Stack-based buffer overflow in the HTTP server in Rhino Software Serv-U Web Client 9.0.0.5 allows remote attackers to cause a denial of service (server crash) or execute arbitrary code via a long Session cookie.
Max CVSS
10.0
EPSS Score
12.94%
Published
2010-05-26
Updated
2010-05-26
Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 has a default password for the administrative user account and unspecified other accounts, which makes it easier for remote attackers to obtain privileged access, aka Bug ID CSCtb83495.
Max CVSS
10.0
EPSS Score
1.83%
Published
2010-05-27
Updated
2017-08-17
Cisco Mediator Framework 1.5.1 before 1.5.1.build.14-eng, 2.2 before 2.2.1.dev.1, and 3.0 before 3.0.9.release.1 on the Cisco Network Building Mediator NBM-2400 and NBM-4800 and the Richards-Zeta Mediator 2500 does not properly restrict network access to an unspecified configuration file, which allows remote attackers to read passwords and unspecified other account details via a (1) XML RPC or (2) XML RPC over HTTPS session, aka Bug ID CSCtb83512.
Max CVSS
10.0
EPSS Score
1.26%
Published
2010-05-27
Updated
2010-06-13
Multiple stack-based buffer overflows in Free Download Manager (FDM) before 3.0.852 allow remote attackers to execute arbitrary code via vectors involving (1) the folders feature in Site Explorer, (2) the websites feature in Site Explorer, (3) an FTP URI, or (4) a redirect.
Max CVSS
10.0
EPSS Score
25.63%
Published
2010-05-17
Updated
2018-10-10
Format string vulnerability in the _msgout function in rpc.pcnfsd in IBM AIX 6.1, 5.3, and earlier; IBM VIOS 2.1, 1.5, and earlier; NFS/ONCplus B.11.31_09 and earlier on HP HP-UX B.11.11, B.11.23, and B.11.31; and SGI IRIX 6.5 allows remote attackers to execute arbitrary code via an RPC request containing format string specifiers in an invalid directory name.
Max CVSS
10.0
EPSS Score
22.69%
Published
2010-05-20
Updated
2018-10-10

CVE-2010-1549

Public exploit
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors.
Max CVSS
10.0
EPSS Score
94.32%
Published
2010-05-07
Updated
2018-10-10
Format string vulnerability in ovet_demandpoll.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via format string specifiers in the sel parameter.
Max CVSS
10.0
EPSS Score
85.76%
Published
2010-05-13
Updated
2018-10-10
Stack-based buffer overflow in the _OVParseLLA function in ov.dll in netmon.exe in Network Monitor in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the sel parameter.
Max CVSS
10.0
EPSS Score
89.69%
Published
2010-05-13
Updated
2018-10-10

CVE-2010-1552

Public exploit
Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters.
Max CVSS
10.0
EPSS Score
96.80%
Published
2010-05-13
Updated
2018-10-10

CVE-2010-1553

Public exploit
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.
Max CVSS
10.0
EPSS Score
96.80%
Published
2010-05-13
Updated
2018-10-10

CVE-2010-1554

Public exploit
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
Max CVSS
10.0
EPSS Score
96.84%
Published
2010-05-13
Updated
2018-10-11

CVE-2010-1555

Public exploit
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.
Max CVSS
10.0
EPSS Score
96.80%
Published
2010-05-13
Updated
2018-10-10
The Google URL Parsing Library (aka google-url or GURL) in Google Chrome before 4.1.249.1064 allows remote attackers to bypass the Same Origin Policy via unspecified vectors.
Max CVSS
10.0
EPSS Score
50.18%
Published
2010-05-03
Updated
2017-09-19
Mozilla Firefox 3.6.3 on Windows XP SP3 allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) or possibly execute arbitrary code via JavaScript code that performs certain string concatenation and substring operations, a different vulnerability than CVE-2009-1571.
Max CVSS
10.0
EPSS Score
14.80%
Published
2010-05-20
Updated
2018-10-10
Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long transport mode.
Max CVSS
10.0
EPSS Score
9.26%
Published
2010-05-24
Updated
2017-08-17
Buffer overflow in Webby Webserver 1.01 allows remote attackers to execute arbitrary code via a long HTTP GET request.
Max CVSS
10.0
EPSS Score
70.30%
Published
2010-05-27
Updated
2018-10-10
Google Chrome before 5.0.375.55 does not properly follow the Safe Browsing specification's requirements for canonicalization of URLs, which has unspecified impact and remote attack vectors.
Max CVSS
10.0
EPSS Score
0.17%
Published
2010-05-28
Updated
2020-08-06
Unspecified vulnerability in Google Chrome before 5.0.375.55 allows attackers to cause a denial of service (memory error) or possibly have unspecified other impact via vectors related to the Safe Browsing functionality.
Max CVSS
10.0
EPSS Score
0.17%
Published
2010-05-28
Updated
2020-08-06
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.
Max CVSS
9.8
EPSS Score
2.66%
Published
2010-05-07
Updated
2024-02-08
Integer overflow in cdd.dll in the Canonical Display Driver (CDD) in Microsoft Windows Server 2008 R2 and Windows 7 on 64-bit platforms, when the Windows Aero theme is installed, allows context-dependent attackers to cause a denial of service (reboot) or possibly execute arbitrary code via a crafted image file that triggers incorrect data parsing after user-mode data is copied to kernel mode, as demonstrated using "Browse with Irfanview" and certain actions on a folder containing a large number of thumbnail images in Resample mode, possibly related to the ATI graphics driver or win32k.sys, aka "Canonical Display Driver Integer Overflow Vulnerability."
Max CVSS
9.3
EPSS Score
5.72%
Published
2010-05-14
Updated
2018-10-30
Heap-based buffer overflow in the IAManager ActiveX control in IAManager.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via a long argument to the SetIAPlayerName method.
Max CVSS
9.3
EPSS Score
14.78%
Published
2010-05-06
Updated
2017-09-19
Heap-based buffer overflow in the SonicMediaPlayer ActiveX control in SonicMediaPlayer.dll in Roxio CinePlayer 3.2 allows remote attackers to execute arbitrary code via a long argument to the DiskType method. NOTE: this might overlap CVE-2007-1559.
Max CVSS
9.3
EPSS Score
4.74%
Published
2010-05-06
Updated
2017-09-19

CVE-2009-4850

Public exploit
The Awingsoft Awakening Winds3D Viewer plugin 3.5.0.9 allows remote attackers to execute arbitrary programs via a SceneURL property value with a URL for a .exe file.
Max CVSS
9.3
EPSS Score
87.52%
Published
2010-05-07
Updated
2017-08-17
Stack-based buffer overflow in UltraPlayer Media Player 2.112 allows remote attackers to execute arbitrary code via a long string in a .usk file.
Max CVSS
9.3
EPSS Score
25.14%
Published
2010-05-11
Updated
2017-09-19
Adobe Shockwave Player before 11.5.7.609 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted FFFFFF45h Shockwave 3D blocks in a Shockwave file.
Max CVSS
9.3
EPSS Score
4.36%
Published
2010-05-13
Updated
2022-11-03
418 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!