Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2026-3762 A vulnerability has been found in SourceCodester Client Database Management System 1.0/3.1. Impacted is an unknown function of the file /superadmin_delete_manager.php of the component Endpoint. The ma... | 7.3 | HIGH | — | 0 |
| CVE-2010-3079 kernel/trace/ftrace.c in the Linux kernel before 2.6.35.5, when debugfs is enabled, does not properly handle interaction between mutex possession and llseek operations, which allows local users to cau... | 5.5 | MEDIUM | — | 0 |
| CVE-2010-3296 The cxgb_extension_ioctl function in drivers/net/cxgb3/cxgb3_main.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain po... | N/A | NONE | — | 0 |
| CVE-2010-3297 The eql_g_master_cfg function in drivers/net/eql.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensiti... | N/A | NONE | — | 0 |
| CVE-2010-3298 The hso_get_count function in drivers/net/usb/hso.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensit... | N/A | NONE | — | 0 |
| CVE-2010-3429 flicvideo.c in libavcodec 0.6 and earlier in FFmpeg, as used in MPlayer and other products, allows remote attackers to execute arbitrary code via a crafted flic file, related to an "arbitrary offset d... | N/A | NONE | — | 0 |
| CVE-2010-3434 Buffer overflow in the find_stream_bounds function in pdf.c in libclamav in ClamAV before 0.96.3 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary ... | N/A | NONE | — | 0 |
| CVE-2010-1623 Memory leak in the apr_brigade_split_line function in buckets/apr_brigade.c in the Apache Portable Runtime Utility library (aka APR-util) before 1.3.10, as used in the mod_reqtimeout module in the Apa... | N/A | NONE | — | 0 |
| CVE-2010-1822 WebKit, as used in Apple Safari before 4.1.3 and 5.0.x before 5.0.3 and Google Chrome before 6.0.472.62, does not properly perform a cast of an unspecified variable, which allows remote attackers to e... | 8.8 | HIGH | — | 0 |
| CVE-2010-3315 authz.c in the mod_dav_svn module for the Apache HTTP Server, as distributed in Apache Subversion 1.5.x before 1.5.8 and 1.6.x before 1.6.13, when SVNPathAuthz short_circuit is enabled, does not prope... | N/A | NONE | — | 0 |
| CVE-2006-1894 Cross-site scripting (XSS) vulnerability in RevoBoard 1.8, as derived from PunBB, allows remote attackers to inject arbitrary web script or HTML via a substitution cipher of the email tag, which is tr... | N/A | NONE | — | 0 |
| CVE-2010-3374 Qt Creator before 2.0.1 places a zero-length directory name in the LD_LIBRARY_PATH, which allows local users to gain privileges via a Trojan horse shared library in the current working directory. | N/A | NONE | — | 0 |
| CVE-2010-3437 Integer signedness error in the pkt_find_dev_from_minor function in drivers/block/pktcdvd.c in the Linux kernel before 2.6.36-rc6 allows local users to obtain sensitive information from kernel memory ... | N/A | NONE | — | 0 |
| CVE-2010-3442 Multiple integer overflows in the snd_ctl_new function in sound/core/control.c in the Linux kernel before 2.6.36-rc5-next-20100929 allow local users to cause a denial of service (heap memory corruptio... | N/A | NONE | — | 0 |
| CVE-2010-2535 Multiple cross-site scripting (XSS) vulnerabilities in the Back End in Joomla! 1.5.x before 1.5.20 allow remote authenticated users to inject arbitrary web script or HTML via administrator screens. | N/A | NONE | — | 0 |
| CVE-2010-2653 Race condition in the hvc_close function in drivers/char/hvc_console.c in the Linux kernel before 2.6.34 allows local users to cause a denial of service or possibly have unspecified other impact by cl... | N/A | NONE | — | 0 |
| CVE-2010-3307 Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) body, (2) fo... | N/A | NONE | — | 0 |
| CVE-2010-3729 The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers, which might allow remote attackers to execute arbitrary code via unspecified vectors. | 9.8 | CRITICAL | — | 0 |
| CVE-2010-3730 Google Chrome before 6.0.472.62 does not properly use information about the origin of a document to manage properties, which allows remote attackers to have an unspecified impact via a crafted web sit... | 8.8 | HIGH | — | 0 |
| CVE-2010-3731 Stack-based buffer overflow in the validateUser implementation in the com.ibm.db2.das.core.DasSysCmd function in db2dasrrm in the DB2 Administration Server (DAS) component in IBM DB2 9.1 before FP10, ... | N/A | NONE | — | 0 |
| CVE-2010-3732 The DRDA Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (database server ABEND) by using the client CLI on Linux, UNIX, or Windows for... | N/A | NONE | — | 0 |
| CVE-2013-4510 Directory traversal vulnerability in the client in Tryton 3.0.0, as distributed before 20131104 and earlier, allows remote servers to write arbitrary files via path separators in the extension of a re... | N/A | NONE | — | 0 |
| CVE-2010-3733 The Engine Utilities component in IBM DB2 UDB 9.5 before FP6a uses world-writable permissions for the sqllib/cfg/db2sprf file, which might allow local users to gain privileges by modifying this file. | N/A | NONE | — | 0 |
| CVE-2010-3734 The Install component in IBM DB2 UDB 9.5 before FP6a on Linux, UNIX, and Windows enforces an unintended limit on password length, which makes it easier for attackers to obtain access via a brute-force... | N/A | NONE | — | 0 |
| CVE-2010-3735 The "Query Compiler, Rewrite, Optimizer" component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (CPU consumption) via a crafted query involving certain... | N/A | NONE | — | 0 |
| CVE-2010-3736 Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a, when the connection concentrator is enabled, allows remote authenticated users to cause a denial of service (heap ... | N/A | NONE | — | 0 |
| CVE-2010-3737 Memory leak in the Relational Data Services component in IBM DB2 UDB 9.5 before FP6a allows remote authenticated users to cause a denial of service (heap memory consumption) by executing a (1) user-de... | N/A | NONE | — | 0 |
| CVE-2010-3738 The Security component in IBM DB2 UDB 9.5 before FP6a logs AUDIT events by using a USERID and an AUTHID value corresponding to the instance owner, instead of a USERID and an AUTHID value corresponding... | N/A | NONE | — | 0 |
| CVE-2010-3739 The audit facility in the Security component in IBM DB2 UDB 9.5 before FP6a uses instance-level audit settings to capture connection (aka CONNECT and AUTHENTICATION) events in certain circumstances in... | N/A | NONE | — | 0 |
| CVE-2010-3740 The Net Search Extender (NSE) implementation in the Text Search component in IBM DB2 UDB 9.5 before FP6a does not properly handle an alphanumeric Fuzzy search, which allows remote authenticated users ... | N/A | NONE | — | 0 |
| CVE-2010-3741 The offline backup mechanism in Research In Motion (RIM) BlackBerry Desktop Software uses single-iteration PBKDF2, which makes it easier for local users to decrypt a .ipd file via a brute-force attack... | N/A | NONE | — | 0 |
| CVE-2010-3742 Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) meta or (2) phpincdir pa... | N/A | NONE | — | 0 |
| CVE-2010-0218 ISC BIND 9.7.2 through 9.7.2-P1 uses an incorrect ACL to restrict the ability of Recursion Desired (RD) queries to access the cache, which allows remote attackers to obtain potentially sensitive infor... | N/A | NONE | — | 0 |
| CVE-2010-3302 Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via long (1) ... | N/A | NONE | — | 0 |
| CVE-2010-3303 Multiple cross-site scripting (XSS) vulnerabilities in MantisBT before 1.2.3 allow remote authenticated administrators to inject arbitrary web script or HTML via (1) a plugin name, related to manage_p... | N/A | NONE | — | 0 |
| CVE-2010-3308 Buffer overflow in programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 might allow remote authenticated gateways to execute arbitrary code or cause a denial of service via a long ci... | N/A | NONE | — | 0 |
| CVE-2010-3752 programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in (1) cisco_dns_info or (2) cisco_do... | N/A | NONE | — | 0 |
| CVE-2010-3753 programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote authenticated gateways to execute arbitrary commands via shell metacharacters in the cisco_banner (aka server_banne... | N/A | NONE | — | 0 |
| CVE-2010-3754 The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 uses values of packet fields ... | N/A | NONE | — | 0 |
| CVE-2010-3755 The _DAS_ReadBlockReply function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to cause a... | N/A | NONE | — | 0 |
| CVE-2010-3756 The _CalcHashValueWithLength function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly validate an... | N/A | NONE | — | 0 |
| CVE-2010-3757 Format string vulnerability in the _Eventlog function in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote... | N/A | NONE | — | 0 |
| CVE-2010-3758 Multiple stack-based buffer overflows in FastBackServer.exe in the Server in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allow remote attackers to exe... | N/A | NONE | — | 0 |
| CVE-2010-3759 FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 writes a certain value to a memory location specified by a UDP p... | N/A | NONE | — | 0 |
| CVE-2013-3190 Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corrup... | N/A | NONE | — | 0 |
| CVE-2010-3760 FastBackMount.exe in the Mount service in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 does not properly handle a certain failure to allocate memory, w... | N/A | NONE | — | 0 |
| CVE-2010-3761 Unspecified vulnerability in IBM Tivoli Storage Manager (TSM) FastBack 5.5.0.0 through 5.5.6.0 and 6.1.0.0 through 6.1.0.1 allows remote attackers to execute arbitrary code via unknown vectors, aka ZD... | N/A | NONE | — | 0 |
| CVE-2010-3762 ISC BIND before 9.7.2-P2, when DNSSEC validation is enabled, does not properly handle certain bad signatures if multiple trust anchors exist for a single zone, which allows remote attackers to cause a... | N/A | NONE | — | 0 |
| CVE-2010-3763 Cross-site scripting (XSS) vulnerability in core/summary_api.php in MantisBT before 1.2.3 allows remote attackers to inject arbitrary web script or HTML via the Summary field, a different vector than ... | N/A | NONE | — | 0 |
| CVE-2010-2367 Cross-site scripting (XSS) vulnerability in search.cgi in AD-EDIT2 before 3.0.9 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.