Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 1, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 227941 | 10 | 危険 | リアルネットワークス | - | Helix DNA Server の RTSP サービスにおけるヒープベースのバッファオーバーフローの脆弱性 |
CWE-119 CWE-20 |
CVE-2007-4561 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 227942 | 6.8 | 警告 | Python Software Foundation | - | Python の tarfile モジュールにおけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2007-4559 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 227943 | 4.3 | 警告 | Tiki Software Community Association | - | Tikiwiki の tiki-remind_password.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2007-4554 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 227944 | 5 | 警告 | Thomson | - | Thomson ST 2030 SIP 電話機におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2007-4553 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 227945 | 4.3 | 警告 | symantec veritas | - | Windows 用の Symantec Veritas Storage Foundation におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2007-4516 | 2012-12-20 18:33 | 2008-02-20 | Show | GitHub Exploit DB Packet Storm |
| 227946 | 4.3 | 警告 | x-diesel | - | Unreal Commander における重要な情報 (メモリコンテンツ) を取得される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2007-4547 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 227947 | 5.8 | 警告 | x-diesel | - | Unreal Commander におけるユーザに危険なファイルを上書きまたは作成させる脆弱性 |
CWE-DesignError
|
CVE-2007-4546 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 227948 | 6.8 | 警告 | x-diesel | - | Unreal Commander におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2007-4545 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 227949 | 4.3 | 警告 | WordPress.org | - | WordPress MU の wp-newblog.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2007-4544 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
| 227950 | 4.3 | 警告 | university of minnesota | - | MapServer におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2007-4542 | 2012-12-20 18:33 | 2007-08-27 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 1, 2026, 4:54 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 197241 | 9.8 |
CRITICAL
Network |
usavisionsys |
geovision_gv-as210_firmware geovision_gv-as410_firmware geovision_gv-as810_firmware geovision_gv-as1010_firmware geovision_gv-gf192x_firmware |
GeoVision Door Access Control device family is hardcoded with a root password, which adopting an identical password in all devices. |
CWE-798
Use of Hard-coded Credentials |
CVE-2020-3928 | 2024-11-21 14:31 | 2020-06-12 | Show | GitHub Exploit DB Packet Storm |
| 197242 | 6.5 |
MEDIUM
Network |
apple | mac_os_x | This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. Importing a maliciously crafted calendar invitation may exfiltrate user information. |
NVD-CWE-noinfo
|
CVE-2020-3882 | 2024-11-21 14:31 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 197243 | 7.0 |
HIGH
Local |
qualcomm |
apq8009_firmware apq8053_firmware msm8909w_firmware msm8917_firmware msm8953_firmware qcs605_firmware qm215_firmware sa415m_firmware sdm429_firmware sdm429w_firmware sdm… |
A race condition can occur when using the fastrpc memory mapping API. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearabl… |
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition |
CVE-2020-3680 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 197244 | 7.8 |
HIGH
Local |
qualcomm |
sm8250_firmware sxr2130_firmware |
When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SX… |
CWE-120
Classic Buffer Overflow |
CVE-2020-3625 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 197245 | 7.8 |
HIGH
Local |
qualcomm |
sm8250_firmware sxr2130_firmware |
kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130 |
CWE-20
Improper Input Validation |
CVE-2020-3623 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 197246 | 7.8 |
HIGH
Local |
qualcomm |
qca8081_firmware sc8180x_firmware ipq6018_firmware ipq8074_firmware sxr2130_firmware |
NULL exception due to accessing bad pointer while posting events on RT FIFO in Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, QCA8081, SC81… |
CWE-416
Use After Free |
CVE-2020-3618 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 197247 | 7.5 |
HIGH
Network |
qualcomm |
ipq6018_firmware ipq8074_firmware kamorta_firmware nicobar_firmware qca6390_firmware qca8081_firmware qcs404_firmware qcs405_firmware rennell_firmware sc7180_firmware sc… |
Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronic… |
CWE-617
Reachable Assertion |
CVE-2020-3645 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 197248 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8009_firmware apq8053_firmware apq8096au_firmware apq8098_firmware kamorta_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware msm8905_firmware msm8909w_firmwar… |
Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IO… |
CWE-190
Integer Overflow or Wraparound |
CVE-2020-3641 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 197249 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8009_firmware apq8053_firmware apq8096au_firmware apq8098_firmware kamorta_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware msm8905_firmware msm8909w_firmwar… |
Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, S… |
CWE-129
Improper Validation of Array Index |
CVE-2020-3633 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 197250 | 7.8 |
HIGH
Local |
qualcomm |
apq8009_firmware apq8053_firmware apq8096au_firmware apq8098_firmware kamorta_firmware mdm9150_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware mdm9640_firmware… |
Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I… |
CWE-129
Improper Validation of Array Index |
CVE-2020-3630 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |