Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 13, 2026, 2 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 228001 | 7.8 | 危険 | シスコシステムズ | - | Cisco IOS の VRF-aware NAT 機能におけるサービス運用妨害 (メモリ消費) の脆弱性 |
CWE-362
競合状態 |
CVE-2013-1142 | 2013-04-23 17:13 | 2013-03-27 | Show | GitHub Exploit DB Packet Storm |
| 228002 | 6.4 | 警告 | Ruby on Rails project | - | Ruby on Rails の Active Record コンポーネントにおけるデータ型インジェクション攻撃を実行される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2013-3221 | 2013-04-23 17:12 | 2013-04-22 | Show | GitHub Exploit DB Packet Storm |
| 228003 | 4.9 | 警告 | Linux | - | Linux Kernel の net/vmw_vsock/af_vsock.c における重要な情報を取得される脆弱性 |
CWE-200 CWE-DesignError |
CVE-2013-3237 | 2013-04-23 16:32 | 2013-04-7 | Show | GitHub Exploit DB Packet Storm |
| 228004 | 4.9 | 警告 | Linux | - | Linux Kernel の net/vmw_vsock/vmci_transport.c における重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2013-3236 | 2013-04-23 16:32 | 2013-04-7 | Show | GitHub Exploit DB Packet Storm |
| 228005 | 10 | 危険 | 日立 | - | Hitachi IT Operations Director におけるバッファオーバーフローの脆弱性 |
CWE-noinfo
情報不足 |
- | 2013-04-23 15:12 | 2013-04-19 | Show | GitHub Exploit DB Packet Storm |
| 228006 | 10 | 危険 | Opera Software ASA | - | Opera における脆弱性 |
CWE-noinfo
情報不足 |
CVE-2013-3211 | 2013-04-23 15:08 | 2013-04-4 | Show | GitHub Exploit DB Packet Storm |
| 228007 | 5 | 警告 | Opera Software ASA | - | Opera における重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2013-3210 | 2013-04-23 15:07 | 2013-04-4 | Show | GitHub Exploit DB Packet Storm |
| 228008 | 4.9 | 警告 | Puppet Canonical |
- | Puppet における任意のカタログを読まれる脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2013-1652 | 2013-04-23 13:54 | 2013-03-12 | Show | GitHub Exploit DB Packet Storm |
| 228009 | 6.8 | 警告 | Lester Chan | - | WordPress 用 WP-DownloadManager プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2013-2697 | 2013-04-23 12:23 | 2013-04-5 | Show | GitHub Exploit DB Packet Storm |
| 228010 | 4.3 | 警告 | Novell | - | Novell GroupWise の WebAccess におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2013-1086 | 2013-04-23 12:14 | 2013-04-16 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 13, 2026, 4:20 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 194991 | 4.9 |
MEDIUM
Network |
asus |
asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmwa… |
The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can use t… |
CWE-22
Path Traversal |
CVE-2021-28207 | 2024-11-21 14:59 | 2021-04-6 | Show | GitHub Exploit DB Packet Storm |
| 194992 | 4.9 |
MEDIUM
Network |
asus |
asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmwa… |
The specific function in ASUS BMC’s firmware Web management page (Record video file function) does not filter the specific parameter. As obtaining the administrator permission, remote attackers can u… |
CWE-22
Path Traversal |
CVE-2021-28206 | 2024-11-21 14:59 | 2021-04-6 | Show | GitHub Exploit DB Packet Storm |
| 194993 | 7.2 |
HIGH
Network |
asus |
z10pr-d16_firmware asmb8-ikvm_firmware z10pe-d16_ws_firmware |
The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the specific parameter. As obtaining the administrator permission, remote attackers can launch command inje… |
CWE-78
OS Command |
CVE-2021-28203 | 2024-11-21 14:59 | 2021-04-6 | Show | GitHub Exploit DB Packet Storm |
| 194994 | 4.9 |
MEDIUM
Network |
asus |
asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmwa… |
The Service configuration-2 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the priv… |
CWE-120
Classic Buffer Overflow |
CVE-2021-28202 | 2024-11-21 14:59 | 2021-04-6 | Show | GitHub Exploit DB Packet Storm |
| 194995 | 4.9 |
MEDIUM
Network |
asus |
z10pr-d16_firmware asmb8-ikvm_firmware z10pe-d16_ws_firmware |
The SMTP configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privilege… |
CWE-120
Classic Buffer Overflow |
CVE-2021-28189 | 2024-11-21 14:59 | 2021-04-6 | Show | GitHub Exploit DB Packet Storm |
| 194996 | 4.9 |
MEDIUM
Network |
asus |
z10pr-d16_firmware asmb8-ikvm_firmware z10pe-d16_ws_firmware |
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.… |
CWE-120
Classic Buffer Overflow |
CVE-2021-28188 | 2024-11-21 14:59 | 2021-04-6 | Show | GitHub Exploit DB Packet Storm |
| 194997 | 4.9 |
MEDIUM
Network |
asus |
z10pr-d16_firmware asmb8-ikvm_firmware z10pe-d16_ws_firmware |
The specific function in ASUS BMC’s firmware Web management page (Generate new SSL certificate) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As ob… |
CWE-120
Classic Buffer Overflow |
CVE-2021-28187 | 2024-11-21 14:59 | 2021-04-6 | Show | GitHub Exploit DB Packet Storm |
| 194998 | 4.9 |
MEDIUM
Network |
asus |
asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmwa… |
The Service configuration-1 function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the priv… |
CWE-120
Classic Buffer Overflow |
CVE-2021-28201 | 2024-11-21 14:59 | 2021-04-6 | Show | GitHub Exploit DB Packet Storm |
| 194999 | 4.9 |
MEDIUM
Network |
asus |
asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmwa… |
The CD media configuration function in ASUS BMC’s firmware Web management page does not verify the string length entered by users, resulting in a Buffer overflow vulnerability. As obtaining the privi… |
CWE-120
Classic Buffer Overflow |
CVE-2021-28200 | 2024-11-21 14:59 | 2021-04-6 | Show | GitHub Exploit DB Packet Storm |
| 195000 | 4.9 |
MEDIUM
Network |
asus |
asmb9-ikvm_firmware rs720a-e9-rs24-e_firmware rs700a-e9-rs4_firmware rs700-e9-rs4_firmware esc4000_g4x_firmware rs700-e9-rs12_firmware rs100-e10-pi2_firmware rs300-e10-ps4_firmwa… |
The specific function in ASUS BMC’s firmware Web management page (Modify user’s information function) does not verify the string length entered by users, resulting in a Buffer overflow vulnerability.… |
CWE-120
Classic Buffer Overflow |
CVE-2021-28199 | 2024-11-21 14:59 | 2021-04-6 | Show | GitHub Exploit DB Packet Storm |