The SVG implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
0.32%
Published
2010-07-28
Updated
2020-08-05
The rendering implementation in Google Chrome before 5.0.375.125 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
10.0
EPSS Score
2.64%
Published
2010-07-28
Updated
2020-08-04
Google Chrome before 5.0.375.125 does not properly handle a large canvas, which has unspecified impact and remote attack vectors.
Max CVSS
10.0
EPSS Score
0.21%
Published
2010-07-28
Updated
2020-08-06
Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the GNU C Library, which has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.21%
Published
2010-07-28
Updated
2020-08-05
Google Chrome before 5.0.375.125 does not properly mitigate an unspecified flaw in the Windows kernel, which has unknown impact and attack vectors.
Max CVSS
10.0
EPSS Score
0.16%
Published
2010-07-28
Updated
2020-08-03
solid.exe in IBM solidDB before 6.5 FP2 allows remote attackers to execute arbitrary code via a long username field in the first handshake packet.
Max CVSS
10.0
EPSS Score
2.02%
Published
2010-07-22
Updated
2010-07-22
layout/generic/nsObjectFrame.cpp in Mozilla Firefox 3.6.7 does not properly free memory in the parameter array of a plugin instance, which allows remote attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via a crafted HTML document, related to the DATA and SRC attributes of an OBJECT element. NOTE: this vulnerability exists because of an incorrect fix for CVE-2010-1214.
Max CVSS
10.0
EPSS Score
22.14%
Published
2010-07-30
Updated
2017-09-19
Integer overflow in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code via a large selection attribute in a XUL tree element, which triggers a use-after-free.
Max CVSS
9.3
EPSS Score
13.25%
Published
2010-07-30
Updated
2024-02-03
Integer overflow in an array class in Mozilla Firefox 3.5.x before 3.5.11 and 3.6.x before 3.6.7, Thunderbird 3.0.x before 3.0.6 and 3.1.x before 3.1.1, and SeaMonkey before 2.0.6 allows remote attackers to execute arbitrary code by placing many Cascading Style Sheets (CSS) values in an array, related to references to external font resources and an inconsistency between 16-bit and 32-bit integers.
Max CVSS
9.3
EPSS Score
79.80%
Published
2010-07-30
Updated
2017-09-19
Buffer overflow in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 allows remote attackers to execute arbitrary code via a long HTTP request to nnmrptconfig.exe.
Max CVSS
10.0
EPSS Score
76.03%
Published
2010-07-28
Updated
2018-10-10

CVE-2010-2703

Public exploit
Stack-based buffer overflow in the execvp_nc function in the ov.dll module in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53, when running on Windows, allows remote attackers to execute arbitrary code via a long HTTP request to webappmon.exe.
Max CVSS
10.0
EPSS Score
96.12%
Published
2010-07-28
Updated
2018-10-10
Buffer overflow in the UGameEngine::UpdateConnectingMessage function in the Unreal engine 1, 2, and 2.5, as used in multiple games including Unreal Tournament 2004, Unreal tournament 2003, Postal 2, Raven Shield, and SWAT4, when downloads are enabled, allows remote attackers to execute arbitrary code via a long LEVEL field in a WELCOME response to a download request.
Max CVSS
9.3
EPSS Score
6.97%
Published
2010-07-12
Updated
2017-08-17
Multiple buffer overflows in the FathFTP ActiveX control 1.7 allow remote attackers to execute arbitrary code via (1) the GetFromURL member or (2) a long argument to the RasIsConnected method.
Max CVSS
9.3
EPSS Score
10.24%
Published
2010-07-12
Updated
2017-08-17
Opera before 10.54 on Windows and Mac OS X does not properly enforce permission requirements for widget filesystem access and directory selection, which allows user-assisted remote attackers to create or modify arbitrary files, and consequently execute arbitrary code, via widget File I/O operations.
Max CVSS
9.3
EPSS Score
9.96%
Published
2010-07-08
Updated
2018-10-30
Opera before 10.60 on Windows and Mac OS X does not properly prevent certain double-click operations from running a program located on a web site, which allows user-assisted remote attackers to execute arbitrary code via a crafted web page that bypasses a dialog.
Max CVSS
9.3
EPSS Score
2.29%
Published
2010-07-08
Updated
2021-09-08
The Cascading Style Sheets (CSS) implementation in Google Chrome before 5.0.375.99 does not properly perform style rendering, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
9.3
EPSS Score
0.27%
Published
2010-07-06
Updated
2020-08-07
Unspecified vulnerability in Google Chrome before 5.0.375.99 has unknown impact and attack vectors, related to an "annoyance with print dialogs."
Max CVSS
9.3
EPSS Score
0.16%
Published
2010-07-06
Updated
2020-08-07
The implementation of the Unicode Bidirectional Algorithm (aka Bidi algorithm or UBA) in Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via unknown vectors.
Max CVSS
9.3
EPSS Score
1.70%
Published
2010-07-06
Updated
2020-08-07
Google Chrome before 5.0.375.99 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an invalid SVG document.
Max CVSS
9.3
EPSS Score
3.17%
Published
2010-07-06
Updated
2020-08-10
Google Chrome before 5.0.375.99 does not properly isolate sandboxed IFRAME elements, which has unspecified impact and remote attack vectors.
Max CVSS
9.3
EPSS Score
0.24%
Published
2010-07-06
Updated
2020-08-11

CVE-2010-2620

Public exploit
Open&Compact FTP Server (Open-FTPD) 1.2 and earlier allows remote attackers to bypass authentication by sending (1) LIST, (2) RETR, (3) STOR, or other commands without performing the required login steps first.
Max CVSS
9.3
EPSS Score
58.94%
Published
2010-07-02
Updated
2010-07-06

CVE-2010-2568

Known exploited
Public exploit
Windows Shell in Microsoft Windows XP SP3, Server 2003 SP2, Vista SP1 and SP2, Server 2008 SP2 and R2, and Windows 7 allows local users or remote attackers to execute arbitrary code via a crafted (1) .LNK or (2) .PIF shortcut file, which is not properly handled during icon display in Windows Explorer, as demonstrated in the wild in July 2010, and originally reported for malware that leverages CVE-2010-2772 in Siemens WinCC SCADA systems.
Max CVSS
9.3
EPSS Score
97.22%
Published
2010-07-22
Updated
2023-12-07
CISA KEV Added
2022-09-15
Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allow remote attackers to have an unspecified impact via a crafted (1) ND_OPT_PREFIX_INFORMATION or (2) ND_OPT_HOME_AGENT_INFO packet.
Max CVSS
10.0
EPSS Score
3.07%
Published
2010-07-13
Updated
2011-01-14
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3) package, (4) dofile, (5) loadfile, (6) loadlib, (7) module, and (8) require modules or functions.
Max CVSS
10.0
EPSS Score
0.41%
Published
2010-07-08
Updated
2021-06-30
The default configuration of HP Client Automation (HPCA) Enterprise Infrastructure (aka Radia) allows remote attackers to read log files, and consequently cause a denial of service or have unspecified other impact, via web requests.
Max CVSS
9.0
EPSS Score
0.43%
Published
2010-07-22
Updated
2019-10-09
59 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!