NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:June 24, 2026, 4 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
310951	9.3	HIGH	microsoft	wmi_administrative_tools	The WMITools ActiveX control in WBEMSingleView.ocx 1.50.1131.0 in Microsoft WMI Administrative Tools 1.1 and earlier in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary c…	CWE-94 Code Injection	CVE-2010-3973	2024-11-21 10:19	2010-12-24	Show	GitHub Exploit DB Packet Storm

310952	10.0	HIGH	microsoft	internet_information_services	Heap-based buffer overflow in the TELNET_STREAM_CONTEXT::OnSendData function in ftpsvc.dll in Microsoft FTP Service 7.0 and 7.5 for Internet Information Services (IIS) 7.0, and IIS 7.5, allows remote…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3972	2024-11-21 10:19	2010-12-24	Show	GitHub Exploit DB Packet Storm

310953	2.1	LOW	linux redhat suse	linux_kernel enterprise_linux_server enterprise_linux_workstation suse_linux_enterprise_server suse_linux_enterprise_desktop suse_linux_enterprise_high_availability_extension	arch/x86/kvm/x86.c in the Linux kernel before 2.6.36.2 does not initialize certain structure members, which allows local users to obtain potentially sensitive information from kernel stack memory via…	CWE-200 Information Exposure	CVE-2010-3881	2024-11-21 10:19	2010-12-24	Show	GitHub Exploit DB Packet Storm

310954	9.3	HIGH	microsoft	internet_explorer	Use-after-free vulnerability in the CSharedStyleSheet::Notify function in the Cascading Style Sheets (CSS) parser in mshtml.dll, as used in Microsoft Internet Explorer 6 through 8 and other products,…	CWE-399 Resource Management Errors	CVE-2010-3971	2024-11-21 10:19	2010-12-23	Show	GitHub Exploit DB Packet Storm

310955	9.3	HIGH	microsoft	windows_server_2008 windows_xp windows_vista windows_server_2003	Stack-based buffer overflow in the CreateSizedDIBSECTION function in shimgvw.dll in the Windows Shell graphics processor (aka graphics rendering engine) in Microsoft Windows XP SP2 and SP3, Server 20…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3970	2024-11-21 10:19	2010-12-23	Show	GitHub Exploit DB Packet Storm

310956	7.5	HIGH	eucalyptus	eucalyptus	The password reset feature in the administrator interface for Eucalyptus 2.0.0 and 2.0.1 does not perform authentication, which allows remote attackers to gain privileges by sending password reset re…	CWE-287 Improper Authentication	CVE-2010-3905	2024-11-21 10:19	2010-12-23	Show	GitHub Exploit DB Packet Storm

310957	4.3	MEDIUM	git git-scm	git	Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.	CWE-79 Cross-site Scripting	CVE-2010-3906	2024-11-21 10:19	2010-12-18	Show	GitHub Exploit DB Packet Storm

310958	5.0	MEDIUM	isc	dhcp	ISC DHCP server 4.2 before 4.2.0-P2, when configured to use failover partnerships, allows remote attackers to cause a denial of service (communications-interrupted state and DHCP client service loss)…	CWE-20 Improper Input Validation	CVE-2010-3616	2024-11-21 10:19	2010-12-18	Show	GitHub Exploit DB Packet Storm

310959	9.3	HIGH	microsoft	windows_movie_maker	Untrusted search path vulnerability in Microsoft Windows Movie Maker (WMM) 2.6 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a dire…	NVD-CWE-Other	CVE-2010-3967	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310960	9.3	HIGH	microsoft	windows_server_2008 windows_7	Untrusted search path vulnerability in Microsoft Windows Server 2008 R2 and Windows 7, when BranchCache is supported, allows local users to gain privileges via a Trojan horse DLL in the current worki…	NVD-CWE-Other	CVE-2010-3966	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310961	9.3	HIGH	microsoft	windows_media_encoder	Untrusted search path vulnerability in Windows Media Encoder 9 on Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, and Windows Server 2008 Gold and SP2 allows loc…	NVD-CWE-Other	CVE-2010-3965	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310962	7.5	HIGH	microsoft	sharepoint_server	Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, all…	NVD-CWE-Other	CVE-2010-3964	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310963	7.2	HIGH	microsoft	windows_xp windows_server_2003 windows_2003_server	Buffer overflow in the Routing and Remote Access NDProxy component in the kernel in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allows local users to gain privileges via a crafted applicatio…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3963	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310964	7.2	HIGH	microsoft	windows_server_2008 windows_7 windows_vista	The Consent User Interface (UI) in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly handle an unspecified registry-key value, which allows l…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-3961	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310965	4.9	MEDIUM	microsoft	windows_server_2008	Hyper-V in Microsoft Windows Server 2008 Gold, SP2, and R2 allows guest OS users to cause a denial of service (host OS hang) by sending a crafted encapsulated packet over the VMBus, aka "Hyper-V VMBu…	CWE-20 Improper Input Validation	CVE-2010-3960	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310966	6.9	MEDIUM	microsoft	windows_server_2008 windows_xp windows_7 windows_vista windows_server_2003 windows_2003_server	The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows local users to gain…	CWE-94 Code Injection	CVE-2010-3959	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310967	6.9	MEDIUM	microsoft	windows_server_2008 windows_xp windows_7 windows_vista windows_server_2003 windows_2003_server	Double free vulnerability in the OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows…	CWE-399 Resource Management Errors	CVE-2010-3957	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310968	9.3	HIGH	microsoft	windows_server_2008 windows_xp windows_7 windows_vista windows_server_2003 windows_2003_server	The OpenType Font (OTF) driver in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly perform …	CWE-94 Code Injection	CVE-2010-3956	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310969	9.3	HIGH	microsoft	publisher	pubconv.dll (aka the Publisher Converter DLL) in Microsoft Publisher 2002 SP3 does not properly perform array indexing, which allows remote attackers to execute arbitrary code via a crafted Publisher…	CWE-94 Code Injection	CVE-2010-3955	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310970	9.3	HIGH	microsoft	publisher	Microsoft Publisher 2002 SP3, 2003 SP3, and 2010 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Publisher file, aka "Microsoft Publis…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3954	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310971	9.3	HIGH	microsoft	office_converter_pack office	The FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code or cause a denial of service (heap memory c…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3952	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310972	9.3	HIGH	microsoft	office_converter_pack office	Buffer overflow in the FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted FlashPix i…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3951	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310973	9.3	HIGH	microsoft	office_converter_pack office works	The TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 does not properly convert data, which allows remote attackers to execute arbitrary code…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3950	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310974	9.3	HIGH	microsoft	office_converter_pack office	Buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted TIFF image in …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3949	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310975	9.3	HIGH	microsoft	office_converter_pack office works	Heap-based buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 allows remote attackers to execute arbitrary code via a c…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3947	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310976	9.3	HIGH	microsoft	office_converter_pack office	Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a cra…	CWE-189 Numeric Errors	CVE-2010-3946	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310977	9.3	HIGH	microsoft	office_converter_pack office	Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a craft…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3945	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310978	7.2	HIGH	microsoft	windows_server_2008 windows_7	win32k.sys in the kernel-mode drivers in Microsoft Windows Server 2008 R2 and Windows 7 does not properly validate user-mode input, which allows local users to gain privileges via a crafted applicati…	CWE-20 Improper Input Validation	CVE-2010-3944	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310979	7.2	HIGH	microsoft	windows_server_2008 windows_xp windows_7 windows_vista windows_server_2003 windows_2003_server	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly l…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-3943	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310980	7.2	HIGH	microsoft	windows_server_2008 windows_xp windows_7 windows_vista windows_server_2003 windows_2003_server	win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly a…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3942	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310981	7.2	HIGH	microsoft	windows_server_2008 windows_xp windows_7 windows_vista windows_server_2003 windows_2003_server	Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold and SP2, and Windo…	CWE-399 Resource Management Errors	CVE-2010-3941	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310982	7.2	HIGH	microsoft	windows_server_2008 windows_xp windows_7 windows_vista windows_server_2003 windows_2003_server	Double free vulnerability in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and …	CWE-399 Resource Management Errors	CVE-2010-3940	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310983	7.2	HIGH	microsoft	windows_server_2008 windows_xp windows_7 windows_vista windows_server_2003 windows_2003_server	Buffer overflow in win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 …	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3939	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310984	4.0	MEDIUM	microsoft	exchange_server	Microsoft Exchange Server 2007 SP2 on the x64 platform allows remote authenticated users to cause a denial of service (infinite loop and MSExchangeIS outage) via a crafted RPC request, aka "Exchange …	CWE-399 Resource Management Errors	CVE-2010-3937	2024-11-21 10:19	2010-12-17	Show	GitHub Exploit DB Packet Storm

310985	5.8	MEDIUM	fenrir	grani	Fenrir Grani 4.5 and earlier does not prevent interaction between web script and the clipboard, which allows remote attackers to read or modify the clipboard contents via a crafted web site.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-3919	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310986	5.8	MEDIUM	fenrir-inc	sleipnir	Fenrir Sleipnir 2.9.6 and earlier does not prevent interaction between web script and the clipboard, which allows remote attackers to read or modify the clipboard contents via a crafted web site.	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-3918	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310987	4.9	MEDIUM	linux debian	linux_kernel debian_linux	net/ipv4/inet_diag.c in the Linux kernel before 2.6.37-rc2 does not properly audit INET_DIAG bytecode, which allows local users to cause a denial of service (kernel infinite loop) via crafted INET_DI…	CWE-835 Loop with Unreachable Exit Condition ('Infinite Loop')	CVE-2010-3880	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310988	2.1	LOW	linux suse opensuse canonical	linux_kernel linux_enterprise_desktop linux_enterprise_server opensuse linux_enterprise_real_time_extension ubuntu_linux	The ethtool_get_rxnfc function in net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize a certain block of heap memory, which allows local users to obtain potentially sensitive inf…	CWE-200 Information Exposure	CVE-2010-3861	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310989	9.3	HIGH	mozilla	firefox thunderbird seamonkey	Unspecified vulnerability in Mozilla Firefox 3.5.x before 3.5.16, Thunderbird before 3.0.11, and SeaMonkey before 2.0.11 allows remote attackers to cause a denial of service (memory corruption and ap…	CWE-119 NVD-CWE-noinfo Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3778	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310990	9.3	HIGH	mozilla	firefox thunderbird	Unspecified vulnerability in Mozilla Firefox 3.6.x before 3.6.13 and Thunderbird 3.1.x before 3.1.7 allows remote attackers to cause a denial of service (memory corruption and application crash) or p…	CWE-119 NVD-CWE-noinfo Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3777	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310991	9.3	HIGH	mozilla	firefox seamonkey thunderbird	Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 allo…	CWE-119 NVD-CWE-noinfo Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3776	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310992	9.3	HIGH	mozilla	firefox seamonkey	Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle certain redirections involving data: URLs and Java LiveConnect scripts, which allows remot…	NVD-CWE-Other	CVE-2010-3775	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310993	4.3	MEDIUM	mozilla	firefox seamonkey	The NS_SecurityCompareURIs function in netwerk/base/public/nsNetUtil.h in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle (1) about:neterr…	CWE-20 Improper Input Validation	CVE-2010-3774	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310994	6.8	MEDIUM	mozilla	firefox seamonkey	Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, when the XMLHttpRequestSpy module in the Firebug add-on is used, does not properly handle interaction between the X…	NVD-CWE-Other	CVE-2010-3773	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310995	9.3	HIGH	mozilla	firefox seamonkey	Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly calculate index values for certain child content in a XUL tree, which allows remote attackers to …	CWE-189 Numeric Errors	CVE-2010-3772	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310996	6.8	MEDIUM	mozilla	firefox seamonkey	Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, does not properly handle injection of an ISINDEX element into an about:blank page, which allows remote attackers to…	NVD-CWE-Other	CVE-2010-3771	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310997	4.3	MEDIUM	mozilla	firefox seamonkey	Multiple cross-site scripting (XSS) vulnerabilities in the rendering engine in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allow remote attackers to inject arb…	CWE-79 Cross-site Scripting	CVE-2010-3770	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310998	9.3	HIGH	mozilla	firefox thunderbird seamonkey	The line-breaking implementation in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 on Windows does not properly h…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-3769	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

310999	9.3	HIGH	mozilla	firefox seamonkey thunderbird	Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, Thunderbird before 3.0.11 and 3.1.x before 3.1.7, and SeaMonkey before 2.0.11 do not properly validate downloadable fonts before use within an o…	CWE-20 Improper Input Validation	CVE-2010-3768	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm

311000	9.3	HIGH	mozilla	firefox seamonkey	Integer overflow in the NewIdArray function in Mozilla Firefox before 3.5.16 and 3.6.x before 3.6.13, and SeaMonkey before 2.0.11, allows remote attackers to execute arbitrary code via a JavaScript a…	CWE-189 Numeric Errors	CVE-2010-3767	2024-11-21 10:19	2010-12-11	Show	GitHub Exploit DB Packet Storm