2010 CVE Vulnerabilities

5,249 CVEs published in 2010.

Filter:UNKNOWNClear
CVE IDSeverityCVSSDescription
CVE-2010-2647Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly hav...
CVE-2010-2646Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and re...
CVE-2010-2645Unspecified vulnerability in Google Chrome before 5.0.375.99, when WebGL is used, allows remote attackers to cause a den...
CVE-2010-2479Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the b...
CVE-2010-1670Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 has improper configuration options for authentication p...
CVE-2010-1669SQL injection vulnerability in Mahara 1.1.x before 1.1.9 and 1.2.x before 1.2.5 allows remote attackers to execute arbit...
CVE-2010-1668Multiple cross-site request forgery (CSRF) vulnerabilities in Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before...
CVE-2010-1667Multiple cross-site scripting (XSS) vulnerabilities in Mahara before 1.0.15, 1.1.x before 1.1.9, and 1.2.x before 1.2.5 ...
CVE-2010-2629The Cisco Content Services Switch (CSS) 11500 with software 8.20.4.02 and the Application Control Engine (ACE) 4710 with...
CVE-2010-2483The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read ...
CVE-2010-2482LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to ...
CVE-2010-2481The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, ...
CVE-2010-2253lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, whi...
CVE-2010-2252GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filen...
CVE-2010-2251The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before ...
CVE-2010-1576The Cisco Content Services Switch (CSS) 11500 with software before 8.20.4.02 and the Application Control Engine (ACE) 47...
CVE-2010-1575The Cisco Content Services Switch (CSS) 11500 with software 08.20.1.01 conveys authentication data through ClientCert-* ...
CVE-2010-1328Multiple cross-site scripting (XSS) vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to inject a...
CVE-2010-1327Multiple SQL injection vulnerabilities in TornadoStore 1.4.3 and earlier allow remote attackers to execute arbitrary SQL...
CVE-2010-2627Multiple directory traversal vulnerabilities in the Refractor 2 engine, as used in Battlefield 2 1.50 (1.5.3153-802.0) a...
CVE-2010-2626index.pl in Miyabi CGI Tools SEO Links 1.02 allows remote attackers to execute arbitrary commands via shell metacharacte...
CVE-2010-2625Unspecified vulnerability in the Client Service for DPM in Hitachi ServerConductor / Deployment Manager 01-00, 01-01, an...
CVE-2010-2624Multiple SQL injection vulnerabilities in iScripts EasySnaps 2.0 allow remote attackers to execute arbitrary SQL command...
CVE-2010-2623SQL injection vulnerability in pages.php in Internet DM Specialist Bed and Breakfast allows remote attackers to execute ...
CVE-2010-2622SQL injection vulnerability in the Joomanager component, possibly 1.1.1, for Joomla! allows remote attackers to execute ...

Check if your code is affected by 2010 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now