Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-3869 | 1 Redhat | 2 Certificate System, Dogtag Certificate System | 2010-11-17 | 4.0 MEDIUM | N/A |
| Red Hat Certificate System (RHCS) 7.3 and 8 and Dogtag Certificate System allow remote authenticated users to generate an arbitrary number of certificates by replaying a single SCEP one-time PIN. | |||||
| CVE-2010-4271 | 1 Impresscms | 1 Impresscms | 2010-11-17 | 7.5 HIGH | N/A |
| SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-1801 | 1 Apple | 3 Coregraphics, Mac Os X, Mac Os X Server | 2010-11-16 | 6.8 MEDIUM | N/A |
| Heap-based buffer overflow in CoreGraphics in Apple Mac OS X 10.5.8 and 10.6.4 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PDF file. | |||||
| CVE-2010-3796 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-11-16 | 4.3 MEDIUM | N/A |
| Safari RSS in Apple Mac OS X 10.5.8 and 10.6.x before 10.6.5 does not block Java applets in an RSS feed, which allows remote attackers to obtain sensitive information via a feed: URL containing an applet that performs DOM modifications. | |||||
| CVE-2010-4011 | 1 Apple | 1 Mac Os X Server | 2010-11-16 | 4.0 MEDIUM | N/A |
| Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue." | |||||
| CVE-2010-4270 | 2 Joomla, Netshinesoftware | 2 Joomla\!, Com Netinvoice | 2010-11-16 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the nBill (com_netinvoice) component before 2.0.9 standard edition, 2.0.10 lite edition, and 1.2_10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in unspecified vectors related to (1) administrator/components/com_nbill/admin.nbill.php, (2) components/com_nbill/nbill.php, (3) administrator/components/com_netinvoice/admin.netinvoice.php, or (4) components/com_netinvoice/netinvoice.php, as exploited in the wild in November 2010. | |||||
| CVE-2009-4898 | 1 Twiki | 1 Twiki | 2010-11-11 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in TWiki before 4.3.2 allows remote attackers to hijack the authentication of arbitrary users for requests that update pages, as demonstrated by a URL for a save script in the ACTION attribute of a FORM element, in conjunction with a call to the submit method in the onload attribute of a BODY element. NOTE: this issue exists because of an insufficient fix for CVE-2009-1339. | |||||
| CVE-2010-3903 | 1 Infradead | 1 Openconnect | 2010-11-11 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in OpenConnect before 2.23 allows remote AnyConnect SSL VPN servers to cause a denial of service (application crash) via a 404 HTTP status code. | |||||
| CVE-2010-3286 | 1 Hp | 1 Systems Insight Manager | 2010-11-10 | 5.0 MEDIUM | N/A |
| Unspecified vulnerability in HP Systems Insight Manager (SIM) 6.0 and 6.1 allows remote attackers to read arbitrary files via unknown vectors. | |||||
| CVE-2010-3288 | 1 Hp | 1 Systems Insight Manager | 2010-11-10 | 6.8 MEDIUM | N/A |
| Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | |||||
| CVE-2010-3291 | 1 Hp | 2 Assetcenter, Assetmanager | 2010-11-10 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x through AC_5.03, and AssetManager 5.1x through AM_5.12 and 5.2x through AM_5.22, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-3502 | 1 Oracle | 1 Siebel Suite | 2010-11-10 | 4.0 MEDIUM | N/A |
| Unspecified vulnerability in the Siebel Core component in Oracle Siebel Suite 7.7.2.12, 7.8.2.14, 8.0.0.10, and 8.1.1.3 allows remote authenticated users to affect confidentiality via unknown vectors. | |||||
| CVE-2010-3503 | 1 Oracle | 2 Opensolaris, Solaris | 2010-11-10 | 6.3 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 10 and OpenSolaris allows local users to affect confidentiality and integrity via unknown vectors related to su. | |||||
| CVE-2010-3504 | 1 Oracle | 1 E-business Suite | 2010-11-10 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability in the Oracle Applications Technology Stack component in Oracle E-Business Suite 11.5.10.2, 12.0.6, and 12.1.2 allows remote attackers to affect integrity via unknown vectors. | |||||
| CVE-2010-3506 | 1 Oracle | 1 Sun Products Suite | 2010-11-10 | 3.0 LOW | N/A |
| Unspecified vulnerability in the Oracle Explorer (Sun Explorer) component in Oracle Sun Products Suite 6.4 allows local users to affect confidentiality and integrity via unknown vectors. | |||||
| CVE-2010-3507 | 1 Oracle | 1 Solaris | 2010-11-10 | 6.6 MEDIUM | N/A |
| Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Live Upgrade. | |||||
| CVE-2010-3508 | 1 Oracle | 1 Solaris | 2010-11-10 | 3.2 LOW | N/A |
| Unspecified vulnerability in Oracle Solaris 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Zones. | |||||
| CVE-2010-3511 | 1 Oracle | 1 Opensolaris | 2010-11-10 | 2.6 LOW | N/A |
| Unspecified vulnerability in Oracle OpenSolaris allows local users to affect integrity and availability via unknown vectors related to Tooltalk. | |||||
| CVE-2010-3512 | 1 Oracle | 1 Sun Products Suite | 2010-11-10 | 3.5 LOW | N/A |
| Unspecified vulnerability in the Oracle iPlanet Web Server (Sun Java System Web Server) component in Oracle Sun Products Suite 7.0u8 allows remote authenticated users to affect confidentiality, related to DAV (WebDAV). | |||||
| CVE-2010-3513 | 1 Oracle | 2 Opensolaris, Solaris | 2010-11-10 | 2.4 LOW | N/A |
| Unspecified vulnerability in Oracle Solaris 9 and 10, and OpenSolaris, allows local users to affect integrity and availability via unknown vectors related to Device Drivers. | |||||