Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-2799 | 1 Dest-unreach | 1 Socat | 2010-09-15 | 6.8 MEDIUM | N/A |
| Stack-based buffer overflow in the nestlex function in nestlex.c in Socat 1.5.0.0 through 1.7.1.2 and 2.0.0-b1 through 2.0.0-b3, when bidirectional data relay is enabled, allows context-dependent attackers to execute arbitrary code via long command-line arguments. | |||||
| CVE-2010-2953 | 1 Apache | 1 Couchdb | 2010-09-14 | 6.9 MEDIUM | N/A |
| Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in CouchDB 0.8.0 allows local users to gain privileges via a crafted shared library in the current working directory. | |||||
| CVE-2010-3323 | 1 Splunk | 1 Splunk | 2010-09-14 | 4.6 MEDIUM | N/A |
| Splunk 4.0.0 through 4.1.4 allows remote attackers to conduct session hijacking attacks and obtain the splunkd session key via vectors related to the SPLUNKD_SESSION_KEY parameter. | |||||
| CVE-2010-2366 | 1 Futomi | 1 Access Analyzer Cgi | 2010-09-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in futomi CGI Cafe Access Analyzer CGI Professional, and Standard 4.0.2 and earlier, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-3318 | 1 Ibm | 1 Filenet Content Manager | 2010-09-14 | 5.0 MEDIUM | N/A |
| IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 transmits passwords in cleartext, which allows remote attackers to obtain sensitive information by sniffing the network. | |||||
| CVE-2010-3317 | 1 Ibm | 1 Filenet Content Manager | 2010-09-14 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-3320 | 1 Ibm | 1 Filenet Content Manager | 2010-09-14 | 6.8 MEDIUM | N/A |
| Open redirect vulnerability in IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors. | |||||
| CVE-2010-3319 | 1 Ibm | 1 Filenet Content Manager | 2010-09-14 | 5.0 MEDIUM | N/A |
| IBM Records Manager (RM) 4.5.x before 4.5.1.1-IER-FP001 places a session token in the URI, which might allow remote attackers to obtain sensitive information by reading a Referer log file. | |||||
| CVE-2010-2843 | 1 Cisco | 1 Wireless Lan Controller Software | 2010-09-13 | 9.0 HIGH | N/A |
| Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-3033. | |||||
| CVE-2010-0574 | 1 Cisco | 1 Wireless Lan Controller Software | 2010-09-13 | 7.8 HIGH | N/A |
| Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 3.2 before 3.2.215.0; 4.1 and 4.2 before 4.2.205.0; 4.1M and 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.188.0; and 5.2 before 5.2.193.11 allows remote attackers to cause a denial of service (device reload) via a crafted IKE packet, aka Bug ID CSCta56653. | |||||
| CVE-2010-3033 | 1 Cisco | 1 Wireless Lan Controller Software | 2010-09-13 | 9.0 HIGH | N/A |
| Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2842 and CVE-2010-2843. | |||||
| CVE-2010-2842 | 1 Cisco | 1 Wireless Lan Controller Software | 2010-09-13 | 9.0 HIGH | N/A |
| Cisco Wireless LAN Controller (WLC) software, possibly 4.2 through 6.0, allows remote authenticated users to bypass intended access restrictions and modify the configuration, and possibly obtain administrative privileges, via unspecified vectors, a different vulnerability than CVE-2010-2843 and CVE-2010-3033. | |||||
| CVE-2010-2841 | 1 Cisco | 1 Wireless Lan Controller Software | 2010-09-13 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Cisco Wireless LAN Controller (WLC) software 4.2 before 4.2.209.0; 4.2M before 4.2.207.54M; 5.0, 5.1, and 6.0 before 6.0.196.0; and 5.2 before 5.2.193.11 allows remote authenticated users to cause a denial of service (device reload) via crafted HTTP packets that trigger invalid arguments to the emweb component, aka Bug ID CSCtd16938. | |||||
| CVE-2010-0575 | 1 Cisco | 1 Wireless Lan Controller Software | 2010-09-13 | 5.0 MEDIUM | N/A |
| Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-3034. | |||||
| CVE-2010-3034 | 1 Cisco | 1 Wireless Lan Controller Software | 2010-09-13 | 5.0 MEDIUM | N/A |
| Cisco Wireless LAN Controller (WLC) software, possibly 6.0.x or possibly 4.1 through 6.0.x, allows remote attackers to bypass ACLs in the controller CPU, and consequently send network traffic to unintended segments or devices, via unspecified vectors, a different vulnerability than CVE-2010-0575. | |||||
| CVE-2010-2957 | 1 S9y | 1 Serendipity | 2010-09-10 | 2.6 LOW | N/A |
| Cross-site scripting (XSS) vulnerability in Serendipity before 1.5.4, when "Remember me" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-3018 | 1 Rsa | 1 Access Manager Server | 2010-09-10 | 4.3 MEDIUM | N/A |
| RSA Access Manager Server 5.5.3 before 5.5.3.172, 6.0.4 before 6.0.4.53, and 6.1 before 6.1.2.01 does not properly perform cache updates, which allows remote attackers to obtain sensitive information via unspecified vectors. | |||||
| CVE-2010-3198 | 1 Zope | 1 Zope | 2010-09-10 | 4.3 MEDIUM | N/A |
| ZServer in Zope 2.10.x before 2.10.12 and 2.11.x before 2.11.7 allows remote attackers to cause a denial of service (crash of worker threads) via vectors that trigger uncaught exceptions. | |||||
| CVE-2010-3017 | 1 Rsa | 1 Access Manager Agent | 2010-09-10 | 5.7 MEDIUM | N/A |
| Unspecified vulnerability in RSA Access Manager Agent 4.7.1 before 4.7.1.7, when RSA Adaptive Authentication Integration is enabled, allows remote attackers to bypass authentication and obtain sensitive information via unknown vectors. | |||||
| CVE-2010-2840 | 1 Cisco | 1 Unified Presence Server | 2010-09-09 | 7.8 HIGH | N/A |
| The Presence Engine (PE) service in Cisco Unified Presence 6.x before 6.0(7) and 7.x before 7.0(8) does not properly handle an erroneous Contact field in the header of a SIP SUBSCRIBE message, which allows remote attackers to cause a denial of service (process failure) via a malformed message, aka Bug ID CSCtd39629. | |||||