2010 CVE Vulnerabilities
5,249 CVEs published in 2010.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2010-4246 | — | — | 1.5% | Dec 7, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in graph.php in pfSense 1.2.3 and 2 beta 4 allow remote attackers to... |
| CVE-2010-4510 | — | — | — | Dec 6, 2010 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4150. Reason: This candidate is a duplicate of ... |
| CVE-2010-4297 | — | — | 5.2% | Dec 6, 2010 | The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 3... |
| CVE-2010-4296 | — | — | 0.4% | Dec 6, 2010 | vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548... |
| CVE-2010-4295 | — | — | 0.3% | Dec 6, 2010 | Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMw... |
| CVE-2010-4294 | — | — | 5.8% | Dec 6, 2010 | The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x ... |
| CVE-2010-4252 | — | — | 8.1% | Dec 6, 2010 | OpenSSL before 1.0.0c, when J-PAKE is enabled, does not properly validate the public parameters in the J-PAKE protocol, ... |
| CVE-2010-4180 | — | — | 9.5% | Dec 6, 2010 | OpenSSL before 0.9.8q, and 1.0.x before 1.0.0c, when SSL_OP_NETSCAPE_REUSE_CIPHER_CHANGE_BUG is enabled, does not proper... |
| CVE-2010-4411 | — | — | 2.6% | Dec 6, 2010 | Unspecified vulnerability in CGI.pm 3.50 and earlier allows remote attackers to inject arbitrary HTTP headers and conduc... |
| CVE-2010-4410 | — | — | 2.0% | Dec 6, 2010 | CRLF injection vulnerability in the header function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and... |
| CVE-2010-4409 | — | — | 18.9% | Dec 6, 2010 | Integer overflow in the NumberFormatter::getSymbol (aka numfmt_get_symbol) function in PHP 5.3.3 and earlier allows cont... |
| CVE-2010-4408 | — | — | 2.0% | Dec 6, 2010 | Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1 does not require entry of ... |
| CVE-2010-3449 | — | — | 4.8% | Dec 6, 2010 | Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.... |
| CVE-2010-3066 | — | — | 0.3% | Dec 6, 2010 | The io_submit_one function in fs/aio.c in the Linux kernel before 2.6.23 allows local users to cause a denial of service... |
| CVE-2010-2761 | — | — | 2.7% | Dec 6, 2010 | The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcode... |
| CVE-2010-2639 | — | — | 1.2% | Dec 6, 2010 | IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages intended for other recipie... |
| CVE-2010-4254 | — | — | 13.6% | Dec 6, 2010 | Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic ... |
| CVE-2010-3615 | — | — | 9.7% | Dec 6, 2010 | named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attacker... |
| CVE-2010-3614 | — | — | 16.9% | Dec 6, 2010 | named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 d... |
| CVE-2010-3613 | — | — | 10.7% | Dec 6, 2010 | named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle t... |
| CVE-2010-4407 | — | — | 1.1% | Dec 6, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlGuest 1.1c-patched allow remote attackers to injec... |
| CVE-2010-4406 | — | — | 2.0% | Dec 6, 2010 | Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled,... |
| CVE-2010-4405 | — | — | 1.1% | Dec 6, 2010 | Cross-site scripting (XSS) vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows ... |
| CVE-2010-4404 | — | — | 1.1% | Dec 6, 2010 | SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attack... |
| CVE-2010-4403 | — | — | 2.4% | Dec 6, 2010 | The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a d... |
Check if your code is affected by 2010 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now