NVD Vulnerability Information Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

Update Date:June 13, 2026, 4:20 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
311601 3.2 LOW
oracle solaris Unspecified vulnerability in Oracle Solaris 9 and 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Management Console. NVD-CWE-noinfo
CVE-2010-2384 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311602 3.2 LOW
oracle solaris
opensolaris 		Unspecified vulnerability in Oracle Solaris 8, 9, and 10, and OpenSolaris, allows local users to affect confidentiality and integrity, related to NFS. NVD-CWE-noinfo
CVE-2010-2383 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311603 3.2 LOW
oracle solaris Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors. NVD-CWE-noinfo
CVE-2010-2382 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311604 3.5 LOW
oracle fusion_middleware Unspecified vulnerability in the Application Server Control component in Oracle Fusion Middleware 10.1.2.3 and 10.1.4.0.1 allows remote authenticated users to affect integrity via unknown vectors, a … NVD-CWE-noinfo
CVE-2010-2381 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311605 4.3 MEDIUM
oracle peoplesoft_and_jdedwards_suite_scm Unspecified vulnerability in the PeopleSoft Enterprise FSCM component in Oracle PeopleSoft and JDEdwards Suite SCM 8.9 Bundle #37, SCM 9.0 Bundle #30, and SCM 9.1 Bundle #4 allows local users to affe… NVD-CWE-noinfo
CVE-2010-2380 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311606 4.0 MEDIUM
oracle peoplesoft_and_jdedwards_suite_hcm Unspecified vulnerability in the PeopleSoft Enterprise HCM - Time & Labor component in Oracle PeopleSoft and JDEdwards Suite HCM 9.0 Bundle #13 and HCM 9.1 Bundle #2 allows remote authenticated users… NVD-CWE-noinfo
CVE-2010-2379 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311607 3.0 LOW
oracle peoplesoft_and_jdedwards_suite_crm Unspecified vulnerability in the PeopleSoft Enterprise CRM component in Oracle PeopleSoft and JDEdwards Suite CRM 9.0 Bundle #28 and CRM 9.1 Bundle #4 allows local users to affect confidentiality and… NVD-CWE-noinfo
CVE-2010-2378 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311608 4.0 MEDIUM
oracle peoplesoft_and_jdedwards_product_suite Unspecified vulnerability in the PeopleSoft Enterprise PeopleTools component in Oracle PeopleSoft and JDEdwards Suite 8.49.27 and 8.50.10 allows remote authenticated users to affect integrity via unk… NVD-CWE-noinfo
CVE-2010-2377 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311609 3.2 LOW
oracle solaris Unspecified vulnerability in Oracle Solaris 8, 9, and 10 allows local users to affect confidentiality and integrity via unknown vectors related to Solaris Management Console. NVD-CWE-noinfo
CVE-2010-2376 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311610 6.4 MEDIUM
bea
bea_systems
oracle 		weblogic_server Package/Privilege: Plugins for Apache, Sun and IIS web servers Unspecified vulnerability in the WebLogic Server component in Oracle Fusion Middleware 7.0 SP7, 8.1 SP6, 9.0, 9.1, 9.2 MP3, 10.0 MP2, 10… NVD-CWE-noinfo
CVE-2010-2375 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311611 3.0 LOW
oracle solaris_studio Unspecified vulnerability in Solaris Studio 12 update 1 allows local users to affect confidentiality and integrity via unknown vectors. NVD-CWE-noinfo
CVE-2010-2374 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311612 4.3 MEDIUM
oracle enterprise_manager_grid_control Unspecified vulnerability in the Console component in Oracle Enterprise Manager Grid Control 10.1.0.6 and 10.2.0.5 allows remote attackers to affect integrity via unknown vectors. NVD-CWE-noinfo
CVE-2010-2373 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311613 4.3 MEDIUM
oracle supply_chain_products_suite Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1.1 allows remote attackers to affect integrity via unknown vectors, a different vu… NVD-CWE-noinfo
CVE-2010-2372 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311614 1.9 LOW
oracle supply_chain_products_suite Unspecified vulnerability in the Oracle Transportation Management component in Oracle Supply Chain Products Suite 6.1.1 allows local users to affect confidentiality via unknown vectors, a different v… NVD-CWE-noinfo
CVE-2010-2371 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311615 4.3 MEDIUM
oracle fusion_middleware Unspecified vulnerability in the Oracle Business Process Management component in Oracle Fusion Middleware 5.7 MP3, 6.0 MP5, and 10.3 MP2 allows remote attackers to affect integrity, related to BPM. NVD-CWE-noinfo
CVE-2010-2370 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311616 10.0 HIGH
linux-ipv6 umip Multiple buffer overflows in ha.c in the mipv6 daemon in UMIP 0.4 allow remote attackers to have an unspecified impact via a crafted (1) ND_OPT_PREFIX_INFORMATION or (2) ND_OPT_HOME_AGENT_INFO packet. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2523 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311617 2.1 LOW
linux-ipv6 umip The mipv6 daemon in UMIP 0.4 does not verify that netlink messages originated in the kernel, which allows local users to spoof netlink socket communication via a crafted unicast message. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2010-2522 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311618 6.4 MEDIUM
apache tomcat Apache Tomcat 5.5.0 through 5.5.29, 6.0.0 through 6.0.27, and 7.0.0 beta does not properly handle an invalid Transfer-Encoding header, which allows remote attackers to cause a denial of service (appl… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2227 2024-11-21 10:16 2010-07-14 Show GitHub Exploit DB Packet Storm
311619 3.5 LOW
znc znc znc.cpp in ZNC before 0.092 allows remote authenticated users to cause a denial of service (crash) by requesting traffic statistics when there is an active unauthenticated connection, which triggers … NVD-CWE-Other
CVE-2010-2448 2024-11-21 10:16 2010-07-13 Show GitHub Exploit DB Packet Storm
311620 7.2 HIGH
ruby-lang ruby Buffer overflow in Ruby 1.9.x before 1.9.1-p429 on Windows might allow local users to gain privileges via a crafted ARGF.inplace_mode value that is not properly handled when constructing the filename… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2489 2024-11-21 10:16 2010-07-12 Show GitHub Exploit DB Packet Storm
311621 5.0 MEDIUM
bogofilter bogofilter Multiple buffer underflows in the base64 decoder in base64.c in (1) bogofilter and (2) bogolexer in bogofilter before 1.2.2 allow remote attackers to cause a denial of service (heap memory corruption… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2494 2024-11-21 10:16 2010-07-9 Show GitHub Exploit DB Packet Storm
311622 5.0 MEDIUM
zaal
arne_redlich_\&_ross_walker
vladislav_bolkhovitin 		tgt
iscsitarget
generic_scsi_target_subsystem 		Multiple buffer overflows in the iSNS implementation in isns.c in (1) Linux SCSI target framework (aka tgt or scsi-target-utils) before 1.0.6, (2) iSCSI Enterprise Target (aka iscsitarget or IET) 1.4… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2221 2024-11-21 10:16 2010-07-9 Show GitHub Exploit DB Packet Storm
311623 10.0 HIGH
freeciv freeciv freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute arbitrary commands via a scenario that contains Lua functionality, related to the (1) os, (2) io, (3)… CWE-78
OS Command  		CVE-2010-2445 2024-11-21 10:16 2010-07-8 Show GitHub Exploit DB Packet Storm
311624 4.3 MEDIUM
avahi avahi The AvahiDnsPacket function in avahi-core/socket.c in avahi-daemon in Avahi 0.6.16 and 0.6.25 allows remote attackers to cause a denial of service (assertion failure and daemon exit) via a DNS packet… NVD-CWE-Other
CVE-2010-2244 2024-11-21 10:16 2010-07-8 Show GitHub Exploit DB Packet Storm
311625 4.3 MEDIUM
htmlpurifier
mahara 		htmlpurifier
mahara 		Cross-site scripting (XSS) vulnerability in HTML Purifier before 4.1.1, as used in Mahara and other products, when the browser is Internet Explorer, allows remote attackers to inject arbitrary web sc… CWE-79
Cross-site Scripting 		CVE-2010-2479 2024-11-21 10:16 2010-07-7 Show GitHub Exploit DB Packet Storm
311626 4.3 MEDIUM
libtiff libtiff The TIFFRGBAImageGet function in LibTIFF 3.9.0 allows remote attackers to cause a denial of service (out-of-bounds read and application crash) via a TIFF file with an invalid combination of SamplesPe… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2483 2024-11-21 10:16 2010-07-7 Show GitHub Exploit DB Packet Storm
311627 4.3 MEDIUM
libtiff libtiff LibTIFF 3.9.4 and earlier does not properly handle an invalid td_stripbytecount field, which allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via … NVD-CWE-Other
CVE-2010-2482 2024-11-21 10:16 2010-07-7 Show GitHub Exploit DB Packet Storm
311628 4.3 MEDIUM
libtiff libtiff The TIFFExtractData macro in LibTIFF before 3.9.4 does not properly handle unknown tag types in TIFF directory entries, which allows remote attackers to cause a denial of service (out-of-bounds read … CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2481 2024-11-21 10:16 2010-07-7 Show GitHub Exploit DB Packet Storm
311629 6.8 MEDIUM
search.cpan
gisle_aas 		libwww-perl lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to… CWE-20
 Improper Input Validation  		CVE-2010-2253 2024-11-21 10:16 2010-07-7 Show GitHub Exploit DB Packet Storm
311630 6.8 MEDIUM
gnu wget GNU Wget 1.12 and earlier uses a server-provided filename instead of the original URL to determine the destination filename of a download, which allows remote servers to create or overwrite arbitrary… CWE-20
 Improper Input Validation  		CVE-2010-2252 2024-11-21 10:16 2010-07-7 Show GitHub Exploit DB Packet Storm
311631 7.5 HIGH
alexander_v._lukyanov lftp The get1 command, as used by lftpget, in LFTP before 4.0.6 does not properly validate a server-provided filename before determining the destination filename of a download, which allows remote servers… CWE-20
 Improper Input Validation  		CVE-2010-2251 2024-11-21 10:16 2010-07-7 Show GitHub Exploit DB Packet Storm
311632 7.2 HIGH
microsoft windows_server_2008
windows_vista 		Use-after-free vulnerability in the kernel-mode drivers in Microsoft Windows Vista SP1 and SP2 and Server 2008 Gold and SP2 allows local users to gain privileges or cause a denial of service (system … CWE-399
 Resource Management Errors 		CVE-2010-2549 2024-11-21 10:16 2010-07-3 Show GitHub Exploit DB Packet Storm
311633 4.3 MEDIUM
makotemplates mako Mako before 0.3.4 relies on the cgi.escape function in the Python standard library for cross-site scripting (XSS) protection, which makes it easier for remote attackers to conduct XSS attacks via vec… CWE-79
Cross-site Scripting 		CVE-2010-2480 2024-11-21 10:16 2010-07-3 Show GitHub Exploit DB Packet Storm
311634 7.5 HIGH
i-netsolution job_search_engine_script SQL injection vulnerability in show_search_result.php in i-netsolution Job Search Engine allows remote attackers to execute arbitrary SQL commands via the keyword parameter. CWE-89
SQL Injection 		CVE-2010-2611 2024-11-21 10:16 2010-07-2 Show GitHub Exploit DB Packet Storm
311635 7.5 HIGH
2daybiz job_site_script Multiple SQL injection vulnerabilities in 2daybiz Job Site Script allow remote attackers to execute arbitrary SQL commands via the (1) jid parameter to view_current_job.php, (2) job_iid parameter to … CWE-89
SQL Injection 		CVE-2010-2610 2024-11-21 10:16 2010-07-2 Show GitHub Exploit DB Packet Storm
311636 7.5 HIGH
2daybiz job_search_engine_script SQL injection vulnerability in show_search_result.php in 2daybiz Job Search Engine Script allows remote attackers to execute arbitrary SQL commands via the keyword parameter. CWE-89
SQL Injection 		CVE-2010-2609 2024-11-21 10:16 2010-07-2 Show GitHub Exploit DB Packet Storm
311637 4.3 MEDIUM
redhat enterprise_linux LibTIFF in Red Hat Enterprise Linux (RHEL) 3 on x86_64 platforms, as used in tiff2rgba, attempts to process image data even when the required compression functionality is not configured, which allows… CWE-20
 Improper Input Validation  		CVE-2010-2598 2024-11-21 10:16 2010-07-2 Show GitHub Exploit DB Packet Storm
311638 4.3 MEDIUM
libtiff libtiff The TIFFVStripSize function in tif_strip.c in LibTIFF 3.9.0 and 3.9.2 makes incorrect calls to the TIFFGetField function, which allows remote attackers to cause a denial of service (application crash… CWE-20
 Improper Input Validation  		CVE-2010-2597 2024-11-21 10:16 2010-07-2 Show GitHub Exploit DB Packet Storm
311639 4.3 MEDIUM
libtiff libtiff The OJPEGPostDecode function in tif_ojpeg.c in LibTIFF 3.9.0 and 3.9.2, as used in tiff2ps, allows remote attackers to cause a denial of service (assertion failure and application exit) via a crafted… CWE-20
 Improper Input Validation  		CVE-2010-2596 2024-11-21 10:16 2010-07-2 Show GitHub Exploit DB Packet Storm
311640 4.3 MEDIUM
libtiff libtiff The TIFFYCbCrtoRGB function in LibTIFF 3.9.0 and 3.9.2, as used in ImageMagick, does not properly handle invalid ReferenceBlackWhite values, which allows remote attackers to cause a denial of service… CWE-20
 Improper Input Validation  		CVE-2010-2595 2024-11-21 10:16 2010-07-2 Show GitHub Exploit DB Packet Storm
311641 6.8 MEDIUM
intersect_alliance snare_agent
snare_epilog 		Multiple cross-site request forgery (CSRF) vulnerabilities in the web management interface in InterSect Alliance Snare Agent 3.2.3 and earlier on Solaris, Snare Agent 3.1.7 and earlier on Windows, Sn… CWE-352
 Origin Validation Error 		CVE-2010-2594 2024-11-21 10:16 2010-07-2 Show GitHub Exploit DB Packet Storm
311642 7.5 HIGH
libtiff libtiff tif_getimage.c in LibTIFF 3.9.0 and 3.9.2 on 64-bit platforms, as used in ImageMagick, does not properly perform vertical flips, which allows remote attackers to cause a denial of service (applicatio… CWE-20
 Improper Input Validation  		CVE-2010-2233 2024-11-21 10:16 2010-07-2 Show GitHub Exploit DB Packet Storm
311643 7.5 HIGH
ibm p8_content_engine
p8_content_search_engine 		Unspecified vulnerability in the P8 Content Engine (P8CE) 4.5.1 before FP3 and the P8 Content Search Engine (P8CSE) before 4.5.0 FP3 and 4.5.1 before FP1, as used in IBM FileNet P8 Content Manager (C… CWE-264
NVD-CWE-noinfo
Permissions, Privileges, and Access Controls 		CVE-2010-2518 2024-11-21 10:16 2010-07-1 Show GitHub Exploit DB Packet Storm
311644 7.5 HIGH
ibm rational_clearquest Multiple unspecified vulnerabilities in IBM Rational ClearQuest before 7.1.1.02 have unknown impact and attack vectors, as demonstrated by an AppScan report. NVD-CWE-noinfo
CVE-2010-2517 2024-11-21 10:16 2010-07-1 Show GitHub Exploit DB Packet Storm
311645 6.5 MEDIUM
Network 		libpng
apple
fedoraproject
suse
opensuse
vmware
canonical
debian 		libpng
itunes
safari
iphone_os
tvos
fedora
linux_enterprise_server
opensuse
player
workstation
ubuntu_linux
debian_linux 		Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing m… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2010-2249 2024-11-21 10:16 2010-07-1 Show GitHub Exploit DB Packet Storm
311646 9.3 HIGH
adobe acrobat
acrobat_reader 		Buffer overflow in Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allows attackers to execute arbitrary code or cause a denial of service (memory corruption)… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2212 2024-11-21 10:16 2010-07-1 Show GitHub Exploit DB Packet Storm
311647 9.3 HIGH
adobe acrobat
acrobat_reader 		Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vec… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2211 2024-11-21 10:16 2010-07-1 Show GitHub Exploit DB Packet Storm
311648 9.3 HIGH
adobe acrobat
acrobat_reader 		Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vec… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2210 2024-11-21 10:16 2010-07-1 Show GitHub Exploit DB Packet Storm
311649 9.3 HIGH
adobe acrobat
acrobat_reader 		Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, allow attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vec… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-2209 2024-11-21 10:16 2010-07-1 Show GitHub Exploit DB Packet Storm
311650 9.3 HIGH
adobe acrobat
acrobat_reader 		Adobe Reader and Acrobat 9.x before 9.3.3, and 8.x before 8.2.3 on Windows and Mac OS X, dereference a heap object after this object's deletion, which allows attackers to execute arbitrary code via u… CWE-94
Code Injection 		CVE-2010-2208 2024-11-21 10:16 2010-07-1 Show GitHub Exploit DB Packet Storm