2010 CVE Vulnerabilities
5,249 CVEs published in 2010.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2010-4216 | — | — | 1.5% | Nov 9, 2010 | IBM Tivoli Directory Server (TDS) 6.0.0.x before 6.0.0.8-TIV-ITDS-IF0007 does not properly handle invalid buffer referen... |
| CVE-2010-3871 | — | — | 1.1% | Nov 9, 2010 | Cross-site scripting (XSS) vulnerability in blocktype/groupviews/theme/raw/groupviews.tpl in Mahara before 1.3.3 allows ... |
| CVE-2010-3867 | — | — | 7.5% | Nov 9, 2010 | Multiple directory traversal vulnerabilities in the mod_site_misc module in ProFTPD before 1.3.3c allow remote authentic... |
| CVE-2010-3694 | — | — | 0.6% | Nov 9, 2010 | Cross-site request forgery (CSRF) vulnerability in the Horde Application Framework before 3.3.9 allows remote attackers ... |
| CVE-2010-3077 | — | — | 3.9% | Nov 9, 2010 | Cross-site scripting (XSS) vulnerability in util/icon_browser.php in the Horde Application Framework before 3.3.9 allows... |
| CVE-2010-3040 | — | — | 8.0% | Nov 9, 2010 | Multiple stack-based buffer overflows in agent.exe in Setup Manager in Cisco Intelligent Contact Manager (ICM) before 7.... |
| CVE-2010-3039 | — | — | 8.6% | Nov 9, 2010 | /usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 6, 7, and ... |
| CVE-2010-2636 | — | — | 0.8% | Nov 9, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in sample store pages in IBM WebSphere Commerce 7.0 before 7.0.0.1 a... |
| CVE-2010-2635 | — | — | 0.9% | Nov 9, 2010 | SQL injection vulnerability in IBM WebSphere Commerce 6.0 before 6.0.0.10 allows remote authenticated users to execute a... |
| CVE-2010-0786 | — | — | 2.2% | Nov 9, 2010 | The Web Services Security component in IBM WebSphere Application Server (WAS) 7.0 before 7.0.0.13 does not properly impl... |
| CVE-2010-0785 | — | — | 0.9% | Nov 9, 2010 | Cross-site request forgery (CSRF) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) ... |
| CVE-2010-0784 | — | — | 1.3% | Nov 9, 2010 | Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 7.0 bef... |
| CVE-2010-0783 | — | — | 2.0% | Nov 9, 2010 | Cross-site scripting (XSS) vulnerability in the Administrative Console in IBM WebSphere Application Server (WAS) 6.1 bef... |
| CVE-2010-4214 | — | — | 0.9% | Nov 9, 2010 | The Wells Fargo Mobile application 1.1 for Android stores a username and password, along with account balances, in clear... |
| CVE-2010-4213 | — | — | 0.9% | Nov 9, 2010 | The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow phy... |
| CVE-2010-4212 | — | — | 0.3% | Nov 9, 2010 | The USAA application 3.0 for Android stores a mirror image of each visited web page, which might allow physically proxim... |
| CVE-2010-4211 | — | — | 0.4% | Nov 9, 2010 | The PayPal app before 3.0.1 for iOS does not verify that the server hostname matches the domain name of the subject of a... |
| CVE-2010-3709 | — | — | 13.3% | Nov 9, 2010 | The ZipArchive::getArchiveComment function in PHP 5.2.x through 5.2.14 and 5.3.x through 5.3.3 allows context-dependent ... |
| CVE-2010-3436 | — | — | 6.3% | Nov 9, 2010 | fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors... |
| CVE-2010-4209 | — | — | 4.3% | Nov 7, 2010 | Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.8.0 through 2.8.1, as used in Bu... |
| CVE-2010-4208 | — | — | 4.4% | Nov 7, 2010 | Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.5.0 through 2.8.1, as used in Bu... |
| CVE-2010-4207 | — | — | 4.5% | Nov 7, 2010 | Cross-site scripting (XSS) vulnerability in the Flash component infrastructure in YUI 2.4.0 through 2.8.1, as used in Bu... |
| CVE-2010-4091 | — | — | 18.5% | Nov 7, 2010 | The EScript.api plugin in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.1, and 8.x before 8.2.6 on Windows... |
| CVE-2010-3866 | — | — | — | Nov 7, 2010 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2010-4207, CVE-2010-4208, CVE-2010-4209. Reason: Th... |
| CVE-2010-3652 | — | — | 5.2% | Nov 7, 2010 | Unspecified vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows, Mac OS X, Linux... |
Check if your code is affected by 2010 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now