Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 18, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 225961 | 7.8 | 危険 | MiniUPnP Project | - | MiniUPnP MiniUPnPd の HTTP サービスにおける整数符号エラーの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2013-1462 | 2013-02-4 16:38 | 2013-01-31 | Show | GitHub Exploit DB Packet Storm |
| 225962 | 7.8 | 危険 | MiniUPnP Project | - | MiniUPnP MiniUPnPd の HTTP サービスにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2013-1461 | 2013-02-4 16:37 | 2013-01-31 | Show | GitHub Exploit DB Packet Storm |
| 225963 | 10 | 危険 | MiniUPnP Project | - | MiniUPnP MiniUPnPd の HTTP サービスにおけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2013-0230 | 2013-02-4 16:37 | 2013-01-31 | Show | GitHub Exploit DB Packet Storm |
| 225964 | 7.8 | 危険 | MiniUPnP Project | - | MiniUPnP MiniUPnPd の SSDP ハンドラにおけるサービス運用妨害 (サービスクラッシュ) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2013-0229 | 2013-02-4 16:36 | 2013-01-31 | Show | GitHub Exploit DB Packet Storm |
| 225965 | 7.6 | 危険 | DELL EMC (旧 EMC Corporation) | - | EMC AlphaStor の Drive Control Program におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2013-0930 | 2013-02-4 16:26 | 2013-01-31 | Show | GitHub Exploit DB Packet Storm |
| 225966 | 9.3 | 危険 | オラクル | - | Oracle Java SE 7 Update 11 における Java セキュリティサンドボックスを回避される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2013-1490 | 2013-02-4 16:25 | 2013-01-31 | Show | GitHub Exploit DB Packet Storm |
| 225967 | 4.3 | 警告 | シスコシステムズ | - | Cisco Unified Communications Domain Manager におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2013-1113 | 2013-02-1 16:13 | 2013-01-25 | Show | GitHub Exploit DB Packet Storm |
| 225968 | 5 | 警告 | シスコシステムズ | - | Cisco Carrier Routing System におけるサービス運用妨害 (パケットロス) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2013-1112 | 2013-02-1 16:13 | 2013-01-25 | Show | GitHub Exploit DB Packet Storm |
| 225969 | 4.3 | 警告 | IBM | - | IBM Cognos TM1 の Web コンポーネントにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-6350 | 2013-02-1 16:12 | 2013-01-31 | Show | GitHub Exploit DB Packet Storm |
| 225970 | 4.3 | 警告 | シスコシステムズ | - | Cisco NAC Appliance 上の Web 認証機能におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-6029 | 2013-02-1 16:12 | 2013-01-30 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 18, 2026, 4:12 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 197051 | 9.8 |
CRITICAL
Network |
humaxdigital | hga12r-02_firmware | An issue was discovered on HUMAX HGA12R-02 BRGCAA 1.1.53 devices. A vulnerability in the authentication functionality in the web-based interface could allow an unauthenticated remote attacker to capt… |
CWE-319
Cleartext Transmission of Sensitive Information |
CVE-2020-9477 | 2024-11-21 14:40 | 2020-03-5 | Show | GitHub Exploit DB Packet Storm |
| 197052 | 7.5 |
HIGH
Network |
commscope | arris_tg1692a_firmware | ARRIS TG1692A devices allow remote attackers to discover the administrator login name and password by reading the /login page and performing base64 decoding. |
CWE-326
Inadequate Encryption Strength |
CVE-2020-9476 | 2024-11-21 14:40 | 2020-03-5 | Show | GitHub Exploit DB Packet Storm |
| 197053 | 7.8 |
HIGH
Local |
codepeople | appointment_booking_calendar | The Appointment Booking Calendar plugin before 1.3.35 for WordPress allows user input (in fields such as Description or Name) in any booking form to be any formula, which then could be exported via t… |
CWE-1236
Improper Neutralization of Formula Elements in a CSV File |
CVE-2020-9372 | 2024-11-21 14:40 | 2020-03-5 | Show | GitHub Exploit DB Packet Storm |
| 197054 | 4.8 |
MEDIUM
Network |
codepeople | appointment_booking_calendar | Stored XSS exists in the Appointment Booking Calendar plugin before 1.3.35 for WordPress. In the cpabc_appointments.php file, the Calendar Name input could allow attackers to inject arbitrary JavaScr… |
CWE-79
Cross-site Scripting |
CVE-2020-9371 | 2024-11-21 14:40 | 2020-03-5 | Show | GitHub Exploit DB Packet Storm |
| 197055 | 5.3 |
MEDIUM
Network |
creative-solutions | creative_contact_form | An issue was discovered in helpers/mailer.php in the Creative Contact Form extension 4.6.2 before 2019-12-03 for Joomla!. A directory traversal vulnerability resides in the filename field for uploade… |
CWE-22
Path Traversal |
CVE-2020-9364 | 2024-11-21 14:40 | 2020-03-5 | Show | GitHub Exploit DB Packet Storm |
| 197056 | 7.8 |
HIGH
Local |
pdfresurrect_project debian |
pdfresurrect debian_linux |
In PDFResurrect 0.12 through 0.19, get_type in pdf.c has an out-of-bounds write via a crafted PDF document. |
CWE-787
Out-of-bounds Write |
CVE-2020-9549 | 2024-11-21 14:40 | 2020-03-2 | Show | GitHub Exploit DB Packet Storm |
| 197057 | 7.5 |
HIGH
Network |
palemoon | pale_moon | Pale Moon 28.x before 28.8.4 has a segmentation fault related to module scripting, as demonstrated by a Lacoste web site. |
CWE-476
NULL Pointer Dereference |
CVE-2020-9545 | 2024-11-21 14:40 | 2020-03-2 | Show | GitHub Exploit DB Packet Storm |
| 197058 | 9.8 |
CRITICAL
Network |
fasterxml netapp debian oracle |
jackson-databind active_iq_unified_manager debian_linux retail_xstore_point_of_service primavera_unifier weblogic_server retail_merchandising_system agile_plm banking_digital_… |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to br.com.anteros.dbcp.AnterosDBCPConfig (aka anteros-core). |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-9548 | 2024-11-21 14:40 | 2020-03-2 | Show | GitHub Exploit DB Packet Storm |
| 197059 | 9.8 |
CRITICAL
Network |
fasterxml netapp debian oracle |
jackson-databind active_iq_unified_manager debian_linux retail_xstore_point_of_service primavera_unifier weblogic_server enterprise_manager_base_platform communications_instant_m… |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to com.ibatis.sqlmap.engine.transaction.jta.JtaTransactionConfig (aka ibati… |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-9547 | 2024-11-21 14:40 | 2020-03-2 | Show | GitHub Exploit DB Packet Storm |
| 197060 | 9.8 |
CRITICAL
Network |
fasterxml netapp debian oracle |
jackson-databind active_iq_unified_manager debian_linux retail_xstore_point_of_service primavera_unifier retail_service_backbone weblogic_server retail_merchandising_system ag… |
FasterXML jackson-databind 2.x before 2.9.10.4 mishandles the interaction between serialization gadgets and typing, related to org.apache.hadoop.shaded.com.zaxxer.hikari.HikariConfig (aka shaded hika… |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-9546 | 2024-11-21 14:40 | 2020-03-2 | Show | GitHub Exploit DB Packet Storm |