Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 14, 2026, 4 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 226791 | 4.4 | 警告 | サン・マイクロシステムズ | - | SRSS の utaudiod デーモンにおける任意のユーザのセッションへアクセスされる脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-2491 | 2012-12-20 19:10 | 2009-07-14 | Show | GitHub Exploit DB Packet Storm |
| 226792 | 1.9 | 注意 | サン・マイクロシステムズ | - | SRSS の utaudiod デーモンにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-2490 | 2012-12-20 19:10 | 2009-07-14 | Show | GitHub Exploit DB Packet Storm |
| 226793 | 2.1 | 注意 | サン・マイクロシステムズ | - | SRSS の utdmsession プログラムにおける任意のユーザのセッションへアクセスされる脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-2489 | 2012-12-20 19:10 | 2009-07-14 | Show | GitHub Exploit DB Packet Storm |
| 226794 | 9.3 | 危険 | tingan | - | HT-MP3Player におけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-2485 | 2012-12-20 19:10 | 2009-07-16 | Show | GitHub Exploit DB Packet Storm |
| 226795 | 9.3 | 危険 | VideoLAN | - | VideoLAN VLC Media Player の modules/access/smb.c におけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-2484 | 2012-12-20 19:10 | 2009-07-16 | Show | GitHub Exploit DB Packet Storm |
| 226796 | 5.4 | 警告 | サン・マイクロシステムズ | - | Sun Fire V215 サーバにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-2458 | 2012-12-20 19:10 | 2009-07-13 | Show | GitHub Exploit DB Packet Storm |
| 226797 | 7.2 | 危険 | tallemu | - | Tall Emu Online Armor Personal Firewall AV+ などの OAmon.sys kernel driver における権限を取得される脆弱性 |
CWE-119
バッファエラー |
CVE-2009-2450 | 2012-12-20 19:10 | 2009-07-13 | Show | GitHub Exploit DB Packet Storm |
| 226798 | 5 | 警告 | siteframe | - | Siteframe における設定情報を取得される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-2443 | 2012-12-20 19:10 | 2009-07-13 | Show | GitHub Exploit DB Packet Storm |
| 226799 | 7.5 | 危険 | web development house | - | Web Development House Alibaba Clone における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2439 | 2012-12-20 19:10 | 2009-07-13 | Show | GitHub Exploit DB Packet Storm |
| 226800 | 4.3 | 警告 | rentventory | - | Rentventory の index.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-2437 | 2012-12-20 19:10 | 2009-07-13 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 14, 2026, 4 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 201091 | 8.1 |
HIGH
Network |
fasterxml netapp debian oracle |
jackson-databind cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management com… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to com.newrelic.agent.deps.ch.qos.logback.core.db.JNDIConnectionSource. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36188 | 2024-11-21 14:28 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 201092 | 8.1 |
HIGH
Network |
fasterxml netapp debian oracle |
jackson-databind cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management com… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.SharedPoolDataSource. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36187 | 2024-11-21 14:28 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 201093 | 8.1 |
HIGH
Network |
fasterxml netapp debian oracle |
jackson-databind cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management com… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.datasources.PerUserPoolDataSource. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36186 | 2024-11-21 14:28 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 201094 | 8.1 |
HIGH
Network |
fasterxml netapp debian oracle |
jackson-databind cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management com… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.SharedPoolDataSource. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36185 | 2024-11-21 14:28 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 201095 | 8.1 |
HIGH
Network |
netapp debian oracle fasterxml |
cloud_backup service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management communications_billing_… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp2.datasources.PerUserPoolDataSource. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36184 | 2024-11-21 14:28 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 201096 | 8.1 |
HIGH
Network |
netapp debian oracle fasterxml |
service_level_manager debian_linux webcenter_portal primavera_unifier application_testing_suite agile_plm communications_policy_management communications_billing_and_revenue_mana… |
FasterXML jackson-databind 2.x before 2.9.10.8 mishandles the interaction between serialization gadgets and typing, related to org.apache.tomcat.dbcp.dbcp.cpdsadapter.DriverAdapterCPDS. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-36181 | 2024-11-21 14:28 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 201097 | 9.8 |
CRITICAL
Network |
tp-link | tl-wr840n_firmware | oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command injection because a raw string entered from the web interface (an IP address field) is used directly for… |
CWE-78
OS Command |
CVE-2020-36178 | 2024-11-21 14:28 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 201098 | 9.8 |
CRITICAL
Network |
wolfssl | wolfssl | RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size. |
CWE-787
Out-of-bounds Write |
CVE-2020-36177 | 2024-11-21 14:28 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 201099 | 7.5 |
HIGH
Network |
ithemes | ithemes_security | The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs. |
CWE-287
Improper Authentication |
CVE-2020-36176 | 2024-11-21 14:28 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |
| 201100 | 5.3 |
MEDIUM
Network |
ninjaforms | ninja_forms | The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via the email field. |
CWE-20
Improper Input Validation |
CVE-2020-36175 | 2024-11-21 14:28 | 2021-01-7 | Show | GitHub Exploit DB Packet Storm |