Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0602 | 1 Cisco | 1 Pgw 2200 Softswitch | 2010-05-21 | 7.8 HIGH | N/A |
| The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S11 allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug ID CSCsk32606. | |||||
| CVE-2010-0512 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-05-21 | 9.3 HIGH | N/A |
| The Accounts Preferences implementation in Apple Mac OS X 10.6 before 10.6.3, when a network account server is used, does not support Login Window access control that is based solely on group membership, which allows attackers to bypass intended access restrictions by entering login credentials. | |||||
| CVE-2010-0601 | 1 Cisco | 1 Pgw 2200 Softswitch | 2010-05-21 | 7.8 HIGH | N/A |
| The MGCP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S11 allows remote attackers to cause a denial of service (device crash) via a malformed packet, aka Bug ID CSCsl39126. | |||||
| CVE-2010-0604 | 1 Cisco | 1 Pgw 2200 Softswitch | 2010-05-21 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via unknown SIP traffic, as demonstrated by "SIP testing," aka Bug ID CSCsk38165. | |||||
| CVE-2010-0524 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2010-05-21 | 7.5 HIGH | N/A |
| The default configuration of the FreeRADIUS server in Apple Mac OS X Server before 10.6.3 permits EAP-TLS authenticated connections on the basis of an arbitrary client certificate, which allows remote attackers to obtain network connectivity via a crafted RADIUS Access Request message. | |||||
| CVE-2009-4842 | 1 Toutvirtual | 1 Virtualiq | 2010-05-21 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in ToutVirtual VirtualIQ Pro 3.5 build 8691 allow remote attackers to inject arbitrary web script or HTML via the (1) addNewDept, (2) deptId, or (3) deptDesc parameter to tvserver/server/user/addDepartment.jsp; or the (4) firstName, (5) lastName, or (6) email parameter in a save action to tvserver/user/user.do. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-1999 | 1 Openmairie | 1 Opencatalogue | 2010-05-21 | 6.8 MEDIUM | N/A |
| Directory traversal vulnerability in scr/soustab.php in OpenMairie Opencatalogue 1.024, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the dsn[phptype] parameter, a related issue to CVE-2007-2069. | |||||
| CVE-2010-2000 | 2 Drupal, Ron Jerome | 2 Drupal, Bibliography | 2010-05-21 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Bibliography (Biblio) module 5.x through 5.x-1.17 and 6.x through 6.x-1.9 for Drupal allows remote authenticated users, with "administer biblio" privileges, to inject arbitrary web script or HTML via unspecified vectors, a different vulnerability than CVE-2010-1358. | |||||
| CVE-2010-2002 | 3 Addison Berry, Drupal, Jeff Warrington | 3 Wordfilter, Drupal, Wordfilter | 2010-05-21 | 2.1 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the Wordfilter module 5.x before 5.x-1.1 and 6.x before 6.x-1.1 for Drupal allows remote authenticated users, with "administer words filtered" privileges, to inject arbitrary web script or HTML via the word list. | |||||
| CVE-2010-1977 | 2 Gohigheris, Joomla | 2 Com Jwhmcs, Joomla\! | 2010-05-21 | 7.5 HIGH | N/A |
| Directory traversal vulnerability in the J!WHMCS Integrator (com_jwhmcs) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. | |||||
| CVE-2010-2001 | 2 Drupal, Ninjitsuweb | 2 Drupal, Civiregister | 2010-05-21 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in the CiviRegister module before 6.x-1.1 for Drupal allows remote attackers to inject arbitrary web script or HTML via the URI. | |||||
| CVE-2010-1985 | 1 Sixapart | 1 Movable Type | 2010-05-20 | 4.3 MEDIUM | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in the administrative user interface in Six Apart Movable Type 5.0 and 5.01 allow remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2010-1189 | 1 Mediawiki | 1 Mediawiki | 2010-05-20 | 5.0 MEDIUM | N/A |
| MediaWiki before 1.15.2 does not prevent wiki editors from linking to images from other web sites in wiki pages, which allows editors to obtain IP addresses and other information of wiki users by adding a link to an image on an attacker-controlled web site, aka "CSS validation issue." | |||||
| CVE-2010-0603 | 1 Cisco | 1 Pgw 2200 Softswitch | 2010-05-20 | 7.8 HIGH | N/A |
| The SIP implementation on the Cisco PGW 2200 Softswitch with software before 9.7(3)S10 allows remote attackers to cause a denial of service (device crash) via a malformed session attribute, aka Bug ID CSCsk40030. | |||||
| CVE-2009-4637 | 1 Ffmpeg | 1 Ffmpeg | 2010-05-20 | 10.0 HIGH | N/A |
| FFmpeg 0.5 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via unknown vectors that trigger a stack-based buffer overflow. | |||||
| CVE-2010-1627 | 1 Phpbb | 1 Phpbb | 2010-05-20 | 4.3 MEDIUM | N/A |
| feed.php in phpBB 3.0.7 before 3.0.7-PL1 does not properly check permissions for feeds, which allows remote attackers to bypass intended access restrictions via unspecified attack vectors related to permission settings on a private forum. | |||||
| CVE-2010-1630 | 1 Phpbb | 1 Phpbb | 2010-05-20 | 7.5 HIGH | N/A |
| Unspecified vulnerability in posting.php in phpBB before 3.0.5 has unknown impact and attack vectors related to the use of a "forum id" in circumstances related to a "global announcement." | |||||
| CVE-2010-1982 | 2 Joomla, Joomlart | 2 Joomla\!, Com Javoice | 2010-05-20 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in the JA Voice (com_javoice) component 2.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php. | |||||
| CVE-2010-1943 | 1 Nec | 1 Capsuite Patchmeister | 2010-05-19 | 7.8 HIGH | N/A |
| Unspecified vulnerability in NEC CapsSuite Small Edition PatchMeister 2.0 Update2 and earlier allows remote attackers to cause a denial of service (OS shutdown or restart) via vectors related to Client Service for PTM and crafted packets to port 56015. | |||||
| CVE-2010-1941 | 1 Nec | 5 Bladesystemcenter, Expresssystemcenter, Sigmasystemcenter and 2 more | 2010-05-19 | 7.8 HIGH | N/A |
| Unspecified vulnerability in NEC WebSAM DeploymentManager 5.13 and earlier, as used in SigmaSystemCenter 2.1 Update2 and earlier, BladeSystemCenter, ExpressSystemCenter, and VirtualPCCenter 2.2 and earlier, allows remote attackers to cause a denial of service (OS shutdown or restart) via unknown vectors related to Client Service for DPM and crafted packets to port 56010. | |||||