2010 CVE Vulnerabilities
5,249 CVEs published in 2010.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2010-3375 | CRITICAL | 9.8 | 2.4% | Oct 29, 2019 | qtparted has insecure library loading which may allow arbitrary code execution |
| CVE-2010-4239 | CRITICAL | 9.8 | 13.4% | Oct 28, 2019 | Tiki Wiki CMS Groupware 5.2 has Local File Inclusion |
| CVE-2010-5333 | CRITICAL | 9.8 | 16.0% | Sep 13, 2019 | The web server in Integard Pro and Home before 2.0.0.9037 and 2.2.x before 2.2.0.9037 has a buffer overflow via a long p... |
| CVE-2010-5330 | CRITICAL | 9.8 | 34.4% | Jun 11, 2019 | On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show AP info) because the if... |
| CVE-2010-5326 | CRITICAL | 10 | 17.9% | May 13, 2016 | The Invoker Servlet on SAP NetWeaver Application Server Java platforms, possibly before 7.3, does not require authentica... |
| CVE-2010-4344 | CRITICAL | 9.8 | 71.8% | Dec 14, 2010 | Heap-based buffer overflow in the string_vformat function in string.c in Exim before 4.70 allows remote attackers to exe... |
| CVE-2010-4478 | CRITICAL | 9.8 | 4.2% | Dec 6, 2010 | OpenSSH 5.6 and earlier, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol... |
| CVE-2010-1378 | CRITICAL | 9.8 | 1.3% | Nov 15, 2010 | OpenSSL in Apple Mac OS X 10.6.x before 10.6.5 does not properly perform arithmetic, which allows remote attackers to by... |
| CVE-2010-4205 | CRITICAL | 9.8 | 1.4% | Nov 6, 2010 | Google Chrome before 7.0.517.44 does not properly handle the data types of event objects, which allows remote attackers ... |
| CVE-2010-4204 | CRITICAL | 9.8 | 2.3% | Nov 6, 2010 | WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other products, accesses a frame object ... |
| CVE-2010-4203 | CRITICAL | 9.8 | 4.6% | Nov 6, 2010 | WebM libvpx (aka the VP8 Codec SDK) before 0.9.5, as used in Google Chrome before 7.0.517.44, allows remote attackers to... |
| CVE-2010-4202 | CRITICAL | 9.8 | 1.3% | Nov 6, 2010 | Multiple integer overflows in Google Chrome before 7.0.517.44 on Linux allow remote attackers to cause a denial of servi... |
| CVE-2010-4201 | CRITICAL | 9.8 | 1.2% | Nov 6, 2010 | Use-after-free vulnerability in Google Chrome before 7.0.517.44 allows remote attackers to cause a denial of service or ... |
| CVE-2010-4197 | CRITICAL | 9.8 | 2.3% | Nov 6, 2010 | Use-after-free vulnerability in WebKit, as used in Google Chrome before 7.0.517.44, webkitgtk before 1.2.6, and other pr... |
| CVE-2010-2941 | CRITICAL | 9.8 | 6.5% | Nov 5, 2010 | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data... |
| CVE-2010-3765 | CRITICAL | 9.8 | 83.3% | Oct 28, 2010 | Mozilla Firefox 3.5.x through 3.5.14 and 3.6.x through 3.6.11, Thunderbird 3.1.6 before 3.1.6 and 3.0.x before 3.0.10, a... |
| CVE-2010-4042 | CRITICAL | 9.8 | 1.9% | Oct 21, 2010 | Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial o... |
| CVE-2010-4041 | CRITICAL | 9.8 | 1.8% | Oct 21, 2010 | The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain worker processes, whi... |
| CVE-2010-4039 | CRITICAL | 9.8 | 1.3% | Oct 21, 2010 | Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which has unspecified impa... |
| CVE-2010-3729 | CRITICAL | 9.8 | 2.1% | Oct 5, 2010 | The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow ... |
| CVE-2010-3416 | CRITICAL | 9.8 | 1.2% | Sep 16, 2010 | Google Chrome before 6.0.472.59 on Linux does not properly implement the Khmer locale, which allows remote attackers to ... |
| CVE-2010-2076 | CRITICAL | 9.8 | 9.8% | Aug 19, 2010 | Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache ServiceMix, Apache Camel,... |
| CVE-2010-2861 | CRITICAL | 9.8 | 99.7% | Aug 11, 2010 | Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow re... |
| CVE-2010-2965 | CRITICAL | 9.8 | 57.5% | Aug 5, 2010 | The WDB target agent debug service in Wind River VxWorks 6.x, 5.x, and earlier, as used on the Rockwell Automation 1756-... |
| CVE-2010-0211 | CRITICAL | 9.8 | 29.2% | Jul 28, 2010 | The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normal... |
Check if your code is affected by 2010 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now