Total
11440 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-4900 | 1 Webmanager-pro | 1 Cms Webmanager-pro | 2026-06-16 | 5.8 MEDIUM | N/A |
| Open redirect vulnerability in c.php in CMS WebManager-Pro 8.1 and earlier allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the url parameter. | |||||
| CVE-2010-4819 | 1 X | 1 X.org-xserver | 2026-06-16 | 3.6 LOW | N/A |
| The ProcRenderAddGlyphs function in the Render extension (render/render.c) in X.Org xserver 1.7.7 and earlier allows local users to read arbitrary memory and possibly cause a denial of service (server crash) via unspecified vectors related to an "input sanitization flaw." | |||||
| CVE-2010-4818 | 1 X.org | 1 X.org | 2026-06-16 | 8.5 HIGH | N/A |
| The GLX extension in X.Org xserver 1.7.7 allows remote authenticated users to cause a denial of service (server crash) and possibly execute arbitrary code via (1) a crafted request that triggers a client swap in glx/glxcmdsswap.c; or (2) a crafted length or (3) a negative value in the screen field in a request to glx/glxcmds.c. | |||||
| CVE-2010-4815 | 1 Coppermine-gallery | 1 Coppermine Gallery | 2026-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| Coppermine gallery before 1.4.26 has an input validation vulnerability that allows for code execution. | |||||
| CVE-2010-4803 | 1 Mojolicious | 1 Mojolicious | 2026-06-16 | 10.0 HIGH | N/A |
| Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors. | |||||
| CVE-2010-4802 | 1 Mojolicious | 1 Mojolicious | 2026-06-16 | 10.0 HIGH | N/A |
| Commands.pm in Mojolicious before 0.999928 does not properly perform CGI environment detection, which has unspecified impact and remote attack vectors. | |||||
| CVE-2010-4788 | 1 Ibm | 1 Tivoli Directory Server | 2026-06-16 | 4.0 MEDIUM | N/A |
| IBM Tivoli Directory Server (TDS) 6.0 before 6.0.0.62 (aka 6.0.0.8-TIV-ITDS-IF0004) does not perform certain locking of linked-list access, which allows remote authenticated users to cause a denial of service (daemon crash) via a paged search. | |||||
| CVE-2010-4777 | 1 Perl | 1 Perl | 2026-06-16 | 4.3 MEDIUM | N/A |
| The Perl_reg_numbered_buff_fetch function in Perl 5.10.0, 5.12.0, 5.14.0, and other versions, when running with debugging enabled, allows context-dependent attackers to cause a denial of service (assertion failure and application exit) via crafted input that is not properly handled when using certain regular expressions, as demonstrated by causing SpamAssassin and OCSInventory to crash. | |||||
| CVE-2010-4775 | 2 Drupal, Nicholas Thompson | 2 Drupal, Relevant Content | 2026-06-16 | 5.0 MEDIUM | N/A |
| The Relevant Content module 5.x before 5.x-1.4 and 6.x before 6.x-1.5 for Drupal does not properly implement node access logic, which allows remote attackers to discover restricted node titles and relationships. | |||||
| CVE-2010-4767 | 1 Otrs | 1 Otrs | 2026-06-16 | 5.0 MEDIUM | N/A |
| Open Ticket Request System (OTRS) before 2.3.6 does not properly handle e-mail messages in which the From line contains UTF-8 characters associated with diacritical marks and an invalid charset, which allows remote attackers to cause a denial of service (duplicate tickets and duplicate auto-responses) by sending a crafted message to a POP3 mailbox. | |||||
| CVE-2010-4766 | 1 Otrs | 1 Otrs | 2026-06-16 | 4.3 MEDIUM | N/A |
| The AgentTicketForward feature in Open Ticket Request System (OTRS) before 2.4.7 does not properly remove inline images from HTML e-mail messages, which allows remote attackers to obtain potentially sensitive image information in opportunistic circumstances by reading a forwarded message in a standard e-mail client. | |||||
| CVE-2010-4759 | 1 Otrs | 1 Otrs | 2026-06-16 | 4.0 MEDIUM | N/A |
| Open Ticket Request System (OTRS) before 3.0.0-beta7 does not properly restrict the ticket ages that are within the scope of a search, which allows remote authenticated users to cause a denial of service (daemon hang) via a fulltext search. | |||||
| CVE-2010-4727 | 1 Smarty | 1 Smarty | 2026-06-16 | 10.0 HIGH | N/A |
| Smarty before 3.0.0 beta 7 does not properly handle the <?php and ?> tags, which has unspecified impact and remote attack vectors. | |||||
| CVE-2010-4704 | 1 Ffmpeg | 1 Ffmpeg | 2026-06-16 | 4.3 MEDIUM | N/A |
| libavcodec/vorbis_dec.c in the Vorbis decoder in FFmpeg 0.6.1 and earlier allows remote attackers to cause a denial of service (application crash) via a crafted .ogg file, related to the vorbis_floor0_decode function. NOTE: this might overlap CVE-2011-0480. | |||||
| CVE-2010-4687 | 1 Cisco | 1 Ios | 2026-06-16 | 5.0 MEDIUM | N/A |
| STCAPP (aka the SCCP telephony control application) on Cisco IOS before 15.0(1)XA1 does not properly handle multiple calls to a shared line, which allows remote attackers to cause a denial of service (port hang) by simultaneously ending two calls that were controlled by CallManager Express (CME), aka Bug ID CSCtd42552. | |||||
| CVE-2010-4684 | 1 Cisco | 1 Ios | 2026-06-16 | 7.1 HIGH | N/A |
| Cisco IOS before 15.0(1)XA1, when certain TFTP debugging is enabled, allows remote attackers to cause a denial of service (device crash) via a TFTP copy over IPv6, aka Bug ID CSCtb28877. | |||||
| CVE-2010-4679 | 1 Cisco | 3 5500 Series Adaptive Security Appliance, Adaptive Security Appliance Software, Asa 5500 | 2026-06-16 | 7.8 HIGH | N/A |
| Cisco Adaptive Security Appliances (ASA) 5500 series devices with software before 8.2(3) do not properly handle Online Certificate Status Protocol (OCSP) connection failures, which allows remote OCSP responders to cause a denial of service (TCP socket exhaustion) by rejecting connection attempts, aka Bug ID CSCsz36816. | |||||
| CVE-2010-4660 | 1 Status | 1 Statusnet | 2026-06-16 | 7.5 HIGH | 9.8 CRITICAL |
| Unspecified vulnerability in statusnet through 2010 due to the way addslashes are used in SQL string escapes.. | |||||
| CVE-2010-4575 | 1 Google | 2 Chrome, Chrome Os | 2026-06-16 | 4.3 MEDIUM | N/A |
| The ThemeInstalledInfoBarDelegate::Observe function in browser/extensions/theme_installed_infobar_delegate.cc in Google Chrome before 8.0.552.224 and Chrome OS before 8.0.552.343 does not properly handle incorrect tab interaction by an extension, which allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted extension. | |||||
| CVE-2010-4554 | 1 Squirrelmail | 1 Squirrelmail | 2026-06-16 | 4.3 MEDIUM | N/A |
| functions/page_header.php in SquirrelMail 1.4.21 and earlier does not prevent page rendering inside a frame in a third-party HTML document, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site. | |||||