Export limit exceeded: 339825 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 29880 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (29880 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-3976 | 2 Adobe, Microsoft | 2 Flash Player, Windows | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Adobe Flash Player before 9.0.289.0 and 10.x before 10.1.102.64 on Windows allows local users, and possibly remote attackers, to execute arbitrary code and conduct DLL hijacking attacks via a Trojan horse dwmapi.dll that is located in the same folder as a file that is processed by Flash Player. | ||||
| CVE-2010-3980 | 1 Sap | 1 Businessobjects | 2025-04-11 | N/A |
| Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 does not limit the number of CUIDs that may be requested, which allows remote authenticated users to cause a denial of service via a large numCuids value in a GenerateCuids SOAPAction to the dswsbobje/services/biplatform URI. | ||||
| CVE-2010-3996 | 1 Cstr | 1 Festival | 2025-04-11 | N/A |
| festival_server in Centre for Speech Technology Research (CSTR) Festival, probably 2.0.95-beta and earlier, places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | ||||
| CVE-2010-3998 | 1 Banshee-project | 1 Banshee | 2025-04-11 | N/A |
| The (1) banshee-1 and (2) muinshee scripts in Banshee 1.8.0 and earlier place a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. NOTE: Banshee might also be affected using GST_PLUGIN_PATH. | ||||
| CVE-2010-3999 | 1 Gnucash | 1 Gnucash | 2025-04-11 | N/A |
| gnc-test-env in GnuCash 2.3.15 and earlier places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | ||||
| CVE-2010-4033 | 1 Google | 1 Chrome | 2025-04-11 | N/A |
| Google Chrome before 7.0.517.41 does not properly implement the autofill and autocomplete functionality, which allows remote attackers to conduct "profile spamming" attacks via unspecified vectors. | ||||
| CVE-2010-4056 | 1 Ibm | 1 Soliddb | 2025-04-11 | N/A |
| solid.exe in IBM solidDB 6.5.0.3 and earlier does not properly perform a recursive call to a certain function upon receiving packet data containing a single integer field, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via a TCP session on port 1315. | ||||
| CVE-2010-4353 | 1 Menalto | 1 Gallery | 2025-04-11 | N/A |
| Unrestricted file upload vulnerability in modules/gallery/models/item.php in Menalto Gallery before 3.0 and beta allows remote authenticated users with upload permissions to execute arbitrary code by uploading a file with an executable extension, then accessing it via a direct request to the file in an unspecified directory. | ||||
| CVE-2010-4373 | 1 Nullsoft | 1 Winamp | 2025-04-11 | N/A |
| The in_mp4 plugin in Winamp before 5.6 allows remote attackers to cause a denial of service (application crash) via crafted (1) metadata or (2) albumart in an invalid MP4 file. | ||||
| CVE-2010-4476 | 2 Redhat, Sun | 12 Enterprise Linux, Jboss Enterprise Application Platform, Jboss Enterprise Portal Platform and 9 more | 2025-04-11 | N/A |
| The Double.parseDouble method in Java Runtime Environment (JRE) in Oracle Java SE and Java for Business 6 Update 23 and earlier, 5.0 Update 27 and earlier, and 1.4.2_29 and earlier, as used in OpenJDK, Apache, JBossweb, and other products, allows remote attackers to cause a denial of service via a crafted string that triggers an infinite loop of estimations during conversion to a double-precision binary floating-point number, as demonstrated using 2.2250738585072012e-308. | ||||
| CVE-2010-4499 | 1 Tibco | 2 Activecatalog, Collaborative Information Manager | 2025-04-11 | N/A |
| Session fixation vulnerability in Collaborative Information Manager server, as used in TIBCO Collaborative Information Manager before 8.1.0 and ActiveCatalog before 1.0.1, allows remote attackers to hijack web sessions via unspecified vectors. | ||||
| CVE-2010-4551 | 1 Ibm | 1 Lotus Notes Traveler | 2025-04-11 | N/A |
| IBM Lotus Notes Traveler before 8.5.1.2 allows remote authenticated users to cause a denial of service (NULL pointer dereference and daemon crash) by omitting the Internet ID field in the person document, and then using an Apple device to (1) accept or (2) decline an invitation. | ||||
| CVE-2010-4579 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.00 does not properly constrain dialogs to appear on top of rendered documents, which makes it easier for remote attackers to trick users into interacting with a crafted web site that spoofs the (1) security information dialog or (2) download dialog. | ||||
| CVE-2010-4583 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 11.00, when Opera Turbo is enabled, does not display a page's security indication, which makes it easier for remote attackers to spoof trusted content via a crafted web site. | ||||
| CVE-2010-4587 | 2 Microsoft, Opera | 2 Windows, Opera Browser | 2025-04-11 | N/A |
| Opera before 11.00 on Windows does not properly implement the Insecure Third Party Module warning message, which might make it easier for user-assisted remote attackers to have an unspecified impact via a crafted module. | ||||
| CVE-2010-5195 | 1 Roxio | 1 Mydvd | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Roxio MyDVD 9 allows local users to gain privileges via a Trojan horse HomeUtils9.dll file in the current working directory, as demonstrated by a directory that contains a .dmsd or .dmsm file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-5196 | 1 Keepass | 1 Password Safe | 2025-04-11 | N/A |
| Untrusted search path vulnerability in KeePass Password Safe before 2.13 allows local users to gain privileges via a Trojan horse DwmApi.dll file in the current working directory, as demonstrated by a directory that contains a .kdbx file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-5197 | 1 Pixia | 1 Pixia | 2025-04-11 | N/A |
| Untrusted search path vulnerability in Pixia 4.70j allows local users to gain privileges via a Trojan horse wintab32.dll file in the current working directory, as demonstrated by a directory that contains a .pxa file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-5198 | 1 Intuit | 1 Quickbooks | 2025-04-11 | N/A |
| Multiple untrusted search path vulnerabilities in Intuit QuickBooks 2010 allow local users to gain privileges via a Trojan horse (1) dbicudtx11.dll, (2) mfc90enu.dll, or (3) mfc90loc.dll file in the current working directory, as demonstrated by a directory that contains a .des, .qbo, or .qpg file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-5199 | 1 Novadevelopement | 1 Photoimpact X3 | 2025-04-11 | N/A |
| Untrusted search path vulnerability in PhotoImpact X3 13.00.0000.0 allows local users to gain privileges via a Trojan horse bwsconst.dll file in the current working directory, as demonstrated by a directory that contains a .ufp or .ufo file. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||