Total
5597 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-2564 | 1 Microsoft | 1 Windows Movie Maker | 2025-04-11 | N/A |
| Buffer overflow in Microsoft Windows Movie Maker (WMM) 2.1, 2.6, and 6.0 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted project file, aka "Movie Maker Memory Corruption Vulnerability." | ||||
| CVE-2010-2561 | 1 Microsoft | 1 Xml Core Services | 2025-04-11 | N/A |
| Microsoft XML Core Services (aka MSXML) 3.0 does not properly handle HTTP responses, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted response, aka "Msxml2.XMLHTTP.3.0 Response Handling Memory Corruption Vulnerability." | ||||
| CVE-2010-1266 | 1 Kjetiltroan | 1 Webmaid Cms | 2025-04-11 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in WebMaid CMS 0.2-6 Beta and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) template, (2) menu, (3) events, and (4) SITEROOT parameters to template/babyweb/index.php; the (5) modules and (6) copyright parameters to template/calm/footer.php; the (7) menu parameter to template/calm/top.php; and the (8) modules, (9) copyright, and (10) menu parameters to template/wm025/footer.php. | ||||
| CVE-2013-0810 | 1 Microsoft | 4 Windows Server 2003, Windows Server 2008, Windows Vista and 1 more | 2025-04-11 | 8.1 High |
| Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file, aka "Windows Theme File Remote Code Execution Vulnerability." | ||||
| CVE-2010-2358 | 1 Jeffkilroy | 1 Nakid Cms | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in modules/catalog/upload_photo.php in Nakid CMS 0.5.2, when magic_quotes_gpc is disabled and register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the core[system_path] parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-2261 | 1 Linksys | 1 Wap54gv3 | 2025-04-11 | N/A |
| Linksys WAP54Gv3 firmware 3.04.03 and earlier allows remote attackers to execute arbitrary commands via shell metacharacters in the (1) data2 and (2) data3 parameters to (a) Debug_command_page.asp and (b) debug.cgi. | ||||
| CVE-2010-2341 | 1 Ezpx | 1 Ezpx Photoblog | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in system/application/views/public/commentform.php in EZPX Photoblog 1.2 beta allows remote attackers to execute arbitrary PHP code via a URL in the tpl_base_dir parameter. | ||||
| CVE-2013-1638 | 1 Opera | 1 Opera Browser | 2025-04-11 | N/A |
| Opera before 12.13 allows remote attackers to execute arbitrary code via crafted clipPaths in an SVG document. | ||||
| CVE-2010-2217 | 3 Adobe, Linux, Microsoft | 4 Flash Media Server, Flash Media Server 2, Linux Kernel and 1 more | 2025-04-11 | N/A |
| Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to execute arbitrary code via unspecified vectors, related to a "JS method vulnerability." | ||||
| CVE-2010-2213 | 2 Adobe, Redhat | 4 Adobe Air, Flash Player, Flash Player For Linux and 1 more | 2025-04-11 | N/A |
| Adobe Flash Player before 9.0.280 and 10.x before 10.1.82.76, and Adobe AIR before 2.0.3, allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2010-0209, CVE-2010-2214, and CVE-2010-2216. | ||||
| CVE-2010-2205 | 4 Adobe, Apple, Microsoft and 1 more | 5 Acrobat, Acrobat Reader, Mac Os X and 2 more | 2025-04-11 | N/A |
| Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, access uninitialized memory, which allows attackers to execute arbitrary code via unspecified vectors. | ||||
| CVE-2010-2186 | 3 Adobe, Macromedia, Redhat | 4 Air, Flash Player, Flash Player and 1 more | 2025-04-11 | N/A |
| Unspecified vulnerability in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, allows attackers to cause a denial of service (application crash) or possibly execute arbitrary code via unknown vectors. | ||||
| CVE-2010-1360 | 1 Boesch-it | 1 Faqengine | 2025-04-11 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in FAQEngine 4.24.00 allow remote attackers to execute arbitrary PHP code via a URL in the path_faqe parameter to (1) attachs.php, (2) backup.php, (3) badwords.php, (4) categories.php, (5) changepw.php, (6) colorchooser.php, (7) colorwheel.php, (8) dbfiles.php, (9) diraccess.php, (10) faq.php, (11) index.php, (12) kb.php, and (13) stats.php. | ||||
| CVE-2010-2161 | 3 Adobe, Macromedia, Redhat | 4 Air, Flash Player, Flash Player and 1 more | 2025-04-11 | N/A |
| Array index error in Adobe Flash Player before 9.0.277.0 and 10.x before 10.1.53.64, and Adobe AIR before 2.0.2.12610, might allow attackers to execute arbitrary code via unspecified "types of Adobe Flash code." | ||||
| CVE-2010-2146 | 1 Graviton-mediatech | 1 Visitor Logger | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in banned.php in Visitor Logger allows remote attackers to execute arbitrary PHP code via a URL in the VL_include_path parameter. | ||||
| CVE-2010-2137 | 1 Giaard | 1 Proman | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in _center.php in ProMan 0.1.1 and earlier allows remote attackers to execute arbitrary PHP code via a URL in the page parameter. | ||||
| CVE-2010-2127 | 1 Jv2design | 1 Jv2 Folder Gallery | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in gallery.php in JV2 Folder Gallery 3.1 allows remote attackers to execute arbitrary PHP code via a URL in the lang_file parameter. | ||||
| CVE-2013-0689 | 2 Emerson, Enea | 4 Dl 8000 Remote Terminal Unit, Roc 800 Remote Terminal Unit, Roc 800l Remote Terminal Unit and 1 more | 2025-04-11 | N/A |
| The TFTP server on the Emerson Process Management ROC800 RTU with software 3.50 and earlier, DL8000 RTU with software 2.30 and earlier, and ROC800L RTU with software 1.20 and earlier allows remote attackers to upload files and consequently execute arbitrary code via unspecified vectors. | ||||
| CVE-2010-1978 | 1 Freephpblogsoftware | 1 Freephpblogsoftware | 2025-04-11 | N/A |
| PHP remote file inclusion vulnerability in default_theme.php in FreePHPBlogSoftware 1.0, when register_globals is enabled, allows remote attackers to execute arbitrary PHP code via a URL in the phpincdir parameter. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2010-1946 | 1 Openmairie | 1 Openregistrecil | 2025-04-11 | N/A |
| Multiple PHP remote file inclusion vulnerabilities in openMairie Openregistrecil 1.02, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the path_om parameter to (1) autorisation_normale.class.php, (2) collectivite.class.php, (3) dossier.class.php, (4) norme_simplifiee.class.php, (5) registre.class.php, (6) autorisation_unique.class.php, (7) demande_avis.class.php, (8) droit.class.php, (9) organisme.class.php, (10) service.class.php, (11) categorie_donnee.class.php, (12) destinataire.class.php, (13) profil.class.php, (14) tabdyn_visu.class.php, (15) categorie_personne.class.php, (16) dispense.class.php, (17) modificatif.class.php, (18) reference.class.php, and (19) utilisateur.class.php in obj/. | ||||