NVD Vulnerability Information Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

Update Date:June 21, 2026, 4:01 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311301 3.3 LOW
linux-pam linux-pam The run_coprocess function in pam_xauth.c in the pam_xauth module in Linux-PAM (aka pam) before 1.1.2 does not check the return values of the setuid, setgid, and setgroups system calls, which might a… NVD-CWE-Other
CVE-2010-3316 2024-11-21 10:18 2011-01-25 Show GitHub Exploit DB Packet Storm
311302 10.0 HIGH
oracle fusion_middleware Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 9.0, 9.1, 9.2.3, 10.0.2, 10.3.2, and 10.3.3 allows remote attackers to affect confidentiality, integrity,… NVD-CWE-noinfo
CVE-2010-3510 2024-11-21 10:18 2011-01-20 Show GitHub Exploit DB Packet Storm
311303 3.5 LOW
oracle supply_chain_products_suite Unspecified vulnerability in the Agile Core component in Oracle Supply Chain Products Suite 9.3.0.2 and 9.3.1 allows remote authenticated users to affect confidentiality via unknown vectors related t… NVD-CWE-noinfo
CVE-2010-3505 2024-11-21 10:18 2011-01-20 Show GitHub Exploit DB Packet Storm
311304 4.9 MEDIUM
linux linux_kernel include/asm-x86/futex.h in the Linux kernel before 2.6.25 does not properly implement exception fixup, which allows local users to cause a denial of service (panic) via an invalid application that tr… NVD-CWE-Other
CVE-2010-3086 2024-11-21 10:18 2011-01-15 Show GitHub Exploit DB Packet Storm
311305 7.5 HIGH
fribidi
kobi_zamir 		gnu_fribidi
pyfribidi 		Buffer overflow in the log2vis_utf8 function in pyfribidi.c in GNU FriBidi 0.19.1, 0.19.2, and possibly other versions, as used in PyFriBidi 0.10.1, allows remote attackers to cause a denial of servi… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3444 2024-11-21 10:18 2011-01-11 Show GitHub Exploit DB Packet Storm
311306 9.3 HIGH
freetype freetype Integer overflow in base/ftstream.c in libXft (aka the X FreeType library) in FreeType before 2.4 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrar… CWE-189
Numeric Errors 		CVE-2010-3311 2024-11-21 10:18 2011-01-8 Show GitHub Exploit DB Packet Storm
311307 4.3 MEDIUM
netwin surgemail Cross-site scripting (XSS) vulnerability in NetWin Surgemail before 4.3g allows remote attackers to inject arbitrary web script or HTML via the username_ex parameter to the surgeweb program. CWE-79
Cross-site Scripting 		CVE-2010-3201 2024-11-21 10:18 2011-01-8 Show GitHub Exploit DB Packet Storm
311308 4.9 MEDIUM
linux linux_kernel drivers/platform/x86/thinkpad_acpi.c in the Linux kernel before 2.6.34 on ThinkPad devices, when the X.Org X server is used, does not properly restrict access to the video output control state, which… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-3448 2024-11-21 10:18 2011-01-4 Show GitHub Exploit DB Packet Storm
311309 5.0 MEDIUM
intel
symantec 		intel_alert_management_system
antivirus
endpoint_protection 		The GetStringAMSHandler function in prgxhndl.dll in hndlrsvc.exe in the Intel Alert Handler service (aka Symantec Intel Handler service) in Intel Alert Management System (AMS), as used in Symantec An… CWE-20
 Improper Input Validation  		CVE-2010-3268 2024-11-21 10:18 2010-12-23 Show GitHub Exploit DB Packet Storm
311310 4.3 MEDIUM
microsoft internet_explorer Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified s… CWE-200
Information Exposure 		CVE-2010-3348 2024-11-21 10:18 2010-12-17 Show GitHub Exploit DB Packet Storm
311311 9.3 HIGH
microsoft internet_explorer Microsoft Internet Explorer 6, 7, and 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialize… CWE-908
 Use of Uninitialized Resource 		CVE-2010-3346 2024-11-21 10:18 2010-12-17 Show GitHub Exploit DB Packet Storm
311312 9.3 HIGH
microsoft internet_explorer Microsoft Internet Explorer 8 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) i… CWE-908
 Use of Uninitialized Resource 		CVE-2010-3345 2024-11-21 10:18 2010-12-17 Show GitHub Exploit DB Packet Storm
311313 9.3 HIGH
microsoft internet_explorer Microsoft Internet Explorer 6 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or (2) i… CWE-908
 Use of Uninitialized Resource 		CVE-2010-3343 2024-11-21 10:18 2010-12-17 Show GitHub Exploit DB Packet Storm
311314 4.3 MEDIUM
microsoft internet_explorer Microsoft Internet Explorer 6, 7, and 8 does not prevent rendering of cached content as HTML, which allows remote attackers to access content from a different (1) domain or (2) zone via unspecified s… CWE-200
Information Exposure 		CVE-2010-3342 2024-11-21 10:18 2010-12-17 Show GitHub Exploit DB Packet Storm
311315 9.3 HIGH
microsoft internet_explorer Microsoft Internet Explorer 6 and 7 does not properly handle objects in memory, which allows remote attackers to execute arbitrary code by accessing an object that (1) was not properly initialized or… CWE-94
Code Injection 		CVE-2010-3340 2024-11-21 10:18 2010-12-17 Show GitHub Exploit DB Packet Storm
311316 7.2 HIGH
microsoft windows_server_2008
windows_7
windows_vista 		The Windows Task Scheduler in Microsoft Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 does not properly determine the security context of scheduled tasks, which allo… CWE-20
 Improper Input Validation  		CVE-2010-3338 2024-11-21 10:18 2010-12-17 Show GitHub Exploit DB Packet Storm
311317 6.9 MEDIUM
nordugrid nordugrid-arc Untrusted search path vulnerability in NorduGrid Advanced Resource Connector (ARC) before 0.8.3 allows local users to gain privileges via vectors related to the LD_LIBRARY_PATH environment variable. … NVD-CWE-Other
CVE-2010-3372 2024-11-21 10:18 2010-12-9 Show GitHub Exploit DB Packet Storm
311318 6.8 MEDIUM
jesse_mcconnell
apache 		redback
archiva 		Cross-site request forgery (CSRF) vulnerability in Redback before 1.2.4, as used in Apache Archiva 1.0 through 1.0.3, 1.1 through 1.1.4, 1.2 through 1.2.2, and 1.3 through 1.3.1; and Apache Continuum… CWE-352
 Origin Validation Error 		CVE-2010-3449 2024-11-21 10:18 2010-12-7 Show GitHub Exploit DB Packet Storm
311319 6.5 MEDIUM
ifdefined bugtracker.net Multiple SQL injection vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to execute arbitrary SQL commands via (1) the qu_id parameter to bugs.aspx, (2) the row_id param… CWE-89
SQL Injection 		CVE-2010-3267 2024-11-21 10:18 2010-12-3 Show GitHub Exploit DB Packet Storm
311320 3.5 LOW
ifdefined bugtracker.net Multiple cross-site scripting (XSS) vulnerabilities in BugTracker.NET before 3.4.5 allow remote authenticated users to inject arbitrary web script or HTML via (1) the pcd parameter to edit_bug.aspx, … CWE-79
Cross-site Scripting 		CVE-2010-3266 2024-11-21 10:18 2010-12-3 Show GitHub Exploit DB Packet Storm
311321 5.0 MEDIUM
wireshark wireshark Stack consumption vulnerability in the dissect_ber_unknown function in epan/dissectors/packet-ber.c in the BER dissector in Wireshark 1.4.x before 1.4.1 and 1.2.x before 1.2.12 allows remote attacker… CWE-399
 Resource Management Errors 		CVE-2010-3445 2024-11-21 10:18 2010-11-27 Show GitHub Exploit DB Packet Storm
311322 7.8 HIGH
linux
opensuse
suse
debian
canonical 		linux_kernel
opensuse
linux_enterprise_real_time_extension
debian_linux
ubuntu_linux 		The sctp_packet_config function in net/sctp/output.c in the Linux kernel before 2.6.35.6 performs extraneous initializations of packet data structures, which allows remote attackers to cause a denial… CWE-20
 Improper Input Validation  		CVE-2010-3432 2024-11-21 10:18 2010-11-22 Show GitHub Exploit DB Packet Storm
311323 9.3 HIGH
microsoft office Untrusted search path vulnerability in Microsoft Office 2007 SP2 and 2010 allows local users to gain privileges via a Trojan horse DLL in the current working directory, aka "Insecure Library Loading … NVD-CWE-Other
CVE-2010-3337 2024-11-21 10:18 2010-11-10 Show GitHub Exploit DB Packet Storm
311324 9.3 HIGH
microsoft open_xml_file_format_converter
office 		Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document t… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3336 2024-11-21 10:18 2010-11-10 Show GitHub Exploit DB Packet Storm
311325 9.3 HIGH
microsoft open_xml_file_format_converter
office 		Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3335 2024-11-21 10:18 2010-11-10 Show GitHub Exploit DB Packet Storm
311326 9.3 HIGH
microsoft open_xml_file_format_converter
office 		Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3334 2024-11-21 10:18 2010-11-10 Show GitHub Exploit DB Packet Storm
311327 5.0 MEDIUM
php
canonical 		php
ubuntu_linux 		fopen_wrappers.c in PHP 5.3.x through 5.3.3 might allow remote attackers to bypass open_basedir restrictions via vectors related to the length of a filename. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-3436 2024-11-21 10:18 2010-11-9 Show GitHub Exploit DB Packet Storm
311328 2.6 LOW
mozilla bugzilla CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3, and 4.0.x before 4.0rc1, when Server Push is enabled in a web browser, allows remote attackers to inject… CWE-94
Code Injection 		CVE-2010-3172 2024-11-21 10:18 2010-11-6 Show GitHub Exploit DB Packet Storm
311329 9.3 HIGH
microsoft windows_vista
windows_server_2008
windows_xp
windows_7
windows_server_2003 		Stack-based buffer overflow in the UpdateFrameTitleForDocument method in the CFrameWnd class in mfc42.dll in the Microsoft Foundation Class (MFC) Library in Microsoft Windows XP SP2 and SP3, Windows … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3227 2024-11-21 10:18 2010-10-27 Show GitHub Exploit DB Packet Storm
311330 10.0 HIGH
tibco activematrix_service_performance_manager
activematrix_service_bus
activematrix_businessworks_service_engine
activematrix_service_grid 		The (1) ActiveMatrix Runtime and (2) ActiveMatrix Administrator components in TIBCO ActiveMatrix Service Grid before 2.3.1, ActiveMatrix Service Bus before 2.3.1, ActiveMatrix BusinessWorks Service E… CWE-20
 Improper Input Validation  		CVE-2010-3491 2024-11-21 10:18 2010-10-27 Show GitHub Exploit DB Packet Storm
311331 6.9 MEDIUM
yokkasoft sqleditorclassic
noeditor
sqleditorxp
ouieditor
deuxeditor
sqleditorte
sqleditor8
uneditor 		Untrusted search path vulnerability in Yokka NoEditor 1.33.1.1 and earlier, OuiEditor 1.6.1.1 and earlier, UnEditor 1.10.1.2 and earlier, DeuxEditor 1.7.1.2 and earlier, SQLEditorXP 3.14.1.2 and earl… NVD-CWE-Other
CVE-2010-3165 2024-11-21 10:18 2010-10-26 Show GitHub Exploit DB Packet Storm
311332 6.9 MEDIUM
fenrir sleipnir
grani 		Untrusted search path vulnerability in Fenrir Sleipnir 2.9.4 and earlier and Grani 4.3 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working dire… NVD-CWE-Other
CVE-2010-3164 2024-11-21 10:18 2010-10-26 Show GitHub Exploit DB Packet Storm
311333 6.9 MEDIUM
fenrir sleipnir
grani 		Untrusted search path vulnerability in Fenrir Sleipnir before 2.9.5 and Grani before 4.4 allows local users to gain privileges via a Trojan horse DLL in the current working directory. NVD-CWE-Other
CVE-2010-3163 2024-11-21 10:18 2010-10-26 Show GitHub Exploit DB Packet Storm
311334 6.9 MEDIUM
masahiko_watanabe apsaly Untrusted search path vulnerability in Apsaly before 3.74 allows local users to gain privileges via a Trojan horse executable file in the current working directory. NVD-CWE-Other
CVE-2010-3162 2024-11-21 10:18 2010-10-26 Show GitHub Exploit DB Packet Storm
311335 6.9 MEDIUM
susumu_terao terapad Untrusted search path vulnerability in TeraPad before 1.00 allows local users to gain privileges via a Trojan horse DLL in the current working directory. NVD-CWE-Other
CVE-2010-3161 2024-11-21 10:18 2010-10-26 Show GitHub Exploit DB Packet Storm
311336 6.9 MEDIUM
ponsoftware archive_decoder Untrusted search path vulnerability in Archive Decoder 1.23 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory. NVD-CWE-Other
CVE-2010-3160 2024-11-21 10:18 2010-10-26 Show GitHub Exploit DB Packet Storm
311337 6.9 MEDIUM
ponsoftware explzh Untrusted search path vulnerability in Explzh 5.67 and earlier allows local users to gain privileges via a Trojan horse executable file in the current working directory. CWE-426
 Untrusted Search Path 		CVE-2010-3159 2024-11-21 10:18 2010-10-26 Show GitHub Exploit DB Packet Storm
311338 6.9 MEDIUM
k2top k2editor Untrusted search path vulnerability in K2 K2Editor before 1.5.9 allows local users to gain privileges via a Trojan horse executable file in the current working directory. NVD-CWE-Other
CVE-2010-3156 2024-11-21 10:18 2010-10-26 Show GitHub Exploit DB Packet Storm
311339 6.5 MEDIUM
hp systems_insight_manager Unspecified vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote authenticated users to gain privileges via unknown vectors. NVD-CWE-noinfo
CVE-2010-3290 2024-11-21 10:18 2010-10-24 Show GitHub Exploit DB Packet Storm
311340 4.3 MEDIUM
hp systems_insight_manager Cross-site scripting (XSS) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. CWE-79
Cross-site Scripting 		CVE-2010-3289 2024-11-21 10:18 2010-10-24 Show GitHub Exploit DB Packet Storm
311341 6.8 MEDIUM
hp systems_insight_manager Cross-site request forgery (CSRF) vulnerability in HP Systems Insight Manager (SIM) before 6.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. CWE-352
 Origin Validation Error 		CVE-2010-3288 2024-11-21 10:18 2010-10-24 Show GitHub Exploit DB Packet Storm
311342 4.3 MEDIUM
hp assetcenter
assetmanager 		Cross-site scripting (XSS) vulnerability in HP AssetCenter 5.0x through AC_5.03, and AssetManager 5.1x through AM_5.12 and 5.2x through AM_5.22, allows remote attackers to inject arbitrary web script… CWE-79
Cross-site Scripting 		CVE-2010-3291 2024-11-21 10:18 2010-10-22 Show GitHub Exploit DB Packet Storm
311343 9.3 HIGH
mozilla firefox
seamonkey
thunderbird 		The LookupGetterOrSetter function in js3250.dll in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 does not properly… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3183 2024-11-21 10:18 2010-10-22 Show GitHub Exploit DB Packet Storm
311344 6.9 MEDIUM
mozilla firefox
seamonkey
thunderbird 		A certain application-launch script in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Linux places a zero-length… NVD-CWE-Other
CVE-2010-3182 2024-11-21 10:18 2010-10-22 Show GitHub Exploit DB Packet Storm
311345 6.9 MEDIUM
mozilla firefox
seamonkey
thunderbird 		Untrusted search path vulnerability in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 on Windows allows local users… NVD-CWE-Other
CVE-2010-3181 2024-11-21 10:18 2010-10-22 Show GitHub Exploit DB Packet Storm
311346 9.3 HIGH
mozilla firefox
seamonkey
thunderbird 		Use-after-free vulnerability in the nsBarProp function in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 allows rem… CWE-399
 Resource Management Errors 		CVE-2010-3180 2024-11-21 10:18 2010-10-22 Show GitHub Exploit DB Packet Storm
311347 9.3 HIGH
mozilla firefox
seamonkey
thunderbird 		Stack-based buffer overflow in the text-rendering functionality in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 a… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-3179 2024-11-21 10:18 2010-10-22 Show GitHub Exploit DB Packet Storm
311348 5.8 MEDIUM
mozilla firefox
seamonkey
thunderbird 		Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 do not properly handle certain modal calls made by javascript: URLs … CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-3178 2024-11-21 10:18 2010-10-22 Show GitHub Exploit DB Packet Storm
311349 4.3 MEDIUM
mozilla firefox
seamonkey 		Multiple cross-site scripting (XSS) vulnerabilities in the Gopher parser in Mozilla Firefox before 3.5.14 and 3.6.x before 3.6.11, and SeaMonkey before 2.0.9, allow remote attackers to inject arbitra… CWE-79
Cross-site Scripting 		CVE-2010-3177 2024-11-21 10:18 2010-10-22 Show GitHub Exploit DB Packet Storm
311350 9.3 HIGH
mozilla firefox
seamonkey
thunderbird 		Multiple unspecified vulnerabilities in the browser engine in Mozilla Firefox 3.5.x before 3.5.14 and 3.6.x before 3.6.11, Thunderbird before 3.0.9 and 3.1.x before 3.1.5, and SeaMonkey before 2.0.9 … NVD-CWE-noinfo
CVE-2010-3176 2024-11-21 10:18 2010-10-22 Show GitHub Exploit DB Packet Storm