Total
258583 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2010-0592 | 1 Cisco | 1 Unified Communications Manager | 2010-03-05 | 7.8 HIGH | N/A |
| The CTI Manager service in Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)sr1a, 6.x before 6.1(3), 7.0x before 7.0(2), 7.1x before 7.1(2), and 8.x before 8.0(1) allows remote attackers to cause a denial of service (service failure) via a malformed message, aka Bug ID CSCsu31800. | |||||
| CVE-2010-0587 | 1 Cisco | 1 Unified Communications Manager | 2010-03-05 | 7.8 HIGH | N/A |
| Cisco Unified Communications Manager (aka CUCM, formerly CallManager) 4.x before 4.3(2)SR2, 6.x before 6.1(5), 7.x before 7.1(3a)su1, and 8.x before 8.0(1) allows remote attackers to cause a denial of service (process failure) via a malformed SCCP StationCapabilitiesRes message with an invalid MaxCap field, aka Bug ID CSCtc38985. | |||||
| CVE-2009-3940 | 1 Sun | 2 Virtualbox, Xvm Virtualbox | 2010-03-04 | 2.1 LOW | N/A |
| Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors. | |||||
| CVE-2010-0922 | 1 Ibm | 1 Aix | 2010-03-04 | 7.8 HIGH | N/A |
| Unspecified vulnerability in secldapclntd in IBM AIX 5.3 with SP 5300-11-02 allows attackers to cause a denial of service (LDAP login failure) via unknown vectors. NOTE: some of these details are obtained from third party information. NOTE: there may be no attacker role, and the issue may be triggered entirely by an administrator's installation of an official service pack. | |||||
| CVE-2010-0924 | 2 Apple, Microsoft | 2 Safari, Windows | 2010-03-04 | 5.0 MEDIUM | N/A |
| cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.3 and 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the BACKGROUND attribute of a BODY element. | |||||
| CVE-2010-0923 | 1 Kde | 1 Kde Sc | 2010-03-04 | 6.9 MEDIUM | N/A |
| Race condition in workspace/krunner/lock/lockdlg.cc in the KRunner lock module in kdebase in KDE SC 4.4.0 allows physically proximate attackers to bypass KScreenSaver screen locking and access an unattended workstation by pressing the Enter key at a certain time, related to multiple forked processes. | |||||
| CVE-2010-0925 | 2 Apple, Microsoft | 2 Safari, Windows | 2010-03-04 | 5.0 MEDIUM | N/A |
| cfnetwork.dll 1.450.5.0 in CFNetwork, as used by safari.exe 531.21.10 in Apple Safari 4.0.4 on Windows, allows remote attackers to cause a denial of service (application crash) via a long string in the SRC attribute of a (1) IMG or (2) IFRAME element. | |||||
| CVE-2010-0920 | 1 Ibm | 2 Lotus Domino, Lotus Inotes | 2010-03-04 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in IBM Lotus iNotes (aka Domino Web Access or DWA) before 229.281 for Domino 8.0.2 FP4 allows remote attackers to inject arbitrary web script or HTML via vectors related to lack of "XSS/CSRF Get Filter and Referer Check fixes." | |||||
| CVE-2010-0801 | 2 Autartica, Joomla | 2 Com Autartitarot, Joomla\! | 2010-03-03 | 3.5 LOW | N/A |
| Directory traversal vulnerability in the AutartiTarot (com_autartitarot) component 1.0.3 for Joomla! allows remote authenticated users, with "Public Back-end" group permissions, to read arbitrary files via directory traversal sequences in the controller parameter in an edit task to administrator/index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0797 | 2 Snowflake, Typo3 | 2 T3blog, Typo3 | 2010-03-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | |||||
| CVE-2010-0692 | 2 Iptechinside, Joomla | 2 Com Jquarks, Joomla\! | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. | |||||
| CVE-2010-0763 | 1 Commodityrentals | 1 Vacation Rental Software | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in CommodityRentals Vacation Rental Software allows remote attackers to execute arbitrary SQL commands via the rental_id parameter in a CalendarView action. | |||||
| CVE-2010-0802 | 2 Aleinbeen, Invision Power Services | 2 \(nv2\) Awards, Invision Power Board | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in index.php in (nv2) Awards 1.1.0, a modification for Invision Power Board, allows remote attackers to execute arbitrary SQL commands via the id parameter in a view action. | |||||
| CVE-2010-0799 | 1 Perlunity | 1 Phpunity.newsmanager | 2010-03-03 | 5.0 MEDIUM | N/A |
| Directory traversal vulnerability in misc/tell_a_friend/tell.php in phpunity.newsmanager allows remote attackers to read arbitrary files via a .. (dot dot) in the id parameter. | |||||
| CVE-2010-0691 | 1 Jtl-software | 1 Jtl-shop | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in druckansicht.php in JTL-Shop 2 allows remote attackers to execute arbitrary SQL commands via the s parameter. | |||||
| CVE-2010-0798 | 2 Snowflake, Typo3 | 2 T3blog, Typo3 | 2010-03-03 | 7.5 HIGH | N/A |
| SQL injection vulnerability in the T3BLOG extension 0.6.2 and earlier for TYPO3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | |||||
| CVE-2010-0726 | 1 Tdiary | 1 Tdiary | 2010-03-03 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the tb-send.rb (TrackBack transmission) plugin in tDiary 2.2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via unknown vectors, possibly related to the (1) plugin_tb_url and (2) plugin_tb_excerpt parameters. | |||||
| CVE-2005-0742 | 1 Sun | 1 Java System Application Server | 2010-03-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Sun Java System Application Server 7 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | |||||
| CVE-2010-0695 | 1 Basic-cms | 1 Basic-cms | 2010-03-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in pages/index.php in BASIC-CMS allows remote attackers to inject arbitrary web script or HTML via the nav_id parameter. | |||||
| CVE-2010-0704 | 1 Ibm | 1 Websphere Portal | 2010-03-02 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in the Portlet Palette in IBM WebSphere Portal 6.0.1.5 wp6015_008_01 allows remote attackers to inject arbitrary web script or HTML via the search field. | |||||