Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1861 | 1 Php | 1 Php | 2010-05-09 | 6.4 MEDIUM | N/A |
| The sysvshm extension for PHP 5.2 through 5.2.13 and 5.3 through 5.3.2 allows context-dependent attackers to write to arbitrary memory addresses by using an object's __sleep function to interrupt an internal call to the shm_put_var function, which triggers access of a freed resource. | |||||
| CVE-2010-1863 | 1 Clantiger | 1 Clantiger | 2010-05-09 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the shoutbox module (modules/shoutbox.php) in ClanTiger 1.1.3 and earlier allows remote attackers to execute arbitrary SQL commands via the s_email parameter. | |||||
| CVE-2010-1147 | 1 Roshan Singh | 1 Open Direct Connect Hub | 2010-05-07 | 6.0 MEDIUM | N/A |
| Stack-based buffer overflow in Open Direct Connect Hub (aka Open DC Hub or OpenDCHub) 0.8.1 allows remote authenticated users to execute arbitrary code via a long MyINFO message. | |||||
| CVE-2010-0101 | 1 Lexmark | 61 25xxn, C510, C52x and 58 more | 2010-05-06 | 7.8 HIGH | N/A |
| The embedded HTTP server in multiple Lexmark laser and inkjet printers and MarkNet devices, including X94x, W840, T656, N4000, E462, C935dn, 25xxN, and other models, allows remote attackers to cause a denial of service (operating system halt) via a malformed HTTP Authorization header. | |||||
| CVE-2010-1737 | 1 Carlos Eduardo Sotelo Pinto | 1 0.1.0 | 2010-05-06 | 6.8 MEDIUM | N/A |
| PHP remote file inclusion vulnerability in core/includes/gfw_smarty.php in Gallo 0.1.0, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary PHP code via a URL in the config[gfwroot] parameter. | |||||
| CVE-2010-1730 | 2 Dolphin, Htc | 2 Dolphin Browser, Hero | 2010-05-06 | 5.0 MEDIUM | N/A |
| Dolphin Browser 2.5.0 on the HTC Hero allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop. | |||||
| CVE-2009-4605 | 1 Phpmyadmin | 1 Phpmyadmin | 2010-05-05 | 5.0 MEDIUM | N/A |
| scripts/setup.php (aka the setup script) in phpMyAdmin 2.11.x before 2.11.10 calls the unserialize function on the values of the (1) configuration and (2) v[0] parameters, which might allow remote attackers to conduct cross-site request forgery (CSRF) attacks via unspecified vectors. | |||||
| CVE-2008-7251 | 1 Phpmyadmin | 1 Phpmyadmin | 2010-05-05 | 10.0 HIGH | N/A |
| libraries/File.class.php in phpMyAdmin 2.11.x before 2.11.10 creates a temporary directory with 0777 permissions, which has unknown impact and attack vectors. | |||||
| CVE-2010-0402 | 1 Openttd | 1 Openttd | 2010-05-05 | 6.5 MEDIUM | N/A |
| OpenTTD before 1.0.1 does not properly validate index values of certain items, which allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted in-game command. | |||||
| CVE-2010-1687 | 1 Mochasoft | 1 Mocha W32 Lpd | 2010-05-04 | 5.0 MEDIUM | N/A |
| Stack-based buffer overflow in lpd.exe in Mocha W32 LPD 1.9 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a crafted "recieve jobs" request. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1723 | 2 Joomla, Joomlacomponent.inetlanka | 2 Joomla\!, Com Drawroot | 2010-05-04 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in the iNetLanka Contact Us Draw Root Map (com_drawroot) component 1.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-0594 | 1 Cisco | 1 Router And Security Device Manager | 2010-05-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Cisco Router and Security Device Manager (SDM) allows remote attackers to inject arbitrary web script or HTML via unknown vectors, aka Bug ID CSCtb38467. | |||||
| CVE-2010-1685 | 1 Cursorarts | 1 Zipwrangler | 2010-05-04 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in CursorArts ZipWrangler 1.20 allows user-assisted remote attackers to execute arbitrary code via a ZIP file containing a file with a long filename. | |||||
| CVE-2010-1701 | 1 Rocky.nu | 1 Php Video Battle Script | 2010-05-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in browse.html in PHP Video Battle Script allows remote attackers to execute arbitrary SQL commands via the cat parameter. | |||||
| CVE-2010-1705 | 1 Rocky.nu | 1 Modelbook | 2010-05-04 | 7.5 HIGH | N/A |
| SQL injection vulnerability in casting_view.php in Modelbook allows remote attackers to execute arbitrary SQL commands via the adnum parameter. | |||||
| CVE-2010-1707 | 1 Piwigo | 1 Piwigo | 2010-05-04 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in register.php in Piwigo 2.0.9 and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) login and (2) mail_address parameters. | |||||
| CVE-2009-4823 | 1 Cpanel | 1 Cpanel | 2010-05-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in frontend/x3/files/fileop.html in cPanel 11.0 through 11.24.7 allows remote attackers to inject arbitrary web script or HTML via the fileop parameter. | |||||
| CVE-2009-4631 | 1 Ffmpeg | 1 Ffmpeg | 2010-05-03 | 9.3 HIGH | N/A |
| Off-by-one error in the VP3 decoder (vp3.c) in FFmpeg 0.5 allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted VP3 file that triggers an out-of-bounds read and possibly memory corruption. | |||||
| CVE-2009-4638 | 1 Ffmpeg | 1 Ffmpeg | 2010-05-03 | 4.3 MEDIUM | N/A |
| Integer overflow in FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors. | |||||
| CVE-2009-1859 | 1 Adobe | 2 Acrobat, Acrobat Reader | 2010-05-03 | 9.3 HIGH | N/A |
| Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow attackers to execute arbitrary code via unspecified vectors that trigger memory corruption. | |||||