| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2010-4625 |
200 |
|
+Info |
2010-12-30 |
2017-08-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
MyBB (aka MyBulletinBoard) before 1.4.12 does not properly handle a configuration with a visible forum that contains hidden threads, which allows remote attackers to obtain sensitive information by reading the Latest Threads block of the Portal Page. |
|
2 |
CVE-2010-4611 |
200 |
1
|
+Info |
2010-12-29 |
2017-08-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Html-edit CMS 3.1.8 allows remote attackers to obtain sensitive information via a direct request to (1) pages.php and (2) menu.php in includes/core_files and (3) extensions/login/frontend/pages/antihacker.php, which reveals the installation path in an error message. |
|
3 |
CVE-2010-4608 |
200 |
1
|
+Info |
2010-12-29 |
2010-12-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Habari 0.6.5 allows remote attackers to obtain sensitive information via a direct request to (1) header.php and (2) comments_items.php in system/admin/, which reveals the installation path in an error message. |
|
4 |
CVE-2010-4600 |
200 |
|
+Info |
2010-12-29 |
2011-01-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Dojo Toolkit, as used in the Web client in IBM Rational ClearQuest 7.1.1.x before 7.1.1.4 and 7.1.2.x before 7.1.2.1, allows remote attackers to read cookies by navigating to a Dojo file, related to an "open direct" issue. |
|
5 |
CVE-2010-4580 |
200 |
|
+Info |
2010-12-21 |
2011-01-22 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Opera before 11.00 does not clear WAP WML form fields after manual navigation to a new web site, which allows remote attackers to obtain sensitive information via an input field that has the same name as an input field on a previously visited web site. |
|
6 |
CVE-2010-4565 |
200 |
|
+Info |
2010-12-29 |
2012-03-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The bcm_connect function in net/can/bcm.c (aka the Broadcast Manager) in the Controller Area Network (CAN) implementation in the Linux kernel 2.6.36 and earlier creates a publicly accessible file with a filename containing a kernel memory address, which allows local users to obtain potentially sensitive information about kernel memory use by listing this filename. |
|
7 |
CVE-2010-4481 |
287 |
|
Bypass +Info |
2010-12-17 |
2011-01-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
phpMyAdmin before 3.4.0-beta1 allows remote attackers to bypass authentication and obtain sensitive information via a direct request to phpinfo.php, which calls the phpinfo function. |
|
8 |
CVE-2010-4403 |
200 |
1
|
+Info |
2010-12-06 |
2018-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The Register Plus plugin 3.5.1 and earlier for WordPress allows remote attackers to obtain sensitive information via a direct request to (1) dash_widget.php and (2) register-plus.php, which reveals the installation path in an error message. |
|
9 |
CVE-2010-4401 |
200 |
2
|
+Info |
2010-12-06 |
2010-12-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
languages.inc.php in DynPG CMS 4.2.0 allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message. |
|
10 |
CVE-2010-4354 |
200 |
|
+Info |
2010-11-30 |
2010-12-01 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The remote-access IPSec VPN implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices, PIX Security Appliances 500 series devices, and VPN Concentrators 3000 series devices responds to an Aggressive Mode IKE Phase I message only when the group name is configured on the device, which allows remote attackers to enumerate valid group names via a series of IKE negotiation attempts, aka Bug ID CSCtj96108, a different vulnerability than CVE-2005-2025. |
|
11 |
CVE-2010-4311 |
310 |
|
+Info |
2010-11-26 |
2018-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Free Simple Software 1.0 stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information. |
|
12 |
CVE-2010-4305 |
310 |
|
+Info |
2010-11-22 |
2010-11-30 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Cisco Unified Videoconferencing (UVC) System 3545, 5110, 5115, and 5230; Unified Videoconferencing 3527 Primary Rate Interface (PRI) Gateway; Unified Videoconferencing 3522 Basic Rate Interfaces (BRI) Gateway; and Unified Videoconferencing 3515 Multipoint Control Unit (MCU) improperly use cookies for web-interface credentials, which allows remote attackers to obtain sensitive information by reading a (1) cleartext or (2) base64-encoded cleartext cookie, aka Bug ID CSCti54052. |
|
13 |
CVE-2010-4302 |
310 |
|
+Info |
2010-11-22 |
2010-11-30 |
4.9 |
None |
Local |
Low |
Not required |
Complete |
None |
None |
|
/opt/rv/Versions/CurrentVersion/Mcu/Config/Mcu.val in Cisco Unified Videoconferencing (UVC) System 5110 and 5115, when the Linux operating system is used, uses a weak hashing algorithm for the (1) administrator and (2) operator passwords, which makes it easier for local users to obtain sensitive information by recovering the cleartext values, aka Bug ID CSCti54010. |
|
14 |
CVE-2010-4214 |
310 |
|
+Info |
2010-11-08 |
2010-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Wells Fargo Mobile application 1.1 for Android stores a username and password, along with account balances, in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data. |
|
15 |
CVE-2010-4213 |
310 |
|
+Info |
2010-11-08 |
2010-11-09 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The Bank of America application 2.12 for Android stores a security question's answer in cleartext, which might allow physically proximate attackers to obtain sensitive information by reading application data. |
|
16 |
CVE-2010-4212 |
264 |
|
+Info |
2010-11-08 |
2010-12-22 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The USAA application 3.0 for Android stores a mirror image of each visited web page, which might allow physically proximate attackers to obtain sensitive banking information by reading application data. |
|
17 |
CVE-2010-4184 |
310 |
|
+Info |
2010-11-05 |
2017-08-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
NetSupport Manager (NSM) before 11.00.0005 sends HTTP headers with cleartext fields containing details about client machines, which allows remote attackers to obtain potentially sensitive information by sniffing the network. |
|
18 |
CVE-2010-4158 |
200 |
|
+Info |
2010-12-30 |
2018-10-10 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The sk_run_filter function in net/core/filter.c in the Linux kernel before 2.6.36.2 does not check whether a certain memory location has been initialized before executing a (1) BPF_S_LD_MEM or (2) BPF_S_LDX_MEM instruction, which allows local users to obtain potentially sensitive information from kernel stack memory via a crafted socket filter. |
|
19 |
CVE-2010-4156 |
20 |
|
+Info |
2010-11-09 |
2011-05-03 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The mb_strcut function in Libmbfl 1.1.0, as used in PHP 5.3.x through 5.3.3, allows context-dependent attackers to obtain potentially sensitive information via a large value of the third parameter (aka the length parameter). |
|
20 |
CVE-2010-4112 |
200 |
|
+Info |
2010-12-22 |
2011-01-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
HP Insight Management Agents before 8.6 allows remote attackers to obtain sensitive information via an unspecified request that triggers disclosure of the full path. |
|
21 |
CVE-2010-4105 |
|
|
Bypass +Info |
2010-11-01 |
2010-11-04 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Unspecified vulnerability in HP Insight Orchestration before 6.2 allows remote attackers to bypass intended access restrictions, and obtain sensitive information or modify data, via unknown vectors. |
|
22 |
CVE-2010-4083 |
200 |
|
+Info |
2010-11-30 |
2018-10-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4) SEM_STAT command in a semctl system call. |
|
23 |
CVE-2010-4082 |
200 |
|
+Info |
2010-11-30 |
2012-03-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The viafb_ioctl_get_viafb_info function in drivers/video/via/ioctl.c in the Linux kernel before 2.6.36-rc5 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a VIAFB_GET_INFO ioctl call. |
|
24 |
CVE-2010-4081 |
200 |
|
+Info |
2010-11-30 |
2018-10-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The snd_hdspm_hwdep_ioctl function in sound/pci/rme9652/hdspm.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSPM_IOCTL_GET_CONFIG_INFO ioctl call. |
|
25 |
CVE-2010-4080 |
200 |
|
+Info |
2010-11-30 |
2018-10-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The snd_hdsp_hwdep_ioctl function in sound/pci/rme9652/hdsp.c in the Linux kernel before 2.6.36-rc6 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via an SNDRV_HDSP_IOCTL_GET_CONFIG_INFO ioctl call. |
|
26 |
CVE-2010-4079 |
200 |
|
+Info |
2010-11-29 |
2012-03-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The ivtvfb_ioctl function in drivers/media/video/ivtv/ivtvfb.c in the Linux kernel before 2.6.36-rc8 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. |
|
27 |
CVE-2010-4078 |
200 |
|
+Info |
2010-11-29 |
2012-03-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The sisfb_ioctl function in drivers/video/sis/sis_main.c in the Linux kernel before 2.6.36-rc6 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via an FBIOGET_VBLANK ioctl call. |
|
28 |
CVE-2010-4077 |
200 |
|
+Info |
2010-11-29 |
2012-03-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The ntty_ioctl_tiocgicount function in drivers/char/nozomi.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. |
|
29 |
CVE-2010-4076 |
200 |
|
+Info |
2010-11-29 |
2012-03-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The rs_ioctl function in drivers/char/amiserial.c in the Linux kernel 2.6.36.1 and earlier does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. |
|
30 |
CVE-2010-4075 |
200 |
|
+Info |
2010-11-29 |
2018-10-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The uart_get_count function in drivers/serial/serial_core.c in the Linux kernel before 2.6.37-rc1 does not properly initialize a certain structure member, which allows local users to obtain potentially sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call. |
|
31 |
CVE-2010-4074 |
200 |
|
+Info |
2010-11-29 |
2012-03-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The USB subsystem in the Linux kernel before 2.6.36-rc5 does not properly initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to TIOCGICOUNT ioctl calls, and the (1) mos7720_ioctl function in drivers/usb/serial/mos7720.c and (2) mos7840_ioctl function in drivers/usb/serial/mos7840.c. |
|
32 |
CVE-2010-4073 |
200 |
|
+Info |
2010-11-29 |
2018-10-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The ipc subsystem in the Linux kernel before 2.6.37-rc1 does not initialize certain structures, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the (1) compat_sys_semctl, (2) compat_sys_msgctl, and (3) compat_sys_shmctl functions in ipc/compat.c; and the (4) compat_sys_mq_open and (5) compat_sys_mq_getsetattr functions in ipc/compat_mq.c. |
|
33 |
CVE-2010-4072 |
200 |
|
+Info |
2010-11-29 |
2018-10-10 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
The copy_shmid_to_user function in ipc/shm.c in the Linux kernel before 2.6.37-rc1 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via vectors related to the shmctl system call and the "old shm interface." |
|
34 |
CVE-2010-4046 |
200 |
|
+Info |
2010-10-21 |
2017-09-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Opera before 10.63 does not properly verify the origin of video content, which allows remote attackers to obtain sensitive information by using a video stream as HTML5 canvas content. |
|
35 |
CVE-2010-4043 |
264 |
|
+Info |
2010-10-21 |
2017-09-18 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
Opera before 10.63 does not prevent interpretation of a cross-origin document as a CSS stylesheet when the document lacks a CSS token sequence, which allows remote attackers to obtain sensitive information via a crafted document. |
|
36 |
CVE-2010-4029 |
|
|
DoS +Info |
2010-10-28 |
2011-01-04 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in HP Storage Essentials before 6.3.0, when LDAP authentication is enabled, allows remote attackers to obtain sensitive information, modify data, or cause a denial of service via unknown vectors. |
|
37 |
CVE-2010-4028 |
|
|
DoS +Info |
2010-10-28 |
2010-11-11 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
Unspecified vulnerability in LoadRunner Web Tours 9.10 in HP LoadRunner 9.1 and earlier allows remote attackers to cause a denial of service, and possibly obtain sensitive information or modify data, via unknown vectors. |
|
38 |
CVE-2010-4011 |
200 |
|
+Info |
2010-11-16 |
2010-11-17 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Dovecot in Apple Mac OS X 10.6.5 10H574 does not properly manage memory for user names, which allows remote authenticated users to read the private e-mail of other persons in opportunistic circumstances via standard e-mail clients accessing a user's own mailbox, related to a "memory aliasing issue." |
|
39 |
CVE-2010-3993 |
|
|
+Info |
2010-10-28 |
2010-11-11 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
None |
|
Unspecified vulnerability in HP Insight Control Server Migration before 6.2 allows remote attackers to obtain sensitive information or modify data via unknown vectors. |
|
40 |
CVE-2010-3982 |
200 |
|
+Info |
2010-10-18 |
2017-08-16 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
SAP BusinessObjects Enterprise XI 3.2 allows remote attackers to trigger TCP connections to arbitrary intranet hosts on any port, and obtain potentially sensitive information about open ports, via the apstoken parameter to the CrystalReports/viewrpt.cwr URI, related to an "internal port scanning" issue. |
|
41 |
CVE-2010-3979 |
200 |
|
+Info |
2010-10-18 |
2010-10-19 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Dswsbobje in SAP BusinessObjects Enterprise XI 3.2 generates different error messages depending on whether the Login field corresponds to a valid username, which allows remote attackers to enumerate account names via a login SOAPAction to the dswsbobje/services/session URI. |
|
42 |
CVE-2010-3978 |
200 |
|
+Info |
2010-11-17 |
2018-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Spree 0.11.x before 0.11.2 and 0.30.x before 0.30.0 exchanges data using JavaScript Object Notation (JSON) without a mechanism for validating requests, which allows remote attackers to obtain sensitive information via vectors involving (1) admin/products.json, (2) admin/users.json, or (3) admin/overview/get_report_data, related to a "JSON hijacking" issue. |
|
43 |
CVE-2010-3972 |
119 |
1
|
DoS Exec Code Overflow +Info |
2010-12-23 |
2018-10-12 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote attackers to execute arbitrary code or cause a denial of service (daemon crash) via a crafted FTP command, aka "IIS FTP Service Heap Buffer Overrun Vulnerability." NOTE: some of these details are obtained from third party information. |
|
44 |
CVE-2010-3902 |
200 |
|
+Info |
2010-10-14 |
2011-04-08 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
OpenConnect before 2.26 places the webvpn cookie value in the debugging output, which might allow remote attackers to obtain sensitive information by reading this output, as demonstrated by output posted to the public openconnect-devel mailing list. |
|
45 |
CVE-2010-3897 |
255 |
|
+Info |
2010-11-12 |
2018-10-10 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
ESSearchApplication/palette.do in IBM OmniFind Enterprise Edition 8.x and 9.x includes the administrator password in the HTML source code, which might allow remote attackers to obtain sensitive information by leveraging read access to this file. |
|
46 |
CVE-2010-3886 |
200 |
|
+Info |
2010-10-08 |
2017-09-28 |
4.3 |
None |
Remote |
Medium |
Not required |
Partial |
None |
None |
|
The CTimeoutEventList::InsertIntoTimeoutList function in Microsoft mshtml.dll uses a certain pointer value as part of producing Timer ID values for the setTimeout and setInterval methods in VBScript and JScript, which allows remote attackers to obtain sensitive information about the heap memory addresses used by an application, as demonstrated by the Internet Explorer 8 application. |
|
47 |
CVE-2010-3881 |
200 |
|
+Info |
2010-12-23 |
2012-03-19 |
1.9 |
None |
Local |
Medium |
Not required |
Partial |
None |
None |
|
arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via read operations on the /dev/kvm device. |
|
48 |
CVE-2010-3861 |
200 |
|
+Info |
2010-12-10 |
2012-03-19 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive information via an ETHTOOL_GRXCLSRLALL ethtool command with a large info.rule_cnt value, a different vulnerability than CVE-2010-2478. |
|
49 |
CVE-2010-3860 |
200 |
|
+Info |
2010-12-08 |
2014-10-04 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
IcedTea 1.7.x before 1.7.6, 1.8.x before 1.8.3, and 1.9.x before 1.9.2, as based on OpenJDK 6, declares multiple sensitive variables as public, which allows remote attackers to obtain sensitive information including (1) user.name, (2) user.home, and (3) java.home system properties, and other sensitive information such as installation directories. |
|
50 |
CVE-2010-3851 |
200 |
|
+Info |
2010-11-04 |
2011-08-26 |
4.7 |
None |
Local |
Medium |
Not required |
Complete |
None |
None |
|
libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files from the host via a crafted (1) qcow2, (2) VMDK, or (3) VDI header, related to lack of support for a disk format specifier. |
