Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 6, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 228291 | 6 | 警告 | WordPress.org | - | WordPress のデフォルトテーマの functions.php におけるクロスサイトスクリプティングの脆弱性 | - | CVE-2007-3238 | 2012-12-20 18:19 | 2007-06-14 | Show | GitHub Exploit DB Packet Storm |
| 228292 | 6.8 | 警告 | XOOPS | - | XOOPS 用の TinyContent モジュールにおける PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2007-3237 | 2012-12-20 18:19 | 2007-06-12 | Show | GitHub Exploit DB Packet Storm |
| 228293 | 7.5 | 危険 | XOOPS | - | XOOPS 用の Horoscope モジュールにおける PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2007-3236 | 2012-12-20 18:19 | 2007-06-14 | Show | GitHub Exploit DB Packet Storm |
| 228294 | 5 | 警告 | tec-it | - | TEC-IT TBarCode OCX ActiveX コントロール における任意のファイルを上書きされる脆弱性 | - | CVE-2007-3233 | 2012-12-20 18:19 | 2007-06-14 | Show | GitHub Exploit DB Packet Storm |
| 228295 | 6.8 | 警告 | simian systems inc | - | Idan Sofer PHP::HTML の phphtml.php における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2007-3230 | 2012-12-20 18:19 | 2007-06-14 | Show | GitHub Exploit DB Packet Storm |
| 228296 | 6.8 | 警告 | singapore | - | Singapore Gallery の index.php における重要な情報を取得される脆弱性 | - | CVE-2007-3229 | 2012-12-20 18:19 | 2007-06-14 | Show | GitHub Exploit DB Packet Storm |
| 228297 | 6.8 | 警告 | simian systems inc | - | Sitellite CMS における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2007-3228 | 2012-12-20 18:19 | 2007-06-14 | Show | GitHub Exploit DB Packet Storm |
| 228298 | 4.3 | 警告 | Ruby on Rails project | - | Ruby on Rails の to_json 関数におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2007-3227 | 2012-12-20 18:19 | 2007-06-14 | Show | GitHub Exploit DB Packet Storm |
| 228299 | 6.4 | 警告 | サン・マイクロシステムズ | - | slapd における特定のデータを変更される脆弱性 | - | CVE-2007-3225 | 2012-12-20 18:19 | 2007-06-13 | Show | GitHub Exploit DB Packet Storm |
| 228300 | 5 | 警告 | サン・マイクロシステムズ | - | slapd におけるエントリの属性の存在を特定される脆弱性 | - | CVE-2007-3224 | 2012-12-20 18:19 | 2007-06-13 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 6, 2026, 4:08 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 209841 | 7.8 |
HIGH
Local |
qualcomm |
aqt1000_firmware ar8035_firmware pm3003a_firmware pm4125_firmware pm4250_firmware pm6125_firmware pm6150_firmware pm6150a_firmware pm6150l_firmware pm6350_firmware pm640… |
Unintended reads and writes by NS EL2 in access control driver due to lack of check of input validation in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapd… |
CWE-190
Integer Overflow or Wraparound |
CVE-2020-11245 | 2024-11-21 13:57 | 2021-04-7 | Show | GitHub Exploit DB Packet Storm |
| 209842 | 7.8 |
HIGH
Local |
qualcomm |
pm660_firmware pm660a_firmware pm660l_firmware pm855a_firmware pmm855au_firmware qat3514_firmware qat3522_firmware qat3550_firmware qca6564a_firmware qca6564au_firmware … |
User could gain access to secure memory due to incorrect argument into address range validation api used in SDI to capture requested contents in Snapdragon Industrial IOT, Snapdragon Mobile |
NVD-CWE-Other
|
CVE-2020-11242 | 2024-11-21 13:57 | 2021-04-7 | Show | GitHub Exploit DB Packet Storm |
| 209843 | 7.8 |
HIGH
Local |
qualcomm |
csrb31024_firmware pm3003a_firmware pm456_firmware pm6150_firmware pm6150a_firmware pm6150l_firmware pm6250_firmware pm6350_firmware pm7150a_firmware pm7150l_firmware pm… |
Memory crash when accessing histogram type KPI input received due to lack of check of histogram definition before accessing it in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdra… |
CWE-20
Improper Input Validation |
CVE-2020-11237 | 2024-11-21 13:57 | 2021-04-7 | Show | GitHub Exploit DB Packet Storm |
| 209844 | 8.8 |
HIGH
Local |
qualcomm |
ar8035_firmware pm4125_firmware pm4250_firmware pm6125_firmware pm6150a_firmware pm6150l_firmware pm6350_firmware pm7250b_firmware pm8008_firmware pmd9655_firmware pmi63… |
Possible memory corruption in RPM region due to improper XPU configuration in Snapdragon Connectivity, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking |
CWE-787
Out-of-bounds Write |
CVE-2020-11210 | 2024-11-21 13:57 | 2021-04-7 | Show | GitHub Exploit DB Packet Storm |
| 209845 | 5.5 |
MEDIUM
Local |
qualcomm |
csrb31024_firmware pm3003a_firmware pm6150a_firmware pm6150l_firmware pm6350_firmware pm7150a_firmware pm7150l_firmware pm7250_firmware pm7250b_firmware pm8008_firmware … |
Memory corruption due to invalid value of total dimension in the non-histogram type KPI could lead to a denial of service in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon M… |
CWE-787
Out-of-bounds Write |
CVE-2020-11236 | 2024-11-21 13:57 | 2021-04-7 | Show | GitHub Exploit DB Packet Storm |
| 209846 | 7.8 |
HIGH
Local |
qualcomm |
apq8009_firmware apq8009w_firmware apq8017_firmware apq8053_firmware apq8064au_firmware apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware ar8151_firmware<… |
When sending a socket event message to a user application, invalid information will be passed if socket is freed by other thread resulting in a Use After Free condition in Snapdragon Auto, Snapdragon… |
CWE-416
Use After Free |
CVE-2020-11234 | 2024-11-21 13:57 | 2021-04-7 | Show | GitHub Exploit DB Packet Storm |
| 209847 | 6.7 |
MEDIUM
Local |
qualcomm |
apq8017_firmware apq8053_firmware aqt1000_firmware msm8917_firmware msm8953_firmware pm215_firmware pm3003a_firmware pm439_firmware pm6125_firmware pm6150_firmware pm615… |
Two threads call one or both functions concurrently leading to corruption of pointers and reference counters which in turn can lead to heap corruption in Snapdragon Compute, Snapdragon Connectivity, … |
CWE-415
Double Free |
CVE-2020-11231 | 2024-11-21 13:57 | 2021-04-7 | Show | GitHub Exploit DB Packet Storm |
| 209848 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8009_firmware apq8009w_firmware apq8017_firmware apq8037_firmware apq8053_firmware apq8084_firmware apq8096au_firmware aqt1000_firmware ar8035_firmware ar8151_firmware
Out of bound write while parsing RTT/TTY packet parsing due to lack of check of buffer size before copying into buffer in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Cons…
|
CWE-787 |
CWE-129 Out-of-bounds Write Improper Validation of Array Index
CVE-2020-11227
|
2024-11-21 13:57 |
2021-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 209849 | 5.5 |
MEDIUM
Local |
qualcomm |
apq8009_firmware apq8009w_firmware apq8017_firmware apq8037_firmware apq8053_firmware apq8084_firmware apq8096au_firmware aqt1000_firmware ar8035_firmware ar8151_firmware
Usage of syscall by non-secure entity can allow extraction of secure QTEE diagnostic information in clear text form due to insufficient checks in the syscall handler and leads to information disclosu…
|
CWE-200
|
Information Exposure
CVE-2020-11221
|
2024-11-21 13:57 |
2021-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 209850 | 5.5 |
MEDIUM
Local |
qualcomm |
apq8009_firmware apq8009w_firmware apq8017_firmware apq8037_firmware apq8053_firmware apq8084_firmware apq8096au_firmware aqt1000_firmware ar8035_firmware ar8151_firmware
HLOS to access EL3 stack canary by just mapping imem region due to Improper access control and can lead to information exposure in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdr…
|
CWE-200
|
Information Exposure
CVE-2020-11199
|
2024-11-21 13:57 |
2021-03-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|