| ID | Summary | Flags | Max Score |
|---|---|---|---|
| CVE-2010-3000 | Multiple integer overflows in the ParseKnownType function in RealNetworks RealPlayer 11.0 through 11... | | |
| CVE-2010-3001 | Unspecified vulnerability in an ActiveX control in the Internet Explorer (IE) plugin in RealNetworks... | | |
| CVE-2010-3002 | Unspecified vulnerability in RealNetworks RealPlayer 11.0 through 11.1 allows attackers to bypass in... | | |
| CVE-2010-3003 | Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.0-11 on... | | |
| CVE-2010-3004 | Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows remote attackers to ... | | |
| CVE-2010-3005 | Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows local users to gain ... | | |
| CVE-2010-3006 | Unspecified vulnerability on the HP ProLiant G6 Lights-Out 100 Remote Management card with firmware ... | | |
| CVE-2010-3007 | Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edi... | | |
| CVE-2010-3008 | Unspecified vulnerability in HP Data Protector Express, and Data Protector Express Single Server Edi... | S | |
| CVE-2010-3009 | Unspecified vulnerability in HP System Management Homepage (SMH) for Linux 6.0 and 6.1 allows remote... | S | |
| CVE-2010-3010 | Cross-site scripting (XSS) vulnerability on the HP 3Com OfficeConnect Gigabit VPN Firewall 3CREVF100... | | |
| CVE-2010-3011 | CRLF injection vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attacke... | | |
| CVE-2010-3012 | Cross-site scripting (XSS) vulnerability in HP System Management Homepage (SMH) before 6.2 allows re... | | |
| CVE-2010-3013 | SQL injection vulnerability in groupadmin.php in Pligg before 1.1.1 allows remote attackers to execu... | | |
| CVE-2010-3014 | The Coda filesystem kernel module, as used in NetBSD and FreeBSD, when Coda is loaded and Venus is r... | S | |
| CVE-2010-3015 | Integer overflow in the ext4_ext_get_blocks function in fs/ext4/extents.c in the Linux kernel before... | S | |
| CVE-2010-3016 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-2803. Reason: This candida... | R | |
| CVE-2010-3017 | Unspecified vulnerability in RSA Access Manager Agent 4.7.1 before 4.7.1.7, when RSA Adaptive Authen... | | |
| CVE-2010-3018 | RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 doe... | | |
| CVE-2010-3019 | Heap-based buffer overflow in Opera before 10.61 allows remote attackers to execute arbitrary code o... | | |
| CVE-2010-3020 | The news-feed preview feature in Opera before 10.61 does not properly remove scripts, which allows r... | | |
| CVE-2010-3021 | Unspecified vulnerability in Opera before 10.61 allows remote attackers to cause a denial of service... | | |
| CVE-2010-3022 | Cross-site scripting (XSS) vulnerability in the Performance logging module in the Devel module 5.x b... | S | |
| CVE-2010-3023 | Multiple cross-site scripting (XSS) vulnerabilities in DiamondList 0.1.6, and possibly earlier, allo... | E | |
| CVE-2010-3024 | Multiple cross-site request forgery (CSRF) vulnerabilities in user/main/update_user in DiamondList 0... | E | |
| CVE-2010-3025 | Multiple cross-site scripting (XSS) vulnerabilities in Tomaz Muraus Open Blog 1.2.1, and possibly ea... | E | |
| CVE-2010-3026 | Cross-site request forgery (CSRF) vulnerability in application/modules/admin/controllers/users.php i... | E | |
| CVE-2010-3027 | SQL injection vulnerability in index.php in Tycoon Baseball Script 1.0.9 allows remote attackers to ... | E | |
| CVE-2010-3028 | The Aardvertiser component before 2.2.1 for Joomla! uses insecure permissions (777) in unspecified f... | | |
| CVE-2010-3029 | SQL injection vulnerability in statistics.php in PHPKick 0.8 allows remote attackers to execute arbi... | E | |
| CVE-2010-3030 | Cross-site request forgery (CSRF) vulnerability in Tomaz Muraus Open Blog 1.2.1, and possibly earlie... | | |
| CVE-2010-3031 | Buffer overflow in Wyse ThinOS HF 4.4.079i, and possibly other versions before ThinOS 6.5, allows re... | | |
| CVE-2010-3032 | Integer overflow in the OBGIOPServerWorker::extractHeader function in the ebus-3-3-2-6.dll module in... | | |
| CVE-2010-3033 | Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated ... | S | |
| CVE-2010-3034 | Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows r... | S | |
| CVE-2010-3035 | Cisco IOS XR 3.4.0 through 3.9.1, when BGP is enabled, does not properly handle unrecognized transit... | KEV | |
| CVE-2010-3036 | Multiple buffer overflows in the authentication functionality in the web-server module in Cisco Cisc... | S | |
| CVE-2010-3037 | goform/websXMLAdminRequestCgi.cgi in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, and... | | |
| CVE-2010-3038 | Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used,... | | |
| CVE-2010-3039 | /usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly Cal... | E | |
| CVE-2010-3040 | Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Man... | | |
| CVE-2010-3041 | Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (A... | | |
| CVE-2010-3042 | Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (A... | S | |
| CVE-2010-3043 | Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (A... | | |
| CVE-2010-3044 | Multiple buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recording Format (A... | S | |
| CVE-2010-3048 | Cisco Unified Personal Communicator 7.0 (1.13056) does not free allocated memory for received data a... | | |
| CVE-2010-3049 | Cisco IOS before 12.2(33)SXI allows local users to cause a denial of service (device reboot).... | S | |
| CVE-2010-3050 | Cisco IOS before 12.2(33)SXI allows remote authenticated users to cause a denial of service (device ... | S | |
| CVE-2010-3053 | bdf/bdflib.c in FreeType before 2.4.2 allows remote attackers to cause a denial of service (applicat... | | |
| CVE-2010-3054 | Unspecified vulnerability in FreeType 2.3.9, and other versions before 2.4.2, allows remote attacker... | | |
| CVE-2010-3055 | The configuration setup script (aka scripts/setup.php) in phpMyAdmin 2.11.x before 2.11.10.1 does no... | E S | |
| CVE-2010-3056 | Multiple cross-site scripting (XSS) vulnerabilities in phpMyAdmin 2.11.x before 2.11.10.1 and 3.x be... | E S | |
| CVE-2010-3058 | The Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.x.x before 5.5.7, and 6.1.0.0, esta... | | |
| CVE-2010-3059 | Buffer overflow in the message-protocol implementation in the Server in IBM Tivoli Storage Manager (... | | |
| CVE-2010-3060 | Unspecified vulnerability in the message-protocol implementation in the Server in IBM Tivoli Storage... | | |
| CVE-2010-3061 | Unspecified vulnerability in the message-protocol implementation in the Mount service in IBM Tivoli ... | | |
| CVE-2010-3062 | mysqlnd_wireprotocol.c in the Mysqlnd extension in PHP 5.3 through 5.3.2 allows remote attackers to ... | S | |
| CVE-2010-3063 | The php_mysqlnd_read_error_from_line function in the Mysqlnd extension in PHP 5.3 through 5.3.2 does... | S | |
| CVE-2010-3064 | Stack-based buffer overflow in the php_mysqlnd_auth_write function in the Mysqlnd extension in PHP 5... | S | |
| CVE-2010-3065 | The default session serializer in PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 does not properly han... | E | |
| CVE-2010-3066 | The io_submit_one function in fs/aio.c in the Linux kernel before 2.6.23 allows local users to cause... | S | |
| CVE-2010-3067 | Integer overflow in the do_io_submit function in fs/aio.c in the Linux kernel before 2.6.36-rc4-next... | | |
| CVE-2010-3068 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-2938. Reason: This candida... | R | |
| CVE-2010-3069 | Stack-based buffer overflow in the (1) sid_parse and (2) dom_sid_parse functions in Samba before 3.5... | | |
| CVE-2010-3070 | Cross-site scripting (XSS) vulnerability in NuSOAP 0.9.5, as used in MantisBT and other products, al... | | |
| CVE-2010-3071 | bip before 0.8.6 allows remote attackers to cause a denial of service (NULL pointer dereference and ... | | |
| CVE-2010-3072 | The string-comparison functions in String.cci in Squid 3.x before 3.1.8 and 3.2.x before 3.2.0.2 all... | S | |
| CVE-2010-3073 | SSL_Cipher.cpp in EncFS before 1.7.0 does not properly handle integer data sizes when constructing h... | | |
| CVE-2010-3074 | SSL_Cipher.cpp in EncFS before 1.7.0 uses an improper combination of an AES cipher and a CBC cipher ... | | |
| CVE-2010-3075 | EncFS before 1.7.0 encrypts multiple blocks by means of the CFB cipher mode with the same initializa... | | |
| CVE-2010-3076 | The filter function in php/src/include.php in Simple Management for BIND (aka smbind) before 0.4.8 d... | E | |
| CVE-2010-3077 | Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework... | E S | |
| CVE-2010-3078 | The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc... | S | |
| CVE-2010-3079 | kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properl... | S | |
| CVE-2010-3080 | Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in t... | | |
| CVE-2010-3081 | The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.3... | E S | |
| CVE-2010-3082 | Cross-site scripting (XSS) vulnerability in Django 1.2.x before 1.2.2 allows remote attackers to inj... | S | |
| CVE-2010-3083 | sys/ssl/SslSocket.cpp in qpidd in Apache Qpid, as used in Red Hat Enterprise MRG before 1.2.2 and ot... | S | |
| CVE-2010-3084 | Buffer overflow in the niu_get_ethtool_tcam_all function in drivers/net/niu.c in the Linux kernel be... | | |
| CVE-2010-3085 | The network-play implementation in Mednafen before 0.8.D might allow remote servers to execute arbit... | | |
| CVE-2010-3086 | include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not properly implement exception fixu... | E | |
| CVE-2010-3087 | LibTIFF before 3.9.2-5.2.1 in SUSE openSUSE 11.3 allows remote attackers to cause a denial of servic... | | |
| CVE-2010-3088 | The notify function in pidgin-knotify.c in the pidgin-knotify plugin 0.2.1 and earlier for Pidgin al... | | |
| CVE-2010-3089 | Multiple cross-site scripting (XSS) vulnerabilities in GNU Mailman before 2.1.14rc1 allow remote aut... | | |
| CVE-2010-3090 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3089. Reason: This issue was... | R | |
| CVE-2010-3091 | The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, vi... | S | |
| CVE-2010-3092 | The upload module in Drupal 5.x before 5.23 and 6.x before 6.18 does not properly support case-insen... | S | |
| CVE-2010-3093 | The comment module in Drupal 5.x before 5.23 and 6.x before 6.18 allows remote authenticated users w... | S | |
| CVE-2010-3094 | Multiple cross-site scripting (XSS) vulnerabilities in Drupal 6.x before 6.18 allow remote authentic... | S | |
| CVE-2010-3095 | mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink at... | | |
| CVE-2010-3096 | Directory traversal vulnerability in SoftX FTP Client 3.3 and possibly earlier allows remote FTP ser... | | |
| CVE-2010-3097 | Directory traversal vulnerability in WinFrigate Frigate 3 FTP client 3.36 and earlier allows remote ... | | |
| CVE-2010-3098 | Directory traversal vulnerability in IoRush Software FTP Rush 1.1.3 and possibly earlier allows remo... | | |
| CVE-2010-3099 | Directory traversal vulnerability in SmartSoft Ltd SmartFTP Client 4.0.1124.0, and possibly other ve... | | |
| CVE-2010-3100 | Directory traversal vulnerability in Porta+ FTP Client 4.1, and possibly other versions, allows remo... | | |
| CVE-2010-3101 | Directory traversal vulnerability in FTPx Corp FTP Explorer 10.5.19.1 for Windows, and probably earl... | | |
| CVE-2010-3102 | Directory traversal vulnerability in SiteDesigner Technologies, Inc. 3D-FTP Client 9.0 build 2, and ... | | |
| CVE-2010-3103 | Directory traversal vulnerability in FTPGetter Team FTPGetter 3.51.0.05, and probably earlier versio... | | |
| CVE-2010-3104 | Directory traversal vulnerability in DeskShare AutoFTP Manager 4.31, and probably earlier versions, ... | | |
| CVE-2010-3105 | The PluginGetDriverFile function in Novell iPrint Client before 5.44 interprets an uninitialized mem... | | |
| CVE-2010-3106 | The ienipp.ocx ActiveX control in the browser plugin in Novell iPrint Client before 5.42 does not pr... | S | |
| CVE-2010-3107 | A certain ActiveX control in ienipp.ocx in the browser plugin in Novell iPrint Client before 5.42 do... | S | |
| CVE-2010-3108 | Buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote attackers to... | S | |
| CVE-2010-3109 | Stack-based buffer overflow in the browser plugin in Novell iPrint Client before 5.42 allows remote ... | S | |
| CVE-2010-3110 | Multiple buffer overflows in the Novell Client novfs module for the Linux kernel in SUSE Linux Enter... | S | |
| CVE-2010-3111 | Google Chrome before 6.0.472.53 does not properly mitigate an unspecified flaw in the Windows kernel... | | |
| CVE-2010-3112 | Google Chrome before 5.0.375.127 does not properly implement file dialogs, which allows attackers to... | | |
| CVE-2010-3113 | Google Chrome before 5.0.375.127, and webkitgtk before 1.2.5, does not properly handle SVG documents... | S | |
| CVE-2010-3114 | The text-editing implementation in Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, doe... | S | |
| CVE-2010-3115 | Google Chrome before 5.0.375.127, and webkitgtk before 1.2.6, does not properly implement the histor... | E S | |
| CVE-2010-3116 | Multiple use-after-free vulnerabilities in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x be... | | |
| CVE-2010-3117 | Google Chrome before 5.0.375.127 does not properly implement the notifications feature, which allows... | S | |
| CVE-2010-3118 | The autosuggest feature in the Omnibox implementation in Google Chrome before 5.0.375.127 does not a... | E S | |
| CVE-2010-3119 | Google Chrome before 5.0.375.127 and webkitgtk before 1.2.6 do not properly support the Ruby languag... | S | |
| CVE-2010-3120 | Google Chrome before 5.0.375.127 does not properly implement the Geolocation feature, which allows r... | E S | |
| CVE-2010-3121 | Buffer overflow in tm-console-bin in the DevonIT thin-client management tool might allow remote atta... | | |
| CVE-2010-3122 | The DevonIT thin-client management tool relies on a shared secret for authentication but transmits t... | | |
| CVE-2010-3124 | Untrusted search path vulnerability in bin/winvlc.c in VLC Media Player 1.1.3 and earlier allows loc... | E S | |
| CVE-2010-3125 | Untrusted search path vulnerability in TeamMate Audit Management Software Suite 8.0 patch 2 allows l... | E | |
| CVE-2010-3126 | Untrusted search path vulnerability in avast! Free Antivirus version 5.0.594 and earlier allows loca... | E | |
| CVE-2010-3127 | Untrusted search path vulnerability in Adobe PhotoShop CS2 through CS5 allows local users, and possi... | E | |
| CVE-2010-3128 | Untrusted search path vulnerability in TeamViewer 5.0.8703 and earlier allows local users, and possi... | E | |
| CVE-2010-3129 | Untrusted search path vulnerability in uTorrent 2.0.3 and earlier allows local users, and possibly r... | E | |
| CVE-2010-3130 | Untrusted search path vulnerability in TechSmith Snagit all versions 10.x and 11.x allows local user... | E | |
| CVE-2010-3131 | Untrusted search path vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunder... | E | |
| CVE-2010-3132 | Untrusted search path vulnerability in Adobe Dreamweaver CS5 11.0 build 4916, build 4909, and probab... | E | |
| CVE-2010-3133 | Untrusted search path vulnerability in Wireshark 0.8.4 through 1.0.15 and 1.2.0 through 1.2.10 allow... | E | |
| CVE-2010-3134 | Untrusted search path vulnerability in Google Earth 5.1.3535.3218 allows local users, and possibly r... | E | |
| CVE-2010-3135 | Untrusted search path vulnerability in Cisco Packet Tracer 5.2 allows local users, and possibly remo... | E | |
| CVE-2010-3136 | Untrusted search path vulnerability in Skype 4.2.0.169 and earlier allows local users, and possibly ... | E | |
| CVE-2010-3137 | Untrusted search path vulnerability in Nullsoft Winamp 5.581, and probably other versions, allows lo... | E | |
| CVE-2010-3138 | Untrusted search path vulnerability in the Indeo Codec in iac25_32.ax in Microsoft Windows XP SP3 al... | E | |
| CVE-2010-3139 | Untrusted search path vulnerability in Microsoft Windows Progman Group Converter (grpconv.exe) allow... | E | |
| CVE-2010-3140 | Untrusted search path vulnerability in Microsoft Windows Internet Communication Settings on Windows ... | E | |
| CVE-2010-3141 | Untrusted search path vulnerability in Microsoft PowerPoint 2010 allows local users, and possibly re... | E | |
| CVE-2010-3142 | Untrusted search path vulnerability in Microsoft Office PowerPoint 2007 allows local users, and poss... | E | |
| CVE-2010-3143 | Untrusted search path vulnerability in Microsoft Windows Contacts allows local users, and possibly r... | E | |
| CVE-2010-3144 | Untrusted search path vulnerability in the Internet Connection Signup Wizard in Microsoft Windows XP... | E | |
| CVE-2010-3145 | Untrusted search path vulnerability in the BitLocker Drive Encryption API, as used in sdclt.exe in B... | E | |
| CVE-2010-3146 | Multiple untrusted search path vulnerabilities in Microsoft Groove 2007 SP2 allow local users to gai... | E | |
| CVE-2010-3147 | Untrusted search path vulnerability in wab.exe 6.00.2900.5512 in Windows Address Book in Microsoft W... | E | |
| CVE-2010-3148 | Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privilege... | E | |
| CVE-2010-3149 | Untrusted search path vulnerability in Adobe Device Central CS5 3.0.0(376), 3.0.1.0 (3027), and prob... | E | |
| CVE-2010-3150 | Untrusted search path vulnerability in Adobe Premier Pro CS4 4.0.0 (314 (MC: 160820)) allows local u... | E | |
| CVE-2010-3151 | Untrusted search path vulnerability in Adobe On Location CS4 Build 315 allows local users, and possi... | E | |
| CVE-2010-3152 | Untrusted search path vulnerability in Adobe Illustrator CS4 14.0.0, CS5 15.0.1 and earlier, and pos... | E | |
| CVE-2010-3153 | Untrusted search path vulnerability in Adobe InDesign CS4 6.0, InDesign CS5 7.0.2 and earlier, Adobe... | E | |
| CVE-2010-3154 | Untrusted search path vulnerability in Adobe Extension Manager CS5 5.0.298 allows local users, and p... | E | |
| CVE-2010-3155 | Untrusted search path vulnerability in Adobe ExtendScript Toolkit (ESTK) CS5 3.5.0.52 allows local u... | E | |
| CVE-2010-3156 | Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows local users to gain privilege... | | |
| CVE-2010-3157 | Untrusted search path vulnerability in XacRett before 50 allows attackers to execute arbitrary code ... | | |
| CVE-2010-3158 | Untrusted search path vulnerability in Lhaplus before 1.58 allows local users to gain privileges via... | | |
| CVE-2010-3159 | Untrusted search path vulnerability in Explzh 5.67 and earlier allows local users to gain privileges... | | |
| CVE-2010-3160 | Untrusted search path vulnerability in Archive Decoder 1.23 and earlier allows local users to gain p... | | |
| CVE-2010-3161 | Untrusted search path vulnerability in TeraPad before 1.00 allows local users to gain privileges via... | | |
| CVE-2010-3162 | Untrusted search path vulnerability in Apsaly before 3.74 allows local users to gain privileges via ... | S | |
| CVE-2010-3163 | Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 and Grani before 4.4 allows loca... | | |
| CVE-2010-3164 | Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and earlier and Grani 4.3 and earlier a... | | |
| CVE-2010-3165 | Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and earlier, OuiEditor 1.6.1.1 and ea... | | |
| CVE-2010-3166 | Heap-based buffer overflow in the nsTextFrameUtils::TransformText function in Mozilla Firefox before... | | |
| CVE-2010-3167 | The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird ... | | |
| CVE-2010-3168 | Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.... | | |
| CVE-2010-3169 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.... | | |
| CVE-2010-3170 | Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1... | | |
| CVE-2010-3171 | The Math.random function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11, ... | E | |
| CVE-2010-3172 | CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4... | | |
| CVE-2010-3173 | The SSL implementation in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before ... | | |
| CVE-2010-3174 | Unspecified vulnerability in the browser engine in Mozilla Firefox 3.5.x before 3.5.14, Thunderbird ... | | |
| CVE-2010-3175 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.6.x before 3.6.11 an... | | |
| CVE-2010-3176 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 an... | | |
| CVE-2010-3177 | Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3... | | |
| CVE-2010-3178 | Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1... | | |
| CVE-2010-3179 | Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and... | | |
| CVE-2010-3180 | Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x be... | | |
| CVE-2010-3181 | Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunde... | | |
| CVE-2010-3182 | A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunde... | | |
| CVE-2010-3183 | The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.... | | |
| CVE-2010-3186 | IBM WebSphere Application Server (WAS) 7.x before 7.0.0.13, and WebSphere Application Server Feature... | | |
| CVE-2010-3187 | Buffer overflow in ftpd in IBM AIX 5.3 and earlier allows remote attackers to execute arbitrary code... | E S | |
| CVE-2010-3188 | SQL injection vulnerability in search.aspx in BugTracker.NET 3.4.3 and earlier allows remote attacke... | | |
| CVE-2010-3189 | The extSetOwner function in the UfProxyBrowserCtrl ActiveX control (UfPBCtrl.dll) in Trend Micro Int... | S | |
| CVE-2010-3190 | Untrusted search path vulnerability in the Microsoft Foundation Class (MFC) Library in Microsoft Vis... | S | |
| CVE-2010-3191 | Untrusted search path vulnerability in Adobe Captivate 5.0.0.596, and possibly other versions, allow... | | |
| CVE-2010-3192 | Certain run-time memory protection mechanisms in the GNU C Library (aka glibc or libc6) print argv[0... | | |
| CVE-2010-3193 | Unspecified vulnerability in the DB2STST program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 ... | | |
| CVE-2010-3194 | The DB2DART program in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows attackers t... | | |
| CVE-2010-3195 | Unspecified vulnerability in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 on Windows S... | | |
| CVE-2010-3196 | IBM DB2 9.7 before FP2, when AUTO_REVAL is IMMEDIATE, allows remote authenticated users to cause a d... | | |
| CVE-2010-3197 | IBM DB2 9.7 before FP2 does not perform the expected access control on the monitor administrative vi... | | |
| CVE-2010-3198 | ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a de... | E S | |
| CVE-2010-3199 | Untrusted search path vulnerability in TortoiseSVN 1.6.10, Build 19898 and earlier allows local user... | | |
| CVE-2010-3200 | MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote attackers to cause a denial of serv... | | |
| CVE-2010-3201 | Cross-site scripting (XSS) vulnerability in NetWin Surgemail before 4.3g allows remote attackers to ... | E | |
| CVE-2010-3202 | Cross-site scripting (XSS) vulnerability in Flock Browser 3.0.0.3989 allows remote attackers to inje... | E | |
| CVE-2010-3203 | Directory traversal vulnerability in the PicSell (com_picsell) component 1.0 for Joomla! allows remo... | E | |
| CVE-2010-3204 | Multiple PHP remote file inclusion vulnerabilities in Pecio CMS 2.0.5 allow remote attackers to exec... | E | |
| CVE-2010-3205 | PHP remote file inclusion vulnerability in index.php in Textpattern CMS 4.2.0 allows remote attacker... | E | |
| CVE-2010-3206 | Multiple PHP remote file inclusion vulnerabilities in DiY-CMS 1.0 allow remote attackers to execute ... | E | |
| CVE-2010-3207 | SQL injection vulnerability in index.php in GaleriaSHQIP 1.0, when magic_quotes_gpc is disabled, all... | E | |
| CVE-2010-3208 | Cross-site scripting (XSS) vulnerability in ajax.php in Wiccle Web Builder (WWB) 1.00 and 1.0.1 allo... | E | |
| CVE-2010-3209 | Multiple PHP remote file inclusion vulnerabilities in Seagull 0.6.7 allow remote attackers to execut... | E | |
| CVE-2010-3210 | Multiple PHP remote file inclusion vulnerabilities in Multi-lingual E-Commerce System 0.2 allow remo... | E | |
| CVE-2010-3211 | Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! ... | E | |
| CVE-2010-3212 | SQL injection vulnerability in index.php in Seagull 0.6.7 and earlier allows remote attackers to exe... | E | |
| CVE-2010-3213 | Cross-site request forgery (CSRF) vulnerability in Microsoft Outlook Web Access (owa/ev.owa) 2007 th... | E | |
| CVE-2010-3214 | Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 an... | | |
| CVE-2010-3215 | Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values dur... | | |
| CVE-2010-3216 | Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via... | | |
| CVE-2010-3217 | Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary co... | | |
| CVE-2010-3218 | Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary c... | | |
| CVE-2010-3219 | Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary co... | | |
| CVE-2010-3220 | Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers... | | |
| CVE-2010-3221 | Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a ... | | |
| CVE-2010-3222 | Stack-based buffer overflow in the Remote Procedure Call Subsystem (RPCSS) in Microsoft Windows XP S... | | |
| CVE-2010-3223 | The user interface in Microsoft Cluster Service (MSCS) in Microsoft Windows Server 2008 R2 does not ... | | |
| CVE-2010-3224 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3225 | Use-after-free vulnerability in the Media Player Network Sharing Service in Microsoft Windows Vista ... | | |
| CVE-2010-3226 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3227 | Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc4... | E | |
| CVE-2010-3228 | The JIT compiler in Microsoft .NET Framework 4.0 on 64-bit platforms does not properly perform optim... | | |
| CVE-2010-3229 | The Secure Channel (aka SChannel) security package in Microsoft Windows Vista SP1 and SP2, Windows S... | | |
| CVE-2010-3230 | Integer overflow in Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code via a... | | |
| CVE-2010-3231 | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac d... | | |
| CVE-2010-3232 | Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter ... | | |
| CVE-2010-3233 | Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate record information, which allows re... | | |
| CVE-2010-3234 | Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attacke... | | |
| CVE-2010-3235 | Microsoft Excel 2002 SP3 does not properly validate formula information, which allows remote attacke... | | |
| CVE-2010-3236 | Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Conver... | | |
| CVE-2010-3237 | Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information, which ... | | |
| CVE-2010-3238 | Microsoft Excel 2002 SP3 and 2003 SP3, and Office 2004 for Mac, does not properly validate binary fi... | | |
| CVE-2010-3239 | Microsoft Excel 2002 SP3 does not properly validate record information, which allows remote attacker... | | |
| CVE-2010-3240 | Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Exc... | | |
| CVE-2010-3241 | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac d... | | |
| CVE-2010-3242 | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac d... | | |
| CVE-2010-3243 | Cross-site scripting (XSS) vulnerability in the toStaticHTML function in Microsoft Internet Explorer... | | |
| CVE-2010-3244 | BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6... | | |
| CVE-2010-3245 | The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite)... | | |
| CVE-2010-3246 | Google Chrome before 6.0.472.53 does not properly handle the _blank value for the target attribute o... | S | |
| CVE-2010-3247 | Google Chrome before 6.0.472.53 does not properly restrict the characters in URLs, which allows remo... | S | |
| CVE-2010-3248 | Google Chrome before 6.0.472.53 does not properly restrict copying to the clipboard, which has unspe... | S | |
| CVE-2010-3249 | Google Chrome before 6.0.472.53 does not properly implement SVG filters, which allows remote attacke... | S | |
| CVE-2010-3250 | Unspecified vulnerability in Google Chrome before 6.0.472.53 allows remote attackers to enumerate th... | S | |
| CVE-2010-3251 | The WebSockets implementation in Google Chrome before 6.0.472.53 allows remote attackers to cause a ... | E S | |
| CVE-2010-3252 | Use-after-free vulnerability in the Notifications presenter in Google Chrome before 6.0.472.53 allow... | | |
| CVE-2010-3253 | The implementation of notification permissions in Google Chrome before 6.0.472.53 allows attackers t... | E S | |
| CVE-2010-3254 | The WebSockets implementation in Google Chrome before 6.0.472.53 does not properly handle integer va... | E S | |
| CVE-2010-3255 | Google Chrome before 6.0.472.53 and webkitgtk before 1.2.6 do not properly handle counter nodes, whi... | S | |
| CVE-2010-3256 | Google Chrome before 6.0.472.53 does not properly limit the number of stored autocomplete entries, w... | S | |
| CVE-2010-3257 | Use-after-free vulnerability in WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3,... | | |
| CVE-2010-3258 | The sandbox implementation in Google Chrome before 6.0.472.53 does not properly deserialize paramete... | E S | |
| CVE-2010-3259 | WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3, Google Chrome before 6.0.472.53... | S | |
| CVE-2010-3260 | oxf/xml/xerces/XercesSAXParserFactoryImpl.java in the xforms-server component in the XForms service ... | E S | |
| CVE-2010-3261 | Directory traversal vulnerability in RSA Authentication Agent 7.0 before P2 for Web allows remote at... | | |
| CVE-2010-3262 | Cross-site scripting (XSS) vulnerability in Flock Browser 3.x before 3.0.0.4114 allows remote attack... | | |
| CVE-2010-3263 | Cross-site scripting (XSS) vulnerability in setup/frames/index.inc.php in the setup script in phpMyA... | | |
| CVE-2010-3264 | The engine installer in Novell Identity Manager (aka IDM) 3.6.1 stores admin tree credentials in /tm... | | |
| CVE-2010-3266 | Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote auth... | E | |
| CVE-2010-3267 | Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated use... | E | |
| CVE-2010-3268 | The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service ... | E | |
| CVE-2010-3269 | Multiple stack-based buffer overflows in the Cisco WebEx Recording Format (WRF) and Advanced Recordi... | S | |
| CVE-2010-3270 | Stack-based buffer overflow in Cisco WebEx Meeting Center T27LB before SP21 EP3 and T27LC before SP2... | | |
| CVE-2010-3271 | Multiple cross-site request forgery (CSRF) vulnerabilities in the Integrated Solutions Console (aka ... | E | |
| CVE-2010-3272 | accounts/ValidateAnswers in the security-questions implementation in ZOHO ManageEngine ADSelfService... | E | |
| CVE-2010-3273 | ZOHO ManageEngine ADSelfService Plus before 4.5 Build 4500 allows remote attackers to reset user pas... | E | |
| CVE-2010-3274 | Multiple cross-site scripting (XSS) vulnerabilities in EmployeeSearch.cc in the Employee Search Engi... | E | |
| CVE-2010-3275 | libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute a... | E S | |
| CVE-2010-3276 | libdirectx_plugin.dll in VideoLAN VLC Media Player before 1.1.8 allows remote attackers to execute a... | E S | |
| CVE-2010-3277 | The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2... | | |
| CVE-2010-3278 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3110. Reason: This candida... | R | |
| CVE-2010-3279 | The default configuration of the CCAgent option before 9.0.8.4 in the management server (aka TSA) co... | | |
| CVE-2010-3280 | The CCAgent option 9.0.8.4 and earlier in the management server (aka TSA) component in Alcatel-Lucen... | | |
| CVE-2010-3281 | Stack-based buffer overflow in the HTTP proxy service in Alcatel-Lucent OmniVista 4760 server before... | | |
| CVE-2010-3282 | 389 Directory Server before 1.2.7.1 (aka Red Hat Directory Server 8.2) and HP-UX Directory Server be... | | |
| CVE-2010-3283 | Open redirect vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attacker... | | |
| CVE-2010-3284 | Unspecified vulnerability in HP System Management Homepage (SMH) before 6.2 allows remote attackers ... | | |
| CVE-2010-3285 | Unspecified vulnerability in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote a... | | |
| CVE-2010-3286 | Unspecified vulnerability in HP Systems Insight Manager (SIM) 6.0 and 6.1 allows remote attackers to... | S | |
| CVE-2010-3287 | Unspecified vulnerability on HP ProCurve Access Points, Access Controllers, and Mobility Controllers... | | |
| CVE-2010-3288 | Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allow... | | |
| CVE-2010-3289 | Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remot... | | |
| CVE-2010-3290 | Unspecified vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote authenticated... | | |
| CVE-2010-3291 | Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x through AC_5.03, and AssetManager 5.... | | |
| CVE-2010-3292 | The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them wi... | | |
| CVE-2010-3293 | mailscanner can allow local users to prevent virus signatures from being updated... | | |
| CVE-2010-3294 | Cross-site scripting (XSS) vulnerability in apc.php in the Alternative PHP Cache (APC) extension bef... | | |
| CVE-2010-3295 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2010-3296 | The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.3... | S | |
| CVE-2010-3297 | The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not pr... | S | |
| CVE-2010-3298 | The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not p... | S | |
| CVE-2010-3299 | The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.... | E | |
| CVE-2010-3300 | It was found that all OWASP ESAPI for Java up to version 2.0 RC2 are vulnerable to padding oracle at... | | |
| CVE-2010-3301 | The IA32 system call emulation functionality in arch/x86/ia32/ia32entry.S in the Linux kernel before... | E S | |
| CVE-2010-3302 | Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allo... | S | |
| CVE-2010-3303 | Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before 1.2.3 allow remote authentica... | | |
| CVE-2010-3304 | The ACL plugin in Dovecot 1.2.x before 1.2.13 propagates INBOX ACLs to newly created mailboxes in ce... | S | |
| CVE-2010-3305 | Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to c... | E | |
| CVE-2010-3306 | Directory traversal vulnerability in the modURL function in instance.c in Weborf before 0.12.3 allow... | E S | |
| CVE-2010-3307 | Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.... | | |
| CVE-2010-3308 | Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 might allo... | S | |
| CVE-2010-3309 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2010-3310 | Multiple integer signedness errors in net/rose/af_rose.c in the Linux kernel before 2.6.36-rc5-next-... | S | |
| CVE-2010-3311 | Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 al... | | |
| CVE-2010-3312 | Epiphany 2.28 and 2.29, when WebKit and LibSoup are used, unconditionally displays a closed-lock ico... | | |
| CVE-2010-3313 | phpgwapi/js/fckeditor/editor/dialog/fck_spellerpages/spellerpages/serverscripts/spellchecker.php in ... | E S | |
| CVE-2010-3314 | Cross-site scripting (XSS) vulnerability in login.php in EGroupware 1.4.001+.002; 1.6.001+.002 and p... | E S | |
| CVE-2010-3315 | authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.... | S | |
| CVE-2010-3316 | The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.... | S | |
| CVE-2010-3317 | Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 ... | | |
| CVE-2010-3318 | IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allo... | | |
| CVE-2010-3319 | IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which mig... | | |
| CVE-2010-3320 | Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote... | | |
| CVE-2010-3321 | RSA Authentication Client 2.0.x, 3.0, and 3.5.x before 3.5.3 does not properly handle a SENSITIVE or... | | |
| CVE-2010-3322 | The XML parser in Splunk 4.0.0 through 4.1.4 allows remote authenticated users to obtain sensitive i... | S | |
| CVE-2010-3323 | Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session hijacking attacks and obtain t... | S | |
| CVE-2010-3324 | The toStaticHTML function in Microsoft Internet Explorer 8, and the SafeHTML function in Microsoft W... | E | |
| CVE-2010-3325 | Microsoft Internet Explorer 6 through 8 does not properly handle unspecified special characters in C... | | |
| CVE-2010-3326 | Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attack... | | |
| CVE-2010-3327 | The implementation of HTML content creation in Microsoft Internet Explorer 6 through 8 does not remo... | | |
| CVE-2010-3328 | Use-after-free vulnerability in the CAttrArray::PrivateFind function in mshtml.dll in Microsoft Inte... | S | |
| CVE-2010-3329 | mshtmled.dll in Microsoft Internet Explorer 7 and 8 allows remote attackers to execute arbitrary cod... | | |
| CVE-2010-3330 | Microsoft Internet Explorer 6 through 8 does not properly restrict script access to content from a d... | | |
| CVE-2010-3331 | Microsoft Internet Explorer 6 through 8 does not properly handle objects in memory in certain circum... | | |
| CVE-2010-3332 | Microsoft .NET Framework 1.1 SP1, 2.0 SP1 and SP2, 3.5, 3.5 SP1, 3.5.1, and 4.0, as used for ASP.NET... | E S | |
| CVE-2010-3333 | Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 201... | KEV S | |
| CVE-2010-3334 | Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac... | | |
| CVE-2010-3335 | Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac... | | |
| CVE-2010-3336 | Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format... | | |
| CVE-2010-3337 | Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain... | | |
| CVE-2010-3338 | The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, an... | | |
| CVE-2010-3339 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3340 | Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote ... | | |
| CVE-2010-3341 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3342 | Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which ... | S | |
| CVE-2010-3343 | Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attack... | S | |
| CVE-2010-3344 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3345 | Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attack... | S | |
| CVE-2010-3346 | Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows rem... | S | |
| CVE-2010-3347 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3348 | Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which ... | S | |
| CVE-2010-3349 | Ardour 2.8.11 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users t... | | |
| CVE-2010-3350 | bareFTP 0.3.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users t... | S | |
| CVE-2010-3351 | startBristol in Bristol 0.60.5 places a zero-length directory name in the LD_LIBRARY_PATH, which all... | E | |
| CVE-2010-3353 | Cowbell 0.2.7.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users... | E S | |
| CVE-2010-3354 | dropboxd in Dropbox 0.7.110 places a zero-length directory name in the LD_LIBRARY_PATH, which allows... | | |
| CVE-2010-3355 | Ember 0.5.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to ... | E S | |
| CVE-2010-3357 | gnome-subtitles 1.0 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local u... | E S | |
| CVE-2010-3358 | HenPlus JDBC SQL-Shell 0.9.7 places a zero-length directory name in the LD_LIBRARY_PATH, which allow... | E | |
| CVE-2010-3359 | If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the c... | | |
| CVE-2010-3360 | Hipo 0.6.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to g... | E | |
| CVE-2010-3361 | The (1) iked, (2) ikea, and (3) ikec scripts in Shrew Soft IKE 2.1.5 place a zero-length directory n... | E | |
| CVE-2010-3362 | lastfm 1.5.4 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to... | E | |
| CVE-2010-3363 | roarify in roaraudio 0.3 places a zero-length directory name in the LD_LIBRARY_PATH, which allows lo... | E | |
| CVE-2010-3364 | The vips-7.22 script in VIPS 7.22.2 places a zero-length directory name in the LD_LIBRARY_PATH, whic... | E | |
| CVE-2010-3365 | Mistelix 0.31 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users t... | E | |
| CVE-2010-3366 | Mn_Fit 5.13 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to ... | E S | |
| CVE-2010-3369 | The (1) mdb and (2) mdb-symbolreader scripts in mono-debugger 2.4.3, and other versions before 2.8.1... | E S | |
| CVE-2010-3372 | Untrusted search path vulnerability in NorduGrid Advanced Resource Connector (ARC) before 0.8.3 allo... | | |
| CVE-2010-3373 | paxtest handles temporary files insecurely... | | |
| CVE-2010-3374 | Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows loc... | S | |
| CVE-2010-3375 | qtparted has insecure library loading which may allow arbitrary code execution... | | |
| CVE-2010-3376 | The (1) proofserv, (2) xrdcp, (3) xrdpwdadmin, and (4) xrd scripts in ROOT 5.18/00 place a zero-leng... | E | |
| CVE-2010-3377 | The (1) runSalome, (2) runTestMedCorba, (3) runLightSalome, and (4) hxx2salome scripts in SALOME 5.1... | E | |
| CVE-2010-3378 | The (1) scilab, (2) scilab-cli, and (3) scilab-adv-cli scripts in Scilab 5.2.2 place a zero-length d... | E | |
| CVE-2010-3380 | The (1) init.d/slurm and (2) init.d/slurmdbd scripts in SLURM before 2.1.14 place the . (dot) direct... | | |
| CVE-2010-3381 | The (1) tangerine and (2) tangerine-properties scripts in Tangerine 0.3.2.2 place a zero-length dire... | E S | |
| CVE-2010-3382 | tauex in Tuning and Analysis Utilities (TAU) 2.16.4 places a zero-length directory name in the LD_LI... | E S | |
| CVE-2010-3383 | The (1) teamspeak and (2) teamspeak-server scripts in TeamSpeak 2.0.32 place a zero-length directory... | E S | |
| CVE-2010-3384 | The (1) torcs, (2) nfsperf, (3) accc, (4) texmapper, (5) trackgen, and (6) nfs2ac scripts in TORCS 1... | E | |
| CVE-2010-3385 | TuxGuitar 1.2 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users t... | E S | |
| CVE-2010-3386 | usttrace in LTTng Userspace Tracer (aka UST) 0.7 places a zero-length directory name in the LD_LIBRA... | E S | |
| CVE-2010-3387 | vdrleaktest in Video Disk Recorder (VDR) 1.6.0 places a zero-length directory name in the LD_LIBRARY... | E S | |
| CVE-2010-3389 | The (1) SAPDatabase and (2) SAPInstance scripts in OCF Resource Agents (aka resource-agents or clust... | E S | |
| CVE-2010-3393 | magics-config in Magics++ 2.10.0 places a zero-length directory name in the LD_LIBRARY_PATH, which a... | E S | |
| CVE-2010-3394 | The (1) texmacs and (2) tm_mupad_help scripts in TeXmacs 1.0.7.4 place a zero-length directory name ... | E S | |
| CVE-2010-3396 | Buffer overflow in kavfm.sys in Kingsoft Antivirus 2010.04.26.648 and earlier allows local users to ... | E | |
| CVE-2010-3397 | Untrusted search path vulnerability in PGP Desktop 9.9.0 Build 397, 9.10.x, 10.0.0 Build 2732, and p... | | |
| CVE-2010-3398 | Unspecified vulnerability in the webcontainer implementation in IBM Lotus Sametime Connect 8.5.1 bef... | | |
| CVE-2010-3399 | The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.10 through 3.5.11... | E | |
| CVE-2010-3400 | The js_InitRandom function in the JavaScript implementation in Mozilla Firefox 3.5.x before 3.5.10 a... | S | |
| CVE-2010-3402 | Untrusted search path vulnerability in IDM Computer Solutions UltraEdit 16.20.0.1009, 16.10.0.1036, ... | | |
| CVE-2010-3403 | Untrusted search path vulnerability in Qualcomm eXtensible Diagnostic Monitor (QXDM) 03.09.19 allows... | | |
| CVE-2010-3404 | Multiple SQL injection vulnerabilities in eshtery CMS (aka eshtery.com) allow remote attackers to ex... | E | |
| CVE-2010-3405 | Buffer overflow in sa_snap in the bos.esagent fileset in IBM AIX 6.1, 5.3, and earlier and VIOS 2.1,... | S | |
| CVE-2010-3406 | Unspecified vulnerability in sa_snap in the bos.esagent fileset in IBM AIX 5.3 allows local users to... | S | |
| CVE-2010-3407 | Stack-based buffer overflow in the MailCheck821Address function in nnotes.dll in the nrouter.exe ser... | E | |
| CVE-2010-3408 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1823. Reason: This candida... | R | |
| CVE-2010-3409 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1824. Reason: This candida... | R | |
| CVE-2010-3410 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-1825. Reason: This candida... | R | |
| CVE-2010-3411 | Google Chrome before 6.0.472.59 on Linux does not properly handle cursors, which might allow attacke... | E S | |
| CVE-2010-3412 | Race condition in the console implementation in Google Chrome before 6.0.472.59 has unspecified impa... | | |
| CVE-2010-3413 | Unspecified vulnerability in the pop-up blocking functionality in Google Chrome before 6.0.472.59 al... | E S | |
| CVE-2010-3414 | Google Chrome before 6.0.472.59 on Mac OS X does not properly implement file dialogs, which allows a... | E S | |
| CVE-2010-3415 | Google Chrome before 6.0.472.59 does not properly implement Geolocation, which allows remote attacke... | S | |
| CVE-2010-3416 | Google Chrome before 6.0.472.59 on Linux does not properly implement the Khmer locale, which allows ... | | |
| CVE-2010-3417 | Google Chrome before 6.0.472.59 does not prompt the user before granting access to the extension his... | S | |
| CVE-2010-3418 | Multiple cross-site scripting (XSS) vulnerabilities in NetArt Media Car Portal 2.0 and earlier allow... | | |
| CVE-2010-3419 | Multiple PHP remote file inclusion vulnerabilities in Haudenschilt Family Connections CMS (FCMS) 2.2... | E | |
| CVE-2010-3420 | Cross-site scripting (XSS) vulnerability in Products_Results.php in PowerStore 3.0 allows remote att... | | |
| CVE-2010-3421 | Cross-site scripting (XSS) vulnerability in AffiliateLogin.asp in ProductCart 3, 4.1 SP1, and possib... | E | |
| CVE-2010-3422 | SQL injection vulnerability in the JGen (com_jgen) component 0.9.33 for Joomla! allows remote attack... | E | |
| CVE-2010-3423 | SQL injection vulnerability in the Yr Weatherdata module for Drupal 6.x before 6.x-1.6 allows remote... | S | |
| CVE-2010-3424 | Cross-site scripting (XSS) vulnerability in admin/sources/classes/bbcode/custom/defaults.php in Invi... | S | |
| CVE-2010-3425 | Cross-site scripting (XSS) vulnerability in UserControls/Popups/frmHelp.aspx in SmarterStats 5.3, 5.... | E | |
| CVE-2010-3426 | Directory traversal vulnerability in jphone.php in the JPhone (com_jphone) component 1.0 Alpha 3 for... | E | |
| CVE-2010-3427 | Multiple cross-site scripting (XSS) vulnerabilities in Open Classifieds 1.7.0.2 allow remote attacke... | | |
| CVE-2010-3428 | SQL injection vulnerability in modules/notes/json.php in Intermesh Group-Office 3.5.9 allows remote ... | E | |
| CVE-2010-3429 | flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows r... | S | |
| CVE-2010-3430 | The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka ... | S | |
| CVE-2010-3431 | The privilege-dropping implementation in the (1) pam_env and (2) pam_mail modules in Linux-PAM (aka ... | S | |
| CVE-2010-3432 | The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs ex... | S | |
| CVE-2010-3433 | The PL/perl and PL/Tcl implementations in PostgreSQL 7.4 before 7.4.30, 8.0 before 8.0.26, 8.1 befor... | S | |
| CVE-2010-3434 | Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 all... | S | |
| CVE-2010-3435 | The (1) pam_env and (2) pam_mail modules in Linux-PAM (aka pam) before 1.1.2 use root privileges dur... | S | |
| CVE-2010-3436 | fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir rest... | S | |
| CVE-2010-3437 | Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the L... | E S | |
| CVE-2010-3438 | libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be ... | S | |
| CVE-2010-3439 | It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supply... | E | |
| CVE-2010-3440 | babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpa... | | |
| CVE-2010-3441 | Multiple buffer overflows in abcm2ps before 5.9.12 might allow remote attackers to execute arbitrary... | S | |
| CVE-2010-3442 | Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel b... | S | |
| CVE-2010-3443 | ctcphandler.cpp in Quassel before 0.6.3 and 0.7.x before 0.7.1 allows remote attackers to cause a de... | S | |
| CVE-2010-3444 | Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possi... | S | |
| CVE-2010-3445 | Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c ... | E | |
| CVE-2010-3446 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was with... | R | |
| CVE-2010-3447 | Cross-site scripting (XSS) vulnerability in view.php in the file viewer in Horde Gollem before 1.1.2... | E S | |
| CVE-2010-3448 | drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 on ThinkPad devices, when the... | S | |
| CVE-2010-3449 | Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1... | S | |
| CVE-2010-3450 | Multiple directory traversal vulnerabilities in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allow re... | S | |
| CVE-2010-3451 | Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remot... | | |
| CVE-2010-3452 | Use-after-free vulnerability in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remot... | | |
| CVE-2010-3453 | The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org (OOo) 2.x and 3.x before 3... | | |
| CVE-2010-3454 | Multiple off-by-one errors in the WW8DopTypography::ReadFromMem function in oowriter in OpenOffice.o... | | |
| CVE-2010-3455 | Cross-site scripting (XSS) vulnerability in index.php in AChecker 1.0 allows remote attackers to inj... | E | |
| CVE-2010-3456 | Directory traversal vulnerability in download.php in EnergyScripts (ES) Simple Download 1.0 allows r... | E | |
| CVE-2010-3457 | Multiple cross-site scripting (XSS) vulnerabilities in Symphony CMS 2.0.7 and 2.1.1 allow remote att... | E | |
| CVE-2010-3458 | SQL injection vulnerability in lib/toolkit/events/event.section.php in Symphony CMS 2.0.7 and 2.1.1 ... | E | |
| CVE-2010-3459 | Cross-site scripting (XSS) vulnerability in the Ajax WebMail interface in AXIGEN Mail Server before ... | E S | |
| CVE-2010-3460 | Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows allo... | E S | |
| CVE-2010-3461 | SQL injection vulnerability in the Publisher module in eNdonesia 8.4 allows remote attackers to exec... | E | |
| CVE-2010-3462 | Cross-site scripting (XSS) vulnerability in backend/plugin/Registration/index.php in Mollify 1.6, 1.... | E | |
| CVE-2010-3463 | Cross-site scripting (XSS) vulnerability in modules/search/search.class.php in SantaFox 2.02, and po... | E | |
| CVE-2010-3464 | Cross-site request forgery (CSRF) vulnerability in admin/manager_users.class.php in SantaFox 2.02, a... | E | |
| CVE-2010-3465 | Multiple cross-site scripting (XSS) vulnerabilities in XSE Shopping Cart 1.5.2.1 and 1.5.3.0 allow r... | | |
| CVE-2010-3466 | Cross-site scripting (XSS) vulnerability in index.php in the hosted_signup module in NetArt Media iB... | | |
| CVE-2010-3467 | SQL injection vulnerability in modules/sections/index.php in E-Xoopport Samsara 3.1 and earlier, whe... | E | |
| CVE-2010-3468 | Directory traversal vulnerability in fileManager.cfc in Mura CMS 5.1 before 5.1.498 and 5.2 before 5... | E S | |
| CVE-2010-3470 | Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileN... | | |
| CVE-2010-3471 | Session fixation vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Eng... | | |
| CVE-2010-3472 | Multiple cross-site scripting (XSS) vulnerabilities in the Workplace (aka WP) component in IBM FileN... | | |
| CVE-2010-3473 | Open redirect vulnerability in the Workplace (aka WP) component in IBM FileNet P8 Application Engine... | | |
| CVE-2010-3474 | IBM DB2 9.7 before FP3 does not perform the expected drops or invalidations of dependent functions u... | | |
| CVE-2010-3475 | IBM DB2 9.7 before FP3 does not properly enforce privilege requirements for execution of entries in ... | | |
| CVE-2010-3476 | Open Ticket Request System (OTRS) 2.3.x before 2.3.6 and 2.4.x before 2.4.8 does not properly handle... | | |
| CVE-2010-3477 | The tcf_act_police_dump function in net/sched/act_police.c in the actions implementation in the netw... | | |
| CVE-2010-3479 | SQL injection vulnerability in list.php in BoutikOne 1.0 allows remote attackers to execute arbitrar... | E | |
| CVE-2010-3480 | Directory traversal vulnerability in index.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_gpc is... | E | |
| CVE-2010-3481 | Multiple SQL injection vulnerabilities in login.php in ApPHP PHP MicroCMS 1.0.1, when magic_quotes_g... | E | |
| CVE-2010-3482 | Multiple SQL injection vulnerabilities in cms_write.php in Primitive CMS 1.0.9 allow remote authenti... | E | |
| CVE-2010-3483 | cms_write.php in Primitive CMS 1.0.9 does not properly restrict access, which allows remote attacker... | E | |
| CVE-2010-3484 | SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arb... | E | |
| CVE-2010-3485 | SQL injection vulnerability in common.php in LightNEasy 3.2.1 allows remote attackers to execute arb... | | |
| CVE-2010-3486 | Directory traversal vulnerability in FileStorageUpload.ashx in SmarterMail 7.1.3876 allows remote at... | E | |
| CVE-2010-3487 | Directory traversal vulnerability in YelloSoft Pinky 1.0 for Windows allows remote attackers to read... | E | |
| CVE-2010-3488 | Directory traversal vulnerability in QuickShare 1.0 allows remote attackers to read arbitrary files ... | E | |
| CVE-2010-3489 | Cross-site scripting (XSS) vulnerability in netautor/napro4/home/login2.php in CMS Digital Workroom ... | E | |
| CVE-2010-3490 | Directory traversal vulnerability in page.recordings.php in the System Recordings component in the c... | E | |
| CVE-2010-3491 | The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix Ser... | S | |
| CVE-2010-3492 | The asyncore module in Python before 3.2 does not properly handle unsuccessful calls to the accept f... | S | |
| CVE-2010-3493 | Multiple race conditions in smtpd.py in the smtpd module in Python 2.6, 2.7, 3.1, and 3.2 alpha allo... | S | |
| CVE-2010-3494 | Race condition in the FTPHandler class in ftpserver.py in pyftpdlib before 0.5.2 allows remote attac... | S | |
| CVE-2010-3495 | Race condition in ZEO/StorageServer.py in Zope Object Database (ZODB) before 3.10.0 allows remote at... | S | |
| CVE-2010-3496 | McAfee VirusScan Enterprise 8.5i and 8.7i does not properly interact with the processing of hcp:// U... | E | |
| CVE-2010-3497 | Symantec Norton AntiVirus 2011 does not properly interact with the processing of hcp:// URLs by the ... | | |
| CVE-2010-3498 | AVG Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft Help a... | | |
| CVE-2010-3499 | F-Secure Anti-Virus does not properly interact with the processing of hcp:// URLs by the Microsoft H... | | |
| CVE-2010-3500 | Unspecified vulnerability in the Siebel Core - Highly Interactive Client component in Oracle Siebel ... | S | |
| CVE-2010-3501 | Unspecified vulnerability in the OID component in Oracle Fusion Middleware 10.1.2.3, 10.1.4.3, and 1... | | |
| CVE-2010-3502 | Unspecified vulnerability in the Siebel Core component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.... | | |
| CVE-2010-3503 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confiden... | | |
| CVE-2010-3504 | Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business... | | |
| CVE-2010-3505 | Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 ... | | |
| CVE-2010-3506 | Unspecified vulnerability in the Oracle Explorer (Sun Explorer) component in Oracle Sun Products Sui... | | |
| CVE-2010-3507 | Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentialit... | | |
| CVE-2010-3508 | Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and inte... | | |
| CVE-2010-3509 | Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confident... | | |
| CVE-2010-3510 | Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9... | | |
| CVE-2010-3511 | Unspecified vulnerability in Oracle OpenSolaris allows local users to affect integrity and availabil... | | |
| CVE-2010-3512 | Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in... | | |
| CVE-2010-3513 | Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect ... | | |
| CVE-2010-3514 | Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in... | | |
| CVE-2010-3515 | Unspecified vulnerability in the Solaris component in Oracle Solaris 9 and 10, and OpenSolaris, allo... | | |
| CVE-2010-3516 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availabi... | | |
| CVE-2010-3517 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availabi... | | |
| CVE-2010-3518 | Unspecified vulnerability in the PeopleSoft Enterprise HCM GP - Japan component in Oracle PeopleSoft... | | |
| CVE-2010-3519 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft an... | | |
| CVE-2010-3520 | Unspecified vulnerability in the PeopleSoft Enterprise HCM - GP France component in Oracle PeopleSof... | | |
| CVE-2010-3521 | Unspecified vulnerability in the PeopleSoft Enterprise HCM ePay component in Oracle PeopleSoft and J... | | |
| CVE-2010-3522 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft an... | | |
| CVE-2010-3523 | Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft an... | | |
| CVE-2010-3524 | Unspecified vulnerability in the PeopleSoft Enterprise SCM - Strategic Sourcing component in Oracle ... | | |
| CVE-2010-3525 | Unspecified vulnerability in the (1) PeopleSoft Enterprise FMS, (2) SCM, (3) EPM, (4) CRM, and (5) C... | | |
| CVE-2010-3526 | Unspecified vulnerability in the PeopleSoft Enterprise SCM - PO component in Oracle PeopleSoft and J... | | |
| CVE-2010-3527 | Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM component in Oracle PeopleSoft and J... | | |
| CVE-2010-3528 | Unspecified vulnerability in the PeopleSoft Enterprise CRM - Common Components component in Oracle P... | | |
| CVE-2010-3529 | Unspecified vulnerability in the PeopleSoft Enterprise FMS - Cash Management component in Oracle Peo... | | |
| CVE-2010-3530 | Unspecified vulnerability in the PeopleSoft Enterprise HCM - HR component in Oracle PeopleSoft and J... | | |
| CVE-2010-3531 | Unspecified vulnerability in the PeopleSoft Enterprise FMS ESA - RM component in Oracle PeopleSoft a... | | |
| CVE-2010-3532 | Unspecified vulnerability in the PeopleSoft Enterprise CRM - Order Capture component in Oracle Peopl... | | |
| CVE-2010-3533 | Unspecified vulnerability in the PeopleSoft Enterprise SCM OM and CRM Order Capture component in Ora... | | |
| CVE-2010-3534 | Unspecified vulnerability in the Primavera P6 Enterprise Project Portfolio Management component in O... | | |
| CVE-2010-3535 | Unspecified vulnerability in the Directory Server Enterprise Edition component in Oracle Sun Product... | | |
| CVE-2010-3536 | Unspecified vulnerability in the PeopleSoft Enterprise SCM component in Oracle PeopleSoft and JDEdwa... | | |
| CVE-2010-3537 | Unspecified vulnerability in the PeopleSoft Enterprise FMS - AM component in Oracle PeopleSoft and J... | | |
| CVE-2010-3538 | Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL component in Oracle PeopleSoft and J... | | |
| CVE-2010-3539 | Unspecified vulnerability in the PeopleSoft Enterprise FMS - GL component in Oracle PeopleSoft and J... | | |
| CVE-2010-3540 | Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect availabi... | | |
| CVE-2010-3541 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Upda... | S | |
| CVE-2010-3542 | Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to aff... | | |
| CVE-2010-3543 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3544 | Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in... | | |
| CVE-2010-3545 | Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in... | | |
| CVE-2010-3546 | Unspecified vulnerability in the Sun Java System Identity Manager component in Oracle Sun Products S... | | |
| CVE-2010-3547 | Unspecified vulnerability in the PeopleSoft FMS ESA - EX component in Oracle PeopleSoft and JDEdward... | | |
| CVE-2010-3548 | Unspecified vulnerability in the Java Naming and Directory Interface (JNDI) component in Oracle Java... | S | |
| CVE-2010-3549 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Upda... | S | |
| CVE-2010-3550 | Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 ... | S | |
| CVE-2010-3551 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Upda... | S | |
| CVE-2010-3552 | Unspecified vulnerability in the New Java Plug-in component in Oracle Java SE and Java for Business ... | S | |
| CVE-2010-3553 | Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21... | S | |
| CVE-2010-3554 | Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21... | S | |
| CVE-2010-3555 | Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Upda... | S | |
| CVE-2010-3556 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5... | S | |
| CVE-2010-3557 | Unspecified vulnerability in the Swing component in Oracle Java SE and Java for Business 6 Update 21... | S | |
| CVE-2010-3558 | Unspecified vulnerability in the Java Web Start component in Oracle Java SE and Java for Business 6 ... | S | |
| CVE-2010-3559 | Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21... | S | |
| CVE-2010-3560 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Upda... | S | |
| CVE-2010-3561 | Unspecified vulnerability in the CORBA component in Oracle Java SE and Java for Business 6 Update 21... | S | |
| CVE-2010-3562 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5... | S | |
| CVE-2010-3563 | Unspecified vulnerability in the Deployment component in Oracle Java SE and Java for Business 6 Upda... | S | |
| CVE-2010-3564 | Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging S... | | |
| CVE-2010-3565 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5... | S | |
| CVE-2010-3566 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5... | S | |
| CVE-2010-3567 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, a... | S | |
| CVE-2010-3568 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B... | S | |
| CVE-2010-3569 | Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B... | S | |
| CVE-2010-3570 | Unspecified vulnerability in the Deployment Toolkit component in Oracle Java SE and Java for Busines... | S | |
| CVE-2010-3571 | Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5... | S | |
| CVE-2010-3572 | Unspecified vulnerability in the Sound component in Oracle Java SE and Java for Business 6 Update 21... | S | |
| CVE-2010-3573 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Upda... | S | |
| CVE-2010-3574 | Unspecified vulnerability in the Networking component in Oracle Java SE and Java for Business 6 Upda... | S | |
| CVE-2010-3575 | Unspecified vulnerability in the Oracle Communications Messaging Server (Sun Java System Messaging S... | | |
| CVE-2010-3576 | Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to aff... | | |
| CVE-2010-3577 | Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality an... | | |
| CVE-2010-3578 | Unspecified vulnerability in Oracle OpenSolaris allows remote attackers to affect confidentiality, i... | | |
| CVE-2010-3579 | Unspecified vulnerability in the (1) Sun Convergence 1 and (2) Sun Java Communications Suite 7 compo... | | |
| CVE-2010-3580 | Unspecified vulnerability in Oracle OpenSolaris allows local users to affect availability via unknow... | | |
| CVE-2010-3581 | Unspecified vulnerability in the BPEL Console component in Oracle Fusion Middleware 11.1.1.1.0 and 1... | | |
| CVE-2010-3582 | Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated u... | | |
| CVE-2010-3583 | Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated u... | | |
| CVE-2010-3584 | Unspecified vulnerability in the Oracle VM component in Oracle VM 2.2.1 allows local users to affect... | | |
| CVE-2010-3585 | Unspecified vulnerability in the OracleVM component in Oracle VM 2.2.1 allows remote authenticated u... | | |
| CVE-2010-3586 | Unspecified vulnerability in Oracle Solaris 9 allows local users to affect confidentiality and integ... | | |
| CVE-2010-3587 | Unspecified vulnerability in the Oracle Common Applications component in Oracle Applications 11.5.10... | | |
| CVE-2010-3588 | Unspecified vulnerability in the Oracle Discoverer component in Oracle Fusion Middleware 10.1.2.3, 1... | | |
| CVE-2010-3589 | Unspecified vulnerability in the Oracle Application Object Library component in Oracle Applications ... | | |
| CVE-2010-3590 | Unspecified vulnerability in the Oracle Spatial component in Oracle Database Server 10.2.0.4, 11.1.0... | | |
| CVE-2010-3591 | Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.... | E | |
| CVE-2010-3592 | Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.... | | |
| CVE-2010-3593 | Unspecified vulnerability in the Health Sciences - Oracle Argus Safety component in Oracle Industry ... | | |
| CVE-2010-3594 | Unspecified vulnerability in the Real User Experience Insight component in Oracle Enterprise Manager... | | |
| CVE-2010-3595 | Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.... | E | |
| CVE-2010-3596 | Unspecified vulnerability in the mod_ssl component in Oracle Secure Backup 10.3.0.2 allows remote at... | | |
| CVE-2010-3597 | Unspecified vulnerability in the Oracle Outside In Technology component in Oracle Fusion Middleware ... | | |
| CVE-2010-3598 | Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.... | | |
| CVE-2010-3599 | Unspecified vulnerability in the Oracle Document Capture component in Oracle Fusion Middleware 10.1.... | | |
| CVE-2010-3600 | Unspecified vulnerability in the Client System Analyzer component in Oracle Database Server 11.1.0.7... | | |
| CVE-2010-3601 | SQL injection vulnerability in index.php in ibPhotohost 1.1.2 allows remote attackers to execute arb... | E | |
| CVE-2010-3602 | Cross-site scripting (XSS) vulnerability in ProfileView.aspx in mojoPortal 2.3.4.3 and 2.3.5.1 allow... | E S | |
| CVE-2010-3603 | Cross-site request forgery (CSRF) vulnerability in the file manager service (Services/FileService.as... | E S | |
| CVE-2010-3604 | SQL injection vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote att... | S | |
| CVE-2010-3605 | Cross-site scripting (XSS) vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allo... | S | |
| CVE-2010-3606 | Multiple directory traversal vulnerabilities in AGENTS/index.php in NetArt MEDIA Real Estate Portal ... | | |
| CVE-2010-3607 | Cross-site scripting (XSS) vulnerability in AGENTS/index.php in NetArt MEDIA Real Estate Portal 2.0 ... | | |
| CVE-2010-3608 | Multiple SQL injection vulnerabilities in wpQuiz 2.7 allow remote attackers to execute arbitrary SQL... | E | |
| CVE-2010-3609 | The extension parser in slp_v2message.c in OpenSLP 1.2.1, and other versions before SVN revision 164... | | |
| CVE-2010-3611 | ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers ... | S | |
| CVE-2010-3613 | named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does n... | | |
| CVE-2010-3614 | named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV... | | |
| CVE-2010-3615 | named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might a... | | |
| CVE-2010-3616 | ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote att... | | |
| CVE-2010-3618 | PGP Desktop 10.0.x before 10.0.3 SP2 and 10.1.0 before 10.1.0 SP1 does not properly implement the "D... | E | |
| CVE-2010-3619 | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attacke... | | |
| CVE-2010-3620 | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Window... | | |
| CVE-2010-3621 | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attacke... | S | |
| CVE-2010-3622 | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attacke... | S | |
| CVE-2010-3623 | Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allow attackers to execute ... | S | |
| CVE-2010-3624 | Unspecified vulnerability in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS ... | S | |
| CVE-2010-3625 | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attacke... | S | |
| CVE-2010-3626 | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Window... | S | |
| CVE-2010-3627 | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Window... | S | |
| CVE-2010-3628 | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attacke... | S | |
| CVE-2010-3629 | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Window... | S | |
| CVE-2010-3630 | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Window... | S | |
| CVE-2010-3631 | Array index error in Adobe Reader and Acrobat 8.x before 8.2.5 and 9.x before 9.4 on Mac OS X allows... | S | |
| CVE-2010-3632 | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attacke... | S | |
| CVE-2010-3633 | Memory leak in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, and 4.0.x befo... | S | |
| CVE-2010-3634 | Unspecified vulnerability in the edge process in Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, ... | S | |
| CVE-2010-3635 | Adobe Flash Media Server (FMS) 3.0.x before 3.0.7, 3.5.x before 3.5.5, and 4.0.x before 4.0.1 allows... | S | |
| CVE-2010-3636 | Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Sol... | S | |
| CVE-2010-3637 | An unspecified ActiveX control in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 (F... | S | |
| CVE-2010-3638 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Mac ... | S | |
| CVE-2010-3639 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3640 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3641 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3642 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3643 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3644 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3645 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3646 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3647 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3648 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3649 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3650 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3651 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3652 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Wind... | S | |
| CVE-2010-3653 | The Director module (dirapi.dll) in Adobe Shockwave Player before 11.5.9.615 allows remote attackers... | E | |
| CVE-2010-3654 | Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux, and Sol... | E | |
| CVE-2010-3655 | Stack-based buffer overflow in dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attacke... | S | |
| CVE-2010-3656 | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Window... | S | |
| CVE-2010-3657 | Unspecified vulnerability in Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Window... | S | |
| CVE-2010-3658 | Adobe Reader and Acrobat 9.x before 9.4, and 8.x before 8.2.5 on Windows and Mac OS X, allow attacke... | S | |
| CVE-2010-3659 | Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 CMS 4.1.x before 4.1.14, 4.2.x before 4... | | |
| CVE-2010-3660 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on th... | | |
| CVE-2010-3661 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Open Redi... | | |
| CVE-2010-3662 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows SQL Injec... | | |
| CVE-2010-3663 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains an inse... | | |
| CVE-2010-3664 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Informati... | | |
| CVE-2010-3665 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS on th... | | |
| CVE-2010-3666 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 contains insecur... | | |
| CVE-2010-3667 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Spam Abus... | | |
| CVE-2010-3668 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows Header In... | | |
| CVE-2010-3669 | TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows XSS and Open Redirection in th... | | |
| CVE-2010-3670 | TYPO3 before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness during generation of a hash w... | | |
| CVE-2010-3671 | TYPO3 before 4.1.14, 4.2.x before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 is open to a ses... | | |
| CVE-2010-3672 | TYPO3 before 4.3.4 and 4.4.x before 4.4.1 allows XSS in the textarea view helper in an extbase exten... | | |
| CVE-2010-3673 | TYPO3 before 4.2.13, 4.3.x before 4.3.4 and 4.4.x before 4.4.1 allows information disclosure in the ... | | |
| CVE-2010-3674 | TYPO3 before 4.4.1 allows XSS in the frontend search box.... | | |
| CVE-2010-3676 | storage/innobase/dict/dict0crea.c in mysqld in Oracle MySQL 5.1 before 5.1.49 allows remote authenti... | E | |
| CVE-2010-3677 | Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a de... | E | |
| CVE-2010-3678 | Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (crash... | E S | |
| CVE-2010-3679 | Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysql... | E S | |
| CVE-2010-3680 | Oracle MySQL 5.1 before 5.1.49 allows remote authenticated users to cause a denial of service (mysql... | E | |
| CVE-2010-3681 | Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 allows remote authenticated users to cause a den... | E S | |
| CVE-2010-3682 | Oracle MySQL 5.1 before 5.1.49 and 5.0 before 5.0.92 allows remote authenticated users to cause a de... | E S | |
| CVE-2010-3683 | Oracle MySQL 5.1 before 5.1.49 and 5.5 before 5.5.5 sends an OK packet when a LOAD DATA INFILE reque... | E S | |
| CVE-2010-3684 | The FTP authentication module in Synology Disk Station 2.x logs passwords to the web application int... | | |
| CVE-2010-3685 | The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, vi... | S | |
| CVE-2010-3686 | The OpenID module in Drupal 6.x before 6.18, and the OpenID module 5.x before 5.x-1.4 for Drupal, vi... | S | |
| CVE-2010-3687 | Unspecified vulnerability in the powermail extension 1.5.3 and earlier for TYPO3 allows remote attac... | S | |
| CVE-2010-3688 | Directory traversal vulnerability in ADMIN/login.php in NetArtMEDIA WebSiteAdmin allows remote emote... | | |
| CVE-2010-3689 | soffice in OpenOffice.org (OOo) 3.x before 3.3 places a zero-length directory name in the LD_LIBRARY... | | |
| CVE-2010-3690 | Multiple cross-site scripting (XSS) vulnerabilities in phpCAS before 1.1.3, when proxy mode is enabl... | | |
| CVE-2010-3691 | PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to ov... | | |
| CVE-2010-3692 | Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, whe... | | |
| CVE-2010-3693 | Cross-site scripting (XSS) vulnerability in Horde Dynamic IMP (DIMP) before 1.1.5, and Horde Groupwa... | E S | |
| CVE-2010-3694 | Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework before 3.3.9 allo... | S | |
| CVE-2010-3695 | Cross-site scripting (XSS) vulnerability in fetchmailprefs.php in Horde IMP before 4.3.8, and Horde ... | E S | |
| CVE-2010-3696 | The fr_dhcp_decode function in lib/dhcp.c in FreeRADIUS 2.1.9, in certain non-default builds, does n... | S | |
| CVE-2010-3697 | The wait_for_child_to_die function in main/event.c in FreeRADIUS 2.1.x before 2.1.10, in certain cir... | S | |
| CVE-2010-3698 | The KVM implementation in the Linux kernel before 2.6.36 does not properly reload the FS and GS segm... | | |
| CVE-2010-3699 | The backend driver in Xen 3.x allows guest OS users to cause a denial of service via a kernel thread... | S | |
| CVE-2010-3700 | VMware SpringSource Spring Security 2.x before 2.0.6 and 3.x before 3.0.4, and Acegi Security 1.0.0 ... | | |
| CVE-2010-3701 | lib/MessageStoreImpl.cpp in Red Hat Enterprise MRG before 1.2.2 allows remote authenticated users to... | S | |
| CVE-2010-3702 | The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other ... | S | |
| CVE-2010-3703 | The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in popp... | | |
| CVE-2010-3704 | The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler... | S | |
| CVE-2010-3705 | The sctp_auth_asoc_get_hmac function in net/sctp/auth.c in the Linux kernel before 2.6.36 does not p... | S | |
| CVE-2010-3706 | plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ... | | |
| CVE-2010-3707 | plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ... | | |
| CVE-2010-3708 | The serialization implementation in JBoss Drools in Red Hat JBoss Enterprise Application Platform (a... | | |
| CVE-2010-3709 | The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allow... | E S | |
| CVE-2010-3710 | Stack consumption vulnerability in the filter_var function in PHP 5.2.x through 5.2.14 and 5.3.x thr... | E | |
| CVE-2010-3711 | libpurple in Pidgin before 2.7.4 does not properly validate the return value of the purple_base64_de... | S | |
| CVE-2010-3712 | Cross-site scripting (XSS) vulnerability in Joomla! 1.5.x before 1.5.21 and 1.6.x before 1.6.1 allow... | | |
| CVE-2010-3713 | rss.php in UseBB before 1.0.11 does not properly handle forum configurations in which a user has the... | S | |
| CVE-2010-3714 | The jumpUrl (aka access tracking) implementation in tslib/class.tslib_fe.php in TYPO3 4.2.x before 4... | E S | |
| CVE-2010-3715 | Multiple cross-site scripting (XSS) vulnerabilities in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7... | | |
| CVE-2010-3716 | The be_user_creation task in TYPO3 4.2.x before 4.2.15 and 4.3.x before 4.3.7 allows remote authenti... | | |
| CVE-2010-3717 | The t3lib_div::validEmail function in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7, and 4.4.x befor... | | |
| CVE-2010-3718 | Apache Tomcat 7.0.0 through 7.0.3, 6.0.x, and 5.5.x, when running within a SecurityManager, does not... | | |
| CVE-2010-3719 | Eval injection vulnerability in IMAdminSchedTask.asp in the administrative interface for Symantec IM... | | |
| CVE-2010-3720 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3721 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3722 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3723 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3724 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3725 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3726 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3727 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3728 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3729 | The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers... | E S | |
| CVE-2010-3730 | Google Chrome before 6.0.472.62 does not properly use information about the origin of a document to ... | E | |
| CVE-2010-3731 | Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd... | | |
| CVE-2010-3732 | The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to caus... | | |
| CVE-2010-3733 | The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses world-writable permissions for th... | | |
| CVE-2010-3734 | The Install component in IBM DB2 UDB 9.5 before FP6a on Linux, UNIX, and Windows enforces an uninten... | | |
| CVE-2010-3735 | The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote auth... | | |
| CVE-2010-3736 | Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a, when the conne... | | |
| CVE-2010-3737 | Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote a... | | |
| CVE-2010-3738 | The Security component in IBM DB2 UDB 9.5 before FP6a logs AUDIT events by using a USERID and an AUT... | | |
| CVE-2010-3739 | The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audi... | S | |
| CVE-2010-3740 | The Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 UDB 9.5 before ... | | |
| CVE-2010-3741 | The offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software uses single-ite... | | |
| CVE-2010-3742 | Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.... | E | |
| CVE-2010-3743 | Directory traversal vulnerability in Visual Synapse HTTP Server 1.0 RC1 through RC3, and 0.60 and ea... | E | |
| CVE-2010-3747 | An ActiveX control in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, an... | | |
| CVE-2010-3748 | Stack-based buffer overflow in the RichFX component in RealNetworks RealPlayer 11.0 through 11.1, Re... | | |
| CVE-2010-3749 | The browser-plugin implementation in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0... | E | |
| CVE-2010-3750 | rjrmrpln.dll in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, and Real... | | |
| CVE-2010-3751 | Multiple heap-based buffer overflows in an ActiveX control in RealNetworks RealPlayer 11.0 through 1... | | |
| CVE-2010-3752 | programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 allows remote authenticated g... | S | |
| CVE-2010-3753 | programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote authenticated g... | S | |
| CVE-2010-3754 | The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the Server in IBM Tivoli Storage Mana... | | |
| CVE-2010-3755 | The _DAS_ReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (... | | |
| CVE-2010-3756 | The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Mana... | | |
| CVE-2010-3757 | Format string vulnerability in the _Eventlog function in FastBackServer.exe in the Server in IBM Tiv... | | |
| CVE-2010-3758 | Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Mana... | | |
| CVE-2010-3759 | FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through ... | | |
| CVE-2010-3760 | FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through ... | | |
| CVE-2010-3761 | Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6... | | |
| CVE-2010-3762 | ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad si... | | |
| CVE-2010-3763 | Cross-site scripting (XSS) vulnerability in core/summary_api.php in MantisBT before 1.2.3 allows rem... | | |
| CVE-2010-3764 | The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates g... | E S | |
| CVE-2010-3765 | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.... | E | |
| CVE-2010-3766 | Use-after-free vulnerability in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey... | | |
| CVE-2010-3767 | Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13... | | |
| CVE-2010-3768 | Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.... | S | |
| CVE-2010-3769 | The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbi... | | |
| CVE-2010-3770 | Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox befor... | S | |
| CVE-2010-3771 | Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properl... | | |
| CVE-2010-3772 | Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properl... | | |
| CVE-2010-3773 | Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttp... | | |
| CVE-2010-3774 | The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5... | S | |
| CVE-2010-3775 | Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properl... | | |
| CVE-2010-3776 | Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.... | | |
| CVE-2010-3777 | Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 ... | | |
| CVE-2010-3778 | Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and Sea... | | |
| CVE-2010-3779 | Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.beta2 grants the admin permission to the owner of e... | | |
| CVE-2010-3780 | Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master p... | | |
| CVE-2010-3781 | The PL/php add-on 1.4 and earlier for PostgreSQL does not properly protect script execution by a dif... | | |
| CVE-2010-3782 | obs-server before 1.7.7 allows logins by 'unconfirmed' accounts due to a bug in the REST api impleme... | | |
| CVE-2010-3783 | Password Server in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not properly perform replicat... | S | |
| CVE-2010-3784 | The PMPageFormatCreateWithDataRepresentation API in Printing in Apple Mac OS X 10.5.8 and 10.6.x bef... | S | |
| CVE-2010-3785 | Buffer overflow in QuickLook in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 allows remote attacke... | S | |
| CVE-2010-3786 | QuickLook in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code o... | S | |
| CVE-2010-3787 | Heap-based buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attacke... | S | |
| CVE-2010-3788 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during proc... | S | |
| CVE-2010-3789 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code o... | S | |
| CVE-2010-3790 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code o... | S | |
| CVE-2010-3791 | Buffer overflow in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execu... | S | |
| CVE-2010-3792 | Integer signedness error in QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers... | S | |
| CVE-2010-3793 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to execute arbitrary code o... | S | |
| CVE-2010-3794 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during proc... | S | |
| CVE-2010-3795 | QuickTime in Apple Mac OS X 10.6.x before 10.6.5 accesses uninitialized memory locations during proc... | S | |
| CVE-2010-3796 | Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not block Java applets in an RSS f... | S | |
| CVE-2010-3797 | Cross-site scripting (XSS) vulnerability in Wiki Server in Apple Mac OS X 10.5.8 and 10.6.x before 1... | S | |
| CVE-2010-3798 | Heap-based buffer overflow in xar in Apple Mac OS X 10.6.x before 10.6.5 allows remote attackers to ... | S | |
| CVE-2010-3799 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-3800 | Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of ... | S | |
| CVE-2010-3801 | Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code or cause a denial of ... | S | |
| CVE-2010-3802 | Integer signedness error in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrar... | S | |
| CVE-2010-3803 | Integer overflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, a... | | |
| CVE-2010-3804 | The JavaScript implementation in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 a... | S | |
| CVE-2010-3805 | Integer underflow in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, ... | S | |
| CVE-2010-3807 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-3808 | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on M... | S | |
| CVE-2010-3809 | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on M... | S | |
| CVE-2010-3810 | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on M... | S | |
| CVE-2010-3811 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 an... | S | |
| CVE-2010-3812 | Integer overflow in the Text::wholeText method in dom/Text.cpp in WebKit, as used in Apple Safari be... | S | |
| CVE-2010-3813 | The WebCore::HTMLLinkElement::process function in WebCore/html/HTMLLinkElement.cpp in WebKit, as use... | S | |
| CVE-2010-3814 | Heap-based buffer overflow in the Ins_SHZ function in ttinterp.c in FreeType 2.4.3 and earlier allow... | | |
| CVE-2010-3815 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-3816 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 an... | S | |
| CVE-2010-3817 | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on M... | S | |
| CVE-2010-3818 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 an... | S | |
| CVE-2010-3819 | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on M... | S | |
| CVE-2010-3820 | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on M... | S | |
| CVE-2010-3821 | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on M... | S | |
| CVE-2010-3822 | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on M... | S | |
| CVE-2010-3823 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 an... | S | |
| CVE-2010-3824 | Use-after-free vulnerability in WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 an... | S | |
| CVE-2010-3825 | Rejected reason: This candidate is unused by its CNA.... | R | |
| CVE-2010-3826 | WebKit in Apple Safari before 5.0.3 on Mac OS X 10.5 through 10.6 and Windows, and before 4.1.3 on M... | S | |
| CVE-2010-3827 | Apple iOS before 4.2 does not properly validate signatures before displaying a configuration profile... | S | |
| CVE-2010-3828 | iAd Content Display in Apple iOS before 4.2 allows man-in-the-middle attackers to make calls via a c... | S | |
| CVE-2010-3829 | WebKit in Apple iOS before 4.2 allows remote attackers to bypass the remote image loading setting in... | | |
| CVE-2010-3830 | Networking in Apple iOS before 4.2 accesses an invalid pointer during the processing of packet filte... | | |
| CVE-2010-3831 | Photos in Apple iOS before 4.2 enables support for HTTP Basic Authentication over an unencrypted con... | S | |
| CVE-2010-3832 | Heap-based buffer overflow in the GSM mobility management implementation in Telephony in Apple iOS b... | S | |
| CVE-2010-3833 | MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 does not properly propagate type er... | S | |
| CVE-2010-3834 | Unspecified vulnerability in MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows... | S | |
| CVE-2010-3835 | MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of ... | S | |
| CVE-2010-3836 | MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users t... | S | |
| CVE-2010-3837 | MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users t... | S | |
| CVE-2010-3838 | MySQL 5.0 before 5.0.92, 5.1 before 5.1.51, and 5.5 before 5.5.6 allows remote authenticated users t... | S | |
| CVE-2010-3839 | MySQL 5.1 before 5.1.51 and 5.5 before 5.5.6 allows remote authenticated users to cause a denial of ... | | |
| CVE-2010-3840 | The Gis_line_string::init_from_wkb function in sql/spatial.cc in MySQL 5.1 before 5.1.51 allows remo... | S | |
| CVE-2010-3841 | Multiple cross-site scripting (XSS) vulnerabilities in lib/TWiki.pm in TWiki before 5.0.1 allow remo... | E S | |
| CVE-2010-3842 | Absolute path traversal vulnerability in curl 7.20.0 through 7.21.1, when the --remote-header-name o... | S | |
| CVE-2010-3843 | The GTK version of ettercap uses a global settings file at /tmp/.ettercap_gtk and does not verify ow... | S | |
| CVE-2010-3844 | An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to ov... | | |
| CVE-2010-3845 | libapache-authenhook-perl 2.00-04 stores usernames and passwords in plaintext in the vhost error log... | S | |
| CVE-2010-3846 | Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gai... | S | |
| CVE-2010-3847 | elf/dl-load.c in ld.so in the GNU C Library (aka glibc or libc6) through 2.11.2, and 2.12.x through ... | E S | |
| CVE-2010-3848 | Stack-based buffer overflow in the econet_sendmsg function in net/econet/af_econet.c in the Linux ke... | S | |
| CVE-2010-3849 | The econet_sendmsg function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2, when an e... | S | |
| CVE-2010-3850 | The ec_dev_ioctl function in net/econet/af_econet.c in the Linux kernel before 2.6.36.2 does not req... | S | |
| CVE-2010-3851 | libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other ... | S | |
| CVE-2010-3852 | The default configuration of Luci 0.22.4 and earlier in Red Hat Conga uses "[INSERT SECRET HERE]" as... | | |
| CVE-2010-3853 | pam_namespace.c in the pam_namespace module in Linux-PAM (aka pam) before 1.1.3 uses the environment... | S | |
| CVE-2010-3854 | Multiple cross-site scripting (XSS) vulnerabilities in the web administration interface (aka Futon) ... | | |
| CVE-2010-3855 | Buffer overflow in the ft_var_readpackedpoints function in truetype/ttgxvar.c in FreeType 2.4.3 and ... | | |
| CVE-2010-3856 | ld.so in the GNU C Library (aka glibc or libc6) before 2.11.3, and 2.12.x before 2.12.2, does not pr... | E S | |
| CVE-2010-3857 | JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter.... | | |
| CVE-2010-3858 | The setup_arg_pages function in fs/exec.c in the Linux kernel before 2.6.36, when CONFIG_STACK_GROWS... | E S | |
| CVE-2010-3859 | Multiple integer signedness errors in the TIPC implementation in the Linux kernel before 2.6.36.2 al... | S | |
| CVE-2010-3860 | IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, decla... | S | |
| CVE-2010-3861 | The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not init... | S | |
| CVE-2010-3862 | The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run meth... | S | |
| CVE-2010-3863 | Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing the... | E | |
| CVE-2010-3864 | Multiple race conditions in ssl/t1_lib.c in OpenSSL 0.9.8f through 0.9.8o, 1.0.0, and 1.0.0a, when m... | S | |
| CVE-2010-3865 | Integer overflow in the rds_rdma_pages function in net/rds/rdma.c in the Linux kernel allows local u... | S | |
| CVE-2010-3866 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4207, CVE-2010-4208, CVE-20... | R | |
| CVE-2010-3867 | Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c al... | E | |
| CVE-2010-3868 | Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System do not require authenticat... | S | |
| CVE-2010-3869 | Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System allow remote authenticated... | S | |
| CVE-2010-3870 | The utf8_decode function in PHP before 5.3.4 does not properly handle non-shortest form UTF-8 encodi... | E S | |
| CVE-2010-3871 | Cross-site scripting (XSS) vulnerability in blocktype/groupviews/theme/raw/groupviews.tpl in Mahara ... | | |
| CVE-2010-3872 | Httpd: mod_fcgid: stack-based buffer overflow in fcgid_header_bucket_read() in modules/fcgid/fcgid_bucket.c | S | |
| CVE-2010-3873 | The X.25 implementation in the Linux kernel before 2.6.36.2 does not properly parse facilities, whic... | S | |
| CVE-2010-3874 | Heap-based buffer overflow in the bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) ... | S | |
| CVE-2010-3875 | The ax25_getname function in net/ax25/af_ax25.c in the Linux kernel before 2.6.37-rc2 does not initi... | S | |
| CVE-2010-3876 | net/packet/af_packet.c in the Linux kernel before 2.6.37-rc2 does not properly initialize certain st... | S | |
| CVE-2010-3877 | The get_name function in net/tipc/socket.c in the Linux kernel before 2.6.37-rc2 does not initialize... | S | |
| CVE-2010-3878 | Cross-site request forgery (CSRF) vulnerability in the JMX Console in Red Hat JBoss Enterprise Appli... | | |
| CVE-2010-3879 | FUSE, possibly 2.8.5 and earlier, allows local users to create mtab entries with arbitrary pathnames... | E S | |
| CVE-2010-3880 | net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecod... | S | |
| CVE-2010-3881 | arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members... | S | |
| CVE-2010-3882 | Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.7.1 and earlier allow remot... | | |
| CVE-2010-3883 | Cross-site request forgery (CSRF) vulnerability in the Change Group Permissions module in CMS Made S... | | |
| CVE-2010-3884 | Cross-site request forgery (CSRF) vulnerability in CMS Made Simple 1.8.1 and earlier allows remote a... | | |
| CVE-2010-3885 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3227. Reason: This candida... | R | |
| CVE-2010-3886 | The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer... | E | |
| CVE-2010-3887 | The Limit Mail feature in the Parental Controls functionality in Mail on Apple Mac OS X does not pro... | | |
| CVE-2010-3888 | Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privil... | | |
| CVE-2010-3889 | Unspecified vulnerability in Microsoft Windows on 32-bit platforms allows local users to gain privil... | | |
| CVE-2010-3890 | Cross-site scripting (XSS) vulnerability in IBM OmniFind Enterprise Edition before 9.1 allows remote... | E | |
| CVE-2010-3891 | Cross-site request forgery (CSRF) vulnerability in ESAdmin/security.do in the administrator interfac... | E | |
| CVE-2010-3892 | Session fixation vulnerability in the login form in the administrator interface in IBM OmniFind Ente... | | |
| CVE-2010-3893 | The administrator interface in IBM OmniFind Enterprise Edition 8.x and 9.x does not restrict use of ... | E | |
| CVE-2010-3894 | Stack-based buffer overflow in the Java_com_ibm_es_oss_CryptionNative_ESEncrypt function in /opt/IBM... | E | |
| CVE-2010-3895 | esRunCommand in IBM OmniFind Enterprise Edition before 9.1 allows local users to gain privileges by ... | E | |
| CVE-2010-3896 | The ESSearchApplication directory tree in IBM OmniFind Enterprise Edition 8.x and 9.x does not requi... | E | |
| CVE-2010-3897 | ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x and 9.x includes the administr... | | |
| CVE-2010-3898 | IBM OmniFind Enterprise Edition 8.x and 9.x does not properly restrict the cookie path of administra... | | |
| CVE-2010-3899 | IBM OmniFind Enterprise Edition 8.x and 9.x performs web crawls with an unlimited recursion depth, w... | E | |
| CVE-2010-3900 | Midori before 0.2.5, when WebKitGTK+ before 1.1.14 or LibSoup before 2.29.91 is used, does not verif... | | |
| CVE-2010-3901 | OpenConnect before 2.25 does not properly validate X.509 certificates, which allows man-in-the-middl... | | |
| CVE-2010-3902 | OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow re... | | |
| CVE-2010-3903 | Unspecified vulnerability in OpenConnect before 2.23 allows remote AnyConnect SSL VPN servers to cau... | | |
| CVE-2010-3904 | The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol im... | KEV E S | |
| CVE-2010-3905 | The password reset feature in the administrator interface for Eucalyptus 2.0.0 and 2.0.1 does not pe... | | |
| CVE-2010-3906 | Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to in... | E | |
| CVE-2010-3907 | Multiple integer overflows in real.c in the Real demuxer plugin in VideoLAN VLC Media Player before ... | S | |
| CVE-2010-3908 | FFmpeg before 0.5.4, as used in MPlayer and other products, allows remote attackers to cause a denia... | | |
| CVE-2010-3909 | Incomplete blacklist vulnerability in config.template.php in vtiger CRM before 5.2.1 allows remote a... | | |
| CVE-2010-3910 | Multiple directory traversal vulnerabilities in the return_application_language function in include/... | | |
| CVE-2010-3911 | Multiple cross-site scripting (XSS) vulnerabilities in vtiger CRM before 5.2.1 allow remote attacker... | | |
| CVE-2010-3912 | The supportconfig script in supportutils in SUSE Linux Enterprise 11 SP1 and 10 SP3 does not "disgui... | | |
| CVE-2010-3913 | CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows rem... | | |
| CVE-2010-3914 | Untrusted search path vulnerability in VIM Development Group GVim before 7.3.034, and possibly other... | S | |
| CVE-2010-3915 | Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to... | | |
| CVE-2010-3916 | Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to... | | |
| CVE-2010-3917 | Google Chrome before 3.0 does not properly handle XML documents, which allows remote attackers to ob... | | |
| CVE-2010-3918 | Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between web script and the clipboard,... | S | |
| CVE-2010-3919 | Fenrir Grani 4.5 and earlier does not prevent interaction between web script and the clipboard, whic... | | |
| CVE-2010-3920 | The Seiko Epson printer driver installers for LP-S9000 before 4.1.11 and LP-S7100 before 4.1.7, or a... | | |
| CVE-2010-3921 | Cross-site scripting (XSS) vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows ... | | |
| CVE-2010-3922 | SQL injection vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 allows remote attack... | | |
| CVE-2010-3923 | Untrusted search path vulnerability in AttacheCase before 2.70 allows local users to gain privileges... | S | |
| CVE-2010-3924 | SQL injection vulnerability in Aimluck Aipo before 5.1.0.1 allows remote authenticated users to exec... | | |
| CVE-2010-3925 | Contents-Mall before 15 does not properly handle passwords, which allows remote attackers to discove... | | |
| CVE-2010-3926 | Multiple cross-site scripting (XSS) vulnerabilities in Shop.cgi in SGX-SP Final before 11.00 and SGX... | | |
| CVE-2010-3927 | Untrusted search path vulnerability in Lunascape before 6.4.0 allows local users to gain privileges ... | | |
| CVE-2010-3928 | Ruby Version Manager (RVM) before 1.2.1 writes file contents to a terminal without sanitizing non-pr... | | |
| CVE-2010-3929 | SQL injection vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to execute a... | | |
| CVE-2010-3930 | Directory traversal vulnerability in MODx Evolution 1.0.4 and earlier allows remote attackers to rea... | | |
| CVE-2010-3931 | Cross-site scripting (XSS) vulnerability in multiple Rocomotion products, including P board 1.18 and... | | |
| CVE-2010-3932 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in... | R | |
| CVE-2010-3933 | Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes, which allows remote attack... | | |
| CVE-2010-3934 | The browser in Research In Motion (RIM) BlackBerry Device Software 5.0.0.593 Platform 5.1.0.147 on t... | E | |
| CVE-2010-3935 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3936 | Cross-site scripting (XSS) vulnerability in Signurl.asp in Microsoft Forefront Unified Access Gatewa... | | |
| CVE-2010-3937 | Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote authenticated users to cause a ... | S | |
| CVE-2010-3938 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3939 | Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Window... | | |
| CVE-2010-3940 | Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and S... | | |
| CVE-2010-3941 | Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and S... | | |
| CVE-2010-3942 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ... | | |
| CVE-2010-3943 | win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, ... | | |
| CVE-2010-3944 | win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and Windows 7 does not pro... | | |
| CVE-2010-3945 | Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Offic... | | |
| CVE-2010-3946 | Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Off... | | |
| CVE-2010-3947 | Heap-based buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office X... | | |
| CVE-2010-3948 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3949 | Buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3 and O... | | |
| CVE-2010-3950 | The TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, ... | | |
| CVE-2010-3951 | Buffer overflow in the FlashPix image converter in the graphics filters in Microsoft Office XP SP3 a... | | |
| CVE-2010-3952 | The FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter... | | |
| CVE-2010-3953 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3954 | Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote attackers to execute arbitrary code o... | | |
| CVE-2010-3955 | pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 does not properly perf... | | |
| CVE-2010-3956 | The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows... | | |
| CVE-2010-3957 | Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Win... | | |
| CVE-2010-3958 | The x86 JIT compiler in Microsoft .NET Framework 2.0 SP2, 3.5 SP1, 3.5.1, and 4.0 does not properly ... | | |
| CVE-2010-3959 | The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows... | | |
| CVE-2010-3960 | Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows guest OS users to cause a denial o... | | |
| CVE-2010-3961 | The Consent User Interface (UI) in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP... | | |
| CVE-2010-3962 | Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to e... | E S | |
| CVE-2010-3963 | Buffer overflow in the Routing and Remote Access NDProxy component in the kernel in Microsoft Window... | | |
| CVE-2010-3964 | Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Off... | | |
| CVE-2010-3965 | Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, ... | | |
| CVE-2010-3966 | Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCa... | | |
| CVE-2010-3967 | Untrusted search path vulnerability in Microsoft Windows Movie Maker (WMM) 2.6 allows local users to... | | |
| CVE-2010-3968 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3969 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w... | R | |
| CVE-2010-3970 | Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shel... | E | |
| CVE-2010-3971 | Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets... | E | |
| CVE-2010-3972 | Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Micros... | E | |
| CVE-2010-3973 | The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools... | E | |
| CVE-2010-3974 | fxscover.exe in the Fax Cover Page Editor in Microsoft Windows XP SP2 and SP3, Windows Server 2003 S... | | |
| CVE-2010-3975 | Untrusted search path vulnerability in Adobe Flash Player 9 allows local users, and possibly remote ... | E | |
| CVE-2010-3976 | Untrusted search path vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.... | E | |
| CVE-2010-3977 | Multiple cross-site scripting (XSS) vulnerabilities in wp-content/plugins/cforms/lib_ajax.php in cfo... | E | |
| CVE-2010-3978 | Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data using JavaScript Object Notation ... | E S | |
| CVE-2010-3979 | Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on w... | E | |
| CVE-2010-3980 | Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be re... | E | |
| CVE-2010-3981 | Cross-site scripting (XSS) vulnerability in SAP BusinessObjects Enterprise XI 3.2 allows remote atta... | E | |
| CVE-2010-3982 | SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to arbitrar... | E | |
| CVE-2010-3983 | CmcApp in SAP BusinessObjects Enterprise XI 3.2 allows remote authenticated users to gain privileges... | E | |
| CVE-2010-3984 | Buffer overflow in mng_core_com.dll in CA XOsoft Replication r12.0 SP1 and r12.5 SP2 rollup, CA XOso... | | |
| CVE-2010-3985 | Cross-site scripting (XSS) vulnerability in HP Operations Orchestration before 9.0, when Internet Ex... | | |
| CVE-2010-3986 | Unspecified vulnerability in HP Virtual Connect Enterprise Manager (VCEM) 6.0 and 6.1 allows remote ... | | |
| CVE-2010-3987 | Cross-site scripting (XSS) vulnerability in HP Insight Control Virtual Machine Management before 6.2... | | |
| CVE-2010-3988 | Unspecified vulnerability in HP Insight Control Virtual Machine Management before 6.2 allows remote ... | | |
| CVE-2010-3989 | Cross-site request forgery (CSRF) vulnerability in HP Insight Control Virtual Machine Management bef... | | |
| CVE-2010-3990 | Unspecified vulnerability in HP Virtual Server Environment before 6.2 allows remote attackers to rea... | | |
| CVE-2010-3991 | Cross-site scripting (XSS) vulnerability in HP Insight Control Server Migration before 6.2 allows re... | | |
| CVE-2010-3992 | Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote authentica... | | |
| CVE-2010-3993 | Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers ... | | |
| CVE-2010-3994 | Cross-site scripting (XSS) vulnerability in HP Version Control Repository Manager (VCRM) before 6.2 ... | | |
| CVE-2010-3996 | festival_server in Centre for Speech Technology Research (CSTR) Festival, probably 2.0.95-beta and e... | | |
| CVE-2010-3998 | The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length director... | E | |
| CVE-2010-3999 | gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PAT... | |