Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 8, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 228171 | 9.3 | 危険 | マイクロソフト | - | Microsoft .NET Framework の S.DS.P 名前空間メソッドにおけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2013-0003 | 2013-01-16 15:01 | 2013-01-8 | Show | GitHub Exploit DB Packet Storm |
| 228172 | 7.8 | 危険 | マイクロソフト | - | Microsoft .NET Framework および Windows Server 2012 におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2013-0005 | 2013-01-16 14:59 | 2013-01-8 | Show | GitHub Exploit DB Packet Storm |
| 228173 | 3.5 | 注意 | OpenStack | - | OpenStack Keystone における承認の制限を回避される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2012-5571 | 2013-01-16 14:44 | 2012-11-28 | Show | GitHub Exploit DB Packet Storm |
| 228174 | 5.8 | 警告 | Orchard Project | - | Orchard の Users/Account/LogOff におけるオープンリダイレクトの脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-5252 | 2013-01-16 14:31 | 2011-12-21 | Show | GitHub Exploit DB Packet Storm |
| 228175 | 4.3 | 警告 | レッドハット | - | JBoss Application Server 用 IronJacamar コンテナにおけるアクセス権を取得される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2012-3428 | 2013-01-15 17:56 | 2012-08-2 | Show | GitHub Exploit DB Packet Storm |
| 228176 | 2.1 | 注意 | オラクル | - | Oracle Mojarra におけるコンテキスト情報を取得される脆弱性 |
CWE-DesignError
|
CVE-2012-2672 | 2013-01-15 17:54 | 2012-06-17 | Show | GitHub Exploit DB Packet Storm |
| 228177 | 10 | 危険 | Apache Software Foundation | - | Apache CXF における脆弱性 |
CWE-noinfo
情報不足 |
CVE-2012-2379 | 2013-01-15 17:53 | 2012-05-14 | Show | GitHub Exploit DB Packet Storm |
| 228178 | 4.3 | 警告 | Apache Software Foundation | - | Apache HTTP Server の mod_negotiation モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2008-0455 | 2013-01-15 17:51 | 2008-01-24 | Show | GitHub Exploit DB Packet Storm |
| 228179 | 4.4 | 警告 | rssh | - | rssh におけるシェルのアクセス制限を回避される脆弱性 |
CWE-Other
その他 |
CVE-2012-2252 | 2013-01-15 14:59 | 2012-11-27 | Show | GitHub Exploit DB Packet Storm |
| 228180 | 4.4 | 警告 | rssh | - | Debian および Fedora で使用される rssh におけるシェルのアクセス制限を回避される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2012-2251 | 2013-01-15 14:58 | 2013-01-11 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 9, 2026, 4:16 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 194471 | 9.8 |
CRITICAL
Network |
hello.js_project | hello.js | Prototype pollution vulnerability in MrSwitch hello.js version 1.18.6, allows remote attackers to execute arbitrary code via hello.utils.extend function. |
CWE-1321
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') |
CVE-2021-26505 | 2024-11-21 14:56 | 2023-08-11 | Show | GitHub Exploit DB Packet Storm |
| 194472 | 7.5 |
HIGH
Network |
dgtl | huemagic | Directory Traversal vulnerability in Foddy node-red-contrib-huemagic version 3.0.0, allows remote attackers to gain sensitive information via crafted request in res.sendFile API in hue-magic.js. |
CWE-22
Path Traversal |
CVE-2021-26504 | 2024-11-21 14:56 | 2023-08-11 | Show | GitHub Exploit DB Packet Storm |
| 194473 | 7.5 |
HIGH
Network |
amd |
epyc_7232p_firmware epyc_7252_firmware epyc_7262_firmware epyc_7272_firmware epyc_7282_firmware epyc_7302_firmware epyc_7302p_firmware epyc_7352_firmware epyc_7402_firmware
Insufficient validation in parsing Owner's
Certificate Authority (OCA) certificates in SEV (AMD Secure Encrypted Virtualization)
and SEV-ES user application can lead to a host crash potentially resul…
|
NVD-CWE-noinfo
|
CVE-2021-26406
|
2024-11-21 14:56 |
2023-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 194474 | 7.1 |
HIGH
Local |
amd |
epyc_72f3_firmware epyc_7313_firmware epyc_7313p_firmware epyc_7343_firmware epyc_7373x_firmware epyc_73f3_firmware epyc_7413_firmware epyc_7443_firmware epyc_7443p_firmware
Insufficient address validation, may allow an
attacker with a compromised ABL and UApp to corrupt sensitive memory locations
potentially resulting in a loss of integrity or availability.
|
NVD-CWE-noinfo
|
CVE-2021-26397
|
2024-11-21 14:56 |
2023-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 194475 | 9.8 |
CRITICAL
Network |
amd |
epyc_72f3_firmware epyc_7313_firmware epyc_7313p_firmware epyc_7343_firmware epyc_7373x_firmware epyc_73f3_firmware epyc_7413_firmware epyc_7443_firmware epyc_7443p_firmware
Insufficient input validation of mailbox data in the
SMU may allow an attacker to coerce the SMU to corrupt SMRAM, potentially
leading to a loss of integrity and privilege escalation.
|
NVD-CWE-noinfo
|
CVE-2021-26379
|
2024-11-21 14:56 |
2023-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 194476 | 5.5 |
MEDIUM
Local |
amd |
epyc_7773x_firmware epyc_7763_firmware epyc_7713p_firmware epyc_7713_firmware epyc_7663_firmware epyc_7643_firmware epyc_75f3_firmware epyc_7573x_firmware epyc_7543p_firmware<… |
A compromised or malicious ABL or UApp could send a SHA256 system call to the bootloader, which may result in exposure of ASP memory to userspace, potentially leading to information disclosure. … |
NVD-CWE-noinfo
|
CVE-2021-26371 | 2024-11-21 14:56 | 2023-05-10 | Show | GitHub Exploit DB Packet Storm |
| 194477 | 8.2 |
HIGH
Network |
amd |
ryzen_5_2400g_firmware ryzen_5_2400ge_firmware ryzen_3_2200ge_firmware ryzen_3_2200g_firmware ryzen_3_pro_2100ge_firmware ryzen_9_5900x_firmware ryzen_9_5950x_firmware ryzen_9_59… |
Certain size values in firmware binary headers could trigger out of bounds reads during signature validation, leading to denial of service or potentially limited leakage of information about out-of-b… |
CWE-125
Out-of-bounds Read |
CVE-2021-26365 | 2024-11-21 14:56 | 2023-05-10 | Show | GitHub Exploit DB Packet Storm |
| 194478 | 7.4 |
HIGH
Network |
amd |
epyc_7001_firmware epyc_7251_firmware epyc_7261_firmware epyc_7281_firmware epyc_7301_firmware epyc_7351_firmware epyc_7351p_firmware epyc_7371_firmware epyc_7401_firmware … |
A TOCTOU in ASP bootloader may allow an attacker to tamper with the SPI ROM following data read to memory potentially resulting in S3 data corruption and information disclosure. |
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition |
CVE-2021-26356 | 2024-11-21 14:56 | 2023-05-10 | Show | GitHub Exploit DB Packet Storm |
| 194479 | 5.5 |
MEDIUM
Local |
amd |
epyc_7773x_firmware epyc_7763_firmware epyc_7713p_firmware epyc_7713_firmware epyc_7663_firmware epyc_7643_firmware epyc_75f3_firmware epyc_7573x_firmware epyc_7543p_firmware<… |
Insufficient bounds checking in ASP may allow an attacker to issue a system call from a compromised ABL which may cause arbitrary memory values to be initialized to zero, potentially leading to a los… |
CWE-120
Classic Buffer Overflow |
CVE-2021-26354 | 2024-11-21 14:56 | 2023-05-10 | Show | GitHub Exploit DB Packet Storm |
| 194480 | 6.1 |
MEDIUM
Network |
odoo | odoo | Cross-site scripting (XSS) issue in Discuss app of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to inject arbitrary web script in the browser of a … |
CWE-79
Cross-site Scripting |
CVE-2021-26263 | 2024-11-21 14:56 | 2023-04-26 | Show | GitHub Exploit DB Packet Storm |