2010 CVE Vulnerabilities
5,249 CVEs published in 2010.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2010-4820 | — | — | 0.5% | Oct 27, 2014 | Untrusted search path vulnerability in Ghostscript 8.62 allows local users to execute arbitrary PostScript code via a Tr... |
| CVE-2010-5110 | — | — | 3.0% | Aug 29, 2014 | DCTStream.cc in Poppler before 0.13.3 allows remote attackers to cause a denial of service (crash) via a crafted PDF fil... |
| CVE-2010-5303 | — | — | 0.9% | Aug 21, 2014 | Cross-site scripting (XSS) vulnerability in the displayError function in timthumb.php in TimThumb before 1.15 (r85), as ... |
| CVE-2010-5302 | — | — | 0.9% | Aug 21, 2014 | Cross-site scripting (XSS) vulnerability in timthumb.php in TimThumb before 1.15 as of 20100908 (r88), as used in multip... |
| CVE-2010-5111 | — | — | 3.5% | Jun 16, 2014 | Multiple buffer overflows in readline.c in Echoping 6.0.2 allow remote attackers to cause a denial of service (crash) an... |
| CVE-2010-5301 | — | — | 10.6% | Jun 13, 2014 | Stack-based buffer overflow in Kolibri 2.0 allows remote attackers to execute arbitrary code via a long URI in a HEAD re... |
| CVE-2010-5300 | — | — | 14.6% | Jun 11, 2014 | Stack-based buffer overflow in Jzip 1.3 through 2.0.0.132900 allows remote attackers to cause a denial of service (crash... |
| CVE-2010-5299 | — | — | 33.6% | May 23, 2014 | Stack-based buffer overflow in MicroP 0.1.1.1600 allows remote attackers to execute arbitrary code via a crafted .mppl f... |
| CVE-2010-4832 | — | — | 0.8% | May 14, 2014 | Android OS before 2.2 does not display the correct SSL certificate in certain cases, which might allow remote attackers ... |
| CVE-2010-5109 | — | — | 2.4% | May 5, 2014 | Off-by-one error in the DecompressRTF function in ytnef.c in Yerase's TNEF Stream Reader allows remote attackers to caus... |
| CVE-2010-5105 | — | — | 0.3% | Apr 27, 2014 | The undo save quit routine in the kernel in Blender 2.5, 2.63a, and earlier allows local users to overwrite arbitrary fi... |
| CVE-2010-2236 | — | — | 3.1% | Apr 15, 2014 | The monitoring probe display in spacewalk-java before 2.1.148-1 and Red Hat Network (RHN) Satellite 4.0.0 through 4.2.0 ... |
| CVE-2010-5298 | — | — | 34.1% | Apr 14, 2014 | Race condition in the ssl3_read_bytes function in s3_pkt.c in OpenSSL through 1.0.1g, when SSL_MODE_RELEASE_BUFFERS is e... |
| CVE-2010-4777 | — | — | 6.0% | Feb 10, 2014 | The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debuggin... |
| CVE-2010-3090 | — | — | — | Feb 10, 2014 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3089. Reason: This issue was MERGED into CVE-201... |
| CVE-2010-4226 | HIGH | 7.2 | 2.9% | Feb 6, 2014 | cpio, as used in build 2007.05.10, 2010.07.28, and possibly other versions, allows remote attackers to overwrite arbitra... |
| CVE-2010-5297 | — | — | 2.2% | Jan 21, 2014 | WordPress before 3.0.1, when a Multisite installation is used, permanently retains the "site administrators can add user... |
| CVE-2010-5296 | — | — | 1.7% | Jan 21, 2014 | wp-includes/capabilities.php in WordPress before 3.0.2, when a Multisite configuration is used, does not require the Sup... |
| CVE-2010-5295 | — | — | 1.8% | Jan 21, 2014 | Cross-site scripting (XSS) vulnerability in wp-admin/plugins.php in WordPress before 3.0.2 might allow remote attackers ... |
| CVE-2010-5294 | — | — | 1.4% | Jan 21, 2014 | Multiple cross-site scripting (XSS) vulnerabilities in the request_filesystem_credentials function in wp-admin/includes/... |
| CVE-2010-5293 | — | — | 2.5% | Jan 21, 2014 | wp-includes/comment.php in WordPress before 3.0.2 does not properly whitelist trackbacks and pingbacks in the blogroll, ... |
| CVE-2010-0746 | — | — | 0.6% | Jan 13, 2014 | Directory traversal vulnerability in DeviceKit-disks in DeviceKit, as used in Fedora 11 and 12 and possibly other operat... |
| CVE-2010-5292 | — | — | 0.3% | Jan 10, 2014 | Amberdms Billing System (ABS) before 1.4.1, when a multi-instance installation is configured, might allow local users to... |
| CVE-2010-5291 | — | — | 1.1% | Jan 10, 2014 | Amberdms Billing System (ABS) before 1.4.1 does not properly implement blacklisting after detection of invalid login att... |
| CVE-2010-4174 | — | — | — | Dec 27, 2013 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-3282. Reason: This candidate is a duplicate of... |
Check if your code is affected by 2010 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now