2010 CVE Vulnerabilities
5,249 CVEs published in 2010.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2010-4092 | — | — | 5.4% | Nov 5, 2010 | Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allow... |
| CVE-2010-4186 | — | — | 1.0% | Nov 5, 2010 | SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 ... |
| CVE-2010-4185 | — | — | 1.0% | Nov 5, 2010 | SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arb... |
| CVE-2010-3704 | — | — | 3.6% | Nov 5, 2010 | The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly ... |
| CVE-2010-3703 | — | — | 2.6% | Nov 5, 2010 | The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possib... |
| CVE-2010-3702 | — | — | 2.8% | Nov 5, 2010 | The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.... |
| CVE-2010-4184 | — | — | 2.5% | Nov 5, 2010 | NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client mach... |
| CVE-2010-4183 | — | — | 0.9% | Nov 5, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow... |
| CVE-2010-3999 | — | — | 0.3% | Nov 5, 2010 | gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows loca... |
| CVE-2010-3996 | — | — | 0.3% | Nov 5, 2010 | festival_server in Centre for Speech Technology Research (CSTR) Festival, probably 2.0.95-beta and earlier, places a zer... |
| CVE-2010-3913 | — | — | 1.1% | Nov 5, 2010 | CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inj... |
| CVE-2010-3863 | — | — | 54.8% | Nov 5, 2010 | Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the ... |
| CVE-2010-3846 | — | — | 0.4% | Nov 5, 2010 | Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an ... |
| CVE-2010-3764 | — | — | 2.4% | Nov 5, 2010 | The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with pred... |
| CVE-2010-3172 | — | — | 1.8% | Nov 5, 2010 | CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, ... |
| CVE-2010-4182 | — | — | 24.6% | Nov 4, 2010 | Untrusted search path vulnerability in the Data Access Objects (DAO) library (dao360.dll) in Microsoft Windows XP Profes... |
| CVE-2010-4181 | — | — | 8.5% | Nov 4, 2010 | Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslas... |
| CVE-2010-3851 | — | — | 0.4% | Nov 4, 2010 | libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw... |
| CVE-2010-3611 | — | — | 9.4% | Nov 4, 2010 | ISC DHCP server 4.0 before 4.0.2, 4.1 before 4.1.2, and 4.2 before 4.2.0-P1 allows remote attackers to cause a denial of... |
| CVE-2010-4155 | — | — | 1.1% | Nov 3, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in eXV2 CMS 2.10 allow remote attackers to inject arbitrary web scri... |
| CVE-2010-4154 | — | — | 1.6% | Nov 3, 2010 | Directory traversal vulnerability in Rhino Software, Inc. FTP Voyager 15.2.0.11, and possibly earlier, allows remote FTP... |
| CVE-2010-4153 | — | — | 1.4% | Nov 3, 2010 | Directory traversal vulnerability in CrossFTP Pro 1.65a, and probably earlier, allows remote FTP servers to write arbitr... |
| CVE-2010-4152 | — | — | 1.0% | Nov 3, 2010 | SQL injection vulnerability in catalog/index.shtml in 4site CMS 2.6, and possibly earlier, allows remote attackers to ex... |
| CVE-2010-4151 | — | — | 1.2% | Nov 3, 2010 | SQL injection vulnerability in misc.php in DeluxeBB 1.3, and possibly earlier, when magic_quotes_gpc is disabled, allows... |
| CVE-2010-4006 | — | — | 1.1% | Nov 3, 2010 | Multiple SQL injection vulnerabilities in search.php in WSN Links 5.0.x before 5.0.81, 5.1.x before 5.1.51, and 6.0.x be... |
Check if your code is affected by 2010 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now