2010 CVE Vulnerabilities

5,249 CVEs published in 2010.

CVE IDSeverityCVSSDescription
CVE-2010-0712Multiple SQL injection vulnerabilities in zport/dmd/Events/getJSONEventsInfo in Zenoss 2.3.3, and other versions before ...
CVE-2010-0711Cross-site request forgery (CSRF) vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other...
CVE-2010-0710SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows re...
CVE-2010-0709Multiple cross-site request forgery (CSRF) vulnerabilities in Limny 2.0 allow remote attackers to (1) hijack the authent...
CVE-2010-0708Multiple unspecified vulnerabilities in (1) ns-slapd and (2) slapd.exe in Sun Directory Server Enterprise Edition 7.0, S...
CVE-2010-0683Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, ...
CVE-2010-0427sudo 1.6.x before 1.6.9p21, when the runas_default option is used, does not properly set group memberships, which allows...
CVE-2010-0424The edit_cmd function in crontab.c in (1) cronie before 1.4.4 and (2) Vixie cron (vixie-cron) allows local users to chan...
CVE-2010-0011The eval_js function in uzbl-core.c in Uzbl before 2010.01.05 exposes the run method of the Uzbl object, which allows re...
CVE-2010-0707Cross-site request forgery (CSRF) vulnerability in add_user.php in Employee Timeclock Software 0.99 allows remote attack...
CVE-2010-0706Cross-site scripting (XSS) vulnerability in the login/prompt component in Subex Nikira Fraud Management System allows re...
CVE-2010-0705Aavmker4.sys in avast! 4.8 through 4.8.1368.0 and 5.0 before 5.0.418.0 running on Windows 2000 and XP does not properly ...
CVE-2010-0704Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows rem...
CVE-2010-0620Directory traversal vulnerability in the SSL Service in EMC HomeBase Server 6.2.x before 6.2.3 and 6.3.x before 6.3.2 al...
CVE-2010-0412stap-server in SystemTap 1.1 does not properly restrict the value of the -B (aka BUILD) option, which allows attackers t...
CVE-2010-0119Bournal before 1.4.1 on FreeBSD 8.0, when the -K option is used, places a ccrypt key on the command line, which allows l...
CVE-2010-0118Bournal before 1.4.1 allows local users to overwrite arbitrary files via a symlink attack on unspecified temporary files...
CVE-2010-0640Cross-site scripting (XSS) vulnerability in CA eHealth Performance Manager 6.0.x through 6.2.x, when malicious HTML dete...
CVE-2010-0426sudo 1.6.x before 1.6.9p21 and 1.7.x before 1.7.2p4, when a pseudo-command is enabled, permits a match between the name ...
CVE-2010-0423gtkimhtml.c in Pidgin before 2.6.6 allows remote attackers to cause a denial of service (CPU consumption and application...
CVE-2010-0422gnome-screensaver 2.28.x before 2.28.3 does not properly synchronize the state of screen locking and the unlock dialog i...
CVE-2010-0420libpurple in Finch in Pidgin before 2.6.6, when an XMPP multi-user chat (MUC) room is used, does not properly parse nick...
CVE-2010-0285gnome-screensaver 2.14.3, 2.22.2, 2.27.x, 2.28.0, and 2.28.3, when the X configuration enables the extend screen option,...
CVE-2010-0703Cross-site scripting (XSS) vulnerability in wa/auth in PortWise SSL VPN 4.6 allows remote attackers to inject arbitrary ...
CVE-2010-0702SQL injection vulnerability in cisco/services/PhonecDirectory.php in Fonality Trixbox 2.2.4 allows remote attackers to e...

Check if your code is affected by 2010 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now