Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Windows
Total 7549 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-1967 2 Hp, Microsoft 2 Insight Software Installer, Windows 2024-11-21 3.6 LOW N/A
Unspecified vulnerability in HP Insight Software Installer for Windows before 6.1 allows local users to read or modify data via unknown vectors.
CVE-2010-1966 2 Hp, Microsoft 2 Insight Control, Windows 2024-11-21 4.6 MEDIUM N/A
Unspecified vulnerability in HP Insight Control power management for Windows before 6.1 allows local users to read or modify data, or cause a denial of service, via unknown vectors.
CVE-2010-1965 2 Hp, Microsoft 2 Insight Orchestration, Windows 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in HP Insight Orchestration for Windows before 6.1 allows remote attackers to read or modify data via unknown vectors.
CVE-2010-1940 2 Apple, Microsoft 2 Safari, Windows 2024-11-21 4.3 MEDIUM N/A
Apple Safari 4.0.5 on Windows sends the "Authorization: Basic" header appropriate for one web site to a different web site named in a Location header received from the first site, which allows remote web servers to obtain sensitive information by logging HTTP requests. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
CVE-2010-1939 2 Apple, Microsoft 2 Safari, Windows 2024-11-21 7.6 HIGH N/A
Use-after-free vulnerability in Apple Safari 4.0.5 on Windows allows remote attackers to execute arbitrary code by using window.open to create a popup window for a crafted HTML document, and then calling the parent window's close method, which triggers improper handling of a deleted window object.
CVE-2010-1898 2 Apple, Microsoft 4 Mac Os X, .net Framework, Silverlight and 1 more 2024-11-21 9.3 HIGH N/A
The Common Language Runtime (CLR) in Microsoft .NET Framework 2.0 SP1, 2.0 SP2, 3.5, 3.5 SP1, and 3.5.1, and Microsoft Silverlight 2 and 3 before 3.0.50611.0 on Windows and before 3.0.41130.0 on Mac OS X, does not properly handle interfaces and delegations to virtual methods, which allows remote attackers to execute arbitrary code via (1) a crafted XAML browser application (aka XBAP), (2) a crafted ASP.NET application, or (3) a crafted .NET Framework application, aka "Microsoft Silverlight and Microsoft .NET Framework CLR Virtual Method Delegate Vulnerability."
CVE-2010-1805 2 Apple, Microsoft 2 Safari, Windows 2024-11-21 6.9 MEDIUM N/A
Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari.
CVE-2010-1799 2 Apple, Microsoft 2 Quicktime, Windows 2024-11-21 9.3 HIGH N/A
Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
CVE-2010-1729 2 Apple, Microsoft 3 Safari, Webkit, Windows 2024-11-21 4.3 MEDIUM N/A
WebKit.dll in WebKit, as used in Safari.exe 4.531.9.1 in Apple Safari, allows remote attackers to cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop.
CVE-2010-1728 3 Apple, Microsoft, Opera 3 Mac Os X, Windows, Opera Browser 2024-11-21 9.3 HIGH N/A
Opera before 10.53 on Windows and Mac OS X does not properly handle a series of document modifications that occur asynchronously, which allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via JavaScript that writes <marquee> sequences in an infinite loop, leading to attempted use of uninitialized memory. NOTE: this might overlap CVE-2006-6955.
CVE-2010-1558 2 Hp, Microsoft 2 Multifunction Peripheral Digital Sending Software, Windows 2024-11-21 4.7 MEDIUM N/A
Unspecified vulnerability in HP Multifunction Peripheral (MFP) Digital Sending Software before 4.18.3 allows local users to bypass intended restrictions on the MFP "Send to e-mail" feature, and obtain sensitive information, via unknown vectors.
CVE-2010-1556 3 Hp, Linux, Microsoft 4 Hp-ux, Systems Insight Manager, Linux Kernel and 1 more 2024-11-21 6.4 MEDIUM N/A
Unspecified vulnerability in HP Systems Insight Manager (SIM) 5.3, 5.3 Update 1, and 6.0 allows remote attackers to obtain sensitive information and modify data via unknown vectors.
CVE-2010-1549 2 Hp, Microsoft 3 Loadrunner, Performance Center, Windows 2024-11-21 10.0 HIGH N/A
Unspecified vulnerability in the Agent in HP LoadRunner before 9.50 and HP Performance Center before 9.50 allows remote attackers to execute arbitrary code via unknown vectors.
CVE-2010-1508 2 Apple, Microsoft 2 Quicktime, Windows 2024-11-21 9.3 HIGH N/A
Heap-based buffer overflow in Apple QuickTime before 7.6.9 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via crafted Track Header (aka tkhd) atoms.
CVE-2010-1387 2 Apple, Microsoft 4 Iphone Os, Ipod Touch, Itunes and 1 more 2024-11-21 9.3 HIGH N/A
Use-after-free vulnerability in JavaScriptCore in WebKit in Apple iTunes before 9.2 on Windows, and Apple iOS before 4 on the iPhone and iPod touch, allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via vectors related to page transitions, a different vulnerability than CVE-2010-1763 and CVE-2010-1769.
CVE-2010-1349 2 Microsoft, Opera 2 Windows, Opera Browser 2024-11-21 10.0 HIGH N/A
Integer overflow in Opera 10.10 through 10.50 allows remote attackers to execute arbitrary code via a large Content-Length value, which triggers a heap overflow.
CVE-2010-1297 5 Adobe, Apple, Microsoft and 2 more 7 Acrobat, Air, Flash Player and 4 more 2024-11-21 9.3 HIGH 7.8 HIGH
Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64; Adobe AIR before 2.0.2.12610; and Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted SWF content, related to authplay.dll and the ActionScript Virtual Machine 2 (AVM2) newfunction instruction, as exploited in the wild in June 2010.
CVE-2010-1295 3 Adobe, Apple, Microsoft 4 Acrobat, Acrobat Reader, Mac Os X and 1 more 2024-11-21 9.3 HIGH N/A
Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-2202, CVE-2010-2207, CVE-2010-2209, CVE-2010-2210, CVE-2010-2211, and CVE-2010-2212.
CVE-2010-1292 3 Adobe, Apple, Microsoft 7 Shockwave Player, Macos, Windows and 4 more 2024-11-21 9.3 HIGH N/A
The implementation of pami RIFF chunk parsing in Adobe Shockwave Player before 11.5.7.609 does not validate a certain value from a file before using it in file-pointer calculations, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted .dir (aka Director) file.
CVE-2010-1291 3 Adobe, Apple, Microsoft 7 Shockwave Player, Macos, Windows and 4 more 2024-11-21 9.3 HIGH N/A
Adobe Shockwave Player before 11.5.7.609 allows attackers to cause a denial of service (memory corruption) or possibly execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2010-1284, CVE-2010-1286, CVE-2010-1287, CVE-2010-1289, and CVE-2010-1290.