2010 CVE Vulnerabilities

5,249 CVEs published in 2010.

CVE IDSeverityCVSSDescription
CVE-2010-3904HIGH7.8The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the ...
CVE-2010-3449Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1....
CVE-2010-3066The io_submit_one function in fs/aio.c in the Linux kernel before 2.6.23 allows local users to cause a denial of service...
CVE-2010-2761The multipart_init function in (1) CGI.pm before 3.50 and (2) Simple.pm in CGI::Simple 1.112 and earlier uses a hardcode...
CVE-2010-2639IBM WebSphere Commerce Enterprise 7.0 before 7.0.0.2 allows remote attackers to read messages intended for other recipie...
CVE-2010-4398HIGH7.8Stack-based buffer overflow in the RtlQueryRegistryValues function in win32k.sys in Microsoft Windows XP SP2 and SP3, Wi...
CVE-2010-4254Mono, when Moonlight before 2.3.0.1 or 2.99.x before 2.99.0.10 is used, does not properly validate arguments to generic ...
CVE-2010-3615named in ISC BIND 9.7.2-P2 does not check all intended locations for allow-query ACLs, which might allow remote attacker...
CVE-2010-3614named in ISC BIND 9.x before 9.6.2-P3, 9.7.x before 9.7.2-P3, 9.4-ESV before 9.4-ESV-R4, and 9.6-ESV before 9.6-ESV-R3 d...
CVE-2010-3613named in ISC BIND 9.6.2 before 9.6.2-P3, 9.6-ESV before 9.6-ESV-R3, and 9.7.x before 9.7.2-P3 does not properly handle t...
CVE-2010-4407Multiple cross-site scripting (XSS) vulnerabilities in index.php in AlGuest 1.1c-patched allow remote attackers to injec...
CVE-2010-4406Directory traversal vulnerability in gallery.php in Brunetton LittlePhpGallery 1.0.2, when magic_quotes_gpc is disabled,...
CVE-2010-4405Cross-site scripting (XSS) vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows ...
CVE-2010-4404SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attack...
CVE-2010-4403The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a d...
CVE-2010-4402Multiple cross-site scripting (XSS) vulnerabilities in wp-login.php in the Register Plus plugin 3.5.1 and earlier for Wo...
CVE-2010-4401languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via a direct request, which...
CVE-2010-4400SQL injection vulnerability in _rights.php in DynPG CMS 4.2.0 allows remote attackers to execute arbitrary SQL commands ...
CVE-2010-4399Directory traversal vulnerability in languages.inc.php in DynPG CMS 4.1.1 and 4.2.0, when magic_quotes_gpc is disabled, ...
CVE-2010-4313Unrestricted file upload vulnerability in fileman_file_upload.php in Orbis CMS 1.0.2 allows remote authenticated users t...
CVE-2010-4283PHP remote file inclusion vulnerability in extras/pandora_diag.php in Pandora FMS before 3.1.1 allows remote attackers t...
CVE-2010-4282Multiple directory traversal vulnerabilities in Pandora FMS before 3.1.1 allow remote attackers to include and execute a...
CVE-2010-4281Incomplete blacklist vulnerability in the safe_url_extraclean function in ajax.php in Pandora FMS before 3.1.1 allows re...
CVE-2010-4280Multiple SQL injection vulnerabilities in Pandora FMS before 3.1.1 allow remote authenticated users to execute arbitrary...
CVE-2010-4279The default configuration of Pandora FMS 3.1 and earlier specifies an empty string for the loginhash_pwd field, which al...

Check if your code is affected by 2010 CVEs

Strix scans your code and infrastructure for known vulnerabilities automatically.

Scan your code now