Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 11, 2026, 6:01 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 226111 | 5 | 警告 | runcms | - | RunCMS における重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2009-3815 | 2012-12-20 19:28 | 2009-10-27 | Show | GitHub Exploit DB Packet Storm |
| 226112 | 6.5 | 警告 | runcms | - | RunCMS における任意の PHP コードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-3814 | 2012-12-20 19:28 | 2009-10-27 | Show | GitHub Exploit DB Packet Storm |
| 226113 | 6.5 | 警告 | runcms | - | RunCMS における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-3813 | 2012-12-20 19:28 | 2009-10-27 | Show | GitHub Exploit DB Packet Storm |
| 226114 | 6.5 | 警告 | runcms | - | RunCMS の modules/forum/post.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-3804 | 2012-12-20 19:28 | 2009-10-27 | Show | GitHub Exploit DB Packet Storm |
| 226115 | 5 | 警告 | vivvo | - | Vivvo CMS の files.php におけるディレクトリトラバーサル攻撃を実行される脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2009-3787 | 2012-12-20 19:28 | 2009-10-26 | Show | GitHub Exploit DB Packet Storm |
| 226116 | 6.8 | 警告 | sjoerd arendsen | - | Drupal 用モジュールの Simplenews Statistics におけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2009-3785 | 2012-12-20 19:28 | 2009-10-26 | Show | GitHub Exploit DB Packet Storm |
| 226117 | 6.8 | 警告 | sjoerd arendsen | - | Drupal 用モジュールの Simplenews Statistics におけるオープンリダイレクトの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2009-3784 | 2012-12-20 19:28 | 2009-10-26 | Show | GitHub Exploit DB Packet Storm |
| 226118 | 4.3 | 警告 | sjoerd arendsen | - | Drupal 用モジュールの Simplenews Statistics におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3783 | 2012-12-20 19:28 | 2009-10-26 | Show | GitHub Exploit DB Packet Storm |
| 226119 | 7.5 | 危険 | quicksketch | - | Drupal 用の FileField モジュールにおける許可されていないファイルにアクセスされる脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3781 | 2012-12-20 19:28 | 2009-10-21 | Show | GitHub Exploit DB Packet Storm |
| 226120 | 4.3 | 警告 | stefan auditor | - | Drupal 用の vCard モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3779 | 2012-12-20 19:28 | 2009-10-21 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 11, 2026, 4:09 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 211301 | 9.8 |
CRITICAL
Network |
qualcomm |
aqt1000_firmware ar8031_firmware ar8035_firmware csr8811_firmware csra6620_firmware csra6640_firmware ipq5010_firmware ipq5018_firmware ipq6000_firmware ipq6005_firmware
Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly vali…
|
CWE-787 |
CWE-129 Out-of-bounds Write Improper Validation of Array Index
CVE-2020-11134
|
2024-11-21 13:56 |
2021-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 211302 | 9.1 |
CRITICAL
Network |
qualcomm |
apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware ar9380_firmware csr8811_firmware csra6620_firmware csra6640_firmware ipq4018_firmware ipq4028_firmware
Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Co…
|
CWE-125
|
Out-of-bounds Read
CVE-2020-11126
|
2024-11-21 13:56 |
2021-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 211303 | 7.1 |
HIGH
Network |
infinispan redhat netapp |
infinispan-server-rest data_grid oncommand_insight |
A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. This flaw allows an attacker to perform a cross-site reques… | - | CVE-2020-10771 | 2024-11-21 13:56 | 2021-06-2 | Show | GitHub Exploit DB Packet Storm |
| 211304 | 5.5 |
MEDIUM
Local |
linux | linux_kernel | A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to re… | - | CVE-2020-10774 | 2024-11-21 13:56 | 2021-05-28 | Show | GitHub Exploit DB Packet Storm |
| 211305 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8017_firmware aqt1000_firmware ar8035_firmware csrb31024_firmware msm8917_firmware pm215_firmware pm3003a_firmware pm4125_firmware pm4250_firmware pm439_firmware pm45… |
Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdrag… |
CWE-129
Improper Validation of Array Index |
CVE-2020-11163 | 2024-11-21 13:56 | 2021-02-22 | Show | GitHub Exploit DB Packet Storm |
| 211306 | 6.7 |
MEDIUM
Local |
qualcomm |
aqt1000_firmware pm3003a_firmware pm456_firmware pm6125_firmware pm6150_firmware pm6150a_firmware pm6150l_firmware pm6250_firmware pm6350_firmware pm660_firmware pm660a_… |
Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile |
CWE-416
Use After Free |
CVE-2020-11147 | 2024-11-21 13:56 | 2021-02-22 | Show | GitHub Exploit DB Packet Storm |
| 211307 | 5.3 |
MEDIUM
Network |
zulip | zulip_desktop | Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler. |
CWE-862
Missing Authorization |
CVE-2020-10858 | 2024-11-21 13:56 | 2021-02-6 | Show | GitHub Exploit DB Packet Storm |
| 211308 | 9.8 |
CRITICAL
Network |
zulip | zulip_desktop | Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution. |
NVD-CWE-noinfo
|
CVE-2020-10857 | 2024-11-21 13:56 | 2021-02-6 | Show | GitHub Exploit DB Packet Storm |
| 211309 | 7.5 |
HIGH
Network |
qualcomm |
apq8009_firmware apq8017_firmware apq8053_firmware apq8076_firmware apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware ar8151_firmware ar9380_firmware c… |
Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Con… |
CWE-20 CWE-125 Improper Input Validation Out-of-bounds Read |
CVE-2020-11119 | 2024-11-21 13:56 | 2021-01-21 | Show | GitHub Exploit DB Packet Storm |
| 211310 | 6.4 |
MEDIUM
Local |
qualcomm |
msm8909w sdm630 qca6174a qca6574au qca6584au qca9377 msm8976 msm8937 msm8952 apq8096au msm8996au msm8917 sd450 sd835 sdx24 qcs605 sd855 qcs405 ap… |
Race condition in HAL layer while processing callback objects received from HIDL due to lack of synchronization between accessing objects in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer I… |
CWE-362
Race Condition |
CVE-2020-11152 | 2024-11-21 13:56 | 2021-01-21 | Show | GitHub Exploit DB Packet Storm |