Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 22, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 228151 | 7.5 | 危険 | yasinkaplan | - | TekRADIUS における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2359 | 2012-12-20 19:10 | 2009-07-7 | Show | GitHub Exploit DB Packet Storm |
| 228152 | 4.6 | 警告 | yasinkaplan | - | TekRADIUS における難読化したデータベース資格情報を取得される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2009-2358 | 2012-12-20 19:10 | 2009-07-7 | Show | GitHub Exploit DB Packet Storm |
| 228153 | 10 | 危険 | yasinkaplan | - | TekRADIUS のデフォルト設定におけるデータベースへのアクセス権限を取得される脆弱性 |
CWE-16
環境設定 |
CVE-2009-2357 | 2012-12-20 19:10 | 2009-07-7 | Show | GitHub Exploit DB Packet Storm |
| 228154 | 4 | 警告 | dan cahill | - | NullLogic Groupware のフォーラムモジュールにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-2355 | 2012-12-20 19:10 | 2009-07-7 | Show | GitHub Exploit DB Packet Storm |
| 228155 | 9 | 危険 | Sourcefire | - | Sourcefire DC および 3D Sensor の Web ベースの管理インターフェースにおける権限を取得される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-2344 | 2012-12-20 19:10 | 2009-07-7 | Show | GitHub Exploit DB Packet Storm |
| 228156 | 4.3 | 警告 | Zoph | - | Zoph の people.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-2343 | 2012-12-20 19:10 | 2009-07-7 | Show | GitHub Exploit DB Packet Storm |
| 228157 | 7.5 | 危険 | shalwan | - | Opial の albumdetail.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2341 | 2012-12-20 19:10 | 2009-07-7 | Show | GitHub Exploit DB Packet Storm |
| 228158 | 7.5 | 危険 | rentventory | - | Rentventory の index.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2339 | 2012-12-20 19:10 | 2009-07-7 | Show | GitHub Exploit DB Packet Storm |
| 228159 | 6.8 | 警告 | w3bcms | - | w3b|cms Gaestebuch Guestbook Module の includes/module/book/index.inc.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2337 | 2012-12-20 19:10 | 2009-07-7 | Show | GitHub Exploit DB Packet Storm |
| 228160 | 5 | 警告 | WordPress.org | - | WordPress および WordPress MU における有効なユーザ名を列挙される脆弱性 |
CWE-16
環境設定 |
CVE-2009-2336 | 2012-12-20 19:10 | 2009-07-10 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 22, 2026, 4:08 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 221111 | 7.8 |
HIGH
Local |
android | In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional exec… |
CWE-20 CWE-89 Improper Input Validation SQL Injection |
CVE-2019-2195 | 2024-11-21 13:40 | 2019-11-14 | Show | GitHub Exploit DB Packet Storm | |
| 221112 | 7.8 |
HIGH
Local |
android | In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Adm… |
CWE-269
Improper Privilege Management |
CVE-2019-2193 | 2024-11-21 13:40 | 2019-11-14 | Show | GitHub Exploit DB Packet Storm | |
| 221113 | 7.8 |
HIGH
Local |
android | In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed… |
CWE-20
Improper Input Validation |
CVE-2019-2192 | 2024-11-21 13:40 | 2019-11-14 | Show | GitHub Exploit DB Packet Storm | |
| 221114 | 9.8 |
CRITICAL
Network |
android | In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges… |
NVD-CWE-noinfo
|
CVE-2019-2036 | 2024-11-21 13:40 | 2019-11-14 | Show | GitHub Exploit DB Packet Storm | |
| 221115 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs405_firmware qcs605_firmware
Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,…
|
CWE-787
|
Out-of-bounds Write
CVE-2019-2332
|
2024-11-21 13:40 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 221116 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs405_firmware qcs605_firmware
Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industri…
|
CWE-190
|
Integer Overflow or Wraparound
CVE-2019-2331
|
2024-11-21 13:40 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 221117 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs405_firmware qcs605_firmware qualcomm_215_firmw… |
Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial… |
CWE-129
Improper Validation of Array Index |
CVE-2019-2325 | 2024-11-21 13:40 | 2019-11-7 | Show | GitHub Exploit DB Packet Storm |
| 221118 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware sd_210_firmware sd_212_firmware sd_205_firmware s… |
When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary access in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Co… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2019-2324 | 2024-11-21 13:40 | 2019-11-7 | Show | GitHub Exploit DB Packet Storm |
| 221119 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs405_firmware qcs605_firmware qualcomm_215_firmw… |
Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon… |
CWE-1187
Use of Uninitialized Resource |
CVE-2019-2323 | 2024-11-21 13:40 | 2019-11-7 | Show | GitHub Exploit DB Packet Storm |
| 221120 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8017_firmware apq8053_firmware apq8096au_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8905_firmware msm8909_firmware… |
While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connecti… |
CWE-787 CWE-190 Out-of-bounds Write Integer Overflow or Wraparound |
CVE-2019-2302 | 2024-11-21 13:40 | 2019-11-7 | Show | GitHub Exploit DB Packet Storm |