Total
7549 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2010-1967 | 2 Hp, Microsoft | 2 Insight Software Installer, Windows | 2024-11-21 | 3.6 LOW | N/A |
Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data via unknown vectors. | |||||
CVE-2010-1966 | 2 Hp, Microsoft | 2 Insight Control, Windows | 2024-11-21 | 4.6 MEDIUM | N/A |
Unspecified vulnerability in HP Insight Control power management for Windows before 6.1 allows local users to read or modify data, or cause a denial of service, via unknown vectors. | |||||
CVE-2010-1965 | 2 Hp, Microsoft | 2 Insight Orchestration, Windows | 2024-11-21 | 7.5 HIGH | N/A |
Unspecified vulnerability in HP Insight Orchestration for Windows before 6.1 allows remote attackers to read or modify data via unknown vectors. | |||||
CVE-2010-1940 | 2 Apple, Microsoft | 2 Safari, Windows | 2024-11-21 | 4.3 MEDIUM | N/A |
Apple Safari 4.0.5 on Windows sends the "Authorization: Basic" header appropriate for one web site to a different web site named in a Location header received from the first site, which allows remote web servers to obtain sensitive information by logging HTTP requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | |||||
CVE-2010-1939 | 2 Apple, Microsoft | 2 Safari, Windows | 2024-11-21 | 7.6 HIGH | N/A |
Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which triggers improper handling of a deleted window object. | |||||
CVE-2010-1898 | 2 Apple, Microsoft | 4 Mac Os X, .net Framework, Silverlight and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability." | |||||
CVE-2010-1805 | 2 Apple, Microsoft | 2 Safari, Windows | 2024-11-21 | 6.9 MEDIUM | N/A |
Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari. | |||||
CVE-2010-1799 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2024-11-21 | 9.3 HIGH | N/A |
Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file. | |||||
CVE-2010-1729 | 2 Apple, Microsoft | 3 Safari, Webkit, Windows | 2024-11-21 | 4.3 MEDIUM | N/A |
WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop. | |||||
CVE-2010-1728 | 3 Apple, Microsoft, Opera | 3 Mac Os X, Windows, Opera Browser | 2024-11-21 | 9.3 HIGH | N/A |
Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955. | |||||
CVE-2010-1558 | 2 Hp, Microsoft | 2 Multifunction Peripheral Digital Sending Software, Windows | 2024-11-21 | 4.7 MEDIUM | N/A |
Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors. | |||||
CVE-2010-1556 | 3 Hp, Linux, Microsoft | 4 Hp-ux, Systems Insight Manager, Linux Kernel and 1 more | 2024-11-21 | 6.4 MEDIUM | N/A |
Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 Update 1, and 6.0 allows remote attackers to obtain sensitive information and modify data via unknown vectors. | |||||
CVE-2010-1549 | 2 Hp, Microsoft | 3 Loadrunner, Performance Center, Windows | 2024-11-21 | 10.0 HIGH | N/A |
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors. | |||||
CVE-2010-1508 | 2 Apple, Microsoft | 2 Quicktime, Windows | 2024-11-21 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms. | |||||
CVE-2010-1387 | 2 Apple, Microsoft | 4 Iphone Os, Ipod Touch, Itunes and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769. | |||||
CVE-2010-1349 | 2 Microsoft, Opera | 2 Windows, Opera Browser | 2024-11-21 | 10.0 HIGH | N/A |
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow. | |||||
CVE-2010-1297 | 5 Adobe, Apple, Microsoft and 2 more | 7 Acrobat, Air, Flash Player and 4 more | 2024-11-21 | 9.3 HIGH | 7.8 HIGH |
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010. | |||||
CVE-2010-1295 | 3 Adobe, Apple, Microsoft | 4 Acrobat, Acrobat Reader, Mac Os X and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212. | |||||
CVE-2010-1292 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2024-11-21 | 9.3 HIGH | N/A |
The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file. | |||||
CVE-2010-1291 | 3 Adobe, Apple, Microsoft | 7 Shockwave Player, Macos, Windows and 4 more | 2024-11-21 | 9.3 HIGH | N/A |
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, and CVE-2010-1290. |