| Max CVSS | 9.3 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2010-2949 | 5.0 |
bgpd in Quagga before 0.99.17 does not properly parse AS paths, which allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an unknown AS type in an AS path attribute in a BGP UPDATE message.
|
13-02-2023 - 04:21 | 10-09-2010 - 19:00 | |
| CVE-2010-2948 | 6.5 |
Stack-based buffer overflow in the bgp_route_refresh_receive function in bgp_packet.c in bgpd in Quagga before 0.99.17 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a malformed Ou
|
13-02-2023 - 04:21 | 10-09-2010 - 19:00 | |
| CVE-2010-2939 | 4.3 |
Double free vulnerability in the ssl3_get_key_exchange function in the OpenSSL client (ssl/s3_clnt.c) in OpenSSL 1.0.0a, 0.9.8, 0.9.7, and possibly other versions, when using ECDH, allows context-dependent attackers to cause a denial of service (cras
|
13-02-2023 - 03:19 | 17-08-2010 - 20:00 | |
| CVE-2010-3169 | 9.3 |
Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allow remote attackers to cause a denial of service (memor
|
19-09-2017 - 01:31 | 09-09-2010 - 19:00 | |
| CVE-2010-2768 | 4.3 |
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict use of the type attribute of an OBJECT element to set a document's charset, which allows remote
|
19-09-2017 - 01:31 | 09-09-2010 - 19:00 | |
| CVE-2010-3167 | 9.3 |
The nsTreeContentView function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle node removal in XUL trees, which allows remote attackers to e
|
19-09-2017 - 01:31 | 09-09-2010 - 19:00 | |
| CVE-2010-2760 | 9.3 |
Use-after-free vulnerability in the nsTreeSelection function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code v
|
19-09-2017 - 01:31 | 09-09-2010 - 19:00 | |
| CVE-2010-3168 | 9.3 |
Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 do not properly restrict the role of property changes in triggering XUL tree removal, which allows remote attackers to c
|
19-09-2017 - 01:31 | 09-09-2010 - 19:00 | |
| CVE-2010-2766 | 9.3 |
The normalizeDocument function in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle the removal of DOM nodes during normalization, which might al
|
19-09-2017 - 01:31 | 09-09-2010 - 19:00 | |
| CVE-2010-2767 | 9.3 |
The navigator.plugins implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 does not properly handle destruction of the DOM plugin array, which might allow
|
19-09-2017 - 01:31 | 09-09-2010 - 19:00 | |
| CVE-2010-2769 | 4.3 |
Cross-site scripting (XSS) vulnerability in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 allows user-assisted remote attackers to inject arbitrary web script or HTML
|
19-09-2017 - 01:31 | 09-09-2010 - 19:00 | |
| CVE-2010-2763 | 4.3 |
The XPCSafeJSObjectWrapper class in the SafeJSObjectWrapper (aka SJOW) implementation in Mozilla Firefox before 3.5.12, Thunderbird before 3.0.7, and SeaMonkey before 2.0.7 does not properly restrict scripted functions, which allows remote attackers
|
19-09-2017 - 01:31 | 09-09-2010 - 19:00 | |
| CVE-2010-2765 | 9.3 |
Integer overflow in the FRAMESET element implementation in Mozilla Firefox before 3.5.12 and 3.6.x before 3.6.9, Thunderbird before 3.0.7 and 3.1.x before 3.1.3, and SeaMonkey before 2.0.7 might allow remote attackers to execute arbitrary code via a
|
19-09-2017 - 01:31 | 09-09-2010 - 19:00 | |
| CVE-2002-1405 | 5.0 |
CRLF injection vulnerability in Lynx 2.8.4 and earlier allows remote attackers to inject false HTTP headers into an HTTP request that is provided on the command line, via a URL containing encoded carriage return, line feed, and other whitespace chara
|
18-10-2016 - 02:26 | 19-02-2003 - 05:00 | |
| CVE-2010-1326 | 9.3 |
perms.cpp in March Hare Software CVSNT 2.0.58, 2.5.01, 2.5.02, 2.5.03 before build 3736, 2.5.04 before build 2862; CVS Suite 2.5.03, 2008 before build 3736, and 2009 before 3729 allows remote attackers to bypass the permissions check, modify arbitrar
|
12-08-2011 - 04:00 | 15-09-2010 - 18:00 | |
| CVE-2010-3076 | 7.5 |
The filter function in php/src/include.php in Simple Management for BIND (aka smbind) before 0.4.8 does not anchor a certain regular expression, which allows remote attackers to conduct SQL injection attacks and execute arbitrary SQL commands via the
|
19-01-2011 - 06:59 | 14-10-2010 - 05:57 | |
| CVE-2010-2953 | 6.9 |
Untrusted search path vulnerability in a certain Debian GNU/Linux patch for the couchdb script in CouchDB 0.8.0 allows local users to gain privileges via a crafted shared library in the current working directory. Per: http://cwe.mitre.org/data/defini
|
14-09-2010 - 19:00 | 14-09-2010 - 19:00 |