2010 CVE Vulnerabilities

5,249 CVEs published in 2010.

CVE IDSeverityCVSSDescription
CVE-2010-2432The cupsDoAuthentication function in auth.c in the client in CUPS before 1.4.4, when HAVE_GSSAPI is omitted, does not pr...
CVE-2010-2431The cupsFileOpen function in CUPS before 1.4.4 allows local users, with lp group membership, to overwrite arbitrary file...
CVE-2010-1775Race condition in Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch allows physically proximate attackers...
CVE-2010-1757WebKit in Apple iOS before 4 on the iPhone and iPod touch does not enforce the expected boundary restrictions on content...
CVE-2010-1756The Settings application in Apple iOS before 4 on the iPhone and iPod touch does not properly report the wireless networ...
CVE-2010-1755Safari in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the Accept Cookies preference, whi...
CVE-2010-1754Passcode Lock in Apple iOS before 4 on the iPhone and iPod touch does not properly handle alert-based unlocks in conjunc...
CVE-2010-1753ImageIO in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to execute arbitrary code or cause a ...
CVE-2010-1752Stack-based buffer overflow in CFNetwork in Apple iOS before 4 on the iPhone and iPod touch allows remote attackers to e...
CVE-2010-1751Application Sandbox in Apple iOS before 4 on the iPhone and iPod touch does not prevent photo-library access, which migh...
CVE-2010-1632Apache Axis2 before 1.5.2, as used in IBM WebSphere Application Server (WAS) 7.0 through 7.0.0.12, IBM Feature Pack for ...
CVE-2010-1407WebKit in Apple iOS before 4 on the iPhone and iPod touch does not properly implement the history.replaceState method in...
CVE-2010-2421Multiple unspecified vulnerabilities in Opera before 10.54 have unknown impact and attack vectors related to (1) "extrem...
CVE-2010-2420Multiple unspecified vulnerabilities in Fenrir Inc. ActiveGeckoBrowser 1.0.0 and 1.0.5 alpha, a module for the Sleipnir ...
CVE-2010-1638The IMP plugin in Horde allows remote attackers to bypass firewall restrictions and use Horde as a proxy to scan interna...
CVE-2010-1637MEDIUM6.5The Mail Fetch plugin in SquirrelMail 1.4.20 and earlier allows remote authenticated users to bypass firewall restrictio...
CVE-2010-2359SQL injection vulnerability in eWebQuiz.asp in ActiveWebSoftwares.com eWebquiz 8 allows remote attackers to execute arbi...
CVE-2010-2358PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2, when magic_quotes_gpc is...
CVE-2010-2357SQL injection vulnerability in index.php in Eicra Realestate Script 1.0 and 1.6.0 allows remote attackers to execute arb...
CVE-2010-2356Cross-site scripting (XSS) vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject...
CVE-2010-2355Cross-site scripting (XSS) vulnerability in error.php in Pilot Group (PG) eLMS Pro allows remote attackers to inject arb...
CVE-2010-2354SQL injection vulnerability in subscribe.php in Pilot Group (PG) eLMS Pro allows remote attackers to execute arbitrary S...
CVE-2010-2353The Node Reference module in Content Construction Kit (CCK) module 6.x before 6.x-2.7 for Drupal does not perform access...
CVE-2010-2352The Node Reference module in Content Construction Kit (CCK) module 5.x before 5.x-1.11 and 6.x before 6.x-2.7 for Drupal...
CVE-2010-2351Stack-based buffer overflow in the CIFS.NLM driver in Netware SMB 1.0 for Novell Netware 6.5 SP8 and earlier allows remo...

Check if your code is affected by 2010 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now