2010 CVE Vulnerabilities

5,249 CVEs published in 2010.

CVE IDSeverityCVSSDescription
CVE-2010-0301main.C in maildrop 2.3.0 and earlier, when run by root with the -d option, uses the gid of root for execution of the .ma...
CVE-2010-0300cache.c in ircd-ratbox before 2.2.9 allows remote attackers to cause a denial of service (NULL pointer dereference and d...
CVE-2010-0496FreeBit ServersMan 3.1.5 on Apple iPhone OS 3.1.2, and iPhone OS for iPod touch, allows remote attackers to cause a deni...
CVE-2010-0305ejabberd_c2s.erl in ejabberd before 2.1.3 allows remote attackers to cause a denial of service (daemon crash) via a larg...
CVE-2010-0295lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows re...
CVE-2010-0038Recovery Mode in Apple iPhone OS 1.0 through 3.1.2, and iPhone OS for iPod touch 1.1 through 3.1.2, allows physically pr...
CVE-2010-0453The ucode_ioctl function in intel/io/ucode_drv.c in Sun Solaris 10 and OpenSolaris snv_69 through snv_133, when running ...
CVE-2010-0440Cross-site scripting (XSS) vulnerability in +CSCOT+/translation in Cisco Secure Desktop 3.4.2048, and other versions bef...
CVE-2010-0308lib/rfc1035.c in Squid 2.x, 3.0 through 3.0.STABLE22, and 3.1 through 3.1.0.15 allows remote attackers to cause a denial...
CVE-2010-0304Multiple buffer overflows in the LWRES dissector in Wireshark 0.9.15 through 1.0.10 and 1.2.0 through 1.2.5 allow remote...
CVE-2010-0185The default configuration of Adobe ColdFusion 9.0 does not restrict access to collections that have been created by the ...
CVE-2010-0472kuddb2 in Tivoli Monitoring for DB2, as distributed in IBM DB2 9.7 FP1 on Linux, allows remote attackers to cause a deni...
CVE-2010-0442The bitsubstr function in backend/utils/adt/varbit.c in PostgreSQL 8.0.23, 8.1.11, and 8.3.8 allows remote authenticated...
CVE-2010-0471SQL injection vulnerability in the comment submission interface (includes/comment.php) in Enano CMS before 1.0.6pl1 allo...
CVE-2010-0470Cross-site scripting (XSS) vulnerability in scvrtsrv.cmd in Comtrend CT-507IT ADSL Router allows remote attackers to inj...
CVE-2010-0469SQL injection vulnerability in Files2Links F2L 3000 appliance 4.0.0, and possibly other versions and models, allows remo...
CVE-2010-0468Cross-site scripting (XSS) vulnerability in utilities/longproc.cfm in PaperThin CommonSpot Content Server allows remote ...
CVE-2010-0467MEDIUM5.8Directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attac...
CVE-2010-0010Integer overflow in the ap_proxy_send_fb function in proxy/proxy_util.c in mod_proxy in the Apache HTTP Server before 1....
CVE-2010-0464Roundcube 0.3.1 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-m...
CVE-2010-0463Horde IMP 4.3.6 and earlier does not request that the web browser avoid DNS prefetching of domain names contained in e-m...
CVE-2010-0005query.py in the query interface in ViewVC before 1.1.3 does not reject configurations that specify an unsupported author...
CVE-2010-0004ViewVC before 1.1.3 composes the root listing view without using the authorizer for each root, which might allow remote ...
CVE-2010-0001Integer underflow in the unlzw function in unlzw.c in gzip before 1.4 on 64-bit platforms, as used in ncompress and prob...
CVE-2010-0462Heap-based buffer overflow in IBM DB2 9.1 before FP9, 9.5 before FP6, and 9.7 before FP2 allows remote authenticated use...

Check if your code is affected by 2010 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now