2010 CVE Vulnerabilities
5,249 CVEs published in 2010.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2010-4532 | MEDIUM | 5.9 | 0.6% | Nov 13, 2019 | offlineimap before 6.3.2 does not check for SSL server certificate validation when "ssl = yes" option is specified which... |
| CVE-2010-4177 | MEDIUM | 5.5 | 0.3% | Nov 12, 2019 | mysql-gui-tools (mysql-query-browser and mysql-admin) before 5.0r14+openSUSE-2.3 exposes the password of a user connecte... |
| CVE-2010-3857 | MEDIUM | 6.1 | 0.9% | Nov 12, 2019 | JBoss BRMS before 5.1.0 has a XSS vulnerability via asset=UUID parameter. |
| CVE-2010-3844 | HIGH | 8.8 | 1.4% | Nov 12, 2019 | An unchecked sscanf() call in ettercap before 0.7.5 allows an insecure temporary settings file to overflow a static-size... |
| CVE-2010-3440 | MEDIUM | 5.5 | 0.3% | Nov 12, 2019 | babiloo 2.0.9 before 2.0.11 creates temporary files with predictable names when downloading and unpacking dictionary fil... |
| CVE-2010-3305 | HIGH | 8.8 | 1.0% | Nov 12, 2019 | Cross-site request forgery (CSRF) vulnerability in pixelpost 1.7.3 could allow remote attackers to change the admin pass... |
| CVE-2010-3299 | MEDIUM | 6.5 | 1.1% | Nov 12, 2019 | The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks. |
| CVE-2010-3292 | MEDIUM | 5.5 | 0.2% | Nov 12, 2019 | The update{_bad,}_phishing_sites scripts in mailscanner 4.79.11-2 downloads files and trusts them without using encrypti... |
| CVE-2010-3095 | MEDIUM | 4.7 | 0.3% | Nov 12, 2019 | mailscanner before 4.79.11-2.1 might allow local users to overwrite arbitrary files via a symlink attack on certain temp... |
| CVE-2010-3439 | MEDIUM | 6.5 | 1.8% | Nov 12, 2019 | It is possible to cause a DoS condition by causing the server to crash in alien-arena 7.33 by supplying various invalid ... |
| CVE-2010-3438 | CRITICAL | 9.8 | 1.7% | Nov 12, 2019 | libpoe-component-irc-perl before v6.32 does not remove carriage returns and line feeds. This can be used to execute arbi... |
| CVE-2010-2488 | HIGH | 7.5 | 2.4% | Nov 12, 2019 | NULL pointer dereference vulnerability in ZNC before 0.092 caused by traffic stats when there are unauthenticated connec... |
| CVE-2010-3359 | MEDIUM | 4.8 | 0.3% | Nov 12, 2019 | If LD_LIBRARY_PATH is undefined in gargoyle-free before 2009-08-25, the variable will point to the current directory. Th... |
| CVE-2010-2476 | CRITICAL | 9.8 | 1.7% | Nov 7, 2019 | syscp 1.4.2.1 allows attackers to add arbitrary paths via the documentroot of a domain by appending a colon to it and se... |
| CVE-2010-2450 | HIGH | 7.5 | 1.2% | Nov 7, 2019 | The keygen.sh script in Shibboleth SP 2.0 (located in /usr/local/etc/shibboleth by default) uses OpenSSL to create a DES... |
| CVE-2010-2449 | MEDIUM | 6.5 | 1.7% | Nov 7, 2019 | Gource through 0.26 logs to a predictable file name (/tmp/gource-$UID.tmp), enabling attackers to overwrite an arbitrary... |
| CVE-2010-2447 | CRITICAL | 9.8 | 1.8% | Nov 7, 2019 | gitolite before 1.4.1 does not filter src/ or hooks/ from path names. |
| CVE-2010-2473 | MEDIUM | 6.5 | 1.0% | Nov 7, 2019 | Drupal 6.x before 6.16 and 5.x before version 5.22 does not properly block users under certain circumstances. A user wit... |
| CVE-2010-2472 | MEDIUM | 4.8 | 0.8% | Nov 7, 2019 | Locale module and dependent contributed modules in Drupal 6.x before 6.16 and 5.x before version 5.22 do not sanitize th... |
| CVE-2010-2250 | MEDIUM | 6.1 | 1.0% | Nov 7, 2019 | Drupal 5.x and 6.x before 6.16 uses a user-supplied value in output during site installation which could allow an attack... |
| CVE-2010-2243 | HIGH | 7.5 | 2.5% | Nov 7, 2019 | A vulnerability exists in kernel/time/clocksource.c in the Linux kernel before 2.6.34 where on non-GENERIC_TIME systems ... |
| CVE-2010-4178 | MEDIUM | 5.5 | 0.4% | Nov 6, 2019 | MySQL-GUI-tools (mysql-administrator) leaks passwords into process list after with launch of mysql text console |
| CVE-2010-2471 | MEDIUM | 6.1 | 1.1% | Nov 6, 2019 | Drupal versions 5.x and 6.x has open redirection |
| CVE-2010-2446 | CRITICAL | 9.8 | 3.4% | Nov 6, 2019 | Rbot Reaction plugin allows command execution |
| CVE-2010-2247 | HIGH | 7.5 | 1.3% | Nov 6, 2019 | makepasswd 1.10 default settings generate insecure passwords |
Check if your code is affected by 2010 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now