CVE-2010-4xxx

There are 970 CVE in this subgroup.

Last updated:

← Back to 2010

ID	Summary	Flags
CVE-2010-4000	gnome-shell in GNOME Shell 2.31.5 places a zero-length directory name in the LD_LIBRARY_PATH, which ...
CVE-2010-4001	GMXRC.bash in Gromacs 4.5.1 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, ...
CVE-2010-4005	The (1) tomboy and (2) tomboy-panel scripts in GNOME Tomboy 1.5.2 and earlier place a zero-length di...
CVE-2010-4006	Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before ...	E
CVE-2010-4007	Oracle Mojarra uses an encrypted View State without a Message Authentication Code (MAC), which makes...
CVE-2010-4008	libxml2 before 2.7.8, as used in Google Chrome before 7.0.517.44, Apple Safari 5.0.2 and earlier, an...	E S
CVE-2010-4009	Integer overflow in Apple QuickTime before 7.6.9 allows remote attackers to execute arbitrary code o...	S
CVE-2010-4010	Integer signedness error in Apple Type Services (ATS) in Apple Mac OS X 10.5.8 allows remote attacke...	S
CVE-2010-4011	Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows...
CVE-2010-4012	Race condition in Apple iOS 4.0 through 4.1 for iPhone 3G and later allows physically proximate atta...
CVE-2010-4013	Format string vulnerability in PackageKit in Apple Mac OS X 10.6.x before 10.6.6 allows man-in-the-m...	S
CVE-2010-4014	Rejected reason: This candidate is unused by its CNA....	R
CVE-2010-4015	Buffer overflow in the gettoken function in contrib/intarray/_int_bool.c in the intarray array modul...
CVE-2010-4016	Rejected reason: This candidate is unused by its CNA....	R
CVE-2010-4017	Rejected reason: This candidate is unused by its CNA....	R
CVE-2010-4020	MIT Kerberos 5 (aka krb5) 1.8.x through 1.8.3 does not reject RC4 key-derivation checksums, which mi...	S
CVE-2010-4021	The Key Distribution Center (KDC) in MIT Kerberos 5 (aka krb5) 1.7 does not properly restrict the us...
CVE-2010-4022	The do_standalone function in the MIT krb5 KDC database propagation daemon (kpropd) in Kerberos 1.7,...	S
CVE-2010-4023	Cross-site scripting (XSS) vulnerability in HP Insight Control Power Management before 6.2 allows re...
CVE-2010-4024	Cross-site request forgery (CSRF) vulnerability in HP Insight Control Power Management before 6.2 al...
CVE-2010-4025	Unspecified vulnerability in Doc Viewer in HP Palm webOS 1.4.1 allows remote attackers to execute ar...
CVE-2010-4026	Unspecified vulnerability in the service API in HP Palm webOS 1.4.1 allows local users to gain privi...
CVE-2010-4027	Unspecified vulnerability in the camera application in HP Palm webOS 1.4.1 allows local users to ove...
CVE-2010-4028	Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remot...
CVE-2010-4029	Unspecified vulnerability in HP Storage Essentials before 6.3.0, when LDAP authentication is enabled...
CVE-2010-4030	Cross-site scripting (XSS) vulnerability in HP Insight Control Performance Management before 6.2 all...
CVE-2010-4031	Unspecified vulnerability in HP Insight Control Performance Management before 6.2 allows remote auth...
CVE-2010-4032	Cross-site request forgery (CSRF) vulnerability in HP Insight Control Performance Management before ...
CVE-2010-4033	Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functional...
CVE-2010-4034	Google Chrome before 7.0.517.41 does not properly handle forms, which allows remote attackers to cau...
CVE-2010-4035	Google Chrome before 7.0.517.41 does not properly perform autofill operations for forms, which allow...
CVE-2010-4036	Google Chrome before 7.0.517.41 does not properly handle the unloading of a page, which allows remot...
CVE-2010-4037	Unspecified vulnerability in Google Chrome before 7.0.517.41 allows remote attackers to bypass the p...
CVE-2010-4038	The Web Sockets implementation in Google Chrome before 7.0.517.41 does not properly handle a shutdow...	E
CVE-2010-4039	Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which ...	S
CVE-2010-4040	Google Chrome before 7.0.517.41 does not properly handle animated GIF images, which allows remote at...	E
CVE-2010-4041	The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain w...	S
CVE-2010-4042	Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers...	E
CVE-2010-4043	Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet wh...
CVE-2010-4044	Opera before 10.63 does not ensure that the portion of a URL shown in the Address Bar contains the b...
CVE-2010-4045	Opera before 10.63 does not properly restrict web script in unspecified circumstances involving relo...
CVE-2010-4046	Opera before 10.63 does not properly verify the origin of video content, which allows remote attacke...
CVE-2010-4047	Opera before 10.63 does not properly select the security context of JavaScript code associated with ...
CVE-2010-4048	Opera before 10.63 allows user-assisted remote web servers to cause a denial of service (application...
CVE-2010-4049	Opera before 10.63 allows remote attackers to cause a denial of service (application crash) via a Fl...
CVE-2010-4050	Opera before 10.63 allows remote attackers to cause a denial of service (memory corruption) by refer...
CVE-2010-4051	The regcomp implementation in the GNU C Library (aka glibc or libc6) through 2.11.3, and 2.12.x thro...	E S
CVE-2010-4052	Stack consumption vulnerability in the regcomp implementation in the GNU C Library (aka glibc or lib...	E S
CVE-2010-4053	Stack-based buffer overflow in an unspecified logging function in oninit.exe in IBM Informix Dynamic...
CVE-2010-4054	The gs_type2_interpret function in Ghostscript allows remote attackers to cause a denial of service ...	S
CVE-2010-4055	Stack consumption vulnerability in solid.exe in IBM solidDB 6.5.0.3 and earlier allows remote attack...	E
CVE-2010-4056	solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain...	E
CVE-2010-4057	solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain...	E
CVE-2010-4068	Unspecified vulnerability in the Extension Manager in TYPO3 4.2.x before 4.2.15, 4.3.x before 4.3.7,...
CVE-2010-4069	Stack-based buffer overflow in IBM Informix Dynamic Server (IDS) 7.x through 7.31, 9.x through 9.40,...
CVE-2010-4070	Integer overflow in librpc.dll in portmap.exe (aka the ISM Portmapper service) in ISM before 2.20.TC...
CVE-2010-4071	Cross-site scripting (XSS) vulnerability in AgentTicketZoom in OTRS 2.4.x before 2.4.9, when RichTex...
CVE-2010-4072	The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initiali...	S
CVE-2010-4073	The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, whic...	E S
CVE-2010-4074	The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structu...	S
CVE-2010-4075	The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 do...	S
CVE-2010-4076	The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel 2.6.36.1 and earlier does not ...	S
CVE-2010-4077	The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlie...	E S
CVE-2010-4078	The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does ...	S
CVE-2010-4079	The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8...	S
CVE-2010-4080	The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 ...	S
CVE-2010-4081	The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc...	S
CVE-2010-4082	The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6....	S
CVE-2010-4083	The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a...	S
CVE-2010-4084	dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or...	S
CVE-2010-4085	dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or...	S
CVE-2010-4086	dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or...	S
CVE-2010-4087	IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or ...	S
CVE-2010-4088	dirapi.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or...	S
CVE-2010-4089	IML32.dll in Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or ...	S
CVE-2010-4090	Adobe Shockwave Player before 11.5.9.615 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2010-4091	The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x bef...	E S
CVE-2010-4092	Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player bef...
CVE-2010-4093	Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2010-4094	The Tomcat server in IBM Rational Quality Manager and Rational Test Lab Manager has a default passwo...
CVE-2010-4095	Directory traversal vulnerability in the FTP client in Serengeti Systems Incorporated Robo-FTP 3.7.3...
CVE-2010-4096	share/ma/keys_for_user in Monkeysphere 0.31 and 0.32 allows local users to execute arbitrary code vi...
CVE-2010-4097	Multiple cross-site scripting (XSS) vulnerabilities in index.php in Aardvark Topsites PHP 5.2.0 and ...
CVE-2010-4098	monotone before 0.48.1, when configured to allow remote commands, allows remote attackers to cause a...
CVE-2010-4099	ess.pm in NitroSecurity NitroView ESM 8.4.0a, when ESSPMDebug is enabled, allows remote attackers to...	E
CVE-2010-4100	Unspecified vulnerability in HP Insight Control Performance Management before 6.1 update 2 allows re...
CVE-2010-4101	Cross-site scripting (XSS) vulnerability in HP Insight Recovery before 6.2 allows remote attackers t...
CVE-2010-4102	Unspecified vulnerability in HP Insight Recovery before 6.2 allows remote attackers to read arbitrar...
CVE-2010-4103	Unspecified vulnerability in HP Insight Managed System Setup Wizard before 6.2 allows remote attacke...
CVE-2010-4104	Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to read arb...
CVE-2010-4105	Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to bypass i...
CVE-2010-4106	Cross-site request forgery (CSRF) vulnerability in HP Insight Control for Linux before 6.2 allows re...
CVE-2010-4107	The default configuration of the PJL Access value in the File System External Access settings on HP ...	E
CVE-2010-4108	HP HP-UX B.11.11, B.11.23, and B.11.31 does not properly support threaded processes, which allows re...
CVE-2010-4109	Cross-site scripting (XSS) vulnerability in the Contacts Application in HP Palm webOS before 2.0 all...
CVE-2010-4110	Unspecified vulnerability in HP OpenVMS 8.3, 8.3-1H1, and 8.4 on the Itanium platform on Integrity s...
CVE-2010-4111	Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 ...
CVE-2010-4112	HP Insight Management Agents before 8.6 allows remote attackers to obtain sensitive information via ...
CVE-2010-4113	Stack-based buffer overflow in HP Power Manager (HPPM) before 4.3.2 allows remote attackers to execu...
CVE-2010-4114	Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x,...
CVE-2010-4115	HP StorageWorks Modular Smart Array P2000 G3 firmware TS100R011, TS100R025, TS100P002, TS200R005, TS...
CVE-2010-4116	Unspecified vulnerability in HP StorageWorks Storage Mirroring 5.x before 5.2.2.1771.2 allows remote...
CVE-2010-4117	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4118	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4119	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4120	Multiple cross-site scripting (XSS) vulnerabilities in the TAM console in IBM Tivoli Access Manager ...	E
CVE-2010-4121	The TCP-to-ODBC gateway in IBM Tivoli Provisioning Manager for OS Deployment 7.1.1.3 does not requir...
CVE-2010-4122	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4123	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4124	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4125	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4126	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4127	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4128	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4129	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4130	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4131	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4132	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4133	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4134	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4135	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4136	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4137	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4138	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4139	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4140	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4141	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4142	Multiple stack-based buffer overflows in DATAC RealWin 2.0 Build 6.1.8.10 and earlier allow remote a...	E
CVE-2010-4143	SQL injection vulnerability in chart.php in phpCheckZ 1.1.0, when magic_quotes_gpc is disabled, allo...	E
CVE-2010-4144	SQL injection vulnerability in radyo.asp in Kisisel Radyo Script allows remote attackers to execute ...	E
CVE-2010-4145	Kisisel Radyo Script stores sensitive information under the web root with insufficient access contro...	E
CVE-2010-4146	Cross-site scripting (XSS) vulnerability in Attachmate Reflection for the Web 2008 R2 (builds 10.1.5...
CVE-2010-4147	Multiple SQL injection vulnerabilities in Pentasoft Avactis Shopping Cart 1.9.1 build 8356 free edit...	S
CVE-2010-4148	Directory traversal vulnerability in AnyConnect 1.2.3.0, and possibly earlier, allows remote FTP ser...	E
CVE-2010-4149	Directory traversal vulnerability in FreshWebMaster Fresh FTP 5.36, 5.37, and possibly earlier, allo...
CVE-2010-4150	Double free vulnerability in the imap_do_open function in the IMAP extension (ext/imap/php_imap.c) i...	S
CVE-2010-4151	SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc...	E S
CVE-2010-4152	SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, and possibly earlier, allows re...	E
CVE-2010-4153	Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP ser...
CVE-2010-4154	Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlie...
CVE-2010-4155	Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 allow remote attackers to injec...	E
CVE-2010-4156	The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependen...	E S
CVE-2010-4157	Integer overflow in the ioc_general function in drivers/scsi/gdth.c in the Linux kernel before 2.6.3...	E S
CVE-2010-4158	The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check w...	E S
CVE-2010-4159	Untrusted search path vulnerability in metadata/loader.c in Mono 2.8 and earlier allows local users ...	S
CVE-2010-4160	Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) ...	E S
CVE-2010-4161	The udp_queue_rcv_skb function in net/ipv4/udp.c in a certain Red Hat build of the Linux kernel 2.6....	E S
CVE-2010-4162	Multiple integer overflows in fs/bio.c in the Linux kernel before 2.6.36.2 allow local users to caus...
CVE-2010-4163	The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.36.2 allows local...	S
CVE-2010-4164	Multiple integer underflows in the x25_parse_facilities function in net/x25/x25_facilities.c in the ...	S
CVE-2010-4165	The do_tcp_setsockopt function in net/ipv4/tcp.c in the Linux kernel before 2.6.37-rc2 does not prop...	E S
CVE-2010-4166	Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to exec...	E
CVE-2010-4167	Untrusted search path vulnerability in configure.c in ImageMagick before 6.6.5-5, when MAGICKCORE_IN...
CVE-2010-4168	Multiple use-after-free vulnerabilities in OpenTTD 1.0.x before 1.0.5 allow (1) remote attackers to ...	S
CVE-2010-4169	Use-after-free vulnerability in mm/mprotect.c in the Linux kernel before 2.6.37-rc2 allows local use...	S
CVE-2010-4170	The staprun runtime tool in SystemTap 1.3 does not properly clear the environment before executing m...	E
CVE-2010-4171	The staprun runtime tool in SystemTap 1.3 does not verify that a module to unload was previously loa...
CVE-2010-4172	Multiple cross-site scripting (XSS) vulnerabilities in the Manager application in Apache Tomcat 6.0....	E S
CVE-2010-4173	The default configuration of libsdp.conf in libsdp 1.1.104 and earlier creates log files in /tmp, wh...	S
CVE-2010-4174	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3282. Reason: This candida...	R
CVE-2010-4175	Integer overflow in the rds_cmsg_rdma_args function (net/rds/rdma.c) in Linux kernel 2.6.35 allows l...	S
CVE-2010-4176	plymouth-pretrigger.sh in dracut and udev, when running on Fedora 13 and 14, sets weak permissions f...
CVE-2010-4177	mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the passwor...
CVE-2010-4178	MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql t...
CVE-2010-4179	The installation documentation for Red Hat Enterprise Messaging, Realtime and Grid (MRG) 1.3 recomme...
CVE-2010-4180	OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enab...	S
CVE-2010-4181	Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ....	E
CVE-2010-4182	Untrusted search path vulnerability in the Data Access Objects (DAO) library (dao360.dll) in Microso...
CVE-2010-4183	Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Exp...
CVE-2010-4184	NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing detai...
CVE-2010-4185	SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote atta...	E
CVE-2010-4186	SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Profes...	E
CVE-2010-4187	Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2010-4188	The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitr...	S
CVE-2010-4189	The IML32 module in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary c...	S
CVE-2010-4190	Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2010-4191	Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2010-4192	Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2010-4193	Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecified input data, which al...	S
CVE-2010-4194	The dirapi.dll module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspeci...	S
CVE-2010-4195	The TextXtra module in Adobe Shockwave Player before 11.5.9.620 does not properly validate unspecifi...	S
CVE-2010-4196	The Shockwave 3d Asset module in Adobe Shockwave Player before 11.5.9.620 does not properly validate...	S
CVE-2010-4197	Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before...	E S
CVE-2010-4198	WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, does...	S
CVE-2010-4199	Google Chrome before 7.0.517.44 does not properly perform a cast of an unspecified variable during p...	E
CVE-2010-4200	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4008. Reason: This candida...	R
CVE-2010-4201	Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a d...	E
CVE-2010-4202	Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to cau...	E
CVE-2010-4203	WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows...	E
CVE-2010-4204	WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, acce...	E S
CVE-2010-4205	Google Chrome before 7.0.517.44 does not properly handle the data types of event objects, which allo...	E
CVE-2010-4206	Array index error in the FEBlend::apply function in WebCore/platform/graphics/filters/FEBlend.cpp in...	E S
CVE-2010-4207	Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through ...	S
CVE-2010-4208	Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through ...	S
CVE-2010-4209	Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through ...	S
CVE-2010-4210	The pfs_getextattr function in FreeBSD 7.x before 7.3-RELEASE and 8.x before 8.0-RC1 unlocks a mutex...	E
CVE-2010-4211	The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name...
CVE-2010-4212	The USAA application 3.0 for Android stores a mirror image of each visited web page, which might all...
CVE-2010-4213	The Bank of America application 2.12 for Android stores a security question's answer in cleartext, w...
CVE-2010-4214	The Wells Fargo Mobile application 1.1 for Android stores a username and password, along with accoun...
CVE-2010-4215	UI/Manage.pm in Foswiki 1.1.0 and 1.1.1 allows remote authenticated users to gain privileges by modi...	S
CVE-2010-4216	IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 does not properly handle in...
CVE-2010-4217	Use-after-free vulnerability in the proxy server in IBM Tivoli Directory Server (TDS) 6.0.0.x before...
CVE-2010-4218	Unspecified vulnerability in Web Services in IBM ENOVIA 6 has unknown impact and attack vectors, rel...
CVE-2010-4219	Cross-site scripting (XSS) vulnerability in SemanticTagService.js in IBM WebSphere Portal 6.1.0.1 al...
CVE-2010-4220	Cross-site scripting (XSS) vulnerability in the Integrated Solution Console in the Administrative Co...
CVE-2010-4221	Multiple stack-based buffer overflows in the pr_netio_telnet_gets function in netio.c in ProFTPD bef...	E
CVE-2010-4225	Unspecified vulnerability in the mod_mono module for XSP in Mono 2.8.x before 2.8.2 allows remote at...
CVE-2010-4226	cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers ...
CVE-2010-4227	The xdrDecodeString function in XNFS.NLM in Novell Netware 6.5 before SP8 allows remote attackers to...	E S
CVE-2010-4228	Stack-based buffer overflow in NWFTPD.NLM before 5.10.02 in the FTP server in Novell NetWare allows ...	E
CVE-2010-4229	Directory traversal vulnerability in an unspecified servlet in the Inventory component in ZENworks A...
CVE-2010-4230	Stack-based buffer overflow in a certain ActiveX control for the Camtron CMNC-200 Full HD IP Camera ...	E
CVE-2010-4231	Directory traversal vulnerability in the web-based administration interface on the Camtron CMNC-200 ...	E
CVE-2010-4232	The web-based administration interface on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200...	E
CVE-2010-4233	The Linux installation on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Ca...	E
CVE-2010-4234	The web server on the Camtron CMNC-200 Full HD IP Camera and TecVoz CMNC-200 Megapixel IP Camera wit...	E
CVE-2010-4235	Format string vulnerability in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix...
CVE-2010-4236	Untrusted search path vulnerability in estaskwrapper in IBM OmniFind Enterprise Edition before 9.1 a...	E
CVE-2010-4237	Mercurial before 1.6.4 fails to verify the Common Name field of SSL certificates which allows remote...
CVE-2010-4238	The vbd_create function in Xen 3.1.2, when the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL...	E
CVE-2010-4239	Tiki Wiki CMS Groupware 5.2 has Local File Inclusion...	E
CVE-2010-4240	Tiki Wiki CMS Groupware 5.2 has XSS...	E
CVE-2010-4241	Tiki Wiki CMS Groupware 5.2 has CSRF...	E
CVE-2010-4242	The hci_uart_tty_open function in the HCI UART driver (drivers/bluetooth/hci_ldisc.c) in the Linux k...	E S
CVE-2010-4243	fs/exec.c in the Linux kernel before 2.6.37 does not enable the OOM Killer to assess use of stack me...	E S
CVE-2010-4244	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4234. Reason: This candidat...	R
CVE-2010-4245	pootle 2.0.5 has XSS via 'match_names' parameter...	E S
CVE-2010-4246	Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow...	E
CVE-2010-4247	The do_block_io_op function in (1) drivers/xen/blkback/blkback.c and (2) drivers/xen/blktap/blktap.c...	S
CVE-2010-4248	Race condition in the __exit_signal function in kernel/exit.c in the Linux kernel before 2.6.37-rc2 ...	S
CVE-2010-4249	The wait_for_unix_gc function in net/unix/garbage.c in the Linux kernel before 2.6.37-rc3-next-20101...	E S
CVE-2010-4250	Memory leak in the inotify_init1 function in fs/notify/inotify/inotify_user.c in the Linux kernel be...	S
CVE-2010-4251	The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly man...	S
CVE-2010-4252	OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in t...	E S
CVE-2010-4253	Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote a...
CVE-2010-4254	Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate a...	E S
CVE-2010-4255	The fixup_page_fault function in arch/x86/traps.c in Xen 4.0.1 and earlier on 64-bit platforms, when...	S
CVE-2010-4256	The pipe_fcntl function in fs/pipe.c in the Linux kernel before 2.6.37 does not properly determine w...	S
CVE-2010-4257	SQL injection vulnerability in the do_trackbacks function in wp-includes/comment.php in WordPress be...	S
CVE-2010-4258	The do_exit function in kernel/exit.c in the Linux kernel before 2.6.36.2 does not properly handle a...	S
CVE-2010-4259	Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of servi...	E S
CVE-2010-4260	Multiple unspecified vulnerabilities in pdf.c in libclamav in ClamAV before 0.96.5 allow remote atta...
CVE-2010-4261	Off-by-one error in the icon_cb function in pe_icons.c in libclamav in ClamAV before 0.96.5 allows r...
CVE-2010-4262	Stack-based buffer overflow in Xfig 3.2.4 and 3.2.5 allows remote attackers to cause a denial of ser...	E S
CVE-2010-4263	The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) s...	E S
CVE-2010-4264	It was found in vanilla forums before 2.0.10 a cross-site scripting vulnerability where a filename c...	S
CVE-2010-4265	The org.jboss.remoting.transport.bisocket.BisocketServerInvoker$SecondaryServerSocketThread.run meth...
CVE-2010-4266	It was found in vanilla forums before 2.0.10 a potential linkbait vulnerability in dispatcher....
CVE-2010-4267	Stack-based buffer overflow in the hpmud_get_pml function in io/hpmud/pml.c in Hewlett-Packard Linux...
CVE-2010-4268	SQL injection vulnerability in the Pulse Infotech Flip Wall (com_flipwall) component 1.1 for Joomla!...	E
CVE-2010-4269	SQL injection vulnerability in managechat.php in Collabtive 0.65 allows remote attackers to execute ...	E
CVE-2010-4270	Directory traversal vulnerability in the nBill (com_netinvoice) component before 2.0.9 standard edit...	S
CVE-2010-4271	SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows remote attackers to execute arbitr...
CVE-2010-4272	SQL injection vulnerability in the Pulse Infotech Sponsor Wall (com_sponsorwall) component 1.1 for J...	E
CVE-2010-4273	SQL injection vulnerability in imoveis.php in DescargarVista ACC IMoveis 1.1 allows remote attackers...	E
CVE-2010-4274	reset_diragent_keys in the Common agent in IBM Systems Director 6.2.0 has 754 permissions, which all...
CVE-2010-4275	Multiple cross-site scripting (XSS) vulnerabilities in Radius Manager 3.8.0 allow remote authenticat...	E
CVE-2010-4276	Cross-site scripting (XSS) vulnerability in the lz_tracking_set_sessid function in templates/jscript...	E
CVE-2010-4277	Cross-site scripting (XSS) vulnerability in lembedded-video.php in the Embedded Video plugin 4.1 for...
CVE-2010-4278	operation/agentes/networkmap.php in Pandora FMS before 3.1.1 allows remote authenticated users to ex...	E S
CVE-2010-4279	The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash...	E S
CVE-2010-4280	Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 allow remote authenticated users ...	E S
CVE-2010-4281	Incomplete blacklist vulnerability in the safe_url_extraclean function in ajax.php in Pandora FMS be...	E S
CVE-2010-4282	Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to i...	E S
CVE-2010-4283	PHP remote file inclusion vulnerability in extras/pandora_diag.php in Pandora FMS before 3.1.1 allow...	E S
CVE-2010-4284	SQL injection vulnerability in the authentication form in the integrated web server in the Data Mana...	S
CVE-2010-4285	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4286	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4287	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4288	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4289	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4290	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4291	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4292	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4293	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4294	The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 b...
CVE-2010-4295	Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build ...
CVE-2010-4296	vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x befor...
CVE-2010-4297	The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x ...
CVE-2010-4298	SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attacke...	E
CVE-2010-4299	Heap-based buffer overflow in ZfHIPCND.exe in Novell Zenworks 7 Handheld Management (ZHM) allows rem...	S
CVE-2010-4300	Heap-based buffer overflow in the dissect_ldss_transfer function (epan/dissectors/packet-ldss.c) in ...	E
CVE-2010-4301	epan/dissectors/packet-zbee-zcl.c in the ZigBee ZCL dissector in Wireshark 1.4.0 through 1.4.1 allow...	E S
CVE-2010-4302	/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5...
CVE-2010-4303	Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used,...
CVE-2010-4304	The web interface in Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 5230; Unifie...
CVE-2010-4305	Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3...
CVE-2010-4306	Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2010-4307	Buffer overflow in Adobe Shockwave Player before 11.5.9.620 allows attackers to execute arbitrary co...	S
CVE-2010-4308	Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2010-4309	Adobe Shockwave Player before 11.6.1.629 allows attackers to execute arbitrary code or cause a denia...	S
CVE-2010-4311	Free Simple Software 1.0 stores passwords in cleartext, which allows context-dependent attackers to ...
CVE-2010-4312	The default configuration of Apache Tomcat 6.x does not include the HTTPOnly flag in a Set-Cookie he...
CVE-2010-4313	Unrestricted file upload vulnerability in fileman_file_upload.php in Orbis CMS 1.0.2 allows remote a...	E
CVE-2010-4314	Remote attackers can use the iPrint web-browser ActiveX plugin in Novell iPrint Client before 5.42 f...
CVE-2010-4321	Stack-based buffer overflow in an ActiveX control in ienipp.ocx in Novell iPrint Client 5.52 allows ...	E
CVE-2010-4322	Cross-site scripting (XSS) vulnerability in gwtTeaming.rpc in Novell Vibe OnPrem 3 BETA allows remot...
CVE-2010-4323	Heap-based buffer overflow in novell-tftp.exe in Novell ZENworks Configuration Manager (ZCM) 10.3.1,...	E S
CVE-2010-4324	Cross-site scripting (XSS) vulnerability in the Approval Form in the User Application in the Roles B...
CVE-2010-4325	Buffer overflow in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8.02HP2 ...
CVE-2010-4326	Multiple buffer overflows in gwwww1.dll in GroupWise Internet Agent (GWIA) in Novell GroupWise befor...
CVE-2010-4327	Unspecified vulnerability in the NCP service in Novell eDirectory 8.8.5 before 8.8.5.6 and 8.8.6 bef...
CVE-2010-4328	Multiple stack-based buffer overflows in opt/novell/iprint/bin/ipsmd in Novell iPrint for Linux Open...
CVE-2010-4329	Cross-site scripting (XSS) vulnerability in the PMA_linkOrButton function in libraries/common.lib.ph...	S
CVE-2010-4330	Directory traversal vulnerability in includes/controller.php in Pulse CMS Basic before 1.2.9 allows ...	E
CVE-2010-4331	Multiple cross-site scripting (XSS) vulnerabilities in Seo Panel 2.2.0 allow remote attackers to inj...	E
CVE-2010-4332	Pointter PHP Content Management System 1.0 allows remote attackers to bypass authentication and obta...	E
CVE-2010-4333	Pointter PHP Micro-Blogging Social Network 1.8 allows remote attackers to bypass authentication and ...	E
CVE-2010-4334	The IO::Socket::SSL module 1.35 for Perl, when verify_mode is not VERIFY_NONE, fails open to VERIFY_...	S
CVE-2010-4335	The _validatePost function in libs/controller/components/security.php in CakePHP 1.3.x through 1.3.5...	E S
CVE-2010-4336	The cu_rrd_create_file function (src/utils_rrdcreate.c) in collectd 4.x before 4.9.4 and before 4.10...
CVE-2010-4337	The configure script in gnash 0.8.8 allows local users to overwrite arbitrary files via a symlink at...
CVE-2010-4338	ocrodjvu 0.4.6-1 on Debian GNU/Linux allows local users to modify arbitrary files via a symlink atta...
CVE-2010-4339	Cross-site scripting (XSS) vulnerability in Hypermail 2.2.0 allows remote attackers to inject arbitr...
CVE-2010-4340	libcloud before 0.4.1 does not verify SSL certificates for HTTPS connections, which allows remote at...
CVE-2010-4341	The pam_parse_in_data_v2 function in src/responder/pam/pamsrv_cmd.c in the PAM responder in SSSD 1.5...	S
CVE-2010-4342	The aun_incoming function in net/econet/af_econet.c in the Linux kernel before 2.6.37-rc6, when Econ...	E S
CVE-2010-4343	drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port dat...	S
CVE-2010-4344	Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows rem...	KEV E S
CVE-2010-4345	Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim us...	KEV S
CVE-2010-4346	The install_special_mapping function in mm/mmap.c in the Linux kernel before 2.6.37-rc6 does not mak...	S
CVE-2010-4347	The ACPI subsystem in the Linux kernel before 2.6.36.2 uses 0222 permissions for the debugfs custom_...	E S
CVE-2010-4348	Cross-site scripting (XSS) vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 al...	E S
CVE-2010-4349	admin/upgrade_unattended.php in MantisBT before 1.2.4 allows remote attackers to obtain sensitive in...	E S
CVE-2010-4350	Directory traversal vulnerability in admin/upgrade_unattended.php in MantisBT before 1.2.4 allows re...	E S
CVE-2010-4351	The JNLP SecurityManager in IcedTea (IcedTea.so) 1.7 before 1.7.7, 1.8 before 1.8.4, and 1.9 before ...	S
CVE-2010-4352	Stack consumption vulnerability in D-Bus (aka DBus) before 1.4.1 allows local users to cause a denia...	E S
CVE-2010-4353	Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before ...	S
CVE-2010-4354	The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series d...
CVE-2010-4355	Cross-site scripting (XSS) vulnerability in DaDaBIK before 4.3 beta2, when the insert or edit featur...
CVE-2010-4356	SQL injection vulnerability in news_default.asp in Site2Nite Big Truck Broker allows remote attacker...	E
CVE-2010-4357	SQL injection vulnerability in comments.php in SiteEngine 7.1 allows remote attackers to execute arb...	E
CVE-2010-4358	Multiple cross-site scripting (XSS) vulnerabilities in gb.cgi in MRCGIGUY (MCG) Guestbook 1.0 allow ...	E
CVE-2010-4359	SQL injection vulnerability in index.php in Jurpopage 0.2.0 allows remote attackers to execute arbit...	E
CVE-2010-4360	Multiple SQL injection vulnerabilities in index.php in Jurpopage 0.2.0 allow remote attackers to exe...
CVE-2010-4361	Cross-site scripting (XSS) vulnerability in url-gateway.php in Jurpopage 0.2.0 allows remote attacke...
CVE-2010-4362	Multiple SQL injection vulnerabilities in MicroNetsoft RV Dealer Website allow remote attackers to e...	E
CVE-2010-4363	Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY (MCG) FreeTicket 1.0.0, when magic...	E
CVE-2010-4364	DaDaBIK 4.3 beta3, when running in a case-sensitive environment, does not include the htmLawed libra...
CVE-2010-4365	SQL injection vulnerability in JE Ajax Event Calendar (com_jeajaxeventcalendar) component for Joomla...	E
CVE-2010-4366	Multiple cross-site scripting (XSS) vulnerabilities in forum_new_topic.php in Chameleon Social Netwo...	E
CVE-2010-4367	awstats.cgi in AWStats before 7.0 accepts a configdir parameter in the URL, which allows remote atta...	E
CVE-2010-4368	awstats.cgi in AWStats before 7.0 on Windows accepts a configdir parameter in the URL, which allows ...	E
CVE-2010-4369	Directory traversal vulnerability in AWStats before 7.0 allows remote attackers to have an unspecifi...
CVE-2010-4370	Multiple integer overflows in the in_midi plugin in Winamp before 5.6 allow remote attackers to exec...
CVE-2010-4371	Buffer overflow in the in_mod plugin in Winamp before 5.6 allows remote attackers to have an unspeci...
CVE-2010-4372	Integer overflow in the in_nsv plugin in Winamp before 5.6 allows remote attackers to have an unspec...
CVE-2010-4373	The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (applica...	S
CVE-2010-4374	The in_mkv plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (applica...	S
CVE-2010-4375	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, Mac RealPlayer 11.0 through...
CVE-2010-4376	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1...
CVE-2010-4377	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1...
CVE-2010-4378	The drv2.dll (aka RV20 decompression) module in RealNetworks RealPlayer 11.0 through 11.1, RealPlaye...
CVE-2010-4379	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1...
CVE-2010-4380	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1...
CVE-2010-4381	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1...
CVE-2010-4382	Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0...
CVE-2010-4383	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1...
CVE-2010-4384	Array index error in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer Enterprise 2.1.2, Mac Rea...
CVE-2010-4385	Integer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Real...
CVE-2010-4386	RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, Linux RealPlayer 11.0.2....
CVE-2010-4387	The RealAudio codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1.1.4, M...
CVE-2010-4388	The (1) Upsell.htm, (2) Main.html, and (3) Custsupport.html components in RealNetworks RealPlayer 11...
CVE-2010-4389	Heap-based buffer overflow in the cook codec in RealNetworks RealPlayer 11.0 through 11.1, RealPlaye...
CVE-2010-4390	Multiple heap-based buffer overflows in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0...
CVE-2010-4391	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1...
CVE-2010-4392	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1...
CVE-2010-4393	Heap-based buffer overflow in vidplin.dll in RealNetworks RealPlayer 11.0 through 11.1 and 14.0.x be...
CVE-2010-4394	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1 and RealPlayer SP 1.0 throug...
CVE-2010-4395	Heap-based buffer overflow in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer SP 1.0 through 1...
CVE-2010-4396	Cross-zone scripting vulnerability in the HandleAction method in a certain ActiveX control in RealNe...
CVE-2010-4397	Integer overflow in the pnen3260.dll module in RealNetworks RealPlayer 11.0 through 11.1, RealPlayer...
CVE-2010-4398	Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Window...	KEV E S
CVE-2010-4399	Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quot...	E S
CVE-2010-4400	SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arb...	E S
CVE-2010-4401	languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via a d...	E S
CVE-2010-4402	Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Register Plus plugin 3.5....	E
CVE-2010-4403	The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive...	E
CVE-2010-4404	SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! ...
CVE-2010-4405	Cross-site scripting (XSS) vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777...
CVE-2010-4406	Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quo...	E
CVE-2010-4407	Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlGuest 1.1c-patched allow remot...	E S
CVE-2010-4408	Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does n...
CVE-2010-4409	Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and...	E S
CVE-2010-4410	CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in C...	S
CVE-2010-4411	Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTT...
CVE-2010-4412	Multiple cross-site scripting (XSS) vulnerabilities in pfSense 2 beta 4 allow remote attackers to in...
CVE-2010-4413	Unspecified vulnerability in the Scheduler Agent component in Oracle Database Server 11.1.0.7 and 11...
CVE-2010-4414	Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, ...
CVE-2010-4415	Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentialit...
CVE-2010-4416	Unspecified vulnerability in the Oracle GoldenGate Veridata component in Oracle Fusion Middleware 3....
CVE-2010-4417	Unspecified vulnerability in the Services for Beehive component in Oracle Fusion Middleware 2.0.1.0,...	E
CVE-2010-4418	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft an...
CVE-2010-4419	Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwa...
CVE-2010-4420	Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0...
CVE-2010-4421	Unspecified vulnerability in the Database Vault component in Oracle Database Server 10.2.0.3, 10.2.0...
CVE-2010-4422	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...
CVE-2010-4423	Unspecified vulnerability in the Cluster Verify Utility component in Oracle Database Server 10.2.0.4...
CVE-2010-4424	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft an...
CVE-2010-4425	Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.3....
CVE-2010-4426	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft an...
CVE-2010-4427	Unspecified vulnerability in the Oracle BI Publisher component in Oracle Fusion Middleware 10.1.3.4....
CVE-2010-4428	Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdw...
CVE-2010-4429	Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 ...
CVE-2010-4430	Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdw...
CVE-2010-4431	Unspecified vulnerability in Oracle Sun Java System Portal Server 7.1 and 7.2 allows local users to ...
CVE-2010-4432	Unspecified vulnerability in the Oracle Transportation Manager component in Oracle Supply Chain Prod...
CVE-2010-4433	Unspecified vulnerability in Oracle Solaris 10 allows remote attackers to affect confidentiality via...
CVE-2010-4434	Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft an...
CVE-2010-4435	Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows remote attackers to affect confident...	E
CVE-2010-4436	Unspecified vulnerability in Oracle Sun Management Center (SunMC) 4.0 allows remote attackers to aff...
CVE-2010-4437	Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9...
CVE-2010-4438	Unspecified vulnerability in Oracle GlassFish 2.1, 2.1.1, and 3.0.1, and Java System Message Queue 4...
CVE-2010-4439	Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdw...
CVE-2010-4440	Unspecified vulnerability in Oracle 10 and 11 Express allows local users to affect availability via ...
CVE-2010-4441	Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdw...
CVE-2010-4442	Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availabil...
CVE-2010-4443	Unspecified vulnerability in Oracle Solaris 10 and 11 Express allows local users to affect availabil...
CVE-2010-4444	Unspecified vulnerability in Oracle Sun Java System Access Manager and Oracle OpenSSO 7, 7.1, and 8 ...
CVE-2010-4445	Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdw...
CVE-2010-4446	Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via...
CVE-2010-4447	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...
CVE-2010-4448	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4449	Unspecified vulnerability in the Audit Vault component in Oracle Audit Vault 10.2.3.2 allows remote ...
CVE-2010-4450	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4451	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4452	Unspecified vulnerability in the Deployment component in Java Runtime Environment (JRE) in Oracle Ja...	S
CVE-2010-4453	Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 7.0.7,...
CVE-2010-4454	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4455	Unspecified vulnerability in the Oracle HTTP Server component in Oracle Fusion Middleware 11.1.1.2 a...
CVE-2010-4456	Unspecified vulnerability in Oracle Sun Java System Communications Express 6.2 and 6.3 allows remote...
CVE-2010-4457	Unspecified vulnerability in Oracle Solaris 11 Express allows remote attackers to affect availabilit...
CVE-2010-4458	Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability, re...
CVE-2010-4459	Unspecified vulnerability in Oracle Solaris 11 Express allows local users to affect availability via...
CVE-2010-4460	Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and inte...
CVE-2010-4461	Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft and JDEdw...
CVE-2010-4462	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4463	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4464	Unspecified vulnerability in Oracle Sun Convergence 1.0 allows remote attackers to affect confidenti...
CVE-2010-4465	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4466	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4467	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4468	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4469	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4470	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4471	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4472	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4473	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4474	Unspecified vulnerability in the Java DB component in Oracle Java SE and Java for Business 6 Update ...	S
CVE-2010-4475	Unspecified vulnerability in the Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4476	The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Busin...	S
CVE-2010-4477	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual w...	R
CVE-2010-4478	OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in...	E S
CVE-2010-4479	Unspecified vulnerability in pdf.c in libclamav in ClamAV before 0.96.5 allows remote attackers to c...
CVE-2010-4480	error.php in PhpMyAdmin 3.3.8.1, and other versions before 3.4.0-beta1, allows remote attackers to c...	E
CVE-2010-4481	phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive ...	S
CVE-2010-4482	Unspecified vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to bypass the ...
CVE-2010-4483	Google Chrome before 8.0.552.215 does not properly restrict read access to videos derived from CANVA...
CVE-2010-4484	Google Chrome before 8.0.552.215 does not properly handle HTML5 databases, which allows attackers to...
CVE-2010-4485	Google Chrome before 8.0.552.215 does not properly restrict the generation of file dialogs, which al...
CVE-2010-4486	Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a ...
CVE-2010-4487	Incomplete blacklist vulnerability in Google Chrome before 8.0.552.215 on Linux and Mac OS X allows ...	S
CVE-2010-4488	Google Chrome before 8.0.552.215 does not properly handle HTTP proxy authentication, which allows re...
CVE-2010-4489	libvpx, as used in Google Chrome before 8.0.552.215 and possibly other products, allows remote attac...
CVE-2010-4490	Google Chrome before 8.0.552.215 allows remote attackers to cause a denial of service (application c...
CVE-2010-4491	Google Chrome before 8.0.552.215 does not properly restrict privileged extensions, which allows remo...
CVE-2010-4492	Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a ...	E
CVE-2010-4493	Use-after-free vulnerability in Google Chrome before 8.0.552.215 allows remote attackers to cause a ...	E
CVE-2010-4494	Double free vulnerability in libxml2 2.7.8 and other versions, as used in Google Chrome before 8.0.5...	E S
CVE-2010-4495	Unspecified vulnerability in the ActiveMatrix Runtime component in TIBCO ActiveMatrix Service Grid 3...
CVE-2010-4496	Multiple SQL injection vulnerabilities in Collaborative Information Manager server, as used in TIBCO...
CVE-2010-4497	Cross-site scripting (XSS) vulnerability in Collaborative Information Manager server, as used in TIB...
CVE-2010-4498	Unspecified vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborativ...
CVE-2010-4499	Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collabo...
CVE-2010-4500	Multiple SQL injection vulnerabilities in contact.php in MRCGIGUY (MCG) FreeTicket 1.0.0, when magic...
CVE-2010-4501	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4334. Reason: This candida...	R
CVE-2010-4502	Integer overflow in KmxSbx.sys 6.2.0.22 in CA Internet Security Suite Plus 2010 allows local users t...	E
CVE-2010-4503	SQL injection vulnerability in indexlight.php in Aigaion 1.3.4 allows remote attackers to execute ar...	E
CVE-2010-4504	Multiple cross-site scripting (XSS) vulnerabilities in eSyndiCat Directory 2.3 allow remote attacker...	E
CVE-2010-4505	Multiple SQL injection vulnerabilities in login.php in Injader 2.4.4, when magic_quotes_gpc is disab...	E
CVE-2010-4506	Passlogix v-GO Self-Service Password Reset (SSPR) and OEM before 7.0A allows physically proximate at...
CVE-2010-4507	Multiple cross-site request forgery (CSRF) vulnerabilities on the iSpot 2.0.0.0 R1679, and the Clear...	E
CVE-2010-4508	The WebSockets implementation in Mozilla Firefox 4 through 4.0 Beta 7 does not properly perform prox...
CVE-2010-4509	Multiple unspecified vulnerabilities in Movable Type 4.x before 4.35 and 5.x before 5.04 have unknow...
CVE-2010-4510	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4150. Reason: This candidat...	R
CVE-2010-4511	Unspecified vulnerability in Movable Type 4.x before 4.35 and 5.x before 5.04 has unknown impact and...
CVE-2010-4512	Cobbler before 2.0.4 uses an incorrect umask value, which allows local users to have an unspecified ...	S
CVE-2010-4513	Multiple cross-site scripting (XSS) vulnerabilities in Zimplit CMS 3.0, and possibly earlier, allow ...	E
CVE-2010-4514	Cross-site scripting (XSS) vulnerability in Install/InstallWizard.aspx in DotNetNuke 5.05.01 and 5.0...	E
CVE-2010-4515	Cross-site scripting (XSS) vulnerability in Citrix Web Interface 5.0, 5.1, and 5.3 allows remote att...
CVE-2010-4516	Multiple cross-site scripting (XSS) vulnerabilities in the JXtended Comments component before 1.3.1 ...
CVE-2010-4517	SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component 1.0 for Joomla!, when ...	E
CVE-2010-4518	Cross-site scripting (XSS) vulnerability in wp-safe-search/wp-safe-search-jx.php in the Safe Search ...	E
CVE-2010-4519	Multiple cross-site request forgery (CSRF) vulnerabilities in the Views UI implementation in the Vie...	S
CVE-2010-4520	Multiple cross-site scripting (XSS) vulnerabilities in the Views module 6.x before 6.x-2.11 for Drup...	S
CVE-2010-4521	Cross-site scripting (XSS) vulnerability in the Views module 6.x before 6.x-2.12 for Drupal allows r...	S
CVE-2010-4522	Multiple cross-site scripting (XSS) vulnerabilities in MyBB (aka MyBulletinBoard) 1.4.14, and 1.6.x ...	S
CVE-2010-4523	Multiple stack-based buffer overflows in libopensc in OpenSC 0.11.13 and earlier allow physically pr...	E S
CVE-2010-4524	Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl in MHonArc 2.6.16 allows remote attacke...	E S
CVE-2010-4525	Linux kernel 2.6.33 and 2.6.34.y does not initialize the kvm_vcpu_events->interrupt.pad structure me...
CVE-2010-4526	Race condition in the sctp_icmp_proto_unreachable function in net/sctp/input.c in Linux kernel 2.6.1...	S
CVE-2010-4527	The load_mixer_volumes function in sound/oss/soundcard.c in the OSS sound subsystem in the Linux ker...	E S
CVE-2010-4528	directconn.c in the MSN protocol plugin in libpurple 2.7.6 through 2.7.8 in Pidgin before 2.7.9 allo...	S
CVE-2010-4529	Integer underflow in the irda_getsockopt function in net/irda/af_irda.c in the Linux kernel before 2...	S
CVE-2010-4530	Signedness error in ccid_serial.c in libccid in the USB Chip/Smart Card Interface Devices (CCID) dri...	S
CVE-2010-4531	Stack-based buffer overflow in the ATRDecodeAtr function in the Answer-to-Reset (ATR) Handler (atrha...	S
CVE-2010-4532	offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" optio...	S
CVE-2010-4533	offlineimap before 6.3.4 added support for SSL server certificate validation but it is still possibl...	S
CVE-2010-4534	The administrative interface in django.contrib.admin in Django before 1.1.3, 1.2.x before 1.2.4, and...	E S
CVE-2010-4535	The password reset functionality in django.contrib.auth in Django before 1.1.3, 1.2.x before 1.2.4, ...	S
CVE-2010-4536	Multiple cross-site scripting (XSS) vulnerabilities in KSES, as used in WordPress before 3.0.4, allo...	S
CVE-2010-4537	Unspecified vulnerability in CrawlTrack before 3.2.7, when a public stats page is provided, allows r...
CVE-2010-4538	Buffer overflow in the sect_enttec_dmx_da function in epan/dissectors/packet-enttec.c in Wireshark 1...	E S
CVE-2010-4539	The walk function in repos.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in...	E S
CVE-2010-4540	Stack-based buffer overflow in the load_preset_response function in plug-ins/lighting/lighting-ui.c ...	E
CVE-2010-4541	Stack-based buffer overflow in the loadit function in plug-ins/common/sphere-designer.c in the SPHER...
CVE-2010-4542	Stack-based buffer overflow in the gfig_read_parameter_gimp_rgb function in plug-ins/gfig/gfig-style...	E
CVE-2010-4543	Heap-based buffer overflow in the read_channel_data function in file-psp.c in the Paint Shop Pro (PS...	E
CVE-2010-4544	Cross-site scripting (XSS) vulnerability in the servlet in IBM Lotus Notes Traveler before 8.5.1.3 a...
CVE-2010-4545	IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of servi...
CVE-2010-4546	IBM Lotus Notes Traveler before 8.5.1.2 does not reject an attachment download request for an e-mail...
CVE-2010-4547	IBM Lotus Notes Traveler before 8.5.1.3, when a multidomain environment is used, does not properly a...
CVE-2010-4548	IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of servi...
CVE-2010-4549	IBM Lotus Notes Traveler before 8.5.1.3 on the Nokia s60 device successfully performs a Replace Data...
CVE-2010-4550	IBM Lotus Notes Traveler before 8.5.1.3 allows remote attackers to cause a denial of service (sync f...
CVE-2010-4551	IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of servi...
CVE-2010-4552	Memory leak in IBM Lotus Notes Traveler before 8.5.1.1 allows remote attackers to cause a denial of ...
CVE-2010-4553	An unspecified Domino API in IBM Lotus Notes Traveler before 8.5.1.1 does not properly handle MIME t...
CVE-2010-4554	functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering inside ...	S
CVE-2010-4555	Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote ...	S
CVE-2010-4556	Stack-based buffer overflow in the SapThemeRepository ActiveX control (sapwdpcd.dll) in SAP NetWeave...
CVE-2010-4557	Buffer overflow in the lm_tcp service in Invensys Wonderware InBatch 8.1 and 9.0, as used in Invensy...	E
CVE-2010-4558	phpMyFAQ 2.6.11 and 2.6.12, as distributed between December 4th and December 15th 2010, contains an ...	S
CVE-2010-4559	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4670, CVE-2010-4671. Reason:...	R
CVE-2010-4560	Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4669. Reason: This candidate...	R
CVE-2010-4562	Microsoft Windows 2008, 7, Vista, 2003, 2000, and XP, when using IPv6, allows remote attackers to de...
CVE-2010-4563	The Linux kernel, when using IPv6, allows remote attackers to determine whether a host is sniffing t...
CVE-2010-4565	The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network...	E S
CVE-2010-4566	The web authentication form in the NT4 authentication component in Citrix Access Gateway Enterprise ...	E
CVE-2010-4567	Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x before 3.6.4, and 4.0.x before 4.0rc2 does not pr...	S
CVE-2010-4568	Bugzilla 2.14 through 2.22.7; 3.0.x, 3.1.x, and 3.2.x before 3.2.10; 3.4.x before 3.4.10; 3.6.x befo...
CVE-2010-4569	Cross-site scripting (XSS) vulnerability in Bugzilla 3.7.1, 3.7.2, 3.7.3, and 4.0rc1 allows remote a...	S
CVE-2010-4570	Cross-site scripting (XSS) vulnerability in the duplicate-detection functionality in Bugzilla 3.7.1,...	S
CVE-2010-4572	CRLF injection vulnerability in chart.cgi in Bugzilla before 3.2.10, 3.4.x before 3.4.10, 3.6.x befo...	S
CVE-2010-4573	The Update Installer in VMware ESXi 4.1, when a modified sfcb.cfg is present, does not properly conf...
CVE-2010-4574	The Pickle::Pickle function in base/pickle.cc in Google Chrome before 8.0.552.224 and Chrome OS befo...	S
CVE-2010-4575	The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_de...	E S
CVE-2010-4576	browser/worker_host/message_port_dispatcher.cc in Google Chrome before 8.0.552.224 and Chrome OS bef...	E S
CVE-2010-4577	The CSSParser::parseFontFaceSrc function in WebCore/css/CSSParser.cpp in WebKit, as used in Google C...	E S
CVE-2010-4578	Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 do not properly perform cursor han...
CVE-2010-4579	Opera before 11.00 does not properly constrain dialogs to appear on top of rendered documents, which...
CVE-2010-4580	Opera before 11.00 does not clear WAP WML form fields after manual navigation to a new web site, whi...
CVE-2010-4581	Unspecified vulnerability in Opera before 11.00 has unknown impact and attack vectors, related to "a...
CVE-2010-4582	Opera before 11.00 does not properly handle security policies during updates to extensions, which mi...
CVE-2010-4583	Opera before 11.00, when Opera Turbo is enabled, does not display a page's security indication, whic...
CVE-2010-4584	Opera before 11.00, when Opera Turbo is used, does not properly present information about problemati...
CVE-2010-4585	Unspecified vulnerability in the auto-update functionality in Opera before 11.00 allows remote attac...
CVE-2010-4586	The default configuration of Opera before 11.00 enables WebSockets functionality, which has unspecif...
CVE-2010-4587	Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning me...
CVE-2010-4588	The WBEMSingleView.ocx ActiveX control 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and ear...	E
CVE-2010-4589	Cross-site scripting (XSS) vulnerability in IBM ENOVIA 6 allows remote attackers to inject arbitrary...
CVE-2010-4590	Cross-site scripting (XSS) vulnerability in HTTP Access Services (HTTP-AS) in the Connection Manager...
CVE-2010-4591	The Connection Manager in IBM Lotus Mobile Connect (LMC) before 6.1.4, when HTTP Access Services (HT...
CVE-2010-4592	The Mobile Network Connections functionality in the Connection Manager in IBM Lotus Mobile Connect b...
CVE-2010-4593	The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 does not properly maintain a certain...
CVE-2010-4594	The Connection Manager in IBM Lotus Mobile Connect before 6.1.4, when HTTP Access Services (HTTP-AS)...
CVE-2010-4595	The Connection Manager in IBM Lotus Mobile Connect before 6.1.4 disables the http.device.stanza blac...
CVE-2010-4596	Stack-based buffer overflow in RealNetworks Helix Server 12.x, 13.x, and 14.x before 14.2, and Helix...
CVE-2010-4597	Stack-based buffer overflow in the save method in the IntegraXor.Project ActiveX control in igcomm.d...	E S
CVE-2010-4598	Directory traversal vulnerability in Ecava IntegraXor 3.6.4000.0 and earlier allows remote attackers...	E
CVE-2010-4599	Untrusted search path vulnerability in Ecava IntegraXor 3.6.4000.0 allows local users to gain privil...
CVE-2010-4600	Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2....
CVE-2010-4601	Multiple unspecified vulnerabilities in IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x befor...
CVE-2010-4602	The Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1 allows r...	E
CVE-2010-4603	IBM Rational ClearQuest 7.0.x before 7.0.1.11, 7.1.1.x before 7.1.1.4, and 7.1.2.x before 7.1.2.1 do...
CVE-2010-4604	Stack-based buffer overflow in the GeneratePassword function in dsmtca (aka the Trusted Communicatio...	E
CVE-2010-4605	Unspecified vulnerability in the backup-archive client in IBM Tivoli Storage Manager (TSM) 5.3.x bef...
CVE-2010-4606	Unspecified vulnerability in the Space Management client in the Hierarchical Storage Management (HSM...
CVE-2010-4607	Multiple cross-site scripting (XSS) vulnerabilities in Habari 0.6.5, when register_globals is enable...	E
CVE-2010-4608	Habari 0.6.5 allows remote attackers to obtain sensitive information via a direct request to (1) hea...	E
CVE-2010-4609	SQL injection vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers to execute a...	E
CVE-2010-4610	Cross-site scripting (XSS) vulnerability in index.php in Html-edit CMS 3.1.8 allows remote attackers...	E
CVE-2010-4611	Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive information via a direct request to ...	E
CVE-2010-4612	Multiple SQL injection vulnerabilities in index.php in Hycus CMS 1.0.3, when magic_quotes_gpc is dis...	E
CVE-2010-4613	Multiple directory traversal vulnerabilities in Hycus CMS 1.0.3 allow remote attackers to include an...	E
CVE-2010-4614	SQL injection vulnerability in item.php in Ero Auktion 2010 allows remote attackers to execute arbit...	E
CVE-2010-4615	Multiple SQL injection vulnerabilities in Oto Galeri Sistemi 1.0 allow remote attackers to execute a...	E
CVE-2010-4616	Cross-site scripting (XSS) vulnerability in modules/content/admin/content.php in ImpressCMS 1.2.3 Fi...	E S
CVE-2010-4617	Directory traversal vulnerability in the JotLoader (com_jotloader) component 2.2.1 for Joomla! allow...	E
CVE-2010-4618	Cross-site scripting (XSS) vulnerability in the Algis Info aiContactSafe component before 2.0.14 for...
CVE-2010-4619	SQL injection vulnerability in profil.php in Mafya Oyun Scrpti (aka Mafia Game Script) allows remote...	E
CVE-2010-4622	Directory traversal vulnerability in WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 befor...	E
CVE-2010-4623	WebSEAL in IBM Tivoli Access Manager for e-business 6.1.1 before 6.1.1-TIV-AWS-FP0001 allows remote ...
CVE-2010-4624	MyBB (aka MyBulletinBoard) before 1.4.12 allows remote authenticated users to bypass intended restri...	S
CVE-2010-4625	MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible for...	S
CVE-2010-4626	The my_rand function in functions.php in MyBB (aka MyBulletinBoard) before 1.4.12 does not properly ...
CVE-2010-4627	Cross-site request forgery (CSRF) vulnerability in usercp2.php in MyBB (aka MyBulletinBoard) before ...	S
CVE-2010-4628	member.php in MyBB (aka MyBulletinBoard) before 1.4.12 makes a certain superfluous call to the SQL C...	S
CVE-2010-4629	MyBB (aka MyBulletinBoard) before 1.4.12 does not properly restrict uid values for group join reques...	S
CVE-2010-4630	Cross-site scripting (XSS) vulnerability in pages/admin/surveys/create.php in the WP Survey And Quiz...	E
CVE-2010-4631	Multiple cross-site scripting (XSS) vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers...	E
CVE-2010-4632	Multiple SQL injection vulnerabilities in ASPilot Pilot Cart 7.3 allow remote attackers to execute a...	E
CVE-2010-4633	SQL injection vulnerability in cart.php in digiSHOP 2.0.2 allows remote attackers to execute arbitra...	E
CVE-2010-4634	Directory traversal vulnerability in osTicket 1.6 allows remote attackers to read arbitrary files vi...	E
CVE-2010-4635	SQL injection vulnerability in detail.asp in Site2Nite Vacation Rental (VRBO) Listings allows remote...	E
CVE-2010-4636	SQL injection vulnerability in detail.asp in Site2Nite Business e-Listings allows remote attackers t...	E
CVE-2010-4637	Cross-site scripting (XSS) vulnerability in feedlist/handler_image.php in the FeedList plugin 2.61.0...	E
CVE-2010-4638	SQL injection vulnerability in the submitSurvey function in controller.php in JQuarks4s (com_jquarks...	E
CVE-2010-4639	SQL injection vulnerability in index.php in MySource Matrix allows remote attackers to execute arbit...	E
CVE-2010-4640	Multiple cross-site scripting (XSS) vulnerabilities in XWiki Watch 1.0 allow remote attackers to inj...
CVE-2010-4641	SQL injection vulnerability in XWiki Enterprise before 2.5 allows remote attackers to execute arbitr...
CVE-2010-4642	Cross-site scripting (XSS) vulnerability in XWiki Enterprise before 2.5 allows remote attackers to i...
CVE-2010-4643	Heap-based buffer overflow in Impress in OpenOffice.org (OOo) 2.x and 3.x before 3.3 allows remote a...
CVE-2010-4644	Multiple memory leaks in rev_hunt.c in Apache Subversion before 1.6.15 allow remote authenticated us...	E
CVE-2010-4645	strtod.c, as used in the zend_strtod function in PHP 5.2 before 5.2.17 and 5.3 before 5.3.5, and oth...	E S
CVE-2010-4646	Cross-site scripting (XSS) vulnerability in Hastymail2 before 1.01 allows remote attackers to inject...	S
CVE-2010-4647	Multiple cross-site scripting (XSS) vulnerabilities in the Help Contents web application (aka the He...	E
CVE-2010-4648	The orinoco_ioctl_set_auth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel befor...	E S
CVE-2010-4649	Integer overflow in the ib_uverbs_poll_cq function in drivers/infiniband/core/uverbs_cmd.c in the Li...	S
CVE-2010-4650	Buffer overflow in the fuse_do_ioctl function in fs/fuse/file.c in the Linux kernel before 2.6.37 al...	S
CVE-2010-4651	Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remo...	S
CVE-2010-4652	Heap-based buffer overflow in the sql_prepare_where function (contrib/mod_sql.c) in ProFTPD before 1...	E S
CVE-2010-4653	An integer overflow condition in poppler before 0.16.3 can occur when parsing CharCodes for fonts....	S
CVE-2010-4654	poppler before 0.16.3 has malformed commands that may cause corruption of the internal stack....	S
CVE-2010-4655	net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, wh...	S
CVE-2010-4656	The iowarrior_write function in drivers/usb/misc/iowarrior.c in the Linux kernel before 2.6.37 does ...	S
CVE-2010-4657	PHP5 before 5.4.4 allows passing invalid utf-8 strings via the xmlTextWriterWriteAttribute, which ar...
CVE-2010-4658	statusnet through 2010 allows attackers to spoof syslog messages via newline injection attacks....
CVE-2010-4659	Cross-site scripting (XSS) vulnerability in statusnet through 2010 in error message contents....
CVE-2010-4660	Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string...
CVE-2010-4661	udisks before 1.0.3 allows a local user to load arbitrary Linux kernel modules....
CVE-2010-4662	PmWiki before 2.2.21 has XSS....
CVE-2010-4663	Unspecified vulnerability in the News module in CMS Made Simple (CMSMS) before 1.9.1 has unknown imp...
CVE-2010-4664	In ConsoleKit before 0.4.2, an intended security policy restriction bypass was found. This flaw allo...
CVE-2010-4665	Integer overflow in the ReadDirectory function in tiffdump.c in tiffdump in LibTIFF before 3.9.5 all...	S
CVE-2010-4666	Buffer overflow in libarchive 3.0 pre-release code allows remote attackers to cause a denial of serv...
CVE-2010-4667	Cross-site scripting (XSS) vulnerability in Coppermine Photo Gallery (CPG) before 1.4.27 allows remo...	S
CVE-2010-4668	The blk_rq_map_user_iov function in block/blk-map.c in the Linux kernel before 2.6.37-rc7 allows loc...	S
CVE-2010-4669	The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Microsoft Windows XP, Windo...	E
CVE-2010-4670	The Neighbor Discovery (ND) protocol implementation in the IPv6 stack on Cisco Adaptive Security App...	E
CVE-2010-4671	The Neighbor Discovery (ND) protocol implementation in the IPv6 stack in Cisco IOS before 15.0(1)XA5...	E
CVE-2010-4672	Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(3) and earlier allow ...
CVE-2010-4673	Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.2(4) and earlier allow ...
CVE-2010-4674	Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw...
CVE-2010-4675	Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not prop...
CVE-2010-4676	Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw...
CVE-2010-4677	emWEB on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) al...
CVE-2010-4678	Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) permit pack...
CVE-2010-4679	Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not prop...
CVE-2010-4680	The WebVPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw...
CVE-2010-4681	Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw...
CVE-2010-4682	Memory leak on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2...
CVE-2010-4683	Memory leak in Cisco IOS before 15.0(1)XA5 might allow remote attackers to cause a denial of service...
CVE-2010-4684	Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to caus...
CVE-2010-4685	Cisco IOS before 15.0(1)XA1 does not clear the public key cache upon a change to a certificate map, ...
CVE-2010-4686	CallManager Express (CME) on Cisco IOS before 15.0(1)XA1 does not properly handle SIP TRUNK traffic ...
CVE-2010-4687	STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly...
CVE-2010-4688	Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) ...
CVE-2010-4689	Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.3(2) do not prop...
CVE-2010-4690	The Mobile User Security (MUS) service on Cisco Adaptive Security Appliances (ASA) 5500 series devic...
CVE-2010-4691	Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw...
CVE-2010-4692	Unspecified vulnerability on Cisco Adaptive Security Appliances (ASA) 5500 series devices with softw...
CVE-2010-4693	Multiple cross-site scripting (XSS) vulnerabilities in Coppermine Photo Gallery 1.5.10 and earlier a...	E
CVE-2010-4694	Buffer overflow in gif2png.c in gif2png 2.5.3 and earlier might allow context-dependent attackers to...	E S
CVE-2010-4695	A certain Fedora patch for gif2png.c in gif2png 2.5.1 and 2.5.2, as distributed in gif2png-2.5.1-120...	E S
CVE-2010-4696	Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to exec...
CVE-2010-4697	Use-after-free vulnerability in the Zend engine in PHP before 5.2.15 and 5.3.x before 5.3.4 might al...	S
CVE-2010-4698	Stack-based buffer overflow in the GD extension in PHP before 5.2.15 and 5.3.x before 5.3.4 allows c...
CVE-2010-4699	The iconv_mime_decode_headers function in the Iconv extension in PHP before 5.3.4 does not properly ...
CVE-2010-4700	The set_magic_quotes_runtime function in PHP 5.3.2 and 5.3.3, when the MySQLi extension is used, doe...
CVE-2010-4701	Heap-based buffer overflow in the CDrawPoly::Serialize function in fxscover.exe in Microsoft Windows...	E
CVE-2010-4702	SQL injection vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows remote ...
CVE-2010-4703	SQL injection vulnerability in default.asp in HotWebScripts HotWeb Rentals allows remote attackers t...	E
CVE-2010-4704	libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to...	E
CVE-2010-4705	Integer overflow in the vorbis_residue_decode_internal function in libavcodec/vorbis_dec.c in the Vo...
CVE-2010-4706	The pam_sm_close_session function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1....	S
CVE-2010-4707	The check_acl function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) 1.1.2 and earli...	S
CVE-2010-4708	The pam_env module in Linux-PAM (aka pam) 1.1.2 and earlier reads the .pam_environment file in a use...	S
CVE-2010-4709	Heap-based buffer overflow in Automated Solutions Modbus/TCP Master OPC Server before 3.0.2 allows r...	E
CVE-2010-4710	Cross-site scripting (XSS) vulnerability in the addItem method in the Menu widget in YUI before 2.9....
CVE-2010-4711	Double free vulnerability in the IMAP server component in GroupWise Internet Agent (GWIA) in Novell ...
CVE-2010-4712	Multiple stack-based buffer overflows in gwia.exe in GroupWise Internet Agent (GWIA) in Novell Group...
CVE-2010-4713	Integer signedness error in gwia.exe in GroupWise Internet Agent (GWIA) in Novell GroupWise before 8...
CVE-2010-4714	Multiple stack-based buffer overflows in Novell GroupWise before 8.02HP allow remote attackers to ex...
CVE-2010-4715	Multiple directory traversal vulnerabilities in the (1) WebAccess Agent and (2) Document Viewer Agen...
CVE-2010-4716	Cross-site scripting (XSS) vulnerability in the WebPublisher component in Novell GroupWise before 8....
CVE-2010-4717	Multiple stack-based buffer overflows in the IMAP server component in GroupWise Internet Agent (GWIA...	E
CVE-2010-4718	Multiple cross-site scripting (XSS) vulnerabilities in the Lyftenbloggie (com_lyftenbloggie) compone...	E
CVE-2010-4719	Directory traversal vulnerability in JRadio (com_jradio) component before 1.5.1 for Joomla! allows r...	E
CVE-2010-4720	SQL injection vulnerability in the JExtensions JE Auto (com_jeauto) component before 1.1 for Joomla!...
CVE-2010-4721	SQL injection vulnerability in news.php in Immo Makler allows remote attackers to execute arbitrary ...	E
CVE-2010-4722	Unspecified vulnerability in the fetch plugin in Smarty before 3.0.2 has unknown impact and remote a...
CVE-2010-4723	Smarty before 3.0.0, when security is enabled, does not prevent access to the (1) dynamic and (2) pr...
CVE-2010-4724	Multiple unspecified vulnerabilities in the parser implementation in Smarty before 3.0.0 RC3 have un...
CVE-2010-4725	Smarty before 3.0.0 RC3 does not properly handle an on value of the asp_tags option in the php.ini f...
CVE-2010-4726	Unspecified vulnerability in the math plugin in Smarty before 3.0.0 RC1 has unknown impact and remot...
CVE-2010-4727	Smarty before 3.0.0 beta 7 does not properly handle the tags, which has unspecified imp...
CVE-2010-4728	Zikula before 1.3.1 uses the rand and srand PHP functions for random number generation, which makes ...
CVE-2010-4729	Zikula before 1.2.3 does not use the authid protection mechanism for (1) the lostpassword form and (...
CVE-2010-4730	Directory traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC15...	E
CVE-2010-4731	Absolute path traversal vulnerability in cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect ...	E
CVE-2010-4732	cgi-bin/read.cgi in WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, an...	E
CVE-2010-4733	WebSCADA WS100 and WS200, Easy Connect EC150, Modbus RTU - TCP Gateway MB100, and Serial Ethernet Se...	E
CVE-2010-4734	Multiple cross-site scripting (XSS) vulnerabilities in the comment feature in Skeletonz CMS 1.0, whe...	E
CVE-2010-4735	SQL injection vulnerability in shoppingcart.asp in Ecommercemax Solutions Digital-goods seller (DGS)...	E
CVE-2010-4736	SQL injection vulnerability in ECO.asp in GateSoft DocuSafe 4.1.0 and 4.1.2 allows remote attackers ...	E
CVE-2010-4737	SQL injection vulnerability in resorts.asp in HotWebScripts HotWeb Rentals allows remote attackers t...	E
CVE-2010-4738	Multiple SQL injection vulnerabilities in Rae Media INC Real Estate Single and Multi Agent System 3....	E
CVE-2010-4739	SQL injection vulnerability in the Maian Media Silver (com_maianmedia) component for Joomla! allows ...	E
CVE-2010-4740	Stack-based buffer overflow in WTclient.dll in SCADA Engine BACnet OPC Client before 1.0.25 allows u...	E
CVE-2010-4741	Stack-based buffer overflow in MDMUtil.dll in MDMTool.exe in MDM Tool before 2.3 in Moxa Device Mana...	S
CVE-2010-4742	Stack-based buffer overflow in a certain ActiveX control in MediaDBPlayback.DLL 2.2.0.5 in the Moxa ...	E
CVE-2010-4743	Heap-based buffer overflow in the getarena function in abc2ps.c in abcm2ps before 5.9.13 might allow...	S
CVE-2010-4744	Multiple unspecified vulnerabilities in abcm2ps before 5.9.13 have unknown impact and attack vectors...	S
CVE-2010-4745	Cross-site scripting (XSS) vulnerability in nav.html in PHPXref before 0.7.1 allows remote attackers...	E
CVE-2010-4746	Multiple memory leaks in the normalization functionality in 389 Directory Server before 1.2.7.5 allo...	S
CVE-2010-4747	Cross-site scripting (XSS) vulnerability in wordpress-processing-embed/data/popup.php in the Process...	E
CVE-2010-4748	Cross-site scripting (XSS) vulnerability in pmwiki.php in PmWiki 2.2.20 allows remote attackers to i...	E
CVE-2010-4749	Multiple cross-site scripting (XSS) vulnerabilities in BLOG:CMS 4.2.1.e, and possibly earlier, allow...	E S
CVE-2010-4750	Cross-site request forgery (CSRF) vulnerability in admin/libs/ADMIN.php in BLOG:CMS 4.2.1.e, and pos...	E S
CVE-2010-4751	SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled...
CVE-2010-4752	SQL injection vulnerability in LightNEasy.php in LightNEasy 3.2.1, when magic_quotes_gpc is disabled...
CVE-2010-4753	Cross-site scripting (XSS) vulnerability in LightNEasy.php in LightNEasy 3.2.1 allows remote attacke...
CVE-2010-4754	The glob implementation in libc in FreeBSD 7.3 and 8.1, NetBSD 5.0.2, and OpenBSD 4.7, and Libsystem...	E S
CVE-2010-4755	The (1) remote_glob function in sftp-glob.c and the (2) process_put function in sftp.c in OpenSSH 5....	E S
CVE-2010-4756	The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users ...	E
CVE-2010-4757	Cross-site scripting (XSS) vulnerability in submitnews.php in e107 before 0.7.23 allows remote attac...	E S
CVE-2010-4758	installer.pl in Open Ticket Request System (OTRS) before 3.0.3 has an Inbound Mail Password field th...	E S
CVE-2010-4759	Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly restrict the ticket ages that...	S
CVE-2010-4760	Open Ticket Request System (OTRS) before 3.0.0-beta6 adds email-notification-ext articles to tickets...	S
CVE-2010-4761	The customer-interface ticket-print dialog in Open Ticket Request System (OTRS) before 3.0.0-beta3 d...	S
CVE-2010-4762	Cross-site scripting (XSS) vulnerability in the rich-text-editor component in Open Ticket Request Sy...
CVE-2010-4763	The ACL-customer-status Ticket Type setting in Open Ticket Request System (OTRS) before 3.0.0-beta1 ...	E
CVE-2010-4764	Open Ticket Request System (OTRS) before 2.4.10, and 3.x before 3.0.3, does not present warnings abo...
CVE-2010-4765	Race condition in the Kernel::System::Main::FileWrite method in Open Ticket Request System (OTRS) be...	S
CVE-2010-4766	The AgentTicketForward feature in Open Ticket Request System (OTRS) before 2.4.7 does not properly r...	E
CVE-2010-4767	Open Ticket Request System (OTRS) before 2.3.6 does not properly handle e-mail messages in which the...
CVE-2010-4768	Open Ticket Request System (OTRS) before 2.3.5 does not properly disable hidden permissions, which a...	E
CVE-2010-4769	Directory traversal vulnerability in the Jimtawl (com_jimtawl) component 1.0.2 Joomla! allows remote...	E
CVE-2010-4770	SQL injection vulnerability in index.php in CommodityRentals DVD Rentals Script allows remote attack...	E
CVE-2010-4771	SQL injection vulnerability to viewforum.php in S-CMS 2.5 allows remote attackers to execute arbitra...	E
CVE-2010-4772	Cross-site scripting (XSS) vulnerability in blocks/lang.php in S-CMS 2.5 allows remote attackers to ...	E
CVE-2010-4773	Unspecified vulnerability in Hitachi EUR Form Client before 05-10 -/D 2010.11.15 and 05-10-CA (* 2) ...
CVE-2010-4774	SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote attackers to execute arbitrary ...	E
CVE-2010-4775	The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly i...	S
CVE-2010-4776	SQL injection vulnerability in takefreestart.php in PreProjects Pre Online Tests Generator Pro allow...	E
CVE-2010-4777	The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when r...
CVE-2010-4778	Multiple cross-site scripting (XSS) vulnerabilities in fetchmailprefs.php in Horde IMP before 4.3.8,...	S
CVE-2010-4779	Cross-site scripting (XSS) vulnerability in lib/includes/auth.inc.php in the WPtouch plugin 1.9.19.4...	E
CVE-2010-4780	SQL injection vulnerability in the check_banlist function in includes/sessions.php in Enano CMS 1.1....	E
CVE-2010-4781	index.php in Enano CMS 1.1.7pl1, and possibly other versions before 1.1.8, 1.0.6pl3, and 1.1.7pl2, a...	E
CVE-2010-4782	Multiple SQL injection vulnerabilities in list.asp in Softwebs Nepal (aka Ananda Raj Pandey) Ananda ...	E
CVE-2010-4783	Multiple cross-site scripting (XSS) vulnerabilities in index.php in PHP Web Scripts Easy Banner Free...	E
CVE-2010-4784	Multiple SQL injection vulnerabilities in member.php in PHP Web Scripts Easy Banner Free 2009.05.18,...	E
CVE-2010-4785	The do_extendedOp function in ibmslapd in IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka...	S
CVE-2010-4786	IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote au...	S
CVE-2010-4787	IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.63 (aka 6.0.0.8-TIV-ITDS-IF0005) allows remote au...	S
CVE-2010-4788	IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) does not perform...	S
CVE-2010-4789	Use-after-free vulnerability in the proxy-server implementation in IBM Tivoli Directory Server (TDS)...	S
CVE-2010-4790	Directory traversal vulnerability in FilterFTP 2.0.3, 2.0.5, and probably earlier versions, allows r...	E
CVE-2010-4791	SQL injection vulnerability in infusions/mg_user_fotoalbum_panel/mg_user_fotoalbum.php in the MG Use...	E
CVE-2010-4792	Cross-site scripting (XSS) vulnerability in title.php in OPEN IT OverLook 5.0 allows remote attacker...	E
CVE-2010-4793	SQL injection vulnerability in detail.asp in Site2Nite Auto e-Manager allows remote attackers to exe...	E
CVE-2010-4794	Multiple cross-site scripting (XSS) vulnerabilities in the JoomlaSeller JS Calendar (com_jscalendar)...	E
CVE-2010-4795	SQL injection vulnerability in the JS Calendar (com_jscalendar) component 1.5.1 and 1.5.4 for Joomla...	E
CVE-2010-4796	Multiple SQL injection vulnerabilities in PHPYun 1.1.6 allow remote attackers to execute arbitrary S...
CVE-2010-4797	Multiple SQL injection vulnerabilities in the log-in form in Truworth Flex Timesheet allow remote at...	E
CVE-2010-4798	Directory traversal vulnerability in index.php in OrangeHRM 2.6.0.1 allows remote attackers to inclu...	E
CVE-2010-4799	Multiple SQL injection vulnerabilities in Chipmunk Pwngame 1.0, when magic_quotes_gpc is disabled, a...	E
CVE-2010-4800	SQL injection vulnerability in doadd.php in BaconMap 1.0 allows remote attackers to execute arbitrar...	E
CVE-2010-4801	Directory traversal vulnerability in admin/updatelist.php in BaconMap 1.0 allows remote attackers to...	E
CVE-2010-4802	Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, whic...	S
CVE-2010-4803	Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified im...	S
CVE-2010-4804	The Android browser in Android before 2.3.4 allows remote attackers to obtain SD card contents via c...
CVE-2010-4805	The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly man...	S
CVE-2010-4806	The authoring tool in IBM Web Content Manager (WCM) 6.1.5, and 7.0.0.1 before CF003, allows remote a...
CVE-2010-4807	Race condition in IBM Web Content Manager (WCM) 7.0.0.1 before CF003 allows remote authenticated use...
CVE-2010-4808	SQL injection vulnerability in index.php in Webmatic allows remote attackers to execute arbitrary SQ...	E
CVE-2010-4809	SQL injection vulnerability in index.php in DBSite 1.0 allows remote attackers to execute arbitrary ...	E
CVE-2010-4810	Multiple PHP remote file inclusion vulnerabilities in AR Web Content Manager (AWCM) 2.1 final allow ...	E
CVE-2010-4811	Multiple cross-site scripting (XSS) vulnerabilities in ajaxmember.php in 6kbbs 8.0 build 20100901 al...
CVE-2010-4812	Multiple SQL injection vulnerabilities in 6kbbs 8.0 build 20100901 allow remote attackers to execute...	S
CVE-2010-4813	Cross-site scripting (XSS) vulnerability in the Category Tokens module 6.x before 6.x-1.1 for Drupal...	S
CVE-2010-4814	SQL injection vulnerability in index1.php in Best Soft Inc. (BSI) Advance Hotel Booking System 1.0 a...	E
CVE-2010-4815	Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code executio...
CVE-2010-4816	It was found in FreeBSD 8.0, 6.3 and 4.9, and OpenBSD 4.6 that a null pointer dereference in ftpd/po...	E
CVE-2010-4817	pithos before 0.3.5 allows overwrite of arbitrary files via symlinks....
CVE-2010-4818	The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of serv...	E S
CVE-2010-4819	The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 an...
CVE-2010-4820	Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary Post...
CVE-2010-4821	Cross-site scripting (XSS) vulnerability in phpMyFAQ before 2.6.9 allows remote attackers to inject ...	E
CVE-2010-4822	core/model/MySQLDatabase.php in SilverStripe 2.4.x before 2.4.4, when the site is running in "live m...	E S
CVE-2010-4823	Cross-site scripting (XSS) vulnerability in the httpError method in sapphire/core/control/RequestHan...	E S
CVE-2010-4824	SQL injection vulnerability in the augmentSQL method in core/model/Translatable.php in SilverStripe ...	E S
CVE-2010-4825	Cross-site scripting (XSS) vulnerability in magpie_debug.php in the Twitter Feed plugin (wp-twitter-...	E
CVE-2010-4826	SQL injection vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote attackers to ex...	S
CVE-2010-4827	Cross-site scripting (XSS) vulnerability in members.asp in Snitz Forums 2000 3.4.07 allows remote at...	S
CVE-2010-4828	Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor ...	E
CVE-2010-4829	SQL injection vulnerability in processview.asp in Techno Dreams (T-Dreams) Cars Ads Package 2.0 allo...	E
CVE-2010-4830	SQL injection vulnerability in Resumes/TD_RESUME_Indlist.asp in Techno Dreams (T-Dreams) Job Career ...	E
CVE-2010-4831	Untrusted search path vulnerability in gdk/win32/gdkinput-win32.c in GTK+ before 2.21.8 allows local...	S
CVE-2010-4832	Android OS before 2.2 does not display the correct SSL certificate in certain cases, which might all...
CVE-2010-4833	Untrusted search path vulnerability in modules/engines/ms-windows/xp_theme.c in GTK+ before 2.24.0 a...	S
CVE-2010-4834	Multiple SQL injection vulnerabilities in index.php in OneOrZero AIMS 2.6.0 Members Edition and 2.7....	E
CVE-2010-4835	Directory traversal vulnerability in index.php in OneOrZero AIMS 2.6.0 Members Edition allows remote...	E
CVE-2010-4836	Cross-site scripting (XSS) vulnerability in register.html in PHPShop 2.1 EE and earlier allows remot...	E
CVE-2010-4837	Cross-site scripting (XSS) vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! ...	E
CVE-2010-4838	SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote...	E
CVE-2010-4839	SQL injection vulnerability in the Event Registration plugin 5.32 and earlier for WordPress allows r...	E
CVE-2010-4840	Multiple buffer overflows in the Syslog server in ManageEngine EventLog Analyzer 6.1 allow remote at...
CVE-2010-4841	Multiple cross-site scripting (XSS) vulnerabilities in ManageEngine EventLog Analyzer 6.1 allow remo...
CVE-2010-4842	SQL injection vulnerability in admin/login.php in MHP DownloadScript (aka MH Products Download Cente...	E
CVE-2010-4843	SQL injection vulnerability in website-page.php in PHP Web Scripts Ad Manager Pro 3.0 allows remote ...	E
CVE-2010-4844	SQL injection vulnerability in content.php in MH Products Easy Online Shop allows remote attackers t...	E
CVE-2010-4845	Multiple SQL injection vulnerabilities in MH Products Projekt Shop allow remote attackers to execute...	E
CVE-2010-4846	SQL injection vulnerability in view_item.php in MH Products Pay Pal Shop Digital allows remote attac...	E
CVE-2010-4847	SQL injection vulnerability in view_item.php in MH Products MHP Downloadshop allows remote attackers...	E
CVE-2010-4848	Multiple cross-site scripting (XSS) vulnerabilities in addlink.php in AXScripts AxsLinks 0.3 allow r...	E
CVE-2010-4849	SQL injection vulnerability in countrydetails.php in Alibaba Clone B2B 3.4 allows remote attackers t...	E
CVE-2010-4850	Multiple cross-site scripting (XSS) vulnerabilities in Diferior 8.03 allow remote attackers to injec...	E
CVE-2010-4851	Multiple SQL injection vulnerabilities in Eclime 1.1.2b allow remote attackers to execute arbitrary ...	E
CVE-2010-4852	Cross-site scripting (XSS) vulnerability in login.php in Eclime 1.1.2b allows remote attackers to in...	E
CVE-2010-4853	SQL injection vulnerability in the ccInvoices (com_ccinvoices) component for Joomla! allows remote a...	E
CVE-2010-4854	SQL injection vulnerability in ajax/coupon.php in Zuitu 1.6, when magic_quotes_gpc is disabled, allo...
CVE-2010-4855	SQL injection vulnerability in oku.asp in xWeblog 2.2 allows remote attackers to execute arbitrary S...	E
CVE-2010-4856	SQL injection vulnerability in arsiv.asp in xWeblog 2.2 allows remote attackers to execute arbitrary...	E
CVE-2010-4857	SQL injection vulnerability in click.php in CAG CMS 0.2 Beta allows remote attackers to execute arbi...	E
CVE-2010-4858	Directory traversal vulnerability in team.rc5-72.php in DNET Live-Stats 0.8 allows remote attackers ...	E
CVE-2010-4859	SQL injection vulnerability in index.php in WebAsyst Shop-Script allows remote attackers to execute ...	E
CVE-2010-4860	SQL injection vulnerability in product_desc.php in MyPhpAuction 2010 allows remote attackers to exec...	E
CVE-2010-4861	SQL injection vulnerability in asearch.php in webSPELL 4.2.1 allows remote attackers to execute arbi...	E S
CVE-2010-4862	SQL injection vulnerability in the JExtensions JE Directory (com_jedirectory) component 1.0 for Joom...	E
CVE-2010-4863	Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote...	E
CVE-2010-4864	SQL injection vulnerability in the Club Manager (com_clubmanager) component for Joomla! allows remot...	E
CVE-2010-4865	SQL injection vulnerability in the JE Guestbook (com_jeguestbook) component 1.0 for Joomla! allows r...	E
CVE-2010-4866	SQL injection vulnerability in index.php in Chipmunk Board 1.3 allows remote attackers to execute ar...	E
CVE-2010-4867	Directory traversal vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlier allow...	E
CVE-2010-4868	Cross-site scripting (XSS) vulnerability in search.php3 (aka search.php) in W-Agora 4.2.1 and earlie...	E
CVE-2010-4869	SQL injection vulnerability in index.php in DBHcms 1.1.4 allows remote attackers to execute arbitrar...	E
CVE-2010-4870	SQL injection vulnerability in index.php in BloofoxCMS 0.3.5 allows remote attackers to execute arbi...	E
CVE-2010-4871	Unspecified vulnerability in SmartFTP before 4.0 Build 1142 allows attackers to have an unknown impa...
CVE-2010-4872	SQL injection vulnerability in newsroom.asp in ASPilot Pilot Cart 7.3 allows remote attackers to exe...	E
CVE-2010-4873	Cross-site scripting (XSS) vulnerability in confirm.php in WeBid 0.8.5 P1 allows remote attackers to...	E
CVE-2010-4874	Multiple cross-site scripting (XSS) vulnerabilities in users.php in NinkoBB 1.3 RC5 allow remote att...	E
CVE-2010-4875	Cross-site scripting (XSS) vulnerability in vodpod-video-gallery/vodpod_gallery_thumbs.php in the Vo...	E
CVE-2010-4876	SQL injection vulnerability in viewpost.php in mBlogger 1.0.04 allows remote attackers to execute ar...	E
CVE-2010-4877	Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1 allows remote attackers to inj...	E
CVE-2010-4878	PHP remote file inclusion vulnerability in formmailer.php in Kontakt Formular 1.1 allows remote atta...	E
CVE-2010-4879	PHP remote file inclusion vulnerability in dompdf.php in dompdf 0.6.0 beta1 allows remote attackers ...	E
CVE-2010-4880	Multiple cross-site scripting (XSS) vulnerabilities in calendar.class.php in ApPHP Calendar (ApPHP C...	E
CVE-2010-4881	Multiple cross-site request forgery (CSRF) vulnerabilities in calendar.class.php in ApPHP Calendar (...	E
CVE-2010-4882	Cross-site scripting (XSS) vulnerability in autocms.php in Auto CMS 1.6 allows remote attackers to i...	E
CVE-2010-4883	Cross-site scripting (XSS) vulnerability in manager/index.php in MODx Revolution 2.0.2-pl allows rem...	E
CVE-2010-4884	PHP remote file inclusion vulnerability in guestbook/gbook.php in Gaestebuch 1.2 allows remote attac...	E
CVE-2010-4885	Cross-site scripting (XSS) vulnerability in the XING Button (xing) extension before 1.0.2 for TYPO3 ...	S
CVE-2010-4886	Cross-site scripting (XSS) vulnerability in the "official twitter tweet button for your page" (tweet...	S
CVE-2010-4887	SQL injection vulnerability in the Commenting system Backend Module (commentsbe) extension 0.0.2 and...
CVE-2010-4888	SQL injection vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3...
CVE-2010-4889	Unspecified vulnerability in the Tiny Market (hm_tinymarket) extension 0.5.4 and earlier for TYPO3 a...
CVE-2010-4890	Cross-site scripting (XSS) vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2...	S
CVE-2010-4891	SQL injection vulnerability in the Yet Another Calendar (ke_yac) extension before 1.1.2 for TYPO3 al...	S
CVE-2010-4892	Cross-site scripting (XSS) vulnerability in the powermail extension before 1.5.5 for TYPO3 allows re...
CVE-2010-4893	Cross-site scripting (XSS) vulnerability in foodvendors.php in FestOS 2.3b allows remote attackers t...	E
CVE-2010-4894	SQL injection vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attackers to execu...	E
CVE-2010-4895	Cross-site scripting (XSS) vulnerability in core/showsite.php in chillyCMS 1.1.3 allows remote attac...	E
CVE-2010-4896	Cross-site scripting (XSS) vulnerability in admin/index.asp in Member Management System 4.0 allows r...
CVE-2010-4897	SQL injection vulnerability in comment.php in BlueCMS 1.6 allows remote attackers to execute arbitra...
CVE-2010-4898	SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote at...	E
CVE-2010-4899	SQL injection vulnerability in c.php in CMS WebManager-Pro before 8.1 allows remote attackers to exe...	E
CVE-2010-4900	Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and earlier allows remote attackers t...	E
CVE-2010-4901	Multiple cross-site scripting (XSS) vulnerabilities in char_map.php in MySource Matrix 3.28.3 allow ...
CVE-2010-4902	Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! ...	E
CVE-2010-4903	SQL injection vulnerability in index.php in CubeCart 4.3.3 allows remote attackers to execute arbitr...
CVE-2010-4904	SQL injection vulnerability in the Aardvertiser (com_aardvertiser) component 2.1 and 2.1.1 for Jooml...	E
CVE-2010-4905	SQL injection vulnerability in article_details.php in Softbiz Article Directory Script allows remote...	E
CVE-2010-4906	SQL injection vulnerability in zp-core/full-image.php in Zenphoto 1.3 and 1.3.1.2 allows remote atta...
CVE-2010-4907	Cross-site scripting (XSS) vulnerability in zp-core/admin.php in Zenphoto 1.3 allows remote attacker...
CVE-2010-4908	SQL injection vulnerability in detail.php in Virtue Shopping Mall allows remote attackers to execute...	E
CVE-2010-4909	Multiple cross-site scripting (XSS) vulnerabilities in PaysiteReviewCMS 1.1 allow remote attackers t...	E
CVE-2010-4910	SQL injection vulnerability in index.cfm in ColdGen ColdCalendar 2.06 allows remote attackers to exe...	E
CVE-2010-4911	SQL injection vulnerability in classi/detail.php in PHP Classifieds Ads allows remote attackers to e...	E
CVE-2010-4912	SQL injection vulnerability in shop.php in UCenter Home 2.0 allows remote attackers to execute arbit...	E
CVE-2010-4913	Cross-site scripting (XSS) vulnerability in the search feature in ColdGen ColdUserGroup 1.06 allows ...	E
CVE-2010-4914	PHP remote file inclusion vulnerability in tools/phpmailer/class.phpmailer.php in PHP Classifieds 7....	E
CVE-2010-4915	SQL injection vulnerability in index.cfm in ColdGen ColdBookmarks 1.22 allows remote attackers to ex...	E
CVE-2010-4916	Multiple SQL injection vulnerabilities in index.cfm in ColdGen ColdUserGroup 1.06 allow remote attac...	E
CVE-2010-4917	SQL injection vulnerability in sources/search.php in A-Blog 2.0 allows remote attackers to execute a...	E
CVE-2010-4918	PHP remote file inclusion vulnerability in iJoomla Magazine (com_magazine) component 3.0.1 for Jooml...	E
CVE-2010-4919	SQL injection vulnerability in detail.asp in Micronetsoft RV Dealer Website 1.0 allows remote attack...	E
CVE-2010-4920	SQL injection vulnerability in detail.asp in Micronetsoft Rental Property Management Website 1.0 all...	E
CVE-2010-4921	SQL injection vulnerability in inc_pollingboothmanager.asp in DMXReady Polling Booth Manager allows ...	E
CVE-2010-4922	Multiple SQL injection vulnerabilities in Allinta CMS 22.07.2010 allow remote attackers to execute a...	E
CVE-2010-4923	SQL injection vulnerability in book/detail.php in Virtue Netz Virtue Book Store allows remote attack...	E
CVE-2010-4924	PHP remote file inclusion vulnerability in logic/controller.class.php in clearBudget 0.9.8 allows re...	E
CVE-2010-4925	SQL injection vulnerability in clic.php in the Partenaires module 1.5 for Nuked-Klan allows remote a...	E
CVE-2010-4926	SQL injection vulnerability in the TimeTrack (com_timetrack) component 1.2.4 for Joomla! allows remo...	E
CVE-2010-4927	SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla...	E
CVE-2010-4928	Cross-site scripting (XSS) vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0...	E
CVE-2010-4929	SQL injection vulnerability in the Joostina (com_ezautos) component for Joomla! allows remote attack...	E
CVE-2010-4930	Cross-site scripting (XSS) vulnerability in index.php in @mail Webmail before 6.2.0 allows remote at...	E
CVE-2010-4931	Directory traversal vulnerability in maincore.php in PHP-Fusion allows remote attackers to include a...	E
CVE-2010-4932	Cross-site scripting (XSS) vulnerability in search.php in Entrans before 0.3.3 allows remote attacke...	E
CVE-2010-4933	SQL injection vulnerability in filemgmt/singlefile.php in Geeklog 1.3.8 allows remote attackers to e...	E
CVE-2010-4934	SQL injection vulnerability in video.php in Get Tube 4.51 and earlier allows remote attackers to exe...	E
CVE-2010-4935	SQL injection vulnerability in poll.php in Entrans 0.3.2 and earlier allows remote attackers to exec...	E
CVE-2010-4936	SQL injection vulnerability in the Slide Show (com_slideshow) component for Joomla! allows remote at...	E
CVE-2010-4937	Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow re...	E
CVE-2010-4938	SQL injection vulnerability in the Weblinks (com_weblinks) component in Joomla! allows remote attack...	E
CVE-2010-4939	PHP remote file inclusion vulnerability in index.php in MailForm 1.2 allows remote attackers to exec...	E
CVE-2010-4940	SQL injection vulnerability in index.php in WAnewsletter 2.1.2 allows remote attackers to execute ar...	E
CVE-2010-4941	SQL injection vulnerability in the Teams (com_teams) component 1_1028_100809_1711 for Joomla! allows...	E
CVE-2010-4942	SQL injection vulnerability in location.php in the eCal module in E-Xoopport Samsara 3.1 and earlier...	E
CVE-2010-4943	Multiple PHP remote file inclusion vulnerabilities in Saurus CMS 4.7.0 allow remote attackers to exe...	E
CVE-2010-4944	SQL injection vulnerability in the Elite Experts (com_elite_experts) component for Mambo and Joomla!...	E
CVE-2010-4945	SQL injection vulnerability in the CamelcityDB (com_camelcitydb2) component 2.2 for Joomla! allows r...	E
CVE-2010-4946	SQL injection vulnerability in product_info.php in ALLPC 2.5 allows remote attackers to execute arbi...	E
CVE-2010-4947	Cross-site scripting (XSS) vulnerability in advanced_search_result.php in ALLPC 2.5 allows remote at...	E
CVE-2010-4948	PHP remote file inclusion vulnerability in libs/adodb/adodb.inc.php in PHP Free Photo Gallery script...	E
CVE-2010-4949	Cross-site scripting (XSS) vulnerability in the (1) FreiChat component before 2.1.2 for Joomla! and ...	E
CVE-2010-4950	SQL injection vulnerability in the Event (event) extension before 0.3.7 for TYPO3 allows remote atta...	S
CVE-2010-4951	Cross-site scripting (XSS) vulnerability in the xaJax Shoutbox (vx_xajax_shoutbox) extension before ...	S
CVE-2010-4952	SQL injection vulnerability in the FE user statistic (festat) extension before 0.2.4 for TYPO3 allow...	S
CVE-2010-4953	Unspecified vulnerability in the JW Calendar (jw_calendar) extension 1.3.20 and earlier for TYPO3 al...
CVE-2010-4954	SQL injection vulnerability in product_reviews_info.php in xt:Commerce Gambio 2008 allows remote att...	E
CVE-2010-4955	SQL injection vulnerability in board/board.php in APBoard Developers APBoard 2.1.0 and earlier allow...	E
CVE-2010-4956	Cross-site scripting (XSS) vulnerability in the Questionnaire (ke_questionnaire) extension before 2....	S
CVE-2010-4957	SQL injection vulnerability in the Questionnaire (ke_questionnaire) extension before 2.2.3 for TYPO3...
CVE-2010-4958	SQL injection vulnerability in index.php in Prado Portal 1.2.0 allows remote attackers to execute ar...	E
CVE-2010-4959	SQL injection vulnerability in the login feature in Pre Projects Pre Podcast Portal allows remote at...	E
CVE-2010-4960	Cross-site scripting (XSS) vulnerability in the Branchenbuch (aka Yellow Pages or mh_branchenbuch) e...	S
CVE-2010-4961	SQL injection vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows r...
CVE-2010-4962	Unspecified vulnerability in the Webkit PDFs (webkitpdf) extension before 1.1.4 for TYPO3 allows rem...	S
CVE-2010-4963	SQL injection vulnerability in folder/list in Hulihan BXR 0.6.8 allows remote attackers to execute a...	E
CVE-2010-4964	recorder_test.cgi on the D-Link DCS-2121 camera with firmware 1.04 allows remote attackers to execut...	E
CVE-2010-4965	/etc/rc.d/rc.local on the D-Link DCS-2121 camera with firmware 1.04 configures a hardcoded password ...	E
CVE-2010-4966	Cross-site scripting (XSS) vulnerability in default.asp in ATCOM Netvolution allows remote attackers...	E
CVE-2010-4967	SQL injection vulnerability in default.asp in ATCOM Netvolution 2.5.6 allows remote attackers to exe...	E
CVE-2010-4968	SQL injection vulnerability in the webmaster-tips.net Flash Gallery (com_wmtpic) component 1.0 for J...	E
CVE-2010-4969	SQL injection vulnerability in articlesdetails.php in BrotherScripts (BS) Business Directory allows ...	E
CVE-2010-4970	SQL injection vulnerability in handlers/getpage.php in Wiki Web Help 0.28 allows remote attackers to...	E
CVE-2010-4971	Cross-site scripting (XSS) vulnerability in VideoWhisper PHP 2 Way Video Chat component for Joomla! ...	E
CVE-2010-4972	SQL injection vulnerability in index.php in YPNinc JokeScript allows remote attackers to execute arb...	E
CVE-2010-4973	Cross-site scripting (XSS) vulnerability in the search feature in Campsite 3.4.0 allows remote attac...
CVE-2010-4974	SQL injection vulnerability in info.php in BrotherScripts (BS) and ScriptsFeed Auto Dealer allows re...	E
CVE-2010-4975	SQL injection vulnerability in the Techjoomla SocialAds For JomSocial (com_socialads) component for ...	E
CVE-2010-4976	Cross-site scripting (XSS) vulnerability in search/search.php in MetInfo 3.0 allows remote attackers...	E
CVE-2010-4977	SQL injection vulnerability in menu.php in the Canteen (com_canteen) component 1.0 for Joomla! allow...	E
CVE-2010-4978	Cross-site scripting (XSS) vulnerability in image/view.php in CANDID allows remote attackers to inje...	E
CVE-2010-4979	SQL injection vulnerability in image/view.php in CANDID allows remote attackers to execute arbitrary...	E
CVE-2010-4980	SQL injection vulnerability in packagedetails.php in iScripts ReserveLogic 1.0 allows remote attacke...	E
CVE-2010-4981	SQL injection vulnerability in trackads.php in YourFreeWorld Banner Management allows remote attacke...	E
CVE-2010-4982	SQL injection vulnerability in address_book/contacts.php in My Kazaam Address & Contact Organizer al...	E
CVE-2010-4983	SQL injection vulnerability in profile.php in iScripts CyberMatch 1.0 allows remote attackers to exe...	E
CVE-2010-4984	SQL injection vulnerability in notes.php in My Kazaam Notes Management System allows remote attacker...	E
CVE-2010-4985	Cross-site scripting (XSS) vulnerability in notes.php in My Kazaam Notes Management System allows re...	E
CVE-2010-4986	SQL injection vulnerability in detail.php in Simple Document Management System (SDMS) allows remote ...	E
CVE-2010-4987	SQL injection vulnerability in default.asp in KMSoft Guestbook (aka GBook) allows remote attackers t...	E
CVE-2010-4988	PHP remote file inclusion vulnerability in mod_chatting/themes/default/header.php in Family Connecti...	E
CVE-2010-4989	SQL injection vulnerability in main.asp in Ziggurat Farsi CMS allows remote attackers to execute arb...	E
CVE-2010-4990	SQL injection vulnerability in the Front-edit Address Book (com_addressbook) component for Joomla! a...	E
CVE-2010-4991	SQL injection vulnerability in the NinjaMonials (com_ninjamonials) component for Joomla! allows remo...	E
CVE-2010-4992	SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers...	E
CVE-2010-4993	SQL injection vulnerability in the eventcal (com_eventcal) component 1.6.4 for Joomla! allows remote...	E
CVE-2010-4994	SQL injection vulnerability in the Jobs Pro component 1.6.4 for Joomla! allows remote attackers to e...	E
CVE-2010-4995	SQL injection vulnerability in the NeoRecruit (com_neorecruit) component 1.6.4 for Joomla! allows re...	E
CVE-2010-4996	SQL injection vulnerability in ogp_show.php in esoftpro Online Guestbook Pro 5.1 allows remote attac...	E
CVE-2010-4997	SQL injection vulnerability in index.php in OlyKit Swoopo Clone 2010 allows remote attackers to exec...	E
CVE-2010-4998	PHP remote file inclusion vulnerability in ardeaCore/lib/core/ardeaInit.php in ardeaCore PHP Framewo...	E
CVE-2010-4999	SQL injection vulnerability in index.php in esoftpro Online Photo Pro 2.0 allows remote attackers to...	E