Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 22, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 228201 | 4.3 | 警告 | pivot | - | Pivot におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-2133 | 2012-12-20 19:10 | 2009-06-19 | Show | GitHub Exploit DB Packet Storm |
| 228202 | 6.5 | 警告 | tekbase | - | TekBase All-in-One における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2120 | 2012-12-20 19:10 | 2009-06-18 | Show | GitHub Exploit DB Packet Storm |
| 228203 | 7.5 | 危険 | phportal | - | phPortal の uye_paneli.php における管理者アクセス権を取得される脆弱性 |
CWE-287
不適切な認証 |
CVE-2009-2117 | 2012-12-20 19:10 | 2009-06-18 | Show | GitHub Exploit DB Packet Storm |
| 228204 | 4 | 警告 | Iconify.it | - | SkyBlueCanvas の admin.php におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2009-2116 | 2012-12-20 19:10 | 2009-06-18 | Show | GitHub Exploit DB Packet Storm |
| 228205 | 6.8 | 警告 | Iconify.it | - | SkyBlueCanvas の admin.php における重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2009-2115 | 2012-12-20 19:10 | 2009-06-18 | Show | GitHub Exploit DB Packet Storm |
| 228206 | 4.3 | 警告 | Iconify.it | - | SkyBlueCanvas の admin.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-2114 | 2012-12-20 19:10 | 2009-06-18 | Show | GitHub Exploit DB Packet Storm |
| 228207 | 4.3 | 警告 | webmedia explorer | - | webmex の index.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-2107 | 2012-12-20 19:10 | 2009-06-17 | Show | GitHub Exploit DB Packet Storm |
| 228208 | 7.5 | 危険 | projektseminar proservice wwu | - | TYPO3 用の Virtual civserv エクステンションにおける SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2106 | 2012-12-20 19:10 | 2009-06-17 | Show | GitHub Exploit DB Packet Storm |
| 228209 | 4.3 | 警告 | udo von eynern | - | TYPO3 用の Modern Guestbook / Commenting System エクステンションにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-2104 | 2012-12-20 19:10 | 2009-06-17 | Show | GitHub Exploit DB Packet Storm |
| 228210 | 7.5 | 危険 | steve grundell | - | TYPO3 用の fe_mp3player エクステンションにおける SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-2103 | 2012-12-20 19:10 | 2009-06-17 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 22, 2026, 4:08 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 221111 | 7.8 |
HIGH
Local |
android | In tokenize of sqlite3_android.cpp, there is a possible attacker controlled INSERT statement due to improper input validation. This could lead to local escalation of privilege with no additional exec… |
CWE-20 CWE-89 Improper Input Validation SQL Injection |
CVE-2019-2195 | 2024-11-21 13:40 | 2019-11-14 | Show | GitHub Exploit DB Packet Storm | |
| 221112 | 7.8 |
HIGH
Local |
android | In WelcomeActivity.java and related files, there is a possible permissions bypass due to a partially provisioned Device Policy Client. This could lead to local escalation of privilege, leaving an Adm… |
CWE-269
Improper Privilege Management |
CVE-2019-2193 | 2024-11-21 13:40 | 2019-11-14 | Show | GitHub Exploit DB Packet Storm | |
| 221113 | 7.8 |
HIGH
Local |
android | In call of SliceProvider.java, there is a possible permissions bypass due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed… |
CWE-20
Improper Input Validation |
CVE-2019-2192 | 2024-11-21 13:40 | 2019-11-14 | Show | GitHub Exploit DB Packet Storm | |
| 221114 | 9.8 |
CRITICAL
Network |
android | In okToConnect of HidHostService.java, there is a possible permission bypass due to an incorrect state check. This could lead to remote escalation of privilege with no additional execution privileges… |
NVD-CWE-noinfo
|
CVE-2019-2036 | 2024-11-21 13:40 | 2019-11-14 | Show | GitHub Exploit DB Packet Storm | |
| 221115 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs405_firmware qcs605_firmware
Memory corruption while accessing the memory as payload size is not validated before access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT,…
|
CWE-787
|
Out-of-bounds Write
CVE-2019-2332
|
2024-11-21 13:40 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 221116 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs405_firmware qcs605_firmware
Possible Integer overflow because of subtracting two integers without checking if the result would overflow or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industri…
|
CWE-190
|
Integer Overflow or Wraparound
CVE-2019-2331
|
2024-11-21 13:40 |
2019-11-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 221117 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs405_firmware qcs605_firmware qualcomm_215_firmw… |
Out of boundary access due to token received from ADSP and is used without validation as an index into the array in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial… |
CWE-129
Improper Validation of Array Index |
CVE-2019-2325 | 2024-11-21 13:40 | 2019-11-7 | Show | GitHub Exploit DB Packet Storm |
| 221118 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware sd_210_firmware sd_212_firmware sd_205_firmware s… |
When ADSP is compromised, the audio port index that`s returned from ADSP might be out of the valid range and leads to out of boundary access in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Co… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2019-2324 | 2024-11-21 13:40 | 2019-11-7 | Show | GitHub Exploit DB Packet Storm |
| 221119 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs405_firmware qcs605_firmware qualcomm_215_firmw… |
Lack of check to ensure crypto engine data passed by user is initialized can result in bus error in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon… |
CWE-1187
Use of Uninitialized Resource |
CVE-2019-2323 | 2024-11-21 13:40 | 2019-11-7 | Show | GitHub Exploit DB Packet Storm |
| 221120 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8017_firmware apq8053_firmware apq8096au_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8905_firmware msm8909_firmware… |
While processing vendor command which contains corrupted channel count, an integer overflow occurs and finally will lead to heap overflow. in Snapdragon Auto, Snapdragon Consumer Electronics Connecti… |
CWE-787 CWE-190 Out-of-bounds Write Integer Overflow or Wraparound |
CVE-2019-2302 | 2024-11-21 13:40 | 2019-11-7 | Show | GitHub Exploit DB Packet Storm |