2010 CVE Vulnerabilities
5,249 CVEs published in 2010.
| CVE ID | Severity | CVSS | EPSS | Published | Description |
|---|---|---|---|---|---|
| CVE-2010-3916 | — | — | 5.6% | Nov 6, 2010 | Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary c... |
| CVE-2010-3915 | — | — | 6.1% | Nov 6, 2010 | Unspecified vulnerability in JustSystems Ichitaro and Ichitaro Government allows remote attackers to execute arbitrary c... |
| CVE-2010-3852 | — | — | 2.0% | Nov 6, 2010 | The default configuration of Luci 0.22.4 and earlier in Red Hat Conga uses "[INSERT SECRET HERE]" as its secret key for ... |
| CVE-2010-2477 | — | — | 2.3% | Nov 6, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in the paste.httpexceptions implementation in Paste before 1.7.4 all... |
| CVE-2010-1523 | — | — | 5.4% | Nov 6, 2010 | Multiple heap-based buffer overflows in vp6.w5s (aka the VP6 codec) in Winamp before 5.59 Beta build 3033 might allow re... |
| CVE-2010-4092 | — | — | 5.4% | Nov 5, 2010 | Use-after-free vulnerability in an unspecified compatibility component in Adobe Shockwave Player before 11.5.9.620 allow... |
| CVE-2010-4186 | — | — | 1.0% | Nov 5, 2010 | SQL injection vulnerability in process.asp in OnlineTechTools Online Work Order System (OWOS) Professional Edition 2.10 ... |
| CVE-2010-4185 | — | — | 1.0% | Nov 5, 2010 | SQL injection vulnerability in index.php in Energine, possibly 2.3.8 and earlier, allows remote attackers to execute arb... |
| CVE-2010-3704 | — | — | 3.6% | Nov 5, 2010 | The FoFiType1::parse function in fofi/FoFiType1.cc in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly ... |
| CVE-2010-3703 | — | — | 2.6% | Nov 5, 2010 | The PostScriptFunction::PostScriptFunction function in poppler/Function.cc in the PDF parser in poppler 0.8.7 and possib... |
| CVE-2010-3702 | — | — | 2.8% | Nov 5, 2010 | The Gfx::getPos function in the PDF parser in xpdf before 3.02pl5, poppler 0.8.7 and possibly other versions up to 0.15.... |
| CVE-2010-4184 | — | — | 2.5% | Nov 5, 2010 | NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client mach... |
| CVE-2010-4183 | — | — | 0.9% | Nov 5, 2010 | Multiple cross-site scripting (XSS) vulnerabilities in HTML Purifier before 4.1.0, when Internet Explorer is used, allow... |
| CVE-2010-3999 | — | — | 0.3% | Nov 5, 2010 | gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows loca... |
| CVE-2010-3996 | — | — | 0.3% | Nov 5, 2010 | festival_server in Centre for Speech Technology Research (CSTR) Festival, probably 2.0.95-beta and earlier, places a zer... |
| CVE-2010-3962 | HIGH | 8.1 | 96.9% | Nov 5, 2010 | Use-after-free vulnerability in Microsoft Internet Explorer 6, 7, and 8 allows remote attackers to execute arbitrary cod... |
| CVE-2010-3913 | — | — | 1.1% | Nov 5, 2010 | CRLF injection vulnerability in TransWARE Active! mail 6 build 6.40.010047750 and earlier allows remote attackers to inj... |
| CVE-2010-3863 | — | — | 54.8% | Nov 5, 2010 | Apache Shiro before 1.1.0, and JSecurity 0.9.x, does not canonicalize URI paths before comparing them to entries in the ... |
| CVE-2010-3846 | — | — | 0.4% | Nov 5, 2010 | Array index error in the apply_rcs_change function in rcs.c in CVS 1.11.23 allows local users to gain privileges via an ... |
| CVE-2010-3764 | — | — | 2.4% | Nov 5, 2010 | The Old Charts implementation in Bugzilla 2.12 through 3.2.8, 3.4.8, 3.6.2, 3.7.3, and 4.1 creates graph files with pred... |
| CVE-2010-3172 | — | — | 1.8% | Nov 5, 2010 | CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, ... |
| CVE-2010-2941 | CRITICAL | 9.8 | 6.5% | Nov 5, 2010 | ipp.c in cupsd in CUPS 1.4.4 and earlier does not properly allocate memory for attribute values with invalid string data... |
| CVE-2010-4182 | — | — | 24.6% | Nov 4, 2010 | Untrusted search path vulnerability in the Data Access Objects (DAO) library (dao360.dll) in Microsoft Windows XP Profes... |
| CVE-2010-4181 | — | — | 8.5% | Nov 4, 2010 | Directory traversal vulnerability in Yaws 1.89 allows remote attackers to read arbitrary files via ..\ (dot dot backslas... |
| CVE-2010-3851 | — | — | 0.4% | Nov 4, 2010 | libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw... |
Check if your code is affected by 2010 CVEs
Strix scans your code and infrastructure for known vulnerabilities automatically.
Scan your code now