LiveActive security incident?Get immediate response
CVE archive

August 2010

Browse CVE records published in August 2010, with severity, affected products, CWE, KEV, and source-backed vulnerability context.

Showing 50 of 471 matching CVEs · Page 4 of 10.

Unknown · CVSS Not scored

CVE-2010-1802: libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name string...

libsecurity in Apple Mac OS X 10.5.8 and 10.6.4 does not properly perform comparisons to domain-name strings in X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a certificate associated with a similar domain name, as demonstrated by use of a www.example.con certificate to spoof www.example.com.

Published Aug 25, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-1578: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500...

Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc77567.

Published Aug 6, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-2814: Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security A...

Unspecified vulnerability in the Transport Layer Security (TLS) implementation on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.15), 8.1 before 8.1(2.44), 8.2 before 8.2(2.17), and 8.3 before 8.3(1.6) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via a sequence of crafted TLS packets, aka Bug ID CSCtf37506.

Published Aug 6, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-2820: Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) wit...

Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61662.

Published Aug 6, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5174: Race condition in Prevx 3.0.5.143 on Windows XP allows local users to bypass kernel-mode hook handlers, and...

Race condition in Prevx 3.0.5.143 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-2824: Unspecified vulnerability on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before...

Unspecified vulnerability on the Cisco Application Control Engine (ACE) Module with software A2(1.x) before A2(1.6), A2(2.x) before A2(2.3), and A2(3.x) before A2(3.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via a sequence of SSL packets, aka Bug ID CSCta20756.

Published Aug 13, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5163: Race condition in Kaspersky Internet Security 2010 9.0.0.736 on Windows XP allows local users to bypass ker...

Race condition in Kaspersky Internet Security 2010 9.0.0.736 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-1580: Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500...

Unspecified vulnerability in the SunRPC inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 7.2 before 7.2(5), 8.0 before 8.0(5.19), 8.1 before 8.1(2.47), and 8.2 before 8.2(2) and Cisco PIX Security Appliances 500 series devices allows remote attackers to cause a denial of service (device reload) via crafted SunRPC UDP packets, aka Bug ID CSCtc85753.

Published Aug 6, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5167: Race condition in Norman Security Suite PRO 8.0 on Windows XP allows local users to bypass kernel-mode hook...

Race condition in Norman Security Suite PRO 8.0 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5184: Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-...

Race condition in ZoneAlarm Extreme Security 9.1.507.000 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5172: Race condition in Panda Internet Security 2010 15.01.00 on Windows XP allows local users to bypass kernel-m...

Race condition in Panda Internet Security 2010 15.01.00 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-2819: Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) wit...

Unspecified vulnerability in the SunRPC inspection feature on the Cisco Firewall Services Module (FWSM) with software 3.1 before 3.1(17.2), 3.2 before 3.2(16.1), 4.0 before 4.0(10.1), and 4.1 before 4.1(1.1) for Catalyst 6500 series switches and 7600 series routers allows remote attackers to cause a denial of service (device reload) via crafted SunRPC messages, aka Bug ID CSCte61622.

Published Aug 6, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-2816: Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 se...

Unspecified vulnerability in the SIP inspection feature on Cisco Adaptive Security Appliances (ASA) 5500 series devices with software 8.0 before 8.0(5.17), 8.1 before 8.1(2.45), and 8.2 before 8.2(2.13) allows remote attackers to cause a denial of service (device reload) via crafted SIP packets, aka Bug ID CSCtd32106.

Published Aug 6, 2010 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5152: Race condition in AVG Internet Security 9.0.791 on Windows XP allows local users to bypass kernel-mode hook...

Race condition in AVG Internet Security 9.0.791 on Windows XP allows local users to bypass kernel-mode hook handlers, and execute dangerous code that would otherwise be blocked by a handler but not blocked by signature-based malware detection, via certain user-space memory changes during hook-handler execution, aka an argument-switch attack or a KHOBE attack. NOTE: this issue is disputed by some third parties because it is a flaw in a protection mechanism for situations where a crafted program has already begun to execute

Published Aug 25, 2012 · Updated Sep 16, 2024

Unknown · CVSS Not scored

CVE-2010-5308: GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which a...

GE Healthcare Optima MR360 does not require authentication for the HIPAA emergency login procedure, which allows physically proximate users to gain access via an arbitrary username in the Emergency Login screen. NOTE: this might not qualify for inclusion in CVE if unauthenticated emergency access is part of the intended security policy of the product, can be controlled by the system administrator, and is not enabled by default.

Published Aug 4, 2015 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-5307: The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root...

The HIPAA configuration interface in GE Healthcare Optima MR360 has a password of (1) operator for the root account, (2) adw2.0 for the admin account, and (3) adw2.0 for the sdc account, which has unspecified impact and attack vectors. NOTE: it is not clear whether these passwords are default, hardcoded, or dependent on another system or product that requires a fixed value.

Published Aug 4, 2015 · Updated Aug 7, 2024

Unknown · CVSS Not scored

CVE-2010-4828: Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) 1...

Multiple cross-site scripting (XSS) vulnerabilities in SolarWinds Orion Network Performance Monitor (NPM) 10.1 allow remote attackers to inject arbitrary web script or HTML via the (1) Title parameter to MapView.aspx; NetObject parameter to (2) NodeDetails.aspx and (3) InterfaceDetails.aspx; and the (4) ChartName parameter to CustomChart.aspx.

Published Aug 24, 2011 · Updated Aug 7, 2024