NVD Vulnerability Information Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • CRITICAL
  • HIGH
  • MEDIUM
  • LOW

Update Date:May 5, 2026, 4:51 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
345751 4.3 MEDIUM
robertotto teamsite_hack_plugin Cross-site scripting (XSS) vulnerability in ts_other.php in the Teamsite Hack plugin 3.0 and earlier for WoltLab Burning Board allows remote attackers to inject arbitrary web script or HTML via the u… CWE-79
Cross-site Scripting 		CVE-2010-1339 2010-04-12 13:00 2010-04-10 Show GitHub Exploit DB Packet Storm
345752 6.8 MEDIUM
directnews direct_news Multiple PHP remote file inclusion vulnerabilities in Direct News 4.10.2, when register_globals is enabled, allow remote attackers to execute arbitrary PHP code via a URL in the rootpath parameter to… CWE-94
Code Injection 		CVE-2010-1342 2010-04-12 13:00 2010-04-10 Show GitHub Exploit DB Packet Storm
345753 5.0 MEDIUM
cookex com_ckforms Directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter… CWE-22
Path Traversal 		CVE-2010-1345 2010-04-12 13:00 2010-04-10 Show GitHub Exploit DB Packet Storm
345754 5.0 MEDIUM
opera opera_browser Opera 10.50 allows remote attackers to obtain sensitive information via crafted XSLT constructs, which cause Opera to return cached contents of other pages. CWE-200
Information Exposure 		CVE-2010-1310 2010-04-10 02:01 2010-04-9 Show GitHub Exploit DB Packet Storm
345755 6.8 MEDIUM
apple mac_os_x
mac_os_x_server 		Stack-based buffer overflow in PS Normalizer in Apple Mac OS X before 10.6.3 allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted PostScrip… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0513 2010-04-9 14:42 2010-03-31 Show GitHub Exploit DB Packet Storm
345756 6.8 MEDIUM
apple mac_os_x
mac_os_x_server 		Per: http://support.apple.com/kb/HT4077 'On Mac OS X v10.6 systems this issue is mitigated by the -fstack-protector compiler flag.' CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0513 2010-04-9 14:42 2010-03-31 Show GitHub Exploit DB Packet Storm
345757 5.0 MEDIUM
la-souris-verte com_svmap Directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php. CWE-22
Path Traversal 		CVE-2010-1308 2010-04-9 13:00 2010-04-9 Show GitHub Exploit DB Packet Storm
345758 5.0 MEDIUM
ermenegildo_fiorito irmin_cms Directory traversal vulnerability in Irmin CMS (formerly Pepsi CMS) 0.6 BETA2 allows remote attackers to read arbitrary files via a .. (dot dot) in the w parameter to index.php. CWE-22
Path Traversal 		CVE-2010-1309 2010-04-9 13:00 2010-04-9 Show GitHub Exploit DB Packet Storm
345759 4.3 MEDIUM
seber com_sebercart Directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via… CWE-22
Path Traversal 		CVE-2010-1313 2010-04-9 13:00 2010-04-9 Show GitHub Exploit DB Packet Storm
345760 5.0 MEDIUM
joomlanook com_hsconfig Directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter… CWE-22
Path Traversal 		CVE-2010-1314 2010-04-9 13:00 2010-04-9 Show GitHub Exploit DB Packet Storm
345761 7.5 HIGH
mahara mahara SQL injection vulnerability in lib/user.php in mahara 1.0.4 allows remote attackers to execute arbitrary SQL commands via a username. CWE-89
SQL Injection 		CVE-2010-0400 2010-04-8 22:25 2010-04-8 Show GitHub Exploit DB Packet Storm
345762 5.0 MEDIUM
decryptweb com_dwgraphs Directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequence… CWE-22
Path Traversal 		CVE-2010-1302 2010-04-8 13:00 2010-04-8 Show GitHub Exploit DB Packet Storm
345763 6.8 MEDIUM
ermenegildo_fiorito irmin_cms Directory traversal vulnerability in includes/template-loader.php in Irmin CMS (formerly Pepsi CMS) 0.5 and 0.6 BETA2, when register_globals is enabled, allows remote attackers to include and execute… CWE-22
Path Traversal 		CVE-2008-7254 2010-04-8 13:00 2010-04-8 Show GitHub Exploit DB Packet Storm
345764 7.5 HIGH
ekith com_dcs_flashgames SQL injection vulnerability in Adam Corley dcsFlashGames (com_dcs_flashgames) allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. CWE-89
SQL Injection 		CVE-2010-1265 2010-04-7 13:00 2010-04-7 Show GitHub Exploit DB Packet Storm
345765 5.0 MEDIUM
kjetiltroan webmaid_cms Multiple directory traversal vulnerabilities in WebMaid CMS 0.2-6 Beta and earlier allow remote attackers to read arbitrary files via directory traversal sequences in the com parameter to (1) cContac… CWE-22
Path Traversal 		CVE-2010-1267 2010-04-7 13:00 2010-04-7 Show GitHub Exploit DB Packet Storm
345766 4.3 MEDIUM
bbsxp bbsxp Multiple cross-site scripting (XSS) vulnerabilities in BBSXP 2008 SP2 allow remote attackers to inject arbitrary web script or HTML via the URI in a request to (1) AddPost.asp, (2) AddTopic.asp, (3) … CWE-79
Cross-site Scripting 		CVE-2010-1276 2010-04-7 13:00 2010-04-7 Show GitHub Exploit DB Packet Storm
345767 4.0 MEDIUM
pulsecms pulse_cms Directory traversal vulnerability in view.php in Pulse CMS 1.2.2 allows remote attackers to read arbitrary files via directory traversal sequences in the f parameter. NOTE: the provenance of this in… CWE-22
Path Traversal 		CVE-2010-1298 2010-04-7 13:00 2010-04-7 Show GitHub Exploit DB Packet Storm
345768 4.0 MEDIUM
pulsecms pulse_cms per: http://secunia.com/advisories/38650 '2) Input passed via the "f" parameter to view.php is not properly sanitised before being used to read files. This can be exploited to disclose the content… CWE-22
Path Traversal 		CVE-2010-1298 2010-04-7 13:00 2010-04-7 Show GitHub Exploit DB Packet Storm
345769 7.5 HIGH
novell netware_ftp_server
netware 		NWFTPD.nlm before 5.08.06 in the FTP server in Novell NetWare does not properly handle partial matches for container names in the FTPREST.TXT file, which allows remote attackers to bypass intended ac… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-6735 2010-04-6 23:22 2010-04-6 Show GitHub Exploit DB Packet Storm
345770 9.3 HIGH
foxitsoftware foxit_reader Foxit Reader before 3.2.1.0401 allows remote attackers to (1) execute arbitrary local programs via a certain "/Type /Action /S /Launch" sequence, and (2) execute arbitrary programs embedded in a PDF … CWE-94
Code Injection 		CVE-2010-1239 2010-04-6 13:00 2010-04-6 Show GitHub Exploit DB Packet Storm
345771 4.0 MEDIUM
novell netware_ftp_server
netware 		NWFTPD.nlm before 5.08.07 in the FTP server in Novell NetWare 6.5 SP7 does not properly implement the FTPREST.TXT NOREMOTE restriction, which allows remote authenticated users to access directories o… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2007-6734 2010-04-6 13:00 2010-04-6 Show GitHub Exploit DB Packet Storm
345772 7.5 HIGH
novell netware_ftp_server
netware 		NWFTPD.nlm before 5.06.05 in the FTP server in Novell NetWare 6.5 SP5 allows attackers to have an unspecified impact via vectors related to passwords. NVD-CWE-noinfo
CVE-2005-4887 2010-04-6 13:00 2010-04-6 Show GitHub Exploit DB Packet Storm
345773 5.0 MEDIUM
novell netware_ftp_server
netware 		NWFTPD.nlm before 5.06.04 in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (excessive stale connections) by establishing many FTP sessions, which persist in th… NVD-CWE-Other
CVE-2005-4888 2010-04-6 13:00 2010-04-6 Show GitHub Exploit DB Packet Storm
345774 4.3 MEDIUM
novell netware_ftp_server
netware 		NWFTPD.nlm before 5.04.25 in the FTP server in Novell NetWare does not promptly close DS sessions, which allows remote attackers to cause a denial of service (connection slot exhaustion) by establish… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2004-2767 2010-04-6 13:00 2010-04-6 Show GitHub Exploit DB Packet Storm
345775 5.0 MEDIUM
novell netware_ftp_server
netware 		Multiple buffer overflows in NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 allow remote attackers to cause a denial of service (abend) via a long (1) username or (2… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2003-1592 2010-04-6 13:00 2010-04-6 Show GitHub Exploit DB Packet Storm
345776 7.5 HIGH
novell netware_ftp_server
netware 		NWFTPD.nlm in the FTP server in Novell NetWare 6.0 before SP4 and 6.5 before SP1 does not enforce domain-name login restrictions, which allows remote attackers to bypass intended access control via a… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2003-1593 2010-04-6 13:00 2010-04-6 Show GitHub Exploit DB Packet Storm
345777 7.5 HIGH
novell netware_ftp_server
netware 		NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly enforce FTPREST.TXT settings, which allows remote attackers to bypass intended access restrictions via an FTP sessi… CWE-264
Permissions, Privileges, and Access Controls 		CVE-2003-1594 2010-04-6 13:00 2010-04-6 Show GitHub Exploit DB Packet Storm
345778 10.0 HIGH
novell netware_ftp_server
netware 		NWFTPD.nlm before 5.04.05 in the FTP server in Novell NetWare 6.5 does not properly perform "intruder detection," which has unspecified impact and attack vectors. CWE-264
Permissions, Privileges, and Access Controls 		CVE-2003-1595 2010-04-6 13:00 2010-04-6 Show GitHub Exploit DB Packet Storm
345779 3.5 LOW
novell netware_ftp_server
netware 		NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allows remote authenticated users to cause a denial of service (abend) by sending an RNTO command after a failed RNFR command. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2000-1246 2010-04-6 04:28 2010-04-6 Show GitHub Exploit DB Packet Storm
345780 7.5 HIGH
novell netware_ftp_server
netware 		Multiple unspecified vulnerabilities in NWFTPD.nlm before 5.01o in the FTP server in Novell NetWare 5.1 SP3 allow remote attackers to bypass intended restrictions on anonymous access via unknown vect… NVD-CWE-noinfo
CWE-264
Permissions, Privileges, and Access Controls 		CVE-2000-1245 2010-04-6 00:30 2010-04-6 Show GitHub Exploit DB Packet Storm
345781 5.0 MEDIUM
novell netware NWFTPD.nlm before 5.01w in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via an anonymous STOU command. CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2001-1587 2010-04-6 00:30 2010-04-6 Show GitHub Exploit DB Packet Storm
345782 5.0 MEDIUM
novell netware_ftp_server
netware 		Unspecified vulnerability in NWFTPD.nlm before 5.03b in the FTP server in Novell NetWare allows remote attackers to cause a denial of service (abend) via a crafted username. NVD-CWE-noinfo
CVE-2002-2432 2010-04-6 00:30 2010-04-6 Show GitHub Exploit DB Packet Storm
345783 2.6 LOW
gnome evolution Evolution 2.2.x and 2.3.x in GNOME 2.7 and 2.8, when "load images if sender in addressbook" is enabled, allows remote attackers to cause a denial of service (persistent crash) via a crafted "From" he… NVD-CWE-Other
CVE-2006-2789 2010-04-2 16:56 2006-06-3 Show GitHub Exploit DB Packet Storm
345784 6.5 MEDIUM
mpg123 mpg123 Multiple buffer overflows in mpg123 0.59r allow user-assisted attackers to trigger a segmentation fault and possibly have other impacts via a certain MP3 file, as demonstrated by mpg1DoS3. NOTE: thi… NVD-CWE-Other
CVE-2006-1655 2010-04-2 16:23 2006-04-6 Show GitHub Exploit DB Packet Storm
345785 6.4 MEDIUM
kolab kolab_groupware_server Kolab Server 2.0.0 and 2.0.1 does not properly handle when a large email is sent with a "." in the wrong place, which causes kolabfilter to add another ".", which might break clear-text signatures an… NVD-CWE-Other
CVE-2005-4828 2010-04-2 15:31 2005-12-31 Show GitHub Exploit DB Packet Storm
345786 7.5 HIGH
freeradius freeradius SQL injection vulnerability in the rlm_sqlcounter module in FreeRADIUS 1.0.3 and 1.0.4 allows remote attackers to execute arbitrary SQL commands via unknown attack vectors. NVD-CWE-Other
CVE-2005-4745 2010-04-2 15:30 2005-12-31 Show GitHub Exploit DB Packet Storm
345787 7.5 HIGH
freeradius freeradius The vendor released version 1.1.1 to address this issue. NVD-CWE-Other
CVE-2005-4745 2010-04-2 15:30 2005-12-31 Show GitHub Exploit DB Packet Storm
345788 7.8 HIGH
freeradius freeradius Multiple buffer overflows in FreeRADIUS 1.0.3 and 1.0.4 allow remote attackers to cause denial of service (crash) via (1) the rlm_sqlcounter module or (2) unknown vectors "while expanding %t". NVD-CWE-Other
CVE-2005-4746 2010-04-2 15:30 2005-12-31 Show GitHub Exploit DB Packet Storm
345789 10.0 HIGH
clam_anti-virus clamav Improper boundary checks in petite.c in Clam AntiVirus (ClamAV) before 0.87.1 allows attackers to perform unknown attacks via unknown vectors. NVD-CWE-Other
CVE-2005-3587 2010-04-2 15:06 2005-11-16 Show GitHub Exploit DB Packet Storm
345790 7.8 HIGH
clam_anti-virus clamav The OLE2 unpacker in clamd in Clam AntiVirus (ClamAV) 0.87-1 allows remote attackers to cause a denial of service (segmentation fault) via a DOC file with an invalid property tree, which triggers an … NVD-CWE-Other
CVE-2005-3239 2010-04-2 14:50 2005-10-15 Show GitHub Exploit DB Packet Storm
345791 2.1 LOW
linux linux_kernel A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received … NVD-CWE-Other
CVE-2004-2607 2010-04-2 13:50 2004-12-31 Show GitHub Exploit DB Packet Storm
345792 5.0 MEDIUM
apple iphone_os The HTTP client functionality in Apple iPhone OS 3.1 on the iPhone 2G and 3.1.3 on the iPhone 3GS allows remote attackers to cause a denial of service (Safari, Mail, or Springboard crash) via a craft… CWE-20
 Improper Input Validation  		CVE-2010-1226 2010-04-2 13:00 2010-04-2 Show GitHub Exploit DB Packet Storm
345793 7.8 HIGH
cisco ios Cisco IOS 12.1 through 12.4, when Cisco Unified Communications Manager Express (CME) or Cisco Unified Survivable Remote Site Telephony (SRST) is enabled, allows remote attackers to cause a denial of … NVD-CWE-noinfo
CVE-2010-0585 2010-04-1 14:40 2010-03-26 Show GitHub Exploit DB Packet Storm
345794 4.3 MEDIUM
ikiwiki ikiwiki Cross-site scripting (XSS) vulnerability in the htmlscrubber component in ikiwiki 2.x before 2.53.5 and 3.x before 3.20100312 allows remote attackers to inject arbitrary web script or HTML via a craf… CWE-79
Cross-site Scripting 		CVE-2010-1195 2010-04-1 13:00 2010-04-1 Show GitHub Exploit DB Packet Storm
345795 9.0 HIGH
apple mac_os_x_server Password Server in Apple Mac OS X Server before 10.6.3 does not properly perform password replication, which might allow remote authenticated users to obtain login access via an expired password. CWE-255
Credentials Management 		CVE-2010-0510 2010-04-1 03:08 2010-03-31 Show GitHub Exploit DB Packet Storm
345796 9.0 HIGH
apple mac_os_x_server Per: http://support.apple.com/kb/HT4077 'This issue only affects Mac OS X Server systems' CWE-255
Credentials Management 		CVE-2010-0510 2010-04-1 03:08 2010-03-31 Show GitHub Exploit DB Packet Storm
345797 7.5 HIGH
apple mac_os_x_server Multiple stack-based buffer overflows in iChat Server in Apple Mac OS X Server before 10.6.3 allow remote attackers to execute arbitrary code or cause a denial of service (application crash) via unsp… CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0504 2010-04-1 02:14 2010-03-31 Show GitHub Exploit DB Packet Storm
345798 7.5 HIGH
apple mac_os_x_server Per: http://support.apple.com/kb/HT4077 'These issues only affect Mac OS X Server systems.' CWE-119
Incorrect Access of Indexable Resource ('Range Error')  		CVE-2010-0504 2010-04-1 02:14 2010-03-31 Show GitHub Exploit DB Packet Storm
345799 6.5 MEDIUM
apple mac_os_x_server Use-after-free vulnerability in iChat Server in Apple Mac OS X Server 10.5.8 allows remote authenticated users to execute arbitrary code or cause a denial of service (application crash) via unspecifi… CWE-399
 Resource Management Errors 		CVE-2010-0503 2010-04-1 02:07 2010-03-31 Show GitHub Exploit DB Packet Storm
345800 6.5 MEDIUM
apple mac_os_x_server Per: http://support.apple.com/kb/HT4077 'This issue only affects Mac OS X Server systems, and does not affect versions 10.6 or later' CWE-399
 Resource Management Errors 		CVE-2010-0503 2010-04-1 02:07 2010-03-31 Show GitHub Exploit DB Packet Storm