Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 23, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 227711 | 6 | 警告 | s9y | - | Serendipity における任意のコードを実行される脆弱性 |
CWE-Other
その他 |
CVE-2009-4412 | 2012-12-20 19:28 | 2009-12-21 | Show | GitHub Exploit DB Packet Storm |
| 227712 | 3.7 | 注意 | xfs | - | XFS acl の setfacl および getfacl コマンドにおける任意のファイルなど対する ACL を変更される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-4411 | 2012-12-20 19:28 | 2009-12-24 | Show | GitHub Exploit DB Packet Storm |
| 227713 | 4.3 | 警告 | pyforum | - | PyForum および zForum の models.parser におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4408 | 2012-12-20 19:28 | 2009-12-23 | Show | GitHub Exploit DB Packet Storm |
| 227714 | 6.8 | 警告 | pyforum | - | PyForum などにおけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2009-4407 | 2012-12-20 19:28 | 2009-12-23 | Show | GitHub Exploit DB Packet Storm |
| 227715 | 4.3 | 警告 | rumbacms | - | Rumba XML の index.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4403 | 2012-12-20 19:28 | 2009-12-23 | Show | GitHub Exploit DB Packet Storm |
| 227716 | 7.5 | 危険 | sql-ledger | - | SQL-Ledger の初期設定における管理操作を実行される脆弱性 |
CWE-16
環境設定 |
CVE-2009-4402 | 2012-12-20 19:28 | 2009-12-23 | Show | GitHub Exploit DB Packet Storm |
| 227717 | 7.5 | 危険 | fr.simon rundell TYPO3 Association |
- | TYPO3 用の Portsmouth Resources Database エクステンションにおける SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-4396 | 2012-12-20 19:28 | 2009-12-22 | Show | GitHub Exploit DB Packet Storm |
| 227718 | 7.5 | 危険 | TYPO3 Association | - | TYPO3 用の XDS Staff List エクステンションにおける SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-4392 | 2012-12-20 19:28 | 2009-12-22 | Show | GitHub Exploit DB Packet Storm |
| 227719 | 5 | 警告 | robert puntigam | - | TYPO3 用の watchdog エクステンションにおける重要な情報を取得される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-4389 | 2012-12-20 19:28 | 2009-12-22 | Show | GitHub Exploit DB Packet Storm |
| 227720 | 6.8 | 警告 | Scriptsez.net | - | Scriptsez.net EPH におけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2009-4385 | 2012-12-20 19:28 | 2009-12-22 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 23, 2026, 4:08 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 195561 | 7.5 |
HIGH
Network |
qualcomm |
ar7420_firmware ar9380_firmware csr8811_firmware ipq4018_firmware ipq4019_firmware ipq4028_firmware ipq4029_firmware ipq8064_firmware ipq8065_firmware ipq8069_firmware i… |
An assertion can be reached in the WLAN subsystem while using the Wi-Fi Fine Timing Measurement protocol in Snapdragon Wired Infrastructure and Networking |
CWE-617
Reachable Assertion |
CVE-2021-1887 | 2024-11-21 14:45 | 2021-07-13 | Show | GitHub Exploit DB Packet Storm |
| 195562 | 7.5 |
HIGH
Network |
qualcomm |
aqt1000_firmware ar8031_firmware ar8035_firmware ar9380_firmware csr8811_firmware csra6620_firmware csra6640_firmware csrb31024_firmware fsm10055_firmware ipq4018_firmware<… |
Possible assertion due to improper verification while creating and deleting the peer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Sna… |
CWE-617
Reachable Assertion |
CVE-2021-1938 | 2024-11-21 14:45 | 2021-07-13 | Show | GitHub Exploit DB Packet Storm |
| 195563 | 7.8 |
HIGH
Local |
qualcomm |
apq8017_firmware apq8037_firmware apq8053_firmware apq8064au_firmware apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware csra6620_firmware csra6640_firmwar… |
Improper length check of public exponent in RSA import key function could cause memory corruption. in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon… |
CWE-787
Out-of-bounds Write |
CVE-2021-1890 | 2024-11-21 14:45 | 2021-07-13 | Show | GitHub Exploit DB Packet Storm |
| 195564 | 7.8 |
HIGH
Local |
qualcomm |
apq8017_firmware apq8037_firmware apq8053_firmware apq8064au_firmware apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware csra6620_firmware csra6640_firmwar… |
Possible buffer overflow due to lack of length check in Trusted Application in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdr… |
CWE-120
Classic Buffer Overflow |
CVE-2021-1889 | 2024-11-21 14:45 | 2021-07-13 | Show | GitHub Exploit DB Packet Storm |
| 195565 | 7.8 |
HIGH
Local |
qualcomm |
apq8017_firmware apq8037_firmware apq8053_firmware apq8064au_firmware apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware csra6620_firmware csra6640_firmwar… |
Memory corruption in key parsing and import function due to double freeing the same heap allocation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdrago… |
CWE-415
Double Free |
CVE-2021-1888 | 2024-11-21 14:45 | 2021-07-13 | Show | GitHub Exploit DB Packet Storm |
| 195566 | 7.8 |
HIGH
Local |
qualcomm |
apq8017_firmware apq8037_firmware apq8053_firmware apq8064au_firmware apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware csra6620_firmware csra6640_firmwar… |
Incorrect handling of pointers in trusted application key import mechanism could cause memory corruption in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snap… |
CWE-787
Out-of-bounds Write |
CVE-2021-1886 | 2024-11-21 14:45 | 2021-07-13 | Show | GitHub Exploit DB Packet Storm |
| 195567 | 8.1 |
HIGH
Adjacent |
sonicwall | switch | Multiple Out-of-Bound read vulnerability in SonicWall Switch when handling LLDP Protocol allows an attacker to cause a system instability or potentially read sensitive information from the memory loc… |
CWE-125
Out-of-bounds Read |
CVE-2021-20024 | 2024-11-21 14:45 | 2021-07-10 | Show | GitHub Exploit DB Packet Storm |
| 195568 | 5.4 |
MEDIUM
Adjacent |
sloan |
optima_eaf-100_firmware optima_eaf-150_firmware optima_eaf-200_firmware optima_eaf-225_firmware optima_eaf-250_firmware optima_eaf-275_firmware optima_eaf-350_firmware optima_eaf… |
There exists an unauthenticated BLE Interface in Sloan SmartFaucets including Optima EAF, Optima ETF/EBF, BASYS EFX, and Flushometers including SOLIS. The vulnerability allows for unauthenticated kin… |
CWE-306
Missing Authentication for Critical Function |
CVE-2021-20107 | 2024-11-21 14:45 | 2021-06-30 | Show | GitHub Exploit DB Packet Storm |
| 195569 | 6.7 |
MEDIUM
Local |
tenable | nessus | Nessus versions 8.13.2 and earlier were found to contain a privilege escalation vulnerability which could allow a Nessus administrator user to upload a specially crafted file that could lead to gaini… |
NVD-CWE-noinfo
|
CVE-2021-20079 | 2024-11-21 14:45 | 2021-06-30 | Show | GitHub Exploit DB Packet Storm |
| 195570 | 6.1 |
MEDIUM
Network |
machform | machform | Machform prior to version 16 is vulnerable to an open redirect in Safari_init.php due to an improperly sanitized 'ref' parameter. |
CWE-601
Open Redirect |
CVE-2021-20105 | 2024-11-21 14:45 | 2021-06-30 | Show | GitHub Exploit DB Packet Storm |