Buffer overflow in Webby Webserver 1.01 allows remote attackers to execute arbitrary code via a long HTTP GET request.
Max CVSS
10.0
EPSS Score
70.30%
Published
2010-05-27
Updated
2018-10-10
Multiple format string vulnerabilities in the phar extension in PHP 5.3 before 5.3.2 allow context-dependent attackers to obtain sensitive information (memory contents) and possibly execute arbitrary code via a crafted phar:// URI that is not properly handled by the (1) phar_stream_flush, (2) phar_wrapper_unlink, (3) phar_parse_url, or (4) phar_wrapper_open_url functions in ext/phar/stream.c; and the (5) phar_wrapper_open_dir function in ext/phar/dirstream.c, which triggers errors in the php_stream_wrapper_log_error function.
Max CVSS
6.8
EPSS Score
1.36%
Published
2010-05-27
Updated
2011-01-26
KAVSafe.sys 2010.4.14.609 and earlier, as used in Kingsoft Webshield 3.5.1.2 and earlier, allows local users to overwrite arbitrary kernel memory via a crafted request to IOCTL 0x830020d4 on the KAVSafe device.
Max CVSS
7.2
EPSS Score
0.04%
Published
2010-05-24
Updated
2017-08-17
Buffer overflow in k23productions TFTPUtil GUI (aka TFTPGUI) 1.4.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long transport mode.
Max CVSS
10.0
EPSS Score
9.26%
Published
2010-05-24
Updated
2017-08-17
Stack-based buffer overflow in the media library in BS.Global BS.Player 2.51 build 1022, 2.41 build 1003, and possibly other versions allows user-assisted remote attackers to execute arbitrary code via a long ID3 tag in a .MP3 file. NOTE: some of these details are obtained from third party information.
Max CVSS
9.3
EPSS Score
1.39%
Published
2010-05-21
Updated
2010-05-24
Stack-based buffer overflow in BS.Global BS.Player 2.51 Build 1022 Free, and possibly other versions, allows user-assisted remote attackers to execute arbitrary code via the Skin parameter in the Options section of a skins file (.bsi), a different vulnerability than CVE-2009-1068.
Max CVSS
9.3
EPSS Score
27.17%
Published
2010-05-20
Updated
2017-08-17
Buffer overflow in the RunCmd method in the SdcUser.TgConCtl ActiveX control in tgctlcm.dll in Consona Live Assistance, Dynamic Agent, and Subscriber Assistance allows remote attackers to execute arbitrary code via vectors involving "CreateProcess params." NOTE: some of these details are obtained from third party information.
Max CVSS
7.6
EPSS Score
5.12%
Published
2010-05-12
Updated
2018-10-10
Stack-based buffer overflow in the parser function in GhostScript 8.70 and 8.64 allows context-dependent attackers to execute arbitrary code via a crafted PostScript file.
Max CVSS
9.3
EPSS Score
0.51%
Published
2010-05-12
Updated
2018-10-10
The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows context-dependent attackers to cause a denial of service (crash) and possibly trigger memory corruption via a negative chunk size, which bypasses a signed comparison, related to an integer overflow in the chunk size decoder.
Max CVSS
9.8
EPSS Score
2.66%
Published
2010-05-07
Updated
2024-02-08
Multiple stack-based buffer overflows in the tr_magnetParse function in libtransmission/magnet.c in Transmission 1.91 allow remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a crafted magnet URL with a large number of (1) tr or (2) ws links.
Max CVSS
6.8
EPSS Score
1.76%
Published
2010-05-07
Updated
2010-05-11
Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.
Max CVSS
5.0
EPSS Score
0.18%
Published
2010-05-06
Updated
2010-05-06
Stack-based buffer overflow in 2BrightSparks SyncBack Freeware 3.2.20.0, and possibly other versions before 3.2.21, allows user-assisted remote attackers to execute arbitrary code via a long filename in a (1) .sps or (2) zip profile.
Max CVSS
9.3
EPSS Score
28.79%
Published
2010-05-24
Updated
2017-08-17
Stack-based buffer overflow in lpd.exe in Mocha W32 LPD 1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted "recieve jobs" request. NOTE: some of these details are obtained from third party information.
Max CVSS
5.0
EPSS Score
7.93%
Published
2010-05-04
Updated
2010-05-05
Stack-based buffer overflow in (1) Urgent Backup 3.20, and (2) ABC Backup Pro 5.20 and ABC Backup 5.50, allows user-assisted remote attackers to execute arbitrary code via a crafted ZIP archive.
Max CVSS
9.3
EPSS Score
1.84%
Published
2010-05-05
Updated
2010-05-12
Stack-based buffer overflow in CursorArts ZipWrangler 1.20 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename.
Max CVSS
9.3
EPSS Score
10.22%
Published
2010-05-04
Updated
2023-08-08

CVE-2010-1681

Public exploit
Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE-2010-0254 and CVE-2010-0256.
Max CVSS
7.6
EPSS Score
74.45%
Published
2010-05-06
Updated
2018-10-10
Google Chrome before 4.1.249.1064 does not properly handle fonts, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
Max CVSS
7.5
EPSS Score
2.04%
Published
2010-05-03
Updated
2017-09-19
Google Chrome before 4.1.249.1064 does not properly handle HTML5 media, which allows remote attackers to cause a denial of service (memory corruption) and possibly have unspecified other impact via unknown vectors.
Max CVSS
5.0
EPSS Score
2.18%
Published
2010-05-03
Updated
2017-09-19
Multiple integer overflows in audioop.c in the audioop module in Python 2.6, 2.7, 3.1, and 3.2 allow context-dependent attackers to cause a denial of service (application crash) via a large fragment, as demonstrated by a call to audioop.lin2lin with a long string in the first argument, leading to a buffer overflow. NOTE: this vulnerability exists because of an incorrect fix for CVE-2008-3143.5.
Max CVSS
5.0
EPSS Score
0.67%
Published
2010-05-27
Updated
2023-02-13
Ghostscript 8.64, 8.70, and possibly other versions allows context-dependent attackers to execute arbitrary code via a PostScript file containing unlimited recursive procedure invocations, which trigger memory corruption in the stack of the interpreter.
Max CVSS
9.3
EPSS Score
0.56%
Published
2010-05-19
Updated
2018-10-10
Integer overflow in the load_iface function in Tools/gdomap.c in gdomap in GNUstep Base before 1.20.0 might allow context-dependent attackers to execute arbitrary code via a (1) file or (2) socket that provides configuration data with many entries, leading to a heap-based buffer overflow.
Max CVSS
7.2
EPSS Score
0.13%
Published
2010-05-12
Updated
2010-05-12

CVE-2010-1555

Public exploit
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid Hostname parameter.
Max CVSS
10.0
EPSS Score
96.80%
Published
2010-05-13
Updated
2018-10-10

CVE-2010-1554

Public exploit
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid iCount parameter.
Max CVSS
10.0
EPSS Score
96.84%
Published
2010-05-13
Updated
2018-10-11

CVE-2010-1553

Public exploit
Stack-based buffer overflow in getnnmdata.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via an invalid MaxAge parameter.
Max CVSS
10.0
EPSS Score
96.80%
Published
2010-05-13
Updated
2018-10-10

CVE-2010-1552

Public exploit
Stack-based buffer overflow in the doLoad function in snmpviewer.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to execute arbitrary code via the act and app parameters.
Max CVSS
10.0
EPSS Score
96.80%
Published
2010-05-13
Updated
2018-10-10
57 vulnerabilities found
1 2 3
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!