Total
304758 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0692 | 2 Iptechinside, Joomla | 2 Com Jquarks, Joomla\! | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0797 | 2 Snowflake, Typo3 | 2 T3blog, Typo3 | 2010-03-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0799 | 1 Perlunity | 1 Phpunity.newsmanager | 2010-03-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in misc/tell_a_friend/tell.php in phpunity.newsmanager allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. | |||||
| CVE-2010-0691 | 1 Jtl-software | 1 Jtl-shop | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter. | |||||
| CVE-2005-0742 | 1 Sun | 1 Java System Application Server | 2010-03-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2010-0704 | 1 Ibm | 1 Websphere Portal | 2010-03-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows remote attackers to inject arbitrary web script or HTML via the search field. | |||||
| CVE-2010-0695 | 1 Basic-cms | 1 Basic-cms | 2010-03-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter. | |||||
| CVE-2010-0667 | 1 Moinmo | 1 Moinmoin | 2010-03-01 | 5.0 MEDIUM | N/A |
| MoinMoin 1.9 before 1.9.1 does not perform the expected clearing of the sys.argv array in situations where the GATEWAY_INTERFACE environment variable is set, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2010-0760 | 2 Greatjoomla, Joomla | 2 Scriptegrator Plugin, Joomla\! | 2010-03-01 | 6.8 MEDIUM | N/A |
| Multiple directory traversal vulnerabilities in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allow remote attackers to include and execute arbitrary local files via directory traversal sequences in the (1) file parameter to libraries/jquery/js/ui/jsloader.php and the (2) files[] parameter to libraries/jquery/js/jsloader.php, a different vector than CVE-2010-0759. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2010-0414 | 1 Gnome | 1 Screensaver | 2010-02-26 | 7.2 HIGH | N/A |
| gnome-screensaver before 2.28.2 allows physically proximate attackers to bypass screen locking and access an unattended workstation by moving the mouse position to an external monitor and then disconnecting that monitor. | |||||
| CVE-2010-0446 | 1 Hp | 1 Dreamscreen | 2010-02-26 | 4.3 MEDIUM | N/A |
| Unspecified vulnerability on the HP DreamScreen 100 and 130 with firmware before 1.6.0.0, when using a web-connected configuration, allows remote attackers to obtain sensitive information via unknown vectors. | |||||
| CVE-2010-0144 | 1 Cisco | 2 Ironport Encryption Appliance, Ironport Postx | 2010-02-26 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the WebSafe DistributorServlet in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65922. | |||||
| CVE-2010-0143 | 1 Cisco | 2 Ironport Encryption Appliance, Ironport Postx | 2010-02-26 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the administrative interface in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to read arbitrary files via unknown vectors, aka IronPort Bug 65921. | |||||
| CVE-2009-4413 | 1 Pps.jussieu | 1 Polipo | 2010-02-26 | 5.0 MEDIUM | N/A |
| The httpClientDiscardBody function in client.c in Polipo 0.9.8, 0.9.12, 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a large Content-Length value, which triggers an integer overflow, a signed-to-unsigned conversion error with a negative value, and a segmentation fault. | |||||
| CVE-2010-0145 | 1 Cisco | 2 Ironport Encryption Appliance, Ironport Postx | 2010-02-26 | 10.0 HIGH | N/A |
| Unspecified vulnerability in the embedded HTTPS server on the Cisco IronPort Encryption Appliance 6.2.x before 6.2.9.1 and 6.5.x before 6.5.2, and the IronPort PostX MAP before 6.2.9.1, allows remote attackers to execute arbitrary code via unknown vectors, aka IronPort Bug 65923. | |||||
| CVE-2009-3305 | 1 Pps.jussieu | 1 Polipo | 2010-02-26 | 5.0 MEDIUM | N/A |
| Polipo 1.0.4, and possibly other versions, allows remote attackers to cause a denial of service (crash) via a request with a Cache-Control header that lacks a value for the max-age field, which triggers a segmentation fault in the httpParseHeaders function in http_parse.c, and possibly other unspecified vectors. | |||||
| CVE-2010-0683 | 1 Tibco | 1 Administrator | 2010-02-26 | 6.0 MEDIUM | N/A |
| Unspecified vulnerability in TIBRepoServer5.jar in TIBCO Administrator 5.4.0 through 5.6.0, when JMS transport is used, allows remote authenticated users to execute arbitrary code on all domain nodes via vectors related to leveraging administrative credentials. | |||||
| CVE-2010-0710 | 1 Aspcodecms | 1 Aspcode Cms | 2010-02-26 | 7.5 HIGH | N/A |
| SQL injection vulnerability in default.asp in ASPCode CMS 1.5.8, 2.0.0 Build 103, and possibly other versions, allows remote attackers to execute arbitrary SQL commands via the newsid parameter when the sec parameter is 26. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
| CVE-2009-4568 | 1 Webmin | 2 Usermin, Webmin | 2010-02-24 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Webmin before 1.500 and Usermin before 1.430 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0699 | 1 Videosearchscript | 1 Videosearchscript Pro | 2010-02-24 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in index.php in VideoSearchScript Pro 3.5 allows remote attackers to inject arbitrary web script or HTML via the q parameter. | |||||