2010 CVE Vulnerabilities
5,249 CVEs published in 2010.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2010-3904 | HIGH | 7.8 | 11.2% | Dec 6, 2010 | The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the ... |
| CVE-2010-3449 | — | — | 4.8% | Dec 6, 2010 | Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.... |
| CVE-2010-3066 | — | — | 0.3% | Dec 6, 2010 | The io_submit_one function in fs/aio.c in the Linux kernel before 2.6.23 allows local users to cause a denial of service... |
| CVE-2010-2761 | — | — | 2.7% | Dec 6, 2010 | The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcode... |
| CVE-2010-2639 | — | — | 1.2% | Dec 6, 2010 | IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages intended for other recipie... |
| CVE-2010-4398 | HIGH | 7.8 | 8.7% | Dec 6, 2010 | Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Wi... |
| CVE-2010-4254 | — | — | 13.6% | Dec 6, 2010 | Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic ... |
| CVE-2010-3615 | — | — | 9.7% | Dec 6, 2010 | named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attacker... |
| CVE-2010-3614 | — | — | 16.9% | Dec 6, 2010 | named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 d... |
| CVE-2010-3613 | — | — | 10.7% | Dec 6, 2010 | named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle t... |
| CVE-2010-4407 | — | — | 1.1% | Dec 6, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlGuest 1.1c-patched allow remote attackers to injec... |
| CVE-2010-4406 | — | — | 2.0% | Dec 6, 2010 | Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled,... |
| CVE-2010-4405 | — | — | 1.1% | Dec 6, 2010 | Cross-site scripting (XSS) vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows ... |
| CVE-2010-4404 | — | — | 1.1% | Dec 6, 2010 | SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attack... |
| CVE-2010-4403 | — | — | 2.4% | Dec 6, 2010 | The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a d... |
| CVE-2010-4402 | — | — | 2.1% | Dec 6, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Register Plus plugin 3.5.1 and earlier for Wo... |
| CVE-2010-4401 | — | — | 5.6% | Dec 6, 2010 | languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via a direct request, which... |
| CVE-2010-4400 | — | — | 2.2% | Dec 6, 2010 | SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands ... |
| CVE-2010-4399 | — | — | 5.6% | Dec 6, 2010 | Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, ... |
| CVE-2010-4313 | — | — | 2.7% | Dec 2, 2010 | Unrestricted file upload vulnerability in fileman_file_upload.php in Orbis CMS 1.0.2 allows remote authenticated users t... |
| CVE-2010-4283 | — | — | 9.4% | Dec 2, 2010 | PHP remote file inclusion vulnerability in extras/pandora_diag.php in Pandora FMS before 3.1.1 allows remote attackers t... |
| CVE-2010-4282 | — | — | 19.5% | Dec 2, 2010 | Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute a... |
| CVE-2010-4281 | — | — | 9.6% | Dec 2, 2010 | Incomplete blacklist vulnerability in the safe_url_extraclean function in ajax.php in Pandora FMS before 3.1.1 allows re... |
| CVE-2010-4280 | — | — | 5.3% | Dec 2, 2010 | Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 allow remote authenticated users to execute arbitrary... |
| CVE-2010-4279 | — | — | 65.6% | Dec 2, 2010 | The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash_pwd field, which al... |
Check if your code is affected by 2010 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now