2360 Multiple buffer overflows in Winny 2.0b7.1 and earlier might allow remote attackers to execute arbit...
CVE-2010-2361 Winny 2.0b7.1 and earlier does not properly process BBS information, which has unspecified impact an...
CVE-2010-2362 Winny 2.0b7.1 and earlier does not properly process node information, which has unspecified impact a...
CVE-2010-2363 The IPv6 Unicast Reverse Path Forwarding (RPF) implementation on the SEIL/X1, SEIL/X2, and SEIL/B1 r...
CVE-2010-2364 Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs before 1.03 allows remote attackers ...
S
CVE-2010-2365 Cross-site scripting (XSS) vulnerability in Free CGI Moo moobbs2 before 1.03 allows remote attackers...
S
CVE-2010-2366 Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access Analyzer CGI Professional, and St...
CVE-2010-2367 Cross-site scripting (XSS) vulnerability in search.cgi in AD-EDIT2 before 3.0.9 allows remote attack...
CVE-2010-2368 Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via...
S
CVE-2010-2369 Untrusted search path vulnerability in Lhasa 0.19 and earlier allows local users to gain privileges ...
S
CVE-2010-2370 Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middl...
CVE-2010-2371 Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P...
CVE-2010-2372 Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain P...
CVE-2010-2373 Unspecified vulnerability in the Console component in Oracle Enterprise Manager Grid Control 10.1.0....
CVE-2010-2374 Unspecified vulnerability in Solaris Studio 12 update 1 allows local users to affect confidentiality...
CVE-2010-2375 Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebL...
CVE-2010-2376 Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentialit...
CVE-2010-2377 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft an...
CVE-2010-2378 Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwa...
CVE-2010-2379 Unspecified vulnerability in the PeopleSoft Enterprise HCM - Time & Labor component in Oracle People...
CVE-2010-2380 Unspecified vulnerability in the PeopleSoft Enterprise FSCM component in Oracle PeopleSoft and JDEdw...
CVE-2010-2381 Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10...
S
CVE-2010-2382 Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentialit...
CVE-2010-2383 Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to aff...
CVE-2010-2384 Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality an...
CVE-2010-2385 Unspecified vulnerability in Oracle Sun Java System Web Proxy Server 4.0.13 allows remote attackers ...
CVE-2010-2386 Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to aff...
CVE-2010-2387 vicious-extensions/ve-misc.c in GNOME Display Manager (gdm) 2.20.x before 2.20.11, when GDM debug is...
CVE-2010-2388 Unspecified vulnerability in the Oracle Applications Manager component in Oracle E-Business Suite 11...
CVE-2010-2389 Unspecified vulnerability in the Perl component in Oracle Database Server 11.2.0.1, 11.1.0.7, 10.2.0...
CVE-2010-2390 Unspecified vulnerability in the Database Control component in EM Console in Oracle Database Server ...
CVE-2010-2391 Unspecified vulnerability in the Core RDBMS component in Oracle Database Server 10.1.0.5 and 10.2.0....
CVE-2010-2392 Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect integrit...
CVE-2010-2393 Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availabi...
CVE-2010-2394 Unspecified vulnerability in Oracle Solaris 10 allows local users to affect availability, related to...
CVE-2010-2395 Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3....
CVE-2010-2396 Unspecified vulnerability in the Forms component in Oracle Fusion Middleware 10.1.2.3 allows remote ...
CVE-2010-2397 Unspecified vulnerability in Oracle Sun Java System Application Server 8.0, 8.1, and 8.2; and GlassF...
CVE-2010-2398 Unspecified vulnerability in the PeopleSoft Enterprise HCM component in Oracle PeopleSoft and JDEdwa...
CVE-2010-2399 Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availabi...
CVE-2010-2400 Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect ...
CVE-2010-2401 Unspecified vulnerability in the PeopleSoft Enterprise HCM - eProfile Mgr component in Oracle People...
CVE-2010-2402 Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft an...
CVE-2010-2403 Unspecified vulnerability in the PeopleSoft Enterprise Campus Solutions component in Oracle PeopleSo...
CVE-2010-2404 Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 11.5.10.2,...
CVE-2010-2405 Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel ...
S
CVE-2010-2406 Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel ...
CVE-2010-2407 Unspecified vulnerability in the XDK component in Oracle Database Server 10.1.0.5, 10.2.0.4, and 11....
CVE-2010-2408 Unspecified vulnerability in the Oracle iRecruitment component in Oracle E-Business Suite 11.5.10.2,...
CVE-2010-2409 Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3....
CVE-2010-2410 Unspecified vulnerability in the Cabo/UIX component in Oracle Fusion Middleware 10.1.2.3 and 10.1.3....
CVE-2010-2411 Unspecified vulnerability in the Job Queue component in Oracle Database Server 11.2.0.1, 11.1.0.7, 1...
CVE-2010-2412 Unspecified vulnerability in the OLAP component in Oracle Database Server 11.1.0.7 allows remote aut...
CVE-2010-2413 Unspecified vulnerability in the BI Publisher component in Oracle Fusion Middleware 10.1.3.3.2 and 1...
CVE-2010-2414 Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 compo...
CVE-2010-2415 Unspecified vulnerability in the Change Data Capture component in Oracle Database Server 10.1.0.5, 1...
CVE-2010-2416 Unspecified vulnerability in the Oracle E-Business Intelligence component in Oracle E-Business Suite...
CVE-2010-2417 Unspecified vulnerability in the Agile PLM component in Oracle Supply Chain Products Suite 9.3.0.0 a...
CVE-2010-2418 Unspecified vulnerability in the Oracle Territory Management component in Oracle E-Business Suite 11...
CVE-2010-2419 Unspecified vulnerability in the Java Virtual Machine component in Oracle Database Server 10.1.0.5, ...
CVE-2010-2420 Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser 1.0.0 and 1.0.5 alpha, a modu...
CVE-2010-2421 Multiple unspecified vulnerabilities in Opera before 10.54 have unknown impact and attack vectors re...
S
CVE-2010-2422 Cross-site scripting (XSS) vulnerability in PortalTransforms in Plone 2.1 through 3.3.4 before hotfi...
S
CVE-2010-2425 Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.112...
CVE-2010-2426 Directory traversal vulnerability in TitanFTPd in South River Technologies Titan FTP Server 8.10.112...
E
CVE-2010-2427 VMware Studio 2.0 does not properly write to temporary files, which allows local users to gain privi...
S
CVE-2010-2428 Cross-site scripting (XSS) vulnerability in admin_loginok.html in the Administrator web interface in...
E
CVE-2010-2429 Cross-site scripting (XSS) vulnerability in Splunk 4.0 through 4.1.2, when Internet Explorer is used...
S
CVE-2010-2431 The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to over...
S
CVE-2010-2432 The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is ...
S
CVE-2010-2433 Multiple cross-site scripting (XSS) vulnerabilities in content/internalError.jsp in IBM WebSphere IL...
E
CVE-2010-2434 Buffer overflow in Arcext.dll 2.16.1 and earlier in pon software Explzh 5.62 and earlier allows remo...
CVE-2010-2435 Weborf HTTP Server 0.12.1 and earlier allows remote attackers to cause a denial of service (crash) v...
CVE-2010-2436 SQL injection vulnerability in modules/blog/index.php in AneCMS Blog 1.3 and possibly earlier allows...
E
CVE-2010-2437 Cross-site scripting (XSS) vulnerability in class/tools.class.php in AneCMS Blog 1.3 and possibly ea...
E
CVE-2010-2438 SQL injection vulnerability in G.CMS generator allows remote attackers to execute arbitrary SQL comm...
E
CVE-2010-2439 Stack-based buffer overflow in MoreAmp allows remote attackers to execute arbitrary code via a long ...
E
CVE-2010-2440 Stack-based buffer overflow in st-wizard.exe in Subtitle Translation Wizard 3.0 allows user-assisted...
E
CVE-2010-2441 WebKit does not properly restrict focus changes, which allows remote attackers to read keystrokes vi...
E S
CVE-2010-2442 Microsoft Internet Explorer, possibly 8, does not properly restrict focus changes, which allows remo...
CVE-2010-2443 The OJPEGReadBufferFill function in tif_ojpeg.c in LibTIFF before 3.9.3 allows remote attackers to c...
CVE-2010-2444 parse/Csv2_parse.c in MaraDNS 1.3.03, and other versions before 1.4.03, does not properly handle hos...
S
CVE-2010-2445 freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute ar...
S
CVE-2010-2446 Rbot Reaction plugin allows command execution...
CVE-2010-2447 gitolite before 1.4.1 does not filter src/ or hooks/ from path names....
S
CVE-2010-2448 znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) b...
S
CVE-2010-2449 Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp), enabling attackers to ov...
CVE-2010-2450 The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses Ope...
S
CVE-2010-2451 Multiple format string vulnerabilities in the DCC functionality in KVIrc 3.4 and 4.0 have unspecifie...
S
CVE-2010-2452 Directory traversal vulnerability in the DCC functionality in KVIrc 3.4 and 4.0 allows remote attack...
S
CVE-2010-2453 Multiple cross-site scripting (XSS) vulnerabilities in Synology Disk Station 2.x before DSM3.0-1337 ...
CVE-2010-2454 Apple Safari does not properly manage the address bar between the request to open a URL and the retr...
E
CVE-2010-2455 Opera does not properly manage the address bar between the request to open a URL and the retrieval o...
E
CVE-2010-2456 Multiple directory traversal vulnerabilities in index.php in Linker IMG 1.0 and earlier allow remote...
E
CVE-2010-2457 Cross-site scripting (XSS) vulnerability in index.php in K-Search allows remote attackers to inject ...
E
CVE-2010-2458 Cross-site scripting (XSS) vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 a...
E
CVE-2010-2459 SQL injection vulnerability in video.php in 2daybiz Video Community Portal Script 1.0 allows remote ...
E
CVE-2010-2460 SQL injection vulnerability in merchant_product_list.php in JCE-Tech Shareasale Script (SASS) 1 allo...
E
CVE-2010-2461 SQL injection vulnerability in storecat.php in JCE-Tech Overstock 1 allows remote attackers to execu...
E
CVE-2010-2462 SQL injection vulnerability in withdraw_money.php in Toma Cero OroHYIP allows remote attackers to ex...
E
CVE-2010-2463 Cross-site scripting (XSS) vulnerability in forum.php in Jamroom before 4.1.9 allows remote attacker...
E
CVE-2010-2464 Multiple cross-site scripting (XSS) vulnerabilities in the RSComments (com_rscomments) component 1.0...
E
CVE-2010-2465 The S2 Security NetBox 2.5, 3.3, and 4.0, as used in the Linear eMerge 50 and 5000 and the Sonitrol ...
E
CVE-2010-2466 The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonit...
E
CVE-2010-2467 The S2 Security NetBox, possibly 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonit...
E
CVE-2010-2468 The S2 Security NetBox 2.x and 3.x, as used in the Linear eMerge 50 and 5000 and the Sonitrol eAcces...
E
CVE-2010-2469 The Linear eMerge 50 and 5000 uses a default password of eMerge for the IEIeMerge account, which mak...
E
CVE-2010-2470 Install/Filesystem.pm in Bugzilla 3.5.1 through 3.6.1 and 3.7 through 3.7.1, when use_suexec is enab...
S
CVE-2010-2471 Drupal versions 5.x and 6.x has open redirection...
S
CVE-2010-2472 Locale module and dependent contributed modules in Drupal 6.x before 6.16 and 5.x before version 5.2...
S
CVE-2010-2473 Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circu...
S
CVE-2010-2474 JBoss Enterprise Service Bus (ESB) before 4.7 CP02 in JBoss Enterprise SOA Platform before 5.0.2 doe...
CVE-2010-2475 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2010-2476 syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending ...
S
CVE-2010-2477 Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpexceptions implementation in Pa...
S
CVE-2010-2478 Integer overflow in the ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before ...
CVE-2010-2479 Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other ...
S
CVE-2010-2480 Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site sc...
CVE-2010-2481 The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF...
E S
CVE-2010-2482 LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows ...
E
CVE-2010-2483 The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service ...
CVE-2010-2484 The strrchr function in PHP 5.2 before 5.2.14 allows context-dependent attackers to obtain sensitive...
CVE-2010-2485 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2010-2486 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2010-2487 Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, 1.8.x before 1.8....
E S
CVE-2010-2488 NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are un...
E
CVE-2010-2489 Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privilege...
S
CVE-2010-2490 Mumble: murmur-server has DoS due to malformed client query...
S
CVE-2010-2491 Cross-site scripting (XSS) vulnerability in cgi/client.py in Roundup before 1.4.14 allows remote att...
CVE-2010-2492 Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem ...
S
CVE-2010-2493 The default configuration of the deployment descriptor (aka web.xml) in picketlink-sts.war in (1) th...
CVE-2010-2494 Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in ...
S
CVE-2010-2495 The pppol2tp_xmit function in drivers/net/pppol2tp.c in the L2TP implementation in the Linux kernel ...
CVE-2010-2496 stonith-ng in pacemaker and cluster-glue passed passwords as commandline parameters, making it possi...
S
CVE-2010-2497 Integer underflow in glyph handling in FreeType before 2.4.0 allows remote attackers to cause a deni...
E S
CVE-2010-2498 The psh_glyph_find_strong_points function in pshinter/pshalgo.c in FreeType before 2.4.0 does not pr...
E S
CVE-2010-2499 Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.0 all...
E S
CVE-2010-2500 Integer overflow in the gray_render_span function in smooth/ftgrays.c in FreeType before 2.4.0 allow...
S
CVE-2010-2502 Multiple directory traversal vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allo...
S
CVE-2010-2503 Multiple cross-site scripting (XSS) vulnerabilities in Splunk 4.0 through 4.0.10 and 4.1 through 4.1...
S
CVE-2010-2504 Splunk 4.0 through 4.0.10 and 4.1 through 4.1.1 allows remote authenticated users to obtain sensitiv...
S
CVE-2010-2505 Soft SaschArt SasCAM Webcam Server 2.6.5, 2.7, and earlier allows remote attackers to cause a denial...
E
CVE-2010-2506 Cross-site scripting (XSS) vulnerability in debug.cgi in Linksys WAP54Gv3 firmware 3.05.03 and 3.04....
CVE-2010-2507 Directory traversal vulnerability in the Picasa2Gallery (com_picasa2gallery) component 1.2.8 and ear...
E
CVE-2010-2508 SQL injection vulnerability in user-profile.php in 2daybiz Video Community Portal Script allows remo...
E
CVE-2010-2509 Multiple cross-site scripting (XSS) vulnerabilities in 2daybiz Web Template Software allow remote at...
E
CVE-2010-2510 SQL injection vulnerability in customize.php in 2daybiz Web Template Software allows remote attacker...
E
CVE-2010-2511 SQL injection vulnerability in viewnews.php in 2daybiz Multi Level Marketing (MLM) Software allows r...
E
CVE-2010-2512 SQL injection vulnerability in customprofile.php in 2daybiz Matrimonial Script allows remote attacke...
E
CVE-2010-2513 SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 ...
E
CVE-2010-2514 Cross-site scripting (XSS) vulnerability in the JFaq (com_jfaq) component 1.2 for Joomla! allows rem...
E
CVE-2010-2515 Multiple SQL injection vulnerabilities in index.php in the JFaq (com_jfaq) component 1.2 for Joomla!...
E
CVE-2010-2516 Multiple SQL injection vulnerabilities in 2daybiz Multi Level Marketing (MLM) Software allow remote ...
CVE-2010-2517 Multiple unspecified vulnerabilities in IBM Rational ClearQuest before 7.1.1.02 have unknown impact ...
CVE-2010-2518 Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search...
CVE-2010-2519 Heap-based buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType befor...
E S
CVE-2010-2520 Heap-based buffer overflow in the Ins_IUP function in truetype/ttinterp.c in FreeType before 2.4.0, ...
E S
CVE-2010-2521 Multiple buffer overflows in fs/nfsd/nfs4xdr.c in the XDR implementation in the NFS server in the Li...
CVE-2010-2522 The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which a...
S
CVE-2010-2523 Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allow remote attackers to have an ...
S
CVE-2010-2524 The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when ...
S
CVE-2010-2525 A flaw was discovered in gfs2 file system’s handling of acls (access control lists). An unprivileged...
S
CVE-2010-2526 The cluster logical volume manager daemon (clvmd) in lvm2-cluster in LVM2 before 2.02.72, as used in...
E
CVE-2010-2527 Multiple buffer overflows in demo programs in FreeType before 2.4.0 allow remote attackers to cause ...
S
CVE-2010-2528 The clientautoresp function in family_icbm.c in the oscar protocol plugin in libpurple in Pidgin bef...
S
CVE-2010-2529 Unspecified vulnerability in ping.c in iputils 20020927, 20070202, 20071127, and 20100214 on Mandriv...
CVE-2010-2530 Multiple integer signedness errors in smb_subr.c in the netsmb module in the kernel in NetBSD 5.0.2 ...
CVE-2010-2531 The var_export function in PHP 5.2 before 5.2.14 and 5.3 before 5.3.3 flushes the output buffer to t...
CVE-2010-2532 lxsession-logout in lxsession in LXDE, as used on SUSE openSUSE 11.3 and other platforms, does not l...
CVE-2010-2533 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-2621. Reason: This candida...
R
CVE-2010-2534 The NetworkSyncCommandQueue function in network/network_command.cpp in OpenTTD before 1.0.3 does not...
S
CVE-2010-2535 Multiple cross-site scripting (XSS) vulnerabilities in the Back End in Joomla! 1.5.x before 1.5.20 a...
CVE-2010-2536 Multiple cross-site scripting (XSS) vulnerabilities in rekonq 0.5 and earlier allow remote attackers...
E
CVE-2010-2537 The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 allows local us...
S
CVE-2010-2538 Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2....
S
CVE-2010-2539 Buffer overflow in the msTmpFile function in maputil.c in mapserv in MapServer before 4.10.6 and 5.x...
S
CVE-2010-2540 mapserv.c in mapserv in MapServer before 4.10.6 and 5.x before 5.6.4 does not properly restrict the ...
CVE-2010-2541 Buffer overflow in ftmulti.c in the ftmulti demo program in FreeType before 2.4.2 allows remote atta...
S
CVE-2010-2542 Stack-based buffer overflow in the is_git_directory function in setup.c in Git before 1.7.2.1 allows...
CVE-2010-2543 Cross-site scripting (XSS) vulnerability in include/top_graph_header.php in Cacti before 0.8.7g allo...
CVE-2010-2544 Cross-site scripting (XSS) vulnerability in utilities.php in Cacti before 0.8.7g, as used in Red Hat...
E
CVE-2010-2545 Multiple cross-site scripting (XSS) vulnerabilities in Cacti before 0.8.7g, as used in Red Hat High ...
E
CVE-2010-2546 Multiple heap-based buffer overflows in loaders/load_it.c in libmikmod, possibly 3.1.12, might allow...
CVE-2010-2547 Use-after-free vulnerability in kbx/keybox-blob.c in GPGSM in GnuPG 2.x through 2.0.16 allows remote...
S
CVE-2010-2548 IcedTea6 before 1.7.4 does not properly check property access, which allows unsigned apps to read an...
S
CVE-2010-2549 Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and S...
E
CVE-2010-2550 The SMB Server in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and S...
CVE-2010-2551 The SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Wi...
CVE-2010-2552 Stack consumption vulnerability in the SMB Server in Microsoft Windows Vista SP1 and SP2, Windows Se...
CVE-2010-2553 The Cinepak codec in Microsoft Windows XP SP2 and SP3, Windows Vista SP1 and SP2, and Windows 7 does...
CVE-2010-2554 The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, S...
CVE-2010-2555 The Tracing Feature for Services in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, S...
CVE-2010-2556 Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows rem...
S
CVE-2010-2557 Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attack...
S
CVE-2010-2558 Race condition in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitra...
S
CVE-2010-2559 Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attack...
S
CVE-2010-2560 Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows rem...
S
CVE-2010-2561 Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows re...
CVE-2010-2562 Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format...
CVE-2010-2563 The Word 97 text converter in the WordPad Text Converters in Microsoft Windows XP SP2 and SP3 and Se...
CVE-2010-2564 Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to ...
CVE-2010-2565 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-2566 The Secure Channel (aka SChannel) security package in Microsoft Windows XP SP2 and SP3, and Windows ...
CVE-2010-2567 The RPC client implementation in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not prope...
CVE-2010-2568 Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R...
KEV E S
CVE-2010-2569 pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3, 2003 SP3, and 2007 SP...
CVE-2010-2570 Heap-based buffer overflow in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2...
CVE-2010-2571 Array index error in pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 a...
CVE-2010-2572 Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arb...
KEV S
CVE-2010-2573 Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2...
CVE-2010-2574 Cross-site scripting (XSS) vulnerability in manage_proj_cat_add.php in MantisBT 1.2.2 allows remote ...
CVE-2010-2575 Heap-based buffer overflow in the RLE decompression functionality in the TranscribePalmImageToJPEG f...
S
CVE-2010-2576 Opera before 10.61 does not properly suppress clicks on download dialogs that became visible after a...
CVE-2010-2577 Multiple SQL injection vulnerabilities in Pligg before 1.1.1 allow remote attackers to execute arbit...
CVE-2010-2578 Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1...
CVE-2010-2579 The cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, RealPl...
CVE-2010-2580 The SMTP service (MESMTPC.exe) in MailEnable 3.x and 4.25 does not properly perform a length check, ...
S
CVE-2010-2581 dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows remote attackers to execute arbitrary ...
S
CVE-2010-2582 An unspecified function in TextXtra.x32 in Adobe Shockwave Player before 11.5.9.615 does not properl...
S
CVE-2010-2583 Stack-based buffer overflow in SonicWALL SSL-VPN End-Point Interrogator/Installer ActiveX control (A...
CVE-2010-2584 The Upload method in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in RealPage ...
CVE-2010-2585 Multiple buffer overflows in the RealPage Module Upload ActiveX control in Realpage.dll 1.0.0.9 in R...
CVE-2010-2586 Multiple integer overflows in in_nsv.dll in the in_nsv plugin in Winamp before 5.6 allow remote atta...
CVE-2010-2587 The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitr...
S
CVE-2010-2588 The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitr...
S
CVE-2010-2589 Integer overflow in the dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attacke...
S
CVE-2010-2590 Heap-based buffer overflow in the CrystalReports12.CrystalPrintControl.1 ActiveX control in PrintCon...
E
CVE-2010-2594 Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterS...
CVE-2010-2595 The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly ha...
E
CVE-2010-2596 The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows r...
E
CVE-2010-2597 The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the T...
E S
CVE-2010-2598 LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to ...
E
CVE-2010-2599 Unspecified vulnerability in Research In Motion (RIM) BlackBerry Device Software before 6.0.0 allows...
CVE-2010-2600 Untrusted search path vulnerability in BlackBerry Desktop Software before 6.0.0.47 allows local user...
S
CVE-2010-2601 Multiple buffer overflows in the PDF distiller in the Attachment Service component in Research In Mo...
S
CVE-2010-2602 Multiple buffer overflows in the PDF distiller component in the BlackBerry Attachment Service in Bla...
CVE-2010-2603 RIM BlackBerry Desktop Software 4.7 through 6.0 for PC, and 1.0 for Mac, uses a weak password to enc...
CVE-2010-2604 Multiple buffer overflows in the PDF Distiller in the BlackBerry Attachment Service component in Res...
CVE-2010-2609 SQL injection vulnerability in show_search_result.php in 2daybiz Job Search Engine Script allows rem...
E
CVE-2010-2610 Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute ...
E
CVE-2010-2611 SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remo...
E
CVE-2010-2612 Unspecified vulnerability in the HP OpenVMS Auditing feature in OpenVMS ALPHA 7.3-2, 8.2, and 8.3; a...
S
CVE-2010-2613 Cross-site scripting (XSS) vulnerability in the JExtensions JE Awd Song (com_awd_song) component for...
E
CVE-2010-2614 SQL injection vulnerability in admin/admin.php in Grafik CMS 1.1.2, and possibly earlier, allows rem...
E
CVE-2010-2615 Multiple cross-site scripting (XSS) vulnerabilities in admin/admin.php in Grafik CMS 1.1.2, and poss...
E
CVE-2010-2616 SQL injection vulnerability in bible.php in PHP Bible Search, probably 0.99, allows remote attackers...
E
CVE-2010-2617 Cross-site scripting (XSS) vulnerability in bible.php in PHP Bible Search allows remote attackers to...
E
CVE-2010-2618 PHP remote file inclusion vulnerability in inc/smarty/libs/init.php in AdaptCMS 2.0.0 Beta, when reg...
E
CVE-2010-2619 Citrix XenServer 5.0 Update 2 and earlier, and 5.5 Update 1 and earlier, when using a pvops kernel, ...
S
CVE-2010-2620 Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication...
E
CVE-2010-2621 The QSslSocketBackendPrivate::transmit function in src_network_ssl_qsslsocket_openssl.cpp in Qt 4.6....
E
CVE-2010-2622 SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote a...
E
CVE-2010-2623 SQL injection vulnerability in pages.php in Internet DM Specialist Bed and Breakfast allows remote a...
E
CVE-2010-2624 Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute a...
E
CVE-2010-2625 Unspecified vulnerability in the Client Service for DPM in Hitachi ServerConductor / Deployment Mana...
E S
CVE-2010-2626 index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands vi...
E
CVE-2010-2627 Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.5...
E
CVE-2010-2628 The IKE daemon in strongSwan 4.3.x before 4.3.7 and 4.4.x before 4.4.1 does not properly check the r...
S
CVE-2010-2629 The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control En...
CVE-2010-2630 The TIFFReadDirectory function in LibTIFF 3.9.0 does not properly validate the data types of codec-s...
S
CVE-2010-2631 LibTIFF 3.9.0 ignores tags in certain situations during the first stage of TIFF file processing and ...
E S
CVE-2010-2632 Unspecified vulnerability in the FTP Server in Oracle Solaris 8, 9, 10, and 11 Express allows remote...
CVE-2010-2633 Unspecified vulnerability in EMC Disk Library (EDL) before 3.2.7, 3.3.x before 3.3.2 epatch 8, and 4...
CVE-2010-2634 RSA enVision before 3.7 SP1 allows remote authenticated users to cause a denial of service via unspe...
CVE-2010-2635 SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticate...
CVE-2010-2636 Multiple cross-site scripting (XSS) vulnerabilities in sample store pages in IBM WebSphere Commerce ...
CVE-2010-2637 IBM WebSphere MQ 6.0 before 6.0.2.9 and 7.0 before 7.0.1.1 does not encrypt the username and passwor...
CVE-2010-2638 Unspecified vulnerability in IBM WebSphere MQ 7.0 before 7.0.1.5 allows remote authenticated users t...
CVE-2010-2639 IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages intend...
CVE-2010-2640 Array index error in the PK font parser in the dvi-backend component in Evince 2.32 and earlier allo...
S
CVE-2010-2641 Array index error in the VF font parser in the dvi-backend component in Evince 2.32 and earlier allo...
S
CVE-2010-2642 Heap-based buffer overflow in the AFM font parser in the dvi-backend component in Evince 2.32 and ea...
S
CVE-2010-2643 Integer overflow in the TFM font parser in the dvi-backend component in Evince 2.32 and earlier allo...
S
CVE-2010-2644 IBM WebSphere Service Registry and Repository (WSRR) 7.0.0 before FP1 does not properly implement ac...
CVE-2010-2645 Unspecified vulnerability in Google Chrome before 5.0.375.99, when WebGL is used, allows remote atta...
S
CVE-2010-2646 Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspe...
E S
CVE-2010-2647 Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corrupt...
E S
CVE-2010-2648 The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chro...
S
CVE-2010-2649 Unspecified vulnerability in Google Chrome before 5.0.375.99 allows remote attackers to cause a deni...
E S
CVE-2010-2650 Unspecified vulnerability in Google Chrome before 5.0.375.99 has unknown impact and attack vectors, ...
S
CVE-2010-2651 The Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99 does not properly...
S
CVE-2010-2652 Google Chrome before 5.0.375.99 does not properly implement modal dialogs, which allows attackers to...
E S
CVE-2010-2653 Race condition in the hvc_close function in drivers/char/hvc_console.c in the Linux kernel before 2....
E S
CVE-2010-2654 Multiple cross-site scripting (XSS) vulnerabilities on the IBM BladeCenter with Advanced Management ...
E
CVE-2010-2655 Directory traversal vulnerability in private/file_management.php on the IBM BladeCenter with Advance...
E
CVE-2010-2656 The IBM BladeCenter with Advanced Management Module (AMM) firmware build ID BPET48L, and possibly ot...
E
CVE-2010-2657 Opera before 10.60 on Windows and Mac OS X does not properly prevent certain double-click operations...
CVE-2010-2658 Opera before 10.60 does not properly restrict certain interaction between plug-ins, file inputs, and...
S
CVE-2010-2659 Opera before 10.50 on Windows, before 10.52 on Mac OS X, and before 10.60 on UNIX platforms makes wi...
CVE-2010-2660 Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly re...
S
CVE-2010-2661 Opera before 10.54 on Windows and Mac OS X, and before 10.60 on UNIX platforms, does not properly re...
S
CVE-2010-2662 Opera before 10.60 allows remote attackers to bypass the popup blocker via a javascript: URL and a "...
CVE-2010-2663 Opera before 10.60 allows remote attackers to cause a denial of service (application hang) via an en...
CVE-2010-2664 Opera before 10.60 allows remote attackers to cause a denial of service (application hang) via certa...
CVE-2010-2665 Cross-site scripting (XSS) vulnerability in Opera before 10.54 on Windows and Mac OS X, and before 1...
S
CVE-2010-2666 Opera before 10.54 on Windows and Mac OS X does not properly enforce permission requirements for wid...
CVE-2010-2667 Multiple unspecified vulnerabilities in the Virtual Appliance Management Infrastructure (VAMI) in VM...
S
CVE-2010-2668 Unspecified vulnerability in Adaptive Micro Systems ALPHA Ethernet Adapter II Web-Manager 3.40.2 all...
CVE-2010-2669 Cross-site scripting (XSS) vulnerability in admin/editors/text/editor-body.php in Orbis CMS 1.0.2 al...
E
CVE-2010-2670 SQL injection vulnerability in recipedetail.php in BrotherScripts Recipe Website allows remote attac...
E
CVE-2010-2671 Cross-site scripting (XSS) vulnerability in advancedsearch.php in eZ Publish 3.7.0 through 4.2.0 all...
S
CVE-2010-2672 Multiple SQL injection vulnerabilities in eZ Publish 3.7.0 through 4.2.0 allow remote attackers to e...
S
CVE-2010-2673 SQL injection vulnerability in profile_view.php in Devana 1.6.6 and earlier allows remote attackers ...
E
CVE-2010-2674 SQL injection vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote attackers to e...
E
CVE-2010-2675 Cross-site scripting (XSS) vulnerability in index.php in TSOKA:CMS 1.1, 1.9, and 2.0 allows remote a...
E
CVE-2010-2676 Multiple directory traversal vulnerabilities in index.php in Open Web Analytics (OWA) 1.2.3 might al...
E S
CVE-2010-2677 PHP remote file inclusion vulnerability in mw_plugin.php in Open Web Analytics (OWA) 1.2.3, when mag...
E S
CVE-2010-2678 SQL injection vulnerability in xmap (com_xmap) component for Joomla! allows remote attackers to exec...
E
CVE-2010-2679 SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attack...
E
CVE-2010-2680 Directory traversal vulnerability in the JExtensions JE Section/Property Finder (jesectionfinder) co...
E
CVE-2010-2681 PHP remote file inclusion vulnerability in the SEF404x (com_sef) component for Joomla! allows remote...
E
CVE-2010-2682 Directory traversal vulnerability in the Realtyna Translator (com_realtyna) component 1.0.15 for Joo...
E
CVE-2010-2683 SQL injection vulnerability in result.php in Customer Paradigm PageDirector CMS allows remote attack...
E
CVE-2010-2684 SQL injection vulnerability in index.php in Customer Paradigm PageDirector CMS allows remote attacke...
E
CVE-2010-2685 siteadmin/adduser.php in Customer Paradigm PageDirector CMS does not properly restrict access, which...
E
CVE-2010-2686 Multiple SQL injection vulnerabilities in clientes.asp in the TopManage OLK module 1.91.30 for SAP a...
CVE-2010-2687 SQL injection vulnerability in printdetail.asp in Site2Nite Boat Classifieds allows remote attackers...
E
CVE-2010-2688 SQL injection vulnerability in detail.asp in Site2Nite Boat Classifieds allows remote attackers to e...
E
CVE-2010-2689 SQL injection vulnerability in cont_form.php in Internet DM WebDM CMS allows remote attackers to exe...
E
CVE-2010-2690 SQL injection vulnerability in the JOOFORGE Gamesbox (com_gamesbox) component 1.0.2, and possibly ea...
E
CVE-2010-2691 Multiple SQL injection vulnerabilities in 2daybiz Custom T-Shirt Design Script allow remote attacker...
E
CVE-2010-2692 Cross-site scripting (XSS) vulnerability in 2daybiz Custom T-Shirt Design Script allows remote attac...
E
CVE-2010-2693 FreeBSD 7.1 through 8.1-PRERELEASE does not copy the read-only flag when creating a duplicate mbuf b...
S
CVE-2010-2694 SQL injection vulnerability in the redSHOP Component (com_redshop) 1.0 for Joomla! allows remote att...
E
CVE-2010-2695 Directory traversal vulnerability in the SFTP/SSH2 virtual server in Xlight FTP Server 3.5.0, 3.5.5,...
S
CVE-2010-2696 SQL injection vulnerability in gallery/index.php in Sijio Community Software allows remote attackers...
E
CVE-2010-2697 Cross-site scripting (XSS) vulnerability in Sijio Community Software allows remote authenticated use...
E
CVE-2010-2698 Multiple cross-site scripting (XSS) vulnerabilities in Sijio Community Software allow remote authent...
E
CVE-2010-2699 SQL injection vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Script (CBQuick...
E
CVE-2010-2700 Cross-site scripting (XSS) vulnerability in index.php in Edge PHP Clickbank Affiliate Marketplace Sc...
E
CVE-2010-2701 Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow remote attackers to execute arbit...
E
CVE-2010-2702 Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and ...
E
CVE-2010-2703 Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network No...
E S
CVE-2010-2704 Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers t...
S
CVE-2010-2705 Unspecified vulnerability on the HP ProCurve 1800-24G switch with software PB.03.02 and earlier, and...
CVE-2010-2706 Unspecified vulnerability in the In-band Agent on the HP ProCurve 2610 switch before R.11.30 allows ...
CVE-2010-2707 Unspecified vulnerability on the HP ProCurve 2626 and 2650 switches before H.10.80 allows remote att...
CVE-2010-2708 Unspecified vulnerability on the HP ProCurve 2610 switch before R.11.22, when DHCP is enabled, allow...
CVE-2010-2709 Stack-based buffer overflow in webappmon.exe in HP OpenView Network Node Manager (OV NNM) 7.51 and 7...
E S
CVE-2010-2710 Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote a...
CVE-2010-2711 Unspecified vulnerability in the HP MagCloud app before 1.0.5 for the iPad allows remote attackers t...
CVE-2010-2712 Unspecified vulnerability in Software Distributor (sd) in HP HP-UX B.11.11, B.11.23, and B.11.31 all...
S
CVE-2010-2713 The vte_sequence_handler_window_manipulation function in vteseq.c in libvte (aka libvte9) in VTE 0.2...
E S
CVE-2010-2714 SQL injection vulnerability in photos/index.php in TCW PHP Album 1.0 allows remote attackers to exec...
E
CVE-2010-2715 Cross-site scripting (XSS) vulnerability in photos/index.php in TCW PHP Album 1.0 allows remote atta...
E
CVE-2010-2716 Multiple SQL injection vulnerabilities in PsNews 1.3 allow remote attackers to execute arbitrary SQL...
E
CVE-2010-2717 Cross-site scripting (XSS) vulnerability in manager/login.php in CruxSoftware CruxCMS 3.0, and possi...
E
CVE-2010-2718 Multiple cross-site scripting (XSS) vulnerabilities in CruxSoftware CruxPA 2.00, and possibly earlie...
E
CVE-2010-2719 SQL injection vulnerability in show.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows...
E
CVE-2010-2720 SQL injection vulnerability in list.php in phpaaCms 0.3.1 UTF-8, and possibly other versions, allows...
E
CVE-2010-2721 SQL injection vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remote attackers t...
E
CVE-2010-2722 Cross-site scripting (XSS) vulnerability in index.php in RightInPoint Lyrics Script 3.0 allows remot...
CVE-2010-2723 Cross-site scripting (XSS) vulnerability in LISTSERV 15 and 16 allows remote attackers to inject arb...
CVE-2010-2724 Cross-site scripting (XSS) vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and 6....
S
CVE-2010-2725 BarnOwl before 1.6.2 does not check the return code of calls to the (1) ZPending and (2) ZReceiveNot...
CVE-2010-2726 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-2727 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-2728 Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, and 2007 SP2, when Online Mode f...
CVE-2010-2729 The Print Spooler service in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vist...
CVE-2010-2730 Buffer overflow in Microsoft Internet Information Services (IIS) 7.5, when FastCGI is enabled, allow...
CVE-2010-2731 Unspecified vulnerability in Microsoft Internet Information Services (IIS) 5.1 on Windows XP SP3, wh...
CVE-2010-2732 Open redirect vulnerability in the web interface in Microsoft Forefront Unified Access Gateway (UAG)...
CVE-2010-2733 Cross-site scripting (XSS) vulnerability in the Web Monitor in Microsoft Forefront Unified Access Ga...
CVE-2010-2734 Cross-site scripting (XSS) vulnerability in the mobile portal in Microsoft Forefront Unified Access ...
CVE-2010-2735 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-2736 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-2737 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-2738 The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP...
CVE-2010-2739 Buffer overflow in the CreateDIBPalette function in win32k.sys in Microsoft Windows XP SP3, Server 2...
E
CVE-2010-2740 The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does n...
CVE-2010-2741 The OpenType Font (OTF) format driver in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 perfor...
CVE-2010-2742 The Netlogon RPC Service in Microsoft Windows Server 2003 SP2 and Server 2008 Gold, SP2, and R2, whe...
CVE-2010-2743 The kernel-mode drivers in Microsoft Windows XP SP3 do not properly perform indexing of a function-p...
CVE-2010-2744 The kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista ...
E
CVE-2010-2745 Microsoft Windows Media Player (WMP) 9 through 12 does not properly deallocate objects during a brow...
CVE-2010-2746 Heap-based buffer overflow in Comctl32.dll (aka the common control library) in Microsoft Windows XP ...
CVE-2010-2747 Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle an uninitialized pointer duri...
CVE-2010-2748 Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check an unspecified boundary during...
CVE-2010-2749 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...
R
CVE-2010-2750 Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to exec...
CVE-2010-2751 The nsDocShell::OnRedirectStateChange function in docshell/base/nsDocShell.cpp in Mozilla Firefox 3....
E
CVE-2010-2752 Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Th...
CVE-2010-2753 Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x be...
E
CVE-2010-2754 dom/base/nsJSEnvironment.cpp in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderb...
CVE-2010-2755 layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the param...
CVE-2010-2756 Search.pm in Bugzilla 2.19.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 throug...
CVE-2010-2757 The sudo feature in Bugzilla 2.22rc1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3....
CVE-2010-2758 Bugzilla 2.17.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2 gener...
CVE-2010-2759 Bugzilla 2.23.1 through 3.2.7, 3.3.1 through 3.4.7, 3.5.1 through 3.6.1, and 3.7 through 3.7.2, when...
CVE-2010-2760 Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3....
CVE-2010-2761 The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and ear...
S
CVE-2010-2762 The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Fir...
CVE-2010-2763 The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Fir...
CVE-2010-2764 Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1....
CVE-2010-2765 Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x b...
CVE-2010-2766 The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird ...
CVE-2010-2767 The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunde...
CVE-2010-2768 Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1....
CVE-2010-2769 Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Th...
CVE-2010-2770 Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1....
CVE-2010-2771 solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long...
CVE-2010-2772 Siemens Simatic WinCC and PCS 7 SCADA system uses a hard-coded password, which allows local users to...
E
CVE-2010-2777 Stack-based buffer overflow in the IMAP server component in GroupWise Internet Agent (GWIA) in Novel...
CVE-2010-2778 Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 7.x before 7.0 post-SP4 FT...
CVE-2010-2779 Cross-site scripting (XSS) vulnerability in WebAccess in Novell GroupWise 8.x before 8.0 SP2 allows ...
CVE-2010-2783 IcedTea6 before 1.7.4 allow unsigned apps to read and write arbitrary files, related to Extended JNL...
S
CVE-2010-2784 The subpage MMIO initialization functionality in the subpage_register function in exec.c in QEMU-KVM...
S
CVE-2010-2785 The IRC Protocol component in KVIrc 3.x and 4.x before r4693 does not properly handle \ (backslash) ...
S
CVE-2010-2786 Directory traversal vulnerability in Piwik 0.6 through 0.6.3 allows remote attackers to include arbi...
CVE-2010-2787 api.php in MediaWiki before 1.15.5 does not prevent use of public caching headers for private data, ...
S
CVE-2010-2788 Cross-site scripting (XSS) vulnerability in profileinfo.php in MediaWiki before 1.15.5, when wgEnabl...
S
CVE-2010-2789 PHP remote file inclusion vulnerability in MediaWikiParserTest.php in MediaWiki 1.16 beta, when regi...
S
CVE-2010-2790 Multiple cross-site scripting (XSS) vulnerabilities in the formatQuery function in frontends/php/inc...
S
CVE-2010-2791 mod_proxy in httpd in Apache HTTP Server 2.2.9, when running on Unix, does not close the backend con...
CVE-2010-2792 Race condition in the SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to obtain sen...
S
CVE-2010-2793 Race condition in the SPICE (aka spice-activex) plug-in for Internet Explorer in Red Hat Enterprise ...
CVE-2010-2794 The SPICE (aka spice-xpi) plug-in 2.2 for Firefox allows local users to overwrite arbitrary files vi...
CVE-2010-2795 phpCAS before 1.1.2 allows remote authenticated users to hijack sessions via a query string containi...
S
CVE-2010-2796 Cross-site scripting (XSS) vulnerability in phpCAS before 1.1.2, when proxy mode is enabled, allows ...
CVE-2010-2797 Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple before 1.8.1 a...
CVE-2010-2798 The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incor...
S
CVE-2010-2799 Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 an...
S
CVE-2010-2800 The MS-ZIP decompressor in cabextract before 1.3 allows remote attackers to cause a denial of servic...
S
CVE-2010-2801 Integer signedness error in the Quantum decompressor in cabextract before 1.3, when archive test mod...
S
CVE-2010-2802 Cross-site scripting (XSS) vulnerability in MantisBT before 1.2.2 allows remote authenticated users ...
S
CVE-2010-2803 The drm_ioctl function in drivers/gpu/drm/drm_drv.c in the Direct Rendering Manager (DRM) subsystem ...
E S
CVE-2010-2804 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with...
R
CVE-2010-2805 The FT_Stream_EnterFrame function in base/ftstream.c in FreeType before 2.4.2 does not properly vali...
E S
CVE-2010-2806 Array index error in the t42_parse_sfnts function in type42/t42parse.c in FreeType before 2.4.2 allo...
E S
CVE-2010-2807 FreeType before 2.4.2 uses incorrect integer data types during bounds checking, which allows remote ...
S
CVE-2010-2808 Buffer overflow in the Mac_Read_POST_Resource function in base/ftobjs.c in FreeType before 2.4.2 all...
S
CVE-2010-2809 The default configuration of the binding in Uzbl before 2010.08.05 does not properly use t...
S
CVE-2010-2810 Heap-based buffer overflow in the convert_to_idna function in WWW/Library/Implementation/HTParse.c i...
CVE-2010-2811 Virtual Desktop Server Manager (VDSM) in Red Hat Enterprise Virtualization (RHEV) 2.2 does not prope...
S
CVE-2010-2812 Client.cpp in ZNC 0.092 allows remote attackers to cause a denial of service (exception and daemon c...
CVE-2010-2813 functions/imap_general.php in SquirrelMail before 1.4.21 does not properly handle 8-bit characters i...
S
CVE-2010-2814 Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Sec...
S
CVE-2010-2815 Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Sec...
S
CVE-2010-2816 Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) ...
S
CVE-2010-2817 Unspecified vulnerability in the IKE implementation on Cisco Adaptive Security Appliances (ASA) 5500...
S
CVE-2010-2818 Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FW...
S
CVE-2010-2819 Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FW...
CVE-2010-2820 Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FW...
S
CVE-2010-2821 Unspecified vulnerability on the Cisco Firewall Services Module (FWSM) with software 3.2 before 3.2(...
S
CVE-2010-2822 Unspecified vulnerability in the RTSP inspection feature on the Cisco Application Control Engine (AC...
CVE-2010-2823 Unspecified vulnerability in the deep packet inspection feature on the Cisco Application Control Eng...
CVE-2010-2824 Unspecified vulnerability on the Cisco Application Control Engine (ACE) Module with software A2(1.x)...
CVE-2010-2825 Unspecified vulnerability in the SIP inspection feature on the Cisco Application Control Engine (ACE...
CVE-2010-2826 SQL injection vulnerability in Cisco Wireless Control System (WCS) 6.0.x before 6.0.196.0 allows rem...
CVE-2010-2827 Cisco IOS 15.1(2)T allows remote attackers to cause a denial of service (resource consumption and TC...
CVE-2010-2828 Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 throug...
S
CVE-2010-2829 Unspecified vulnerability in the H.323 implementation in Cisco IOS 12.1 through 12.4 and 15.0 throug...
S
CVE-2010-2830 The IGMPv3 implementation in Cisco IOS 12.2, 12.3, 12.4, and 15.0 and IOS XE 2.5.x before 2.5.2, whe...
S
CVE-2010-2831 Unspecified vulnerability in the NAT for SIP implementation in Cisco IOS 12.1 through 12.4 and 15.0 ...
S
CVE-2010-2832 Unspecified vulnerability in the NAT for H.323 implementation in Cisco IOS 12.1 through 12.4 and 15....
S
CVE-2010-2833 Unspecified vulnerability in the NAT for H.225.0 implementation in Cisco IOS 12.1 through 12.4 and 1...
S
CVE-2010-2834 Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Ci...
S
CVE-2010-2835 Cisco IOS 12.2 through 12.4 and 15.0 through 15.1, Cisco IOS XE 2.5.x and 2.6.x before 2.6.1, and Ci...
S
CVE-2010-2836 Memory leak in the SSL VPN feature in Cisco IOS 12.4, 15.0, and 15.1, when HTTP port redirection is ...
S
CVE-2010-2837 The SIPStationInit implementation in Cisco Unified Communications Manager (aka CUCM, formerly CallMa...
S
CVE-2010-2838 The SendCombinedStatusInfo implementation in Cisco Unified Communications Manager (aka CUCM, formerl...
S
CVE-2010-2839 SIPD in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) allows remote attackers to ca...
S
CVE-2010-2840 The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) d...
S
CVE-2010-2841 Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M...
S
CVE-2010-2842 Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated ...
S
CVE-2010-2843 Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated ...
S
CVE-2010-2844 Cross-site scripting (XSS) vulnerability in news_show.php in Newanz NewsOffice 2.0.18 allows remote ...
E
CVE-2010-2845 SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote...
E
CVE-2010-2846 Cross-site scripting (XSS) vulnerability in the InterJoomla ArtForms (com_artforms) component 2.1b7....
E
CVE-2010-2847 Multiple SQL injection vulnerabilities in the InterJoomla ArtForms (com_artforms) component 2.1b7.2 ...
E
CVE-2010-2848 Directory traversal vulnerability in assets/captcha/includes/alikon/playcode.php in the InterJoomla ...
E
CVE-2010-2849 Cross-site scripting (XSS) vulnerability in productionnu2/nuedit.php in nuBuilder 10.04.20, and poss...
E S
CVE-2010-2850 Directory traversal vulnerability in productionnu2/fileuploader.php in nuBuilder 10.04.20, and possi...
E S
CVE-2010-2851 SQL injection vulnerability in the BookLibrary From Same Author (com_booklibrary) module 1.5 and pos...
CVE-2010-2852 Cross-site scripting (XSS) vulnerability in modules/headlines/magpierss/scripts/magpie_debug.php in ...
E
CVE-2010-2853 SQL injection vulnerability in flashPlayer/playVideo.php in iScripts VisualCaster allows remote atta...
E
CVE-2010-2854 Multiple cross-site scripting (XSS) vulnerabilities in modfile.php in Event Horizon (EVH) 1.1.10, wh...
CVE-2010-2855 Multiple SQL injection vulnerabilities in modfile.php in Event Horizon (EVH) 1.1.10, when magic_quot...
CVE-2010-2856 Cross-site scripting (XSS) vulnerability in admin/currencies.php in osCSS 1.2.2, and probably earlie...
E
CVE-2010-2857 Directory traversal vulnerability in the Music Manager component for Joomla! allows remote attackers...
E
CVE-2010-2858 Multiple cross-site scripting (XSS) vulnerabilities in news.php in SimpNews 2.47.03 and earlier allo...
E
CVE-2010-2859 news.php in SimpNews 2.47.3 and earlier allows remote attackers to obtain sensitive information via ...
E
CVE-2010-2860 The EMC Celerra Network Attached Storage (NAS) appliance accepts external network traffic to IP addr...
E
CVE-2010-2861 Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 ...
KEV E
CVE-2010-2862 Integer overflow in CoolType.dll in Adobe Reader 8.2.3 and 9.3.3, and Acrobat 9.3.3, allows remote a...
CVE-2010-2863 Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a denial of service (memory corru...
S
CVE-2010-2864 IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allo...
S
CVE-2010-2865 Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows attackers to cause a de...
S
CVE-2010-2866 Integer signedness error in the DIRAPI module in Adobe Shockwave Player before 11.5.8.612 allows rem...
S
CVE-2010-2867 DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly handle a certain return va...
S
CVE-2010-2868 IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allo...
S
CVE-2010-2869 IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allo...
S
CVE-2010-2870 DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a certain chunk s...
S
CVE-2010-2871 Integer overflow in the 3D object functionality in Adobe Shockwave Player before 11.5.8.612 allows r...
S
CVE-2010-2872 Adobe Shockwave Player before 11.5.8.612 does not properly validate an offset value in the pami RIFF...
S
CVE-2010-2873 Adobe Shockwave Player before 11.5.8.612 does not properly validate offset values in the rcsL RIFF c...
S
CVE-2010-2874 Unspecified vulnerability in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to exe...
S
CVE-2010-2875 Integer signedness error in Adobe Shockwave Player before 11.5.8.612 allows remote attackers to caus...
S
CVE-2010-2876 Adobe Shockwave Player before 11.5.8.612 does not properly validate values associated with buffer-si...
S
CVE-2010-2877 Adobe Shockwave Player before 11.5.8.612 does not properly validate a count value in a Director movi...
S
CVE-2010-2878 DIRAPIX.dll in Adobe Shockwave Player before 11.5.8.612 does not properly validate a value associate...
S
CVE-2010-2879 Multiple integer overflows in the allocator in the TextXtra.x32 module in Adobe Shockwave Player bef...
S
CVE-2010-2880 DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which all...
S
CVE-2010-2881 IML32.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which allo...
S
CVE-2010-2882 DIRAPI.dll in Adobe Shockwave Player before 11.5.8.612 does not properly parse .dir files, which all...
S
CVE-2010-2883 Stack-based buffer overflow in CoolType.dll in Adobe Reader and Acrobat 9.x before 9.4, and 8.x befo...
KEV
CVE-2010-2884 Adobe Flash Player 10.1.82.76 and earlier on Windows, Mac OS X, Linux, and Solaris and 10.1.92.10 on...
CVE-2010-2885 Cross-site scripting (XSS) vulnerability in Adobe RoboHelp 7 and 8, and RoboHelp Server 7 and 8, all...
S
CVE-2010-2886 Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 7 and 8, and RoboHelp Server 7...
S
CVE-2010-2887 Multiple unspecified vulnerabilities in Adobe Reader and Acrobat 9.x before 9.4 on Linux allow attac...
S
CVE-2010-2888 Multiple unspecified vulnerabilities in an ActiveX control in Adobe Reader and Acrobat 8.x before 8....
S
CVE-2010-2889 Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Window...
S
CVE-2010-2890 Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attacke...
CVE-2010-2891 Buffer overflow in the smiGetNode function in lib/smi.c in libsmi 0.4.8 allows context-dependent att...
E S
CVE-2010-2892 gsb/drivers.php in LANDesk Management Gateway 4.0 through 4.0-1.48 and 4.2 through 4.2-1.8 allows re...
E
CVE-2010-2896 IBM FileNet Content Manager (CM) 4.0.0, 4.0.1, 4.5.0, and 4.5.1 before FP4 does not properly manage ...
CVE-2010-2897 Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kerne...
CVE-2010-2898 Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library...
E S
CVE-2010-2899 Unspecified vulnerability in the layout implementation in Google Chrome before 5.0.375.125 allows re...
S
CVE-2010-2900 Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impa...
E S
CVE-2010-2901 The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a ...
E S
CVE-2010-2902 The SVG implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial...
S
CVE-2010-2903 Google Chrome before 5.0.375.125 performs unexpected truncation and improper eliding of hostnames, w...
E S
CVE-2010-2904 Multiple cross-site scripting (XSS) vulnerabilities in the System Landscape Directory (SLD) componen...
CVE-2010-2905 SQL injection vulnerability in info.php in ScriptsFeed and BrotherScripts (BS) Scripts Directory all...
E
CVE-2010-2906 SQL injection vulnerability in articlesdetails.php in ScriptsFeed and BrotherScripts (BS) Scripts Di...
E
CVE-2010-2907 SQL injection vulnerability in the Huru Helpdesk (com_huruhelpdesk) component for Joomla! allows rem...
E
CVE-2010-2908 SQL injection vulnerability in the Joomdle (com_joomdle) component 0.24 and earlier for Joomla! allo...
E
CVE-2010-2909 SQL injection vulnerability in ttvideo.php in the TTVideo (com_ttvideo) component 1.0 for Joomla! al...
E
CVE-2010-2910 SQL injection vulnerability in the Ozio Gallery (com_oziogallery) component for Joomla! allows remot...
E
CVE-2010-2911 SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execu...
E
CVE-2010-2912 SQL injection vulnerability in index.php in Kayako eSupport 3.70.02 allows remote attackers to execu...
E
CVE-2010-2913 The Citibank Citi Mobile app before 2.0.3 for iOS stores account data in a file, which allows local ...
S
CVE-2010-2914 Cross-site scripting (XSS) vulnerability in nessusd_www_server.nbin in the Nessus Web Server plugin ...
CVE-2010-2915 SQL injection vulnerability in welcome.php in AJ Square AJ HYIP PRIME allows remote attackers to exe...
E
CVE-2010-2916 SQL injection vulnerability in news.php in AJ Square AJ HYIP MERIDIAN allows remote attackers to exe...
E
CVE-2010-2917 Multiple cross-site scripting (XSS) vulnerabilities in index.php in AJ Square AJ Article 3.0 allow r...
E
CVE-2010-2918 PHP remote file inclusion vulnerability in core/include/myMailer.class.php in the Visites (com_jooml...
E
CVE-2010-2919 SQL injection vulnerability in the StaticXT (com_staticxt) component for Joomla! allows remote attac...
E
CVE-2010-2920 Directory traversal vulnerability in the Foobla Suggestions (com_foobla_suggestions) component 1.5.1...
E
CVE-2010-2921 SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta an...
E
CVE-2010-2922 SQL injection vulnerability in default.asp in AKY Blog allows remote attackers to execute arbitrary ...
E
CVE-2010-2923 SQL injection vulnerability in the YouTube (com_youtube) component 1.5 for Joomla! allows remote att...
E
CVE-2010-2924 SQL injection vulnerability in myLDlinker.php in the myLinksDump Plugin 1.2 for WordPress allows rem...
E
CVE-2010-2925 SQL injection vulnerability in index.php in Freeway CMS 1.4.3.210 allows remote attackers to execute...
E
CVE-2010-2926 SQL injection vulnerability in index.php in sNews 1.7 allows remote attackers to execute arbitrary S...
E
CVE-2010-2927 The slapi_printmessage function in IBM Tivoli Directory Server (ITDS) before 6.0.0.8-TIV-ITDS-IF0006...
S
CVE-2010-2928 The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on...
CVE-2010-2929 Untrusted search path vulnerability in hsolinkcontrol in hsolink 1.0.118 allows local users to gain ...
CVE-2010-2930 Multiple stack-based buffer overflows in hsolinkcontrol in hsolink 1.0.118 allow local users to gain...
CVE-2010-2931 Stack-based buffer overflow in SigPlus Pro 3.74 ActiveX control allows remote attackers to execute a...
E
CVE-2010-2932 Buffer overflow in BarCodeWiz BarCode 3.29 ActiveX control (BarcodeWiz.dll) allows remote attackers ...
E
CVE-2010-2933 SQL injection vulnerability in AV Scripts AV Arcade 3 allows remote attackers to execute arbitrary S...
E
CVE-2010-2934 Multiple unspecified vulnerabilities in ZNC 0.092 allow remote attackers to cause a denial of servic...
CVE-2010-2935 simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3.3 does not properly ...
CVE-2010-2936 Integer overflow in simpress.bin in the Impress module in OpenOffice.org (OOo) 2.x and 3.x before 3....
CVE-2010-2937 The ReadMetaFromId3v2 function in taglib.cpp in the TagLib plugin in VideoLAN VLC media player 0.9.0...
CVE-2010-2938 arch/x86/hvm/vmx/vmcs.c in the virtual-machine control structure (VMCS) implementation in the Linux ...
CVE-2010-2939 Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c...
CVE-2010-2940 The auth_send function in providers/ldap/ldap_auth.c in System Security Services Daemon (SSSD) 1.3.0...
CVE-2010-2941 ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with...
S
CVE-2010-2942 The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-r...
S
CVE-2010-2943 The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees be...
E S
CVE-2010-2944 The authenticate function in LDAPUserFolder/LDAPUserFolder.py in zope-ldapuserfolder 2.9-1 does not ...
S
CVE-2010-2945 The default configuration of SLiM before 1.3.2 places ./ (dot slash) at the beginning of the default...
CVE-2010-2946 fs/jfs/xattr.c in the Linux kernel before 2.6.35.2 does not properly handle a certain legacy format ...
CVE-2010-2947 Heap-based buffer overflow in the HX_split function in string.c in libHX before 3.6 allows remote at...
CVE-2010-2948 Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Qua...
CVE-2010-2949 bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cau...
CVE-2010-2950 Format string vulnerability in stream.c in the phar extension in PHP 5.3.x through 5.3.3 allows cont...
E
CVE-2010-2951 dns_internal.cc in Squid 3.1.6, when IPv6 DNS resolution is not enabled, accesses an invalid socket ...
S
CVE-2010-2952 Apache Traffic Server before 2.0.1, and 2.1.x before 2.1.2-unstable, does not properly choose DNS so...
CVE-2010-2953 Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in Co...
CVE-2010-2954 The irda_bind function in net/irda/af_irda.c in the Linux kernel before 2.6.36-rc3-next-20100901 doe...
S
CVE-2010-2955 The cfg80211_wext_giwessid function in net/wireless/wext-compat.c in the Linux kernel before 2.6.36-...
S
CVE-2010-2956 Sudo 1.7.0 through 1.7.4p3, when a Runas group is configured, does not properly handle use of the -u...
CVE-2010-2957 Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4, when "Remember me" logins are ...
E S
CVE-2010-2958 Cross-site scripting (XSS) vulnerability in libraries/Error.class.php in phpMyAdmin 3.x before 3.3.6...
S
CVE-2010-2959 Integer overflow in net/can/bcm.c in the Controller Area Network (CAN) implementation in the Linux k...
E S
CVE-2010-2960 The keyctl_session_to_parent function in security/keys/keyctl.c in the Linux kernel 2.6.35.4 and ear...
E S
CVE-2010-2961 mountall.c in mountall before 2.15.2 uses 0666 permissions for the root.rules file, which allows loc...
CVE-2010-2962 drivers/gpu/drm/i915/i915_gem.c in the Graphics Execution Manager (GEM) in the Intel i915 driver in ...
S
CVE-2010-2963 drivers/media/video/v4l2-compat-ioctl32.c in the Video4Linux (V4L) implementation in the Linux kerne...
E S
CVE-2010-2965 The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockw...
CVE-2010-2966 The INCLUDE_SECURITY functionality in Wind River VxWorks 6.x, 5.x, and earlier uses the LOGIN_USER_N...
E
CVE-2010-2967 The loginDefaultEncrypt algorithm in loginLib in Wind River VxWorks before 6.9 does not properly sup...
CVE-2010-2968 The FTP daemon in Wind River VxWorks does not close the TCP connection after a number of failed logi...
E
CVE-2010-2969 Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.7.3 and earlier, and 1.9.x before ...
CVE-2010-2970 Multiple cross-site scripting (XSS) vulnerabilities in MoinMoin 1.9.x before 1.9.3 allow remote atta...
CVE-2010-2971 loaders/load_it.c in libmikmod, possibly 3.1.12, does not properly account for the larger size of na...
CVE-2010-2972 Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1797. Reason: This candida...
R
CVE-2010-2973 Integer overflow in IOSurface in Apple iOS before 4.0.2 on the iPhone and iPod touch, and before 3.2...
E
CVE-2010-2974 Stack-based buffer overflow in the IConfigurationAccess interface in the Invensys Wonderware Archest...
CVE-2010-2975 Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 does not properly handle multiple...
CVE-2010-2976 The controller in Cisco Unified Wireless Network (UWN) Solution 7.x through 7.0.98.0 has (1) a defau...
CVE-2010-2977 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not properly implement TLS an...
CVE-2010-2978 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 does not use an adequate message-d...
CVE-2010-2979 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows ...
CVE-2010-2980 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 5508 series controllers allows ...
CVE-2010-2981 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to cause a...
CVE-2010-2982 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 allows remote attackers to discove...
CVE-2010-2983 The workgroup bridge (aka WGB) functionality in Cisco Unified Wireless Network (UWN) Solution 7.x be...
CVE-2010-2984 Cisco Unified Wireless Network (UWN) Solution 7.x before 7.0.98.0 on 4404 series controllers does no...
CVE-2010-2985 Multiple cross-site scripting (XSS) vulnerabilities in IBM WebSphere Service Registry and Repository...
E
CVE-2010-2986 Cross-site scripting (XSS) vulnerability in webacs/QuickSearchAction.do in the search feature in the...
E
CVE-2010-2987 Multiple cross-site scripting (XSS) vulnerabilities in Cisco Wireless Control System (WCS) 7.x befor...
CVE-2010-2988 Cross-site scripting (XSS) vulnerability in Cisco Unified Wireless Network (UWN) Solution 7.x before...
CVE-2010-2989 nessusd_www_server.nbin in the Nessus Web Server plugin 1.2.4 for Nessus allows remote attackers to ...
CVE-2010-2990 Citrix Online Plug-in for Windows for XenApp & XenDesktop before 11.2, Citrix Online Plug-in for Mac...
S
CVE-2010-2991 The IICAClient interface in the ICAClient library in the ICA Client ActiveX Object (aka ICO) compone...
S
CVE-2010-2992 packet-gsm_a_rr.c in the GSM A RR dissector in Wireshark 1.2.2 through 1.2.9 allows remote attackers...
CVE-2010-2993 The IPMI dissector in Wireshark 1.2.0 through 1.2.9 allows remote attackers to cause a denial of ser...
CVE-2010-2994 Stack-based buffer overflow in the ASN.1 BER dissector in Wireshark 0.10.13 through 1.0.14 and 1.2.0...
CVE-2010-2995 The SigComp Universal Decompressor Virtual Machine (UDVM) in Wireshark 0.10.8 through 1.0.14 and 1.2...
CVE-2010-2996 Array index error in RealNetworks RealPlayer 11.0 through 11.1 on Windows allows remote attackers to...
CVE-2010-2997 Use-after-free vulnerability in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through...
CVE-2010-2998 Array index error in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 through 1.0.1 a...
CVE-2010-2999 Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.0.1, Mac ...
This platform uses data from the NIST NVD, MITRE CVE, MITRE CWE, First.org and CISA KEV but is not endorsed or certified by these entities. CVE is a registred trademark of the MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. CWE is a registred trademark of the MITRE Corporation and the authoritative source of CWE content is MITRE's CWE web site.
© 2025 Under My Watch. All Rights Reserved.