cyber
·
news
News
Deep Dives
Settings
Sign in
901 items
Unread (4729)
All
Dismissed
All
Critical
High
Supply Chain
Ransomware
Breaches
Zero-Day
CVEs
CRITICAL
CVE-2010-4042 (CVSS 9.8) — Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers...
NVD
CVE-2010-4042
5720d ago
CRITICAL
CVE-2010-4041 (CVSS 9.8) — The sandbox implementation in Google Chrome before 7.0.517.41 on Linux does not properly constrain w...
NVD
CVE-2010-4041
5720d ago
CRITICAL
CVE-2010-4039 (CVSS 9.8) — Google Chrome before 7.0.517.41 on Linux does not properly set the PATH environment variable, which ...
NVD
CVE-2010-4039
5720d ago
CRITICAL
CVE-2010-3729 (CVSS 9.8) — The SPDY protocol implementation in Google Chrome before 6.0.472.62 does not properly manage buffers...
NVD
CVE-2010-3729
5736d ago
CRITICAL
CVE-2010-3416 (CVSS 9.8) — Google Chrome before 6.0.472.59 on Linux does not properly implement the Khmer locale, which allows ...
NVD
CVE-2010-3416
5755d ago
CRITICAL
CVE-2010-2076 (CVSS 9.8) — Apache CXF 2.0.x before 2.0.13, 2.1.x before 2.1.10, and 2.2.x before 2.2.9, as used in Apache Servi...
NVD
CVE-2010-2076
CVE-2010-1632
5783d ago
CRITICAL
CVE-2010-2861 (CVSS 9.8) — Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 ...
NVD
CVE-2010-2861
5791d ago
CRITICAL
CVE-2010-0211 (CVSS 9.8) — The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a ca...
NVD
CVE-2010-0211
5805d ago
CRITICAL
CVE-2010-1205 (CVSS 9.8) — Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive...
NVD
CVE-2010-1205
5833d ago
CRITICAL
CVE-2010-1573 (CVSS 9.8) — Linksys WAP54Gv3 firmware 3.04.03 and earlier uses a hard-coded username (Gemtek) and password (gemt...
NVD
CVE-2010-1573
5854d ago
CRITICAL
CVE-2010-1866 (CVSS 9.8) — The dechunk filter in PHP 5.3 through 5.3.2, when decoding an HTTP chunked encoding stream, allows c...
NVD
CVE-2010-1866
5887d ago
CRITICAL
CVE-2010-0840 (CVSS 9.8) — Unspecified vulnerability in the Java Runtime Environment component in Oracle Java SE and Java for B...
NVD
CVE-2010-0840
5923d ago
CRITICAL
CVE-2009-4013 (CVSS 9.8) — Multiple directory traversal vulnerabilities in Lintian 1.23.x through 1.23.28, 1.24.x through 1.24....
NVD
CVE-2009-4013
5981d ago
CRITICAL
CVE-2009-4581 (CVSS 9.8) — Directory traversal vulnerability in modules/admincp.php in RoseOnlineCMS 3 B1 and earlier, when mag...
NVD
CVE-2009-4581
6008d ago
CRITICAL
CVE-2009-3616 (CVSS 9.9) — Multiple use-after-free vulnerabilities in vnc.c in the VNC server in QEMU 0.10.6 and earlier might ...
NVD
CVE-2009-3616
6083d ago
CRITICAL
CVE-2009-3421 (CVSS 9.8) — login.php in Zenas PaoBacheca Guestbook 2.1, when register_globals is enabled, allows remote attacke...
NVD
CVE-2009-3421
6111d ago
CRITICAL
CVE-2008-7109 (CVSS 9.8) — The Scanner File Utility (aka listener) in Kyocera Mita (KM) 3.3.0.1 allows remote attackers to bypa...
NVD
CVE-2008-7109
6139d ago
CRITICAL
CVE-2009-1048 (CVSS 9.8) — The web interface on the snom VoIP phones snom 300, snom 320, snom 360, snom 370, and snom 820 with ...
NVD
CVE-2009-1048
6153d ago
CRITICAL
CVE-2009-2422 (CVSS 9.8) — The example code for the digest authentication functionality (http_authentication.rb) in Ruby on Rai...
NVD
CVE-2009-2422
6188d ago
CRITICAL
CVE-2009-2382 (CVSS 9.8) — admin.php in phpMyBlockchecker 1.0.0055 allows remote attackers to bypass authentication and gain ad...
NVD
CVE-2009-2382
6190d ago
CRITICAL
CVE-2009-2367 (CVSS 9.8) — cgi-bin/makecgi-pro in Iomega StorCenter Pro generates predictable session IDs, which allows remote ...
NVD
CVE-2009-2367
6190d ago
CRITICAL
CVE-2009-2168 (CVSS 9.8) — cpanel/login.php in EgyPlus 7ammel (aka 7ml) 1.0.1 and earlier sends a redirect to the web browser b...
NVD
CVE-2009-2168
6206d ago
CRITICAL
CVE-2009-1936 (CVSS 9.8) — _functions.php in cpCommerce 1.2.x, possibly including 1.2.9, sends a redirect but does not exit whe...
NVD
CVE-2009-1936
CVE-2003-1500
6223d ago
CRITICAL
CVE-2009-1151 (CVSS 9.8) — Static code injection vulnerability in setup.php in phpMyAdmin 2.11.x before 2.11.9.5 and 3.x before...
NVD
CVE-2009-1151
6294d ago
CRITICAL
CVE-2008-5784 (CVSS 9.8) — V3 Chat - Profiles/Dating Script 3.0.2 allows remote attackers to bypass authentication and gain adm...
NVD
CVE-2008-5784
6379d ago
CRITICAL
CVE-2008-5038 (CVSS 9.8) — Use-after-free vulnerability in the NetWare Core Protocol (NCP) feature in Novell eDirectory 8.7.3 S...
NVD
CVE-2008-5038
6428d ago
CRITICAL
CVE-2008-3612 (CVSS 9.8) — The Networking subsystem in Apple iPod touch 2.0 through 2.0.2, and iPhone 2.0 through 2.0.2, uses p...
NVD
CVE-2008-3612
6491d ago
CRITICAL
CVE-2008-2433 (CVSS 9.8) — The web management console in Trend Micro OfficeScan 7.0 through 8.0, Worry-Free Business Security 5...
NVD
CVE-2008-2433
6505d ago
CRITICAL
CVE-2008-2369 (CVSS 9.1) — manzier.pxt in Red Hat Network Satellite Server before 5.1.1 has a hard-coded authentication key, wh...
NVD
CVE-2008-2369
6518d ago
CRITICAL
CVE-2008-3604 (CVSS 9.8) — SQL injection vulnerability in bannerclick.php in ZeeBuddy 2.1 allows remote attackers to execute ar...
NVD
CVE-2008-3604
6520d ago
CRITICAL
CVE-2008-2108 (CVSS 9.8) — The GENERATE_SEED macro in PHP 4.x before 4.4.8 and 5.x before 5.2.5, when running on 64-bit systems...
NVD
CVE-2008-2108
6617d ago
CRITICAL
CVE-2008-0599 (CVSS 9.8) — The init_request_info function in sapi/cgi/cgi_main.c in PHP before 5.2.6 does not properly consider...
NVD
CVE-2008-0599
6619d ago
CRITICAL
CVE-2008-0961 (CVSS 9.8) — EMV DiskXtender 6.20.060 has a hard-coded login and password, which allows remote attackers to bypas...
NVD
CVE-2008-0961
6640d ago
CRITICAL
CVE-2008-1160 (CVSS 9.8) — ZyXEL ZyWALL 1050 has a hard-coded password for the Quagga and Zebra processes that is not changed w...
NVD
CVE-2008-1160
6661d ago
CRITICAL
CVE-2008-0062 (CVSS 9.8) — KDC in MIT Kerberos 5 (krb5kdc) does not set a global variable for some krb4 message types, which al...
NVD
CVE-2008-0062
6666d ago
CRITICAL
CVE-2008-0174 (CVSS 9.8) — GE Fanuc Proficy Real-Time Information Portal 2.6 and earlier uses HTTP Basic Authentication, which ...
NVD
CVE-2008-0174
6717d ago
CRITICAL
CVE-2008-0081 (CVSS 9.8) — Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004...
NVD
CVE-2008-0081
CVE-2007-3490
6729d ago
CRITICAL
CVE-2007-6013 (CVSS 9.8) — Wordpress 1.5 through 2.3.1 uses cookie values based on the MD5 hash of a password MD5 hash, which a...
NVD
CVE-2007-6013
6787d ago
CRITICAL
CVE-2007-3010 (CVSS 9.8) — masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1 an...
NVD
CVE-2007-3010
6849d ago
CRITICAL
CVE-2007-3798 (CVSS 9.8) — Integer overflow in print-bgp.c in the BGP dissector in tcpdump 3.9.6 and earlier allows remote atta...
NVD
CVE-2007-3798
6913d ago
CRITICAL
CVE-2007-1399 (CVSS 9.8) — Stack-based buffer overflow in the zip:// URL wrapper in PECL ZIP 1.8.3 and earlier, as bundled with...
NVD
CVE-2007-1399
7041d ago
CRITICAL
CVE-2006-7079 (CVSS 9.8) — Variable extraction vulnerability in include/common.php in exV2 2.0.4.3 and earlier allows remote at...
NVD
CVE-2006-7079
7049d ago
CRITICAL
CVE-2007-0681 (CVSS 9.8) — profile.php in ExtCalendar 2 and earlier allows remote attackers to change the passwords of arbitrar...
NVD
CVE-2007-0681
7077d ago
CRITICAL
CVE-2005-3435 (CVSS 9.8) — admin_news.php in Archilles Newsworld up to 1.3.0 allows attackers to bypass authentication by obtai...
NVD
CVE-2005-3435
7534d ago
CRITICAL
CVE-2005-3120 (CVSS 9.8) — Stack-based buffer overflow in the HTrjis function in Lynx 2.8.6 and earlier allows remote NNTP serv...
NVD
CVE-2005-3120
7550d ago
CRITICAL
CVE-2005-2773 (CVSS 9.8) — HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary comma...
NVD
CVE-2005-2773
7595d ago
CRITICAL
CVE-2005-2103 (CVSS 9.8) — Buffer overflow in the AIM and ICQ module in Gaim before 1.5.0 allows remote attackers to cause a de...
NVD
CVE-2005-2103
7612d ago
CRITICAL
CVE-2005-1689 (CVSS 9.8) — Double free vulnerability in the krb5_recvauth function in MIT Kerberos 5 (krb5) 1.4.1 and earlier a...
NVD
CVE-2005-1689
7641d ago
CRITICAL
CVE-2005-1744 (CVSS 9.8) — BEA WebLogic Server and WebLogic Express 7.0 through Service Pack 5 does not log out users when an a...
NVD
CVE-2005-1744
7696d ago
CRITICAL
CVE-2005-1513 (CVSS 9.8) — Integer overflow in the stralloc_readyplus function in qmail, when running on 64 bit platforms with ...
NVD
CVE-2005-1513
7709d ago
Prev
Page 17 / 19
Next
CRITICAL
NVD
Thu, 21 Oct 2010 19:00:05 UTC
✕ Dismiss
CVE-2010-4042 (CVSS 9.8) — Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers...
https://nvd.nist.gov/vuln/detail/CVE-2010-4042
TL;DR
Google Chrome before 7.0.517.41 does not properly handle element maps, which allows remote attackers to cause a denial of service or possibly have unspecified other impact via vectors related to "stale elements."
CVE-2010-4042
Read full story ↗