Total
210374 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-1352 | 2 Jooforge, Joomla | 2 Com Jukebox, Joomla\! | 2010-04-13 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0579 | 1 Cisco | 1 Ios | 2010-04-12 | 7.8 HIGH | N/A |
| The SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to cause a denial of service (device reload) via a malformed SIP message, aka Bug ID CSCtb93416, the "SIP Message Handling Denial of Service Vulnerability." | |||||
| CVE-2010-0580 | 1 Cisco | 1 Ios | 2010-04-12 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz48680, the "SIP Message Processing Arbitrary Code Execution Vulnerability." | |||||
| CVE-2010-0581 | 1 Cisco | 1 Ios | 2010-04-12 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the SIP implementation in Cisco IOS 12.3 and 12.4 allows remote attackers to execute arbitrary code via a malformed SIP message, aka Bug ID CSCsz89904, the "SIP Packet Parsing Arbitrary Code Execution Vulnerability." | |||||
| CVE-2010-0582 | 1 Cisco | 1 Ios | 2010-04-12 | 7.8 HIGH | N/A |
| Cisco IOS 12.1 through 12.4, and 15.0M before 15.0(1)M1, allows remote attackers to cause a denial of service (interface queue wedge) via malformed H.323 packets, aka Bug ID CSCta19962. | |||||
| CVE-2010-1149 | 1 Freedesktop | 1 Udisks | 2010-04-12 | 2.1 LOW | N/A |
| probers/udisks-dm-export.c in udisks before 1.0.1 exports UDISKS_DM_TARGETS_PARAMS information to udev even for a crypt UDISKS_DM_TARGETS_TYPE, which allows local users to discover encryption keys by (1) running a certain udevadm command or (2) reading a certain file under /dev/.udev/db/. | |||||
| CVE-2010-1334 | 1 Pulsecms | 1 Pulse Cms | 2010-04-11 | 6.0 MEDIUM | N/A |
| Unrestricted file upload vulnerability in Pulse CMS Basic 1.2.4 allows remote authenticated users to execute arbitrary code by uploading a file with an executable extension followed by a safe extension, then accessing it via a direct request to the file in an unspecified directory, a different vulnerability than CVE-2010-0993. | |||||
| CVE-2010-1339 | 2 Robertotto, Woltlab | 2 Teamsite Hack Plugin, Burning Board | 2010-04-11 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to inject arbitrary web script or HTML via the userid parameter in a modboard action, which is not properly handled in a forced SQL error message. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-1342 | 1 Directnews | 1 Direct News | 2010-04-11 | 6.8 MEDIUM | N/A |
| Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to (1) admin/menu.php and (2) library/lib.menu.php; and the adminroot parameter to (3) admin/media/update_content.php and (4) library/class.backup.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1345 | 2 Cookex, Joomla | 2 Com Ckforms, Joomla\! | 2010-04-11 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-1310 | 1 Opera | 1 Opera Browser | 2010-04-09 | 5.0 MEDIUM | N/A |
| Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. | |||||
| CVE-2010-0513 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-04-08 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PostScript document. | |||||
| CVE-2010-1308 | 2 Joomla, La-souris-verte | 2 Joomla\!, Com Svmap | 2010-04-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-1309 | 1 Ermenegildo Fiorito | 1 Irmin Cms | 2010-04-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) 0.6 BETA2 allows remote attackers to read arbitrary files via a .. (dot dot) in the w parameter to index.php. | |||||
| CVE-2010-1313 | 2 Joomla, Seber | 2 Joomla\!, Com Sebercart | 2010-04-08 | 4.3 MEDIUM | N/A |
| Directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1314 | 2 Joomla, Joomlanook | 2 Joomla\!, Com Hsconfig | 2010-04-08 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0400 | 1 Mahara | 1 Mahara | 2010-04-08 | 7.5 HIGH | N/A |
| SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username. | |||||
| CVE-2008-7254 | 1 Ermenegildo Fiorito | 1 Irmin Cms | 2010-04-07 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in includes/template-loader.php in Irmin CMS (formerly Pepsi CMS) 0.5 and 0.6 BETA2, when register_globals is enabled, allows remote attackers to include and execute arbitrary files via a .. (dot dot) in the _Root_Path parameter. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-1302 | 2 Decryptweb, Joomla | 2 Com Dwgraphs, Joomla\! | 2010-04-07 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php. | |||||
| CVE-2010-1265 | 2 Ekith, Joomla | 2 Com Dcs Flashgames, Joomla\! | 2010-04-06 | 7.5 HIGH | N/A |
| SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. | |||||