![]() |
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
Update Date":July 7, 2024, 6 p.m.
No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
---|---|---|---|---|---|---|---|---|---|---|---|
193121 | 9.3 | 危険 | マイクロソフト | - | Microsoft Office Excel における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-3128 | 2010-01-5 16:17 | 2009-11-10 | Show | GitHub Exploit DB Packet Storm |
193122 | 9.3 | 危険 | マイクロソフト | - | Microsoft Office および Open XML File Format Converter における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-3127 | 2010-01-5 16:16 | 2009-11-10 | Show | GitHub Exploit DB Packet Storm |
193123 | 6.8 | 警告 | アップル サイバートラスト株式会社 サン・マイクロシステムズ ターボリナックス ヒューレット・パッカード OpenSSL Project レッドハット |
- | OpenSSL の SSL_get_shared_ciphers() 関数における一つずれエラーの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2007-5135 | 2010-01-5 13:31 | 2007-10-12 | Show | GitHub Exploit DB Packet Storm |
193124 | 7.8 | 危険 | マイクロソフト | - | Microsoft Windows で稼働している Active Directory の LDAP サービスにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-1928 | 2010-01-4 15:24 | 2009-11-10 | Show | GitHub Exploit DB Packet Storm |
193125 | 9.3 | 危険 | マイクロソフト | - | Microsoft Windows の kernel における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-2514 | 2010-01-4 15:24 | 2009-11-10 | Show | GitHub Exploit DB Packet Storm |
193126 | 6.8 | 警告 | マイクロソフト | - | Microsoft Windows の kernel の Graphics Device Interface (GDI) における権限を取得される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2009-2513 | 2010-01-4 15:24 | 2009-11-10 | Show | GitHub Exploit DB Packet Storm |
193127 | 6.8 | 警告 | マイクロソフト | - | Microsoft Windows の kernel における権限を取得される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2009-1127 | 2010-01-4 15:24 | 2009-11-10 | Show | GitHub Exploit DB Packet Storm |
193128 | 10 | 危険 | マイクロソフト | - | Microsoft Windows の License Logging Server (llssrv.exe) における任意のコードを実行される脆弱性 |
CWE-119
バッファエラー |
CVE-2009-2523 | 2010-01-4 15:24 | 2009-11-10 | Show | GitHub Exploit DB Packet Storm |
193129 | 9.3 | 危険 | マイクロソフト | - | Microsoft Windows の Web Services on Devices API (WSDAPI) における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-2512 | 2010-01-4 15:23 | 2009-11-10 | Show | GitHub Exploit DB Packet Storm |
193130 | 10 | 危険 | アップル VMware サン・マイクロシステムズ |
- | Sun Java SE の Provider クラスにおける詳細不明な脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-2722 | 2010-01-4 14:56 | 2009-08-10 | Show | GitHub Exploit DB Packet Storm |
Update Date:July 7, 2024, 8 p.m.
No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
---|---|---|---|---|---|---|---|---|---|---|---|
2011 | 9.8 |
CRITICAL
Network
probot
|
bot
|
The ProBot bot through 2021-02-08 for Discord might allow attackers to interfere with the intended purpose of the "Send an image when a user joins the server" feature (or possibly have unspecified ot…
|
CWE-434
|
Unrestricted Upload of File with Dangerous Type
CVE-2021-26918
|
2024-07-3 10:36 |
2021-02-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2012 | 8.8 |
HIGH
Network |
belkin | linksys_wrt160nl_firmware | The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacte… |
CWE-78
OS Command |
CVE-2021-25310 | 2024-07-3 10:36 | 2021-02-3 | Show | GitHub Exploit DB Packet Storm |
2013 | 8.1 |
HIGH
Network |
fasterxml netapp debian oracle |
jackson-databind cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management com… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.cpdsadapter.DriverAdapterCPDS. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36182 | 2024-07-3 10:36 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
2014 | 7.5 |
HIGH
Network
apache
|
flink
|
A change introduced in Apache Flink 1.11.0 (and released in 1.11.1 and 1.11.2 as well) allows attackers to read any file on the local filesystem of the JobManager through the REST interface of the Jo…
|
CWE-552
|
Files or Directories Accessible to External Parties
CVE-2020-17519
|
2024-07-3 10:36 |
2021-01-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2015 | 7.5 |
HIGH
Network
xwiki
|
xwiki
|
XWiki Platform before 12.8 mishandles escaping in the property displayer.
|
CWE-116
|
Improper Encoding or Escaping of Output
CVE-2020-13654
|
2024-07-3 10:36 |
2020-12-31 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2016 | 7.5 |
HIGH
Network
mersive
|
solstice_firmware
|
In Solstice Pod before 3.0.3, the firmware can easily be decompiled/disassembled. The decompiled/disassembled files contain non-obfuscated code. NOTE: it is unclear whether lack of obfuscation is dir…
|
NVD-CWE-noinfo
|
CVE-2020-35587
|
2024-07-3 10:36 |
2020-12-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
2017 | 8.1 |
HIGH
Network |
netapp debian oracle fasterxml |
cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management communications_billing_… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.commons.dbcp2.cpdsadapter.DriverAdapterCPDS. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36180 | 2024-07-3 10:36 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
2018 | 8.1 |
HIGH
Network |
netapp debian oracle fasterxml |
cloud_backup service_level_manager debian_linux webcenter_portal application_testing_suite primavera_unifier agile_plm communications_policy_management communications_billing_… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to oadd.org.apache.commons.dbcp.cpdsadapter.DriverAdapterCPDS. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36179 | 2024-07-3 10:36 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
2019 | 8.1 |
HIGH
Network |
netapp debian oracle fasterxml |
cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management communications_billing_… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36184 | 2024-07-3 10:36 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
2020 | 4.3 |
MEDIUM
Network |
samba redhat |
samba enterprise_linux storage |
A flaw was found in the way samba handled file and directory permissions. An authenticated user could use this flaw to gain access to certain file and directory information which otherwise would be u… |
CWE-266
Incorrect Privilege Assignment |
CVE-2020-14318 | 2024-07-3 10:36 | 2020-12-4 | Show | GitHub Exploit DB Packet Storm |