Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 4, 2026, 4 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 225811 | 7.2 | 危険 | IBM | - | IBM Notes の Multi User Profile Cleanup サービスにおける権限を取得される脆弱性(DoS) |
CWE-264
認可・権限・アクセス制御 |
CVE-2013-0536 | 2013-06-25 16:05 | 2013-06-12 | Show | GitHub Exploit DB Packet Storm |
| 225812 | 7.1 | 危険 | IBM | - | IBM AIX および VIOS の inet サブシステムの IPv6 の実装におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2013-3035 | 2013-06-25 15:57 | 2013-06-4 | Show | GitHub Exploit DB Packet Storm |
| 225813 | 1.9 | 注意 | IBM | - | Lotus Notes クライアントおよび単独で使用される IBM Sametime の Connect クライアントにおける重要な情報を取得される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2013-0534 | 2013-06-25 15:56 | 2013-05-31 | Show | GitHub Exploit DB Packet Storm |
| 225814 | 5 | 警告 | IBM | - | IBM Sterling Connect:Direct のブラウザにおける Cookie をキャプチャされる脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2013-0529 | 2013-06-25 15:48 | 2013-06-11 | Show | GitHub Exploit DB Packet Storm |
| 225815 | 1.9 | 注意 | IBM | - | IBM Sterling Connect:Direct のブラウザにおける管理者コンソールの重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2013-0527 | 2013-06-25 15:48 | 2013-06-11 | Show | GitHub Exploit DB Packet Storm |
| 225816 | 6.8 | 警告 | WordPress.org | - | WordPress 用 WP Maintenance Mode プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2013-3250 | 2013-06-25 14:15 | 2013-06-5 | Show | GitHub Exploit DB Packet Storm |
| 225817 | 4.3 | 警告 | Suksit Sripitchayaphan | - | Drupal 用 Inf08 テーマの template.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-6572 | 2013-06-25 13:54 | 2012-09-12 | Show | GitHub Exploit DB Packet Storm |
| 225818 | 4.3 | 警告 | シスコシステムズ | - | Cisco WebEx Social におけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2013-3392 | 2013-06-25 13:44 | 2013-06-21 | Show | GitHub Exploit DB Packet Storm |
| 225819 | 8.3 | 危険 | シスコシステムズ | - | Cisco TelePresence TC Software におけるルート権限のシェルアクセスを取得される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2013-3379 | 2013-06-24 18:32 | 2013-06-19 | Show | GitHub Exploit DB Packet Storm |
| 225820 | 7.8 | 危険 | シスコシステムズ | - | Cisco TelePresence TC Software および TE Software におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2013-3378 | 2013-06-24 18:16 | 2013-06-19 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 4, 2026, 4:17 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 201561 | 6.5 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.3 allows XXE attacks. |
CWE-611
XXE |
CVE-2020-8541 | 2024-11-21 14:38 | 2020-06-16 | Show | GitHub Exploit DB Packet Storm |
| 201562 | 6.7 |
MEDIUM
Local |
synaptics | smart_audio_uwp | An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an ad… |
CWE-428
Unquoted Search Path or Element |
CVE-2020-8337 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 201563 | 6.8 |
MEDIUM
Physics |
lenovo |
thinkpad_e14_firmware thinkpad_e15_firmware thinkpad_r14_firmware thinkpad_s3_gen_2_firmware thinkpad_e490s_firmware thinkpad_s3_firmware thinkpad_e490_firmware thinkpad_e590_fir… |
Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash. |
NVD-CWE-noinfo
|
CVE-2020-8336 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 201564 | 6.8 |
MEDIUM
Physics |
lenovo |
thinkpad_t495s_firmware thinkpad_x395_firmware thinkpad_t495_firmware thinkpad_a485_firmware thinkpad_a285_firmware thinkpad_a475_firmware thinkpad_a275_firmware |
The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T495s, X395, T495, A485, A285, A475, A275 which may allow for unauthorized access. |
CWE-754
Improper Check for Unusual or Exceptional Conditions |
CVE-2020-8334 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 201565 | 6.7 |
MEDIUM
Local |
lenovo |
330-14ast_firmware 330-15ast_firmware 330-17ast_firmware 340c-15api_firmware 340c-15ast_firmware 720s_touch-15ikb_firmware 720s-15ikb_firmware 730s-13iwl_firmware c640-iml_fir… |
A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution. |
NVD-CWE-noinfo
|
CVE-2020-8323 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 201566 | 6.7 |
MEDIUM
Local |
lenovo |
330-14ast_firmware 330-15ast_firmware 330-17ast_firmware 340c-15api_firmware 340c-15ast_firmware 720s_touch-15ikb_firmware 720s-15ikb_firmware 730s-13iwl_firmware c640-iml_fir… |
A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution. |
NVD-CWE-noinfo
|
CVE-2020-8322 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 201567 | 6.7 |
MEDIUM
Local |
lenovo |
130-14ast_firmware 130-14ikb_firmware 130-15ast_firmware 130-15ikb_firmware 320c-15ikb_firmware 330-14igm_firmware 330-14ikb_firmware 330-14ikbr_firmware 330-15arr_firmware
A potential vulnerability in the SMI callback function used in the System Lock Preinstallation driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution.
|
NVD-CWE-noinfo
|
CVE-2020-8321
|
2024-11-21 14:38 |
2020-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 201568 | 6.8 |
MEDIUM
Physics |
lenovo |
thinkpad_11e_yoga_gen_6_firmware thinkpad_11e_firmware thinkpad_yoga_11e_3rd_gen_firmware thinkpad_yoga_11e_4th_gen_firmware thinkpad_yoga_11e_5th_gen_firmware thinkpad_13_2nd_gen_firm… |
An internal shell was included in BIOS image in some ThinkPad models that could allow escalation of privilege. |
CWE-269
Improper Privilege Management |
CVE-2020-8320 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 201569 | 9.9 |
CRITICAL
Network |
nextcloud | talk | A too lax check in Nextcloud Talk 6.0.4, 7.0.2 and 8.0.7 allowed a code injection when a not correctly sanitized talk command was added by an administrator. |
CWE-94
Code Injection |
CVE-2020-8180 | 2024-11-21 14:38 | 2020-06-8 | Show | GitHub Exploit DB Packet Storm |
| 201570 | 7.4 |
HIGH
Network |
nodejs oracle |
node.js graalvm banking_extensibility_workbench mysql_cluster blockchain_platform |
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0. |
CWE-295
Improper Certificate Validation |
CVE-2020-8172 | 2024-11-21 14:38 | 2020-06-8 | Show | GitHub Exploit DB Packet Storm |