Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 6, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 229901 | 5.1 | 警告 | tsep | - | Olaf Noehring TSEP の copyright.php における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-3993 | 2012-12-20 18:02 | 2006-08-4 | Show | GitHub Exploit DB Packet Storm |
| 229902 | 7.5 | 危険 | voc-project | - | Cisco Unified Wireless IP Phone 7921 における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-3991 | 2012-12-20 18:02 | 2006-08-4 | Show | GitHub Exploit DB Packet Storm |
| 229903 | 7.5 | 危険 | phpsavant | - | Paul M. Jones Savant2 における PHP リモートファイルインクルージョンの脆弱性 | - | CVE-2006-3990 | 2012-12-20 18:02 | 2006-08-4 | Show | GitHub Exploit DB Packet Storm |
| 229904 | 5 | 警告 | scott weedon | - | Scott Weedon Ajax Chat の visitor/livesupport/chat.php におけるディレクトリトラバーサルの脆弱性 | - | CVE-2006-3972 | 2012-12-20 18:02 | 2006-08-2 | Show | GitHub Exploit DB Packet Storm |
| 229905 | 6.8 | 警告 | scott weedon | - | Scott Weedon Ajax Chat の visitor/livesupport/chat.php におけるクロスサイトスクリプティングの脆弱性 | - | CVE-2006-3971 | 2012-12-20 18:02 | 2006-08-2 | Show | GitHub Exploit DB Packet Storm |
| 229906 | 5 | 警告 | サン・マイクロシステムズ | - | Sun Solaris 10 3/05 HW2 の暗号化プロバイダにおけるアプリケーションがデータ変更を検出しない脆弱性 | - | CVE-2006-3968 | 2012-12-20 18:02 | 2006-08-1 | Show | GitHub Exploit DB Packet Storm |
| 229907 | 7.5 | 危険 | x-scripts | - | X-Scripts X-Poll の top.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2006-3960 | 2012-12-20 18:02 | 2006-08-1 | Show | GitHub Exploit DB Packet Storm |
| 229908 | 7.5 | 危険 | x-scripts | - | X-Scripts X-Protection の protect.php における SQL インジェクションの脆弱性 | - | CVE-2006-3959 | 2012-12-20 18:02 | 2006-08-1 | Show | GitHub Exploit DB Packet Storm |
| 229909 | 4.3 | 警告 | pkr internet | - | Taskjitsu におけるクロスサイトスクリプティングの脆弱性 |
CWE-noinfo
情報不足 |
CVE-2006-3958 | 2012-12-20 18:02 | 2006-07-6 | Show | GitHub Exploit DB Packet Storm |
| 229910 | 4.3 | 警告 | total online solutions | - | AWBS の contact.php におけるクロスサイトスクリプティングの脆弱性 | - | CVE-2006-3956 | 2012-12-20 18:02 | 2006-08-1 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 6, 2026, 4:08 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 198021 | 7.5 |
HIGH
Network |
qualcomm |
ipq6018_firmware ipq8074_firmware kamorta_firmware nicobar_firmware qca6390_firmware qca8081_firmware qcs404_firmware qcs405_firmware rennell_firmware sc7180_firmware sc… |
Firmware will hit assert in WLAN firmware If encrypted data length in FILS IE of reassoc response is more than 528 bytes in Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronic… |
CWE-617
Reachable Assertion |
CVE-2020-3645 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 198022 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8009_firmware apq8053_firmware apq8096au_firmware apq8098_firmware kamorta_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware msm8905_firmware msm8909w_firmwar… |
Integer overflow may occur if atom size is less than atom offset as there is improper validation of atom size in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IO… |
CWE-190
Integer Overflow or Wraparound |
CVE-2020-3641 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 198023 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8009_firmware apq8053_firmware apq8096au_firmware apq8098_firmware kamorta_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware msm8905_firmware msm8909w_firmwar… |
Array out of bound may occur while playing mp3 file as no check is there on offset if it is greater than the buffer allocated or not in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, S… |
CWE-129
Improper Validation of Array Index |
CVE-2020-3633 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 198024 | 7.8 |
HIGH
Local |
qualcomm |
apq8009_firmware apq8053_firmware apq8096au_firmware apq8098_firmware kamorta_firmware mdm9150_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware mdm9640_firmware… |
Possibility of out of bound access while processing the responses from video firmware in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial I… |
CWE-129
Improper Validation of Array Index |
CVE-2020-3630 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 198025 | 7.8 |
HIGH
Local |
qualcomm |
apq8017_firmware apq8053_firmware apq8096au_firmware apq8098_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware msm8909w_firmware msm8917_firmware msm8953_firmwar… |
Buffer overflow in display function due to memory copy without checking length of size using strcpy function in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT… |
CWE-120
Classic Buffer Overflow |
CVE-2020-3616 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 198026 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8009_firmware apq8053_firmware apq8096au_firmware mdm9150_firmware mdm9206_firmware mdm9207c_firmware mdm9607_firmware mdm9650_firmware msm8996au_firmware qca6174a_firmw… |
Valid deauth/disassoc frames is dropped in case if RMF is enabled and some rouge peer keep on sending rogue deauth/disassoc frames due to improper enum values used to check the frame subtype in Snapd… |
CWE-617
Reachable Assertion |
CVE-2020-3615 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 198027 | 7.8 |
HIGH
Local |
qualcomm |
apq8009_firmware apq8053_firmware apq8096au_firmware apq8098_firmware msm8909w_firmware msm8917_firmware msm8953_firmware msm8996au_firmware nicobar_firmware qcs405_firmwar… |
Possibility of double free of the drawobj that is added to the drawqueue array of the context during IOCTL commands as there is no refcount taken for this object in Snapdragon Auto, Snapdragon Comput… |
CWE-415
Double Free |
CVE-2020-3610 | 2024-11-21 14:31 | 2020-06-3 | Show | GitHub Exploit DB Packet Storm |
| 198028 | 5.5 |
MEDIUM
Local |
netqmail debian canonical |
netqmail debian_linux ubuntu_linux |
qmail-verify as used in netqmail 1.06 is prone to an information disclosure vulnerability. A local attacker can test for the existence of files and directories anywhere in the filesystem because qmai… |
CWE-269
Improper Privilege Management |
CVE-2020-3812 | 2024-11-21 14:31 | 2020-05-26 | Show | GitHub Exploit DB Packet Storm |
| 198029 | 7.5 |
HIGH
Network |
netqmail debian canonical |
netqmail debian_linux ubuntu_linux |
qmail-verify as used in netqmail 1.06 is prone to a mail-address verification bypass vulnerability. |
CWE-665 CWE-863 Improper Initialization Incorrect Authorization |
CVE-2020-3811 | 2024-11-21 14:31 | 2020-05-26 | Show | GitHub Exploit DB Packet Storm |
| 198030 | 5.5 |
MEDIUM
Local |
debian fedoraproject canonical |
debian_linux apt fedora ubuntu_linux |
Missing input validation in the ar/tar implementations of APT before version 2.1.2 could result in denial of service when processing specially crafted deb files. |
CWE-20 CWE-125 Improper Input Validation Out-of-bounds Read |
CVE-2020-3810 | 2024-11-21 14:31 | 2020-05-15 | Show | GitHub Exploit DB Packet Storm |