Directory traversal vulnerability in the Directory Listing (dir_listing) extension 1.1.0 and earlier for TYPO3 allows remote attackers to have an unspecified impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.29%
Published
2010-07-22
Updated
2010-07-23
Unspecified vulnerability in the Data Server component in Oracle TimesTen In-Memory Database 7.0.6.0 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Max CVSS
10.0
EPSS Score
0.39%
Published
2010-07-13
Updated
2012-10-23
Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.
Max CVSS
10.0
EPSS Score
0.39%
Published
2010-07-13
Updated
2012-10-23
Unspecified vulnerability in Oracle Secure Backup 10.3.0.1 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors, a different vulnerability than CVE-2010-0898, CVE-2010-0899, CVE-2010-0904, and CVE-2010-0906.
Max CVSS
10.0
EPSS Score
96.84%
Published
2010-07-13
Updated
2012-10-23
IOS 12.2(52)SE and 12.2(52)SE1 on Cisco Industrial Ethernet (IE) 3000 series switches has (1) a community name of public for RO access and (2) a community name of private for RW access, which makes it easier for remote attackers to modify the configuration or obtain potentially sensitive information via SNMP requests, aka Bug ID CSCtf25589.
Max CVSS
10.0
EPSS Score
1.51%
Published
2010-07-08
Updated
2017-08-17
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.
Max CVSS
10.0
EPSS Score
0.41%
Published
2010-07-08
Updated
2021-06-30
Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allow remote attackers to have an unspecified impact via a crafted (1) ND_OPT_PREFIX_INFORMATION or (2) ND_OPT_HOME_AGENT_INFO packet.
Max CVSS
10.0
EPSS Score
3.07%
Published
2010-07-13
Updated
2011-01-14

CVE-2010-2703

Public exploit
Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe.
Max CVSS
10.0
EPSS Score
96.12%
Published
2010-07-28
Updated
2018-10-10
Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long HTTP request to nnmrptconfig.exe.
Max CVSS
10.0
EPSS Score
76.03%
Published
2010-07-28
Updated
2018-10-10
layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.
Max CVSS
10.0
EPSS Score
22.14%
Published
2010-07-30
Updated
2017-09-19
solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.
Max CVSS
10.0
EPSS Score
2.02%
Published
2010-07-22
Updated
2010-07-22
Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.16%
Published
2010-07-28
Updated
2020-08-03
Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.21%
Published
2010-07-28
Updated
2020-08-05
Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors.
Max CVSS
10.0
EPSS Score
0.21%
Published
2010-07-28
Updated
2020-08-06
The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
2.64%
Published
2010-07-28
Updated
2020-08-04
The SVG implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.32%
Published
2010-07-28
Updated
2020-08-05
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite.
Max CVSS
9.8
EPSS Score
79.65%
Published
2010-07-28
Updated
2024-01-21
Buffer overflow in gs/psi/iscan.c in Ghostscript 8.64 and earlier allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDF document containing a long name.
Max CVSS
9.3
EPSS Score
76.96%
Published
2010-07-22
Updated
2017-08-17

CVE-2009-4962

Public exploit
Stack-based buffer overflow in Fat Player 0.6b allows remote attackers to execute arbitrary code via a long string in a .wav file. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
83.98%
Published
2010-07-28
Updated
2017-09-19
Stack-based buffer overflow in KSP 2006 FINAL allows remote attackers to execute arbitrary code via a long string in a .M3U playlist file.
Max CVSS
9.3
EPSS Score
10.08%
Published
2010-07-28
Updated
2017-09-19

CVE-2010-0266

Public exploit
Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka "Microsoft Outlook SMB Attachment Vulnerability."
Max CVSS
9.3
EPSS Score
97.06%
Published
2010-07-15
Updated
2018-10-12
The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 and 2007 SP1 and SP2 do not properly interact with the memory-allocation approach used by Internet Explorer during instantiation, which allows remote attackers to execute arbitrary code via a web site that references multiple ActiveX controls, as demonstrated by the ImexGrid and FieldList controls, aka "Access ActiveX Control Vulnerability."
Max CVSS
9.3
EPSS Score
93.40%
Published
2010-07-15
Updated
2018-10-12
The pam_lsass library in Likewise Open 5.4 and CIFS 5.4 before build 8046, and 6.0 before build 8234, as used in HP StorageWorks X9000 Network Storage Systems and possibly other products, uses "SetPassword logic" when running as part of a root service, which allows remote attackers to bypass authentication for a Likewise Security Authority (lsassd) account whose password is marked as expired.
Max CVSS
9.3
EPSS Score
1.23%
Published
2010-07-28
Updated
2018-10-10
Use-after-free vulnerability in the attribute-cloning functionality in the DOM implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via vectors related to deletion of an event attribute node with a nonzero reference count.
Max CVSS
9.3
EPSS Score
13.33%
Published
2010-07-30
Updated
2024-02-02
Use-after-free vulnerability in the NodeIterator implementation in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, and SeaMonkey before 2.0.6, allows remote attackers to execute arbitrary code via a crafted NodeFilter that detaches DOM nodes, related to the NodeIterator interface and a javascript callback.
Max CVSS
9.3
EPSS Score
8.34%
Published
2010-07-30
Updated
2017-09-19
343 vulnerabilities found
1 2 3 4 5 6 7 8 9 10 11 12 13 14
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!