Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 10, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 228701 | 5.8 | 警告 | vBulletin Solutions, Inc. | - | vBulletin の forum/login.php におけるオープンリダイレクトの脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-5251 | 2013-01-4 16:23 | 2011-06-2 | Show | GitHub Exploit DB Packet Storm |
| 228702 | 4.3 | 警告 | AgileBits | - | AgileBits 1Password におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-6369 | 2013-01-4 16:20 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
| 228703 | 4.3 | 警告 | Simple Invoices | - | SimpleInvoices におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-4932 | 2013-01-4 16:16 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
| 228704 | 5 | 警告 | ModSecurity | - | Apache HTTP Server 用 mod_security2 モジュールにおけるルールを回避される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2012-4528 | 2013-01-4 16:14 | 2012-10-15 | Show | GitHub Exploit DB Packet Storm |
| 228705 | 4.3 | 警告 | MediaWiki | - | MediaWiki 用 RSS Reader 拡張機能におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-6453 | 2013-01-4 14:54 | 2012-12-31 | Show | GitHub Exploit DB Packet Storm |
| 228706 | 4.3 | 警告 | Cerberus, LLC | - | Cerberus FTP Server の管理用 Web インターフェースにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-6339 | 2013-01-4 14:51 | 2012-12-11 | Show | GitHub Exploit DB Packet Storm |
| 228707 | 6.5 | 警告 | Open Constructor | - | Open Constructor における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2012-3873 | 2013-01-4 14:47 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
| 228708 | 4.3 | 警告 | Open Constructor | - | Open Constructor におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-3872 | 2013-01-4 14:46 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
| 228709 | 3.5 | 注意 | Open Constructor | - | Open Constructor におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-3871 | 2013-01-4 14:22 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
| 228710 | 3.5 | 注意 | Open Constructor | - | Open Constructor におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-3870 | 2013-01-4 14:22 | 2012-12-28 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 10, 2026, 5 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 195111 | 9.8 |
CRITICAL
Network |
mangboard | mangboard_wp | SQL-Injection vulnerability caused by the lack of verification of input values for the table name of DB used by the Mangboard bulletin board. A remote attacker can use this vulnerability to execute a… |
CWE-89
SQL Injection |
CVE-2021-26644 | 2024-11-21 14:56 | 2023-01-21 | Show | GitHub Exploit DB Packet Storm |
| 195112 | 9.8 |
CRITICAL
Network |
xpressengine | xpressengine | When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacke… |
CWE-434
Unrestricted Upload of File with Dangerous Type |
CVE-2021-26642 | 2024-11-21 14:56 | 2023-01-21 | Show | GitHub Exploit DB Packet Storm |
| 195113 | 7.8 |
HIGH
Local |
amd | milanpi_firmware | Insufficient bounds checking in SEV-ES may allow an attacker to corrupt Reverse Map table (RMP) memory, potentially resulting in a loss of SNP (Secure Nested Paging) memory integrity. |
CWE-120
Classic Buffer Overflow |
CVE-2021-26409 | 2024-11-21 14:56 | 2023-01-11 | Show | GitHub Exploit DB Packet Storm |
| 195114 | 5.5 |
MEDIUM
Local |
amd | romepi_firmware | A randomly generated Initialization Vector (IV) may lead to a collision of IVs with the same key potentially resulting in information disclosure. |
CWE-330
Use of Insufficiently Random Values |
CVE-2021-26407 | 2024-11-21 14:56 | 2023-01-11 | Show | GitHub Exploit DB Packet Storm |
| 195115 | 6.5 |
MEDIUM
Local |
amd |
epyc_7001_firmware epyc_7251_firmware epyc_7261_firmware epyc_7281_firmware epyc_7301_firmware epyc_7351_firmware epyc_7351p_firmware epyc_7371_firmware epyc_7401_firmware … |
Insufficient checks in SEV may lead to a malicious hypervisor disclosing the launch secret potentially resulting in compromise of VM confidentiality. |
NVD-CWE-noinfo
|
CVE-2021-26403 | 2024-11-21 14:56 | 2023-01-11 | Show | GitHub Exploit DB Packet Storm |
| 195116 | 7.1 |
HIGH
Local |
amd |
epyc_7h12_firmware epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware … |
Insufficient bounds checking in ASP (AMD Secure Processor) firmware while handling BIOS mailbox commands, may allow an attacker to write partially-controlled data out-of-bounds to SMM or SEV-ES regio… |
CWE-787
Out-of-bounds Write |
CVE-2021-26402 | 2024-11-21 14:56 | 2023-01-11 | Show | GitHub Exploit DB Packet Storm |
| 195117 | 7.8 |
HIGH
Local |
amd |
epyc_7h12_firmware epyc_7f72_firmware epyc_7f52_firmware epyc_7f32_firmware epyc_7742_firmware epyc_7702p_firmware epyc_7702_firmware epyc_7662_firmware epyc_7642_firmware … |
Insufficient input validation in SYS_KEY_DERIVE system call in a compromised user application or ABL may allow an attacker to corrupt ASP (AMD Secure Processor) OS memory which may lead to potential … |
CWE-787
Out-of-bounds Write |
CVE-2021-26398 | 2024-11-21 14:56 | 2023-01-11 | Show | GitHub Exploit DB Packet Storm |
| 195118 | 4.4 |
MEDIUM
Local |
amd |
epyc_7003_firmware epyc_72f3_firmware epyc_7313_firmware epyc_7313p_firmware epyc_7343_firmware epyc_7373x_firmware epyc_73f3_firmware epyc_7413_firmware epyc_7443_firmware
Insufficient validation of address mapping to IO in ASP (AMD Secure Processor) may result in a loss of memory integrity in the SNP guest.
|
CWE-345
|
Insufficient Verification of Data Authenticity
CVE-2021-26396
|
2024-11-21 14:56 |
2023-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 195119 | 5.5 |
MEDIUM
Local |
amd |
epyc_7003_firmware epyc_72f3_firmware epyc_7313_firmware epyc_7313p_firmware epyc_7343_firmware epyc_7373x_firmware epyc_73f3_firmware epyc_7413_firmware epyc_7443_firmware
Insufficient fencing and checks in System Management Unit (SMU) may result in access to invalid message port registers that could result in a potential denial-of-service.
|
NVD-CWE-noinfo
|
CVE-2021-26355
|
2024-11-21 14:56 |
2023-01-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 195120 | 5.5 |
MEDIUM
Local |
amd |
ryzen_3_3100_firmware ryzen_3_3200g_firmware ryzen_3_3200u_firmware ryzen_3_3250c_firmware ryzen_3_3250u_firmware ryzen_3_3300g_firmware ryzen_3_3300u_firmware ryzen_3_3300x_firm… |
Failure to validate the integer operand in ASP (AMD Secure Processor) bootloader may allow an attacker to introduce an integer overflow in the L2 directory table in SPI flash resulting in a potential… |
CWE-190
Integer Overflow or Wraparound |
CVE-2021-26346 | 2024-11-21 14:56 | 2023-01-11 | Show | GitHub Exploit DB Packet Storm |