Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 6, 2026, 4 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 229851 | 6.4 | 警告 | Plone Foundation | - | Plone の Password Reset Tool における他のユーザのパスワードをリセットされる脆弱性 | - | CVE-2006-4247 | 2012-12-20 18:02 | 2006-09-29 | Show | GitHub Exploit DB Packet Storm |
| 229852 | 7.5 | 危険 | sql-ledger | - | SQL-Ledger におけるログイン済みユーザとしてアクセス権を取得される脆弱性 |
CWE-287
不適切な認証 |
CVE-2006-4244 | 2012-12-20 18:02 | 2006-08-30 | Show | GitHub Exploit DB Packet Storm |
| 229853 | 7.5 | 危険 | wtcom | - | WTcom の torrents.php における SQL インジェクションの脆弱性 | - | CVE-2006-4238 | 2012-12-20 18:02 | 2006-08-21 | Show | GitHub Exploit DB Packet Storm |
| 229854 | 7.5 | 危険 | powergap | - | POWERGAP における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-4236 | 2012-12-20 18:02 | 2006-08-21 | Show | GitHub Exploit DB Packet Storm |
| 229855 | 5.1 | 警告 | spaminator | - | Spaminator の Login.php における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-4158 | 2012-12-20 18:02 | 2006-08-16 | Show | GitHub Exploit DB Packet Storm |
| 229856 | 6.8 | 警告 | yabb | - | YaBB の index.php におけるクロスサイトスクリプティングの脆弱性 | - | CVE-2006-4157 | 2012-12-20 18:02 | 2006-08-16 | Show | GitHub Exploit DB Packet Storm |
| 229857 | 7.5 | 危険 | VWar | - | VWar の extra/online.php における SQL インジェクションの脆弱性 | - | CVE-2006-4142 | 2012-12-20 18:02 | 2006-08-14 | Show | GitHub Exploit DB Packet Storm |
| 229858 | 7.5 | 危険 | VWar | - | VWar の news.php における SQL インジェクションの脆弱性 | - | CVE-2006-4141 | 2012-12-20 18:02 | 2006-08-14 | Show | GitHub Exploit DB Packet Storm |
| 229859 | 5 | 警告 | SAP | - | SAP IGS におけるサービス運用妨害 (DoS) の脆弱性 | - | CVE-2006-4134 | 2012-12-20 18:02 | 2006-08-14 | Show | GitHub Exploit DB Packet Storm |
| 229860 | 7.5 | 危険 | SAP | - | SAP IGS におけるヒープベースのバッファオーバーフローの脆弱性 | - | CVE-2006-4133 | 2012-12-20 18:02 | 2006-08-14 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 6, 2026, 4:08 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 198011 | 7.8 |
HIGH
Local |
qualcomm |
apq8053_firmware apq8096au_firmware apq8098_firmware msm8905_firmware msm8909w_firmware msm8917_firmware msm8920_firmware msm8937_firmware msm8940_firmware msm8953_firmware… |
Any application can bind to it and exercise the APIs due to no protection for AIDL uimlpaservice in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon… |
CWE-276
Incorrect Default Permissions |
CVE-2020-3626 | 2024-11-21 14:31 | 2020-06-22 | Show | GitHub Exploit DB Packet Storm |
| 198012 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8009_firmware apq8017_firmware apq8053_firmware apq8076_firmware apq8096_firmware apq8096au_firmware apq8098_firmware ipq6018_firmware ipq8074_firmware mdm9206_firmware<… |
Possible buffer overflow while copying the frame to local buffer due to lack of check of length before copying in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Ele… |
CWE-120
Classic Buffer Overflow |
CVE-2020-3614 | 2024-11-21 14:31 | 2020-06-22 | Show | GitHub Exploit DB Packet Storm |
| 198013 | 3.3 |
LOW
Local |
geovision | gv-gf192x_firmware | GeoVision Door Access Control device family improperly stores and controls access to system logs, any users can read these logs. |
CWE-532
Inclusion of Sensitive Information in Log Files |
CVE-2020-3930 | 2024-11-21 14:31 | 2020-06-12 | Show | GitHub Exploit DB Packet Storm |
| 198014 | 5.9 |
MEDIUM
Network |
usavisionsys |
geovision_gv-as210_firmware geovision_gv-as410_firmware geovision_gv-as810_firmware geovision_gv-as1010_firmware geovision_gv-gf192x_firmware |
GeoVision Door Access Control device family employs shared cryptographic private keys for SSH and HTTPS. Attackers may conduct MITM attack with the derived keys and plaintext recover of encrypted mes… |
CWE-326
Inadequate Encryption Strength |
CVE-2020-3929 | 2024-11-21 14:31 | 2020-06-12 | Show | GitHub Exploit DB Packet Storm |
| 198015 | 9.8 |
CRITICAL
Network |
usavisionsys |
geovision_gv-as210_firmware geovision_gv-as410_firmware geovision_gv-as810_firmware geovision_gv-as1010_firmware geovision_gv-gf192x_firmware |
GeoVision Door Access Control device family is hardcoded with a root password, which adopting an identical password in all devices. |
CWE-798
Use of Hard-coded Credentials |
CVE-2020-3928 | 2024-11-21 14:31 | 2020-06-12 | Show | GitHub Exploit DB Packet Storm |
| 198016 | 6.5 |
MEDIUM
Network |
apple | mac_os_x | This issue was addressed with improved checks. This issue is fixed in macOS Catalina 10.15.5. Importing a maliciously crafted calendar invitation may exfiltrate user information. |
NVD-CWE-noinfo
|
CVE-2020-3882 | 2024-11-21 14:31 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 198017 | 7.0 |
HIGH
Local |
qualcomm |
apq8009_firmware apq8053_firmware msm8909w_firmware msm8917_firmware msm8953_firmware qcs605_firmware qm215_firmware sa415m_firmware sdm429_firmware sdm429w_firmware sdm… |
A race condition can occur when using the fastrpc memory mapping API. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearabl… |
CWE-367
Time-of-check Time-of-use (TOCTOU) Race Condition |
CVE-2020-3680 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 198018 | 7.8 |
HIGH
Local |
qualcomm |
sm8250_firmware sxr2130_firmware |
When making query to DSP capabilities, Stack out of bounds occurs due to wrong buffer length configured for DSP attributes in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Mobile in SM8250, SX… |
CWE-120
Classic Buffer Overflow |
CVE-2020-3625 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 198019 | 7.8 |
HIGH
Local |
qualcomm |
sm8250_firmware sxr2130_firmware |
kernel failure due to load failures while running v1 path directly via kernel in Snapdragon Mobile in SM8250, SXR2130 |
CWE-20
Improper Input Validation |
CVE-2020-3623 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 198020 | 7.8 |
HIGH
Local |
qualcomm |
qca8081_firmware sc8180x_firmware ipq6018_firmware ipq8074_firmware sxr2130_firmware |
NULL exception due to accessing bad pointer while posting events on RT FIFO in Snapdragon Compute, Snapdragon Mobile, Snapdragon Wired Infrastructure and Networking in IPQ6018, IPQ8074, QCA8081, SC81… |
CWE-416
Use After Free |
CVE-2020-3618 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |