Vulnerabilities > Microsoft > Windows > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-01-19 | CVE-2010-4423 | Local Privilege-Escalation vulnerability in Oracle Database Server 10.2.0.4/10.2.0.5/11.1.0.7 Unspecified vulnerability in the Cluster Verify Utility component in Oracle Database Server 10.2.0.4, 10.2.0.5, 11.1.0.7, and 11.2.0.1, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors. | 6.9 |
| 2010-12-22 | CVE-2010-4114 | Cross-Site Scripting vulnerability in HP Discovery&Dependency Mapping Inventory Cross-site scripting (XSS) vulnerability in HP Discovery & Dependency Mapping Inventory (DDMI) 2.5x, 7.5x, and 7.6x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-12-22 | CVE-2010-4111 | Cross-Site Scripting vulnerability in HP Insight Diagnostics Cross-site scripting (XSS) vulnerability in HP Insight Diagnostics Online Edition before 8.5.1.3712 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | 4.3 |
| 2010-09-17 | CVE-2010-3460 | Path Traversal vulnerability in Gecad Axigen Mail Server Directory traversal vulnerability in the HTTP interface in AXIGEN Mail Server 7.4.1 for Windows allows remote attackers to read arbitrary files via a %5C (encoded backslash) in the URL. | 5.0 |
| 2010-09-10 | CVE-2010-1805 | Permissions, Privileges, and Access Controls vulnerability in Apple Safari Untrusted search path vulnerability in Apple Safari 4.x before 4.1.2 and 5.x before 5.0.2 on Windows allows local users to gain privileges via a Trojan horse explorer.exe (aka Windows Explorer) program in a directory containing a file that had been downloaded by Safari. | 6.9 |
| 2010-09-08 | CVE-2010-3005 | Unspecified vulnerability in HP Operations Agent 7.36/8.60 Unspecified vulnerability in HP Operations Agent 7.36 and 8.6 on Windows allows local users to gain privileges via unknown vectors. | 6.8 |
| 2010-08-11 | CVE-2010-2220 | Unspecified vulnerability in Adobe Flash Media Server and Flash Media Server 2 Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to an "input validation issue." | 5.0 |
| 2010-08-11 | CVE-2010-2219 | Resource Management Errors vulnerability in Adobe Flash Media Server and Flash Media Server 2 Unspecified vulnerability in Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service (memory consumption) via unknown vectors. | 5.0 |
| 2010-08-11 | CVE-2010-2218 | Unspecified vulnerability in Adobe Flash Media Server and Flash Media Server 2 Adobe Flash Media Server (FMS) before 3.0.6, and 3.5.x before 3.5.4, allows attackers to cause a denial of service via unspecified vectors, related to a "JS method issue." | 5.0 |
| 2010-07-22 | CVE-2010-1969 | Cross-Site Scripting vulnerability in HP Virtual Connect Enterprise Manager 6.10 Cross-site scripting (XSS) vulnerability in HP Virtual Connect Enterprise Manager for Windows before 6.1 allows remote attackers to inject arbitrary web script or HTML via unknown vectors. | 4.3 |