Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":July 7, 2024, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 191381 | 4.3 | 警告 | アップル | - | Apple Safari の WebKit におけるロケーションバーの URL を偽装される脆弱性 |
CWE-Other
その他 |
CVE-2010-3810 | 2010-12-15 14:42 | 2010-11-22 | Show | GitHub Exploit DB Packet Storm |
| 191382 | 9.3 | 危険 | アップル | - | Apple Safari の WebKit における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-3809 | 2010-12-15 14:39 | 2010-11-22 | Show | GitHub Exploit DB Packet Storm |
| 191383 | 9.3 | 危険 | アップル | - | Apple Safari の WebKit における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-3808 | 2010-12-15 14:37 | 2010-11-22 | Show | GitHub Exploit DB Packet Storm |
| 191384 | 9.3 | 危険 | アップル | - | Apple Safari の WebKit 内にある JavaScript 実装における整数アンダーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2010-3805 | 2010-12-15 14:32 | 2010-11-22 | Show | GitHub Exploit DB Packet Storm |
| 191385 | 5 | 警告 | アップル | - | Apple Safari の WebKit 内にある JavaScript 実装におけるユーザを追跡可能な脆弱性 |
CWE-310
暗号の問題 |
CVE-2010-3804 | 2010-12-15 14:29 | 2010-11-22 | Show | GitHub Exploit DB Packet Storm |
| 191386 | 9.3 | 危険 | アップル | - | Apple Safari の WebKit における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2010-3803 | 2010-12-15 14:25 | 2010-11-22 | Show | GitHub Exploit DB Packet Storm |
| 191387 | 2.6 | 注意 | マイクロソフト | - | Internet Explorer におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-3348 | 2010-12-15 14:08 | 2010-12-15 | Show | GitHub Exploit DB Packet Storm |
| 191388 | 2.6 | 注意 | マイクロソフト | - | Internet Explorer におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-3342 | 2010-12-15 14:07 | 2010-12-15 | Show | GitHub Exploit DB Packet Storm |
| 191389 | 2.6 | 注意 | マイクロソフト | - | Internet Explorer におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-3342 | 2010-12-15 14:05 | 2010-12-15 | Show | GitHub Exploit DB Packet Storm |
| 191390 | 4.3 | 警告 | マイクロソフト | - | Internet Explorer におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-3342 | 2010-12-15 14:03 | 2010-12-15 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:July 7, 2024, 8 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 2011 | 9.8 |
CRITICAL
Network
probot
|
bot
|
The ProBot bot through 2021-02-08 for Discord might allow attackers to interfere with the intended purpose of the "Send an image when a user joins the server" feature (or possibly have unspecified ot…
|
CWE-434
|
Unrestricted Upload of File with Dangerous Type
CVE-2021-26918
|
2024-07-3 10:36 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 2012 | 8.8 |
HIGH
Network |
belkin | linksys_wrt160nl_firmware | The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacte… |
CWE-78
OS Command |
CVE-2021-25310 | 2024-07-3 10:36 | 2021-02-3 | Show | GitHub Exploit DB Packet Storm |
| 2013 | 8.1 |
HIGH
Network |
fasterxml netapp debian oracle |
jackson-databind cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management com… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36182 | 2024-07-3 10:36 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 2014 | 7.5 |
HIGH
Network
apache
|
flink
|
A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the Jo…
|
CWE-552
|
Files or Directories Accessible to External Parties
CVE-2020-17519
|
2024-07-3 10:36 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 2015 | 7.5 |
HIGH
Network
xwiki
|
xwiki
|
XWiki Platform before 12.8 mishandles escaping in the property displayer.
|
CWE-116
|
Improper Encoding or Escaping of Output
CVE-2020-13654
|
2024-07-3 10:36 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 2016 | 7.5 |
HIGH
Network
mersive
|
solstice_firmware
|
In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is dir…
|
NVD-CWE-noinfo
|
CVE-2020-35587
|
2024-07-3 10:36 |
2020-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 2017 | 8.1 |
HIGH
Network |
netapp debian oracle fasterxml |
cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management communications_billing_… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36180 | 2024-07-3 10:36 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 2018 | 8.1 |
HIGH
Network |
netapp debian oracle fasterxml |
cloud_backup service_level_manager debian_linux webcenter_portal application_testing_suite primavera_unifier agile_plm communications_policy_management communications_billing_… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36179 | 2024-07-3 10:36 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 2019 | 8.1 |
HIGH
Network |
netapp debian oracle fasterxml |
cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management communications_billing_… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36184 | 2024-07-3 10:36 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 2020 | 4.3 |
MEDIUM
Network |
samba redhat |
samba enterprise_linux storage |
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be u… |
CWE-266
Incorrect Privilege Assignment |
CVE-2020-14318 | 2024-07-3 10:36 | 2020-12-4 | Show | GitHub Exploit DB Packet Storm |