Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 6, 2026, 2 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 230301 | 2.1 | 注意 | VMware Linux |
- | Linux kernel におけるサービス運用妨害 (アサーションエラーおよび kernel oops) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-4132 | 2012-12-17 16:08 | 2012-01-27 | Show | GitHub Exploit DB Packet Storm |
| 230302 | 2.1 | 注意 | VMware Linux |
- | Linux kernel の proc ファイルシステム実装における重要な情報を取得される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2011-1020 | 2012-12-17 16:06 | 2011-02-28 | Show | GitHub Exploit DB Packet Storm |
| 230303 | 2.1 | 注意 | VMware Linux |
- | Linux kernel におけるサービス運用妨害 (NULL ポインタデリファレンスおよび kernel oops) の脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2011-4110 | 2012-12-17 16:02 | 2012-01-27 | Show | GitHub Exploit DB Packet Storm |
| 230304 | 5.4 | 警告 | VMware Linux |
- | Linux Kernel の setup_cifs_sb 関数におけるサービス運用妨害 (システムクラッシュ) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-3363 | 2012-12-17 16:00 | 2012-05-24 | Show | GitHub Exploit DB Packet Storm |
| 230305 | 4.9 | 警告 | VMware Linux |
- | x86 プラットフォーム上の Linux Kernel におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-189
数値処理の問題 |
CVE-2011-3209 | 2012-12-17 15:59 | 2008-07-13 | Show | GitHub Exploit DB Packet Storm |
| 230306 | 7.8 | 危険 | VMware Linux |
- | Linux Kernel の IPv4 と IPv6 の実装におけるサービス運用妨害 (ネットワーク障害) の脆弱性 |
CWE-DesignError
|
CVE-2011-3188 | 2012-12-17 15:57 | 2012-05-24 | Show | GitHub Exploit DB Packet Storm |
| 230307 | 4.3 | 警告 | VideoLAN | - | VideoLAN VLC media player の libpng_plugin におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 |
CWE-119
バッファエラー |
CVE-2012-5470 | 2012-12-17 13:47 | 2012-10-26 | Show | GitHub Exploit DB Packet Storm |
| 230308 | 2.1 | 注意 | シトリックス・システムズ | - | Xen におけるサービス運用妨害 (無限ループ および ハングアップまたはクラッシュ) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2012-4539 | 2012-12-17 13:43 | 2012-11-13 | Show | GitHub Exploit DB Packet Storm |
| 230309 | 4.9 | 警告 | シトリックス・システムズ | - | Xen の HVMOP_pagetable_dying ハイパーコールにおけるサービス運用妨害 (ハイパーバイザクラッシュ) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2012-4538 | 2012-12-17 13:41 | 2012-11-13 | Show | GitHub Exploit DB Packet Storm |
| 230310 | 2.1 | 注意 | シトリックス・システムズ | - | Xen におけるサービス運用妨害 (メモリ消費および表明違反) の脆弱性 |
CWE-16
環境設定 |
CVE-2012-4537 | 2012-12-17 12:30 | 2012-11-13 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 6, 2026, 4:08 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 212011 | 10.0 |
CRITICAL
Network |
envoyproxy | envoy | Envoy 1.9.0 and before does not normalize HTTP URL paths. A remote attacker may craft a relative path, e.g., something/../admin, to bypass access control, e.g., a block on /admin. A backend server co… |
CWE-706
Use of Incorrectly-Resolved Name or Reference |
CVE-2019-9901 | 2024-11-21 13:52 | 2019-04-26 | Show | GitHub Exploit DB Packet Storm |
| 212012 | 8.3 |
HIGH
Network |
envoyproxy redhat |
envoy openshift_service_mesh |
When parsing HTTP/1.x header values, Envoy 1.9.0 and before does not reject embedded zero characters (NUL, ASCII 0x0). This allows remote attackers crafting header values containing embedded NUL char… |
CWE-74
Injection |
CVE-2019-9900 | 2024-11-21 13:52 | 2019-04-26 | Show | GitHub Exploit DB Packet Storm |
| 212013 | 6.5 |
MEDIUM
Network |
tensorflow | NULL pointer dereference in Google TensorFlow before 1.12.2 could cause a denial of service via an invalid GIF file. |
CWE-476
NULL Pointer Dereference |
CVE-2019-9635 | 2024-11-21 13:52 | 2019-04-25 | Show | GitHub Exploit DB Packet Storm | |
| 212014 | 9.8 |
CRITICAL
Network |
western_digital |
my_cloud_mirror_gen_2_firmware my_cloud_ex2_ultra_firmware my_cloud_ex2100_firmware my_cloud_ex4100 my_cloud_dl2100 my_cloud_dl4100_firmware my_cloud_pr2100_firmware my_cloud_pr4… |
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is… |
CWE-434
Unrestricted Upload of File with Dangerous Type |
CVE-2019-9951 | 2024-11-21 13:52 | 2019-04-25 | Show | GitHub Exploit DB Packet Storm |
| 212015 | 9.8 |
CRITICAL
Network |
westerndigital |
my_cloud_firmware my_cloud_mirror_gen2_firmware my_cloud_ex2_ultra_firmware my_cloud_ex2100_firmware my_cloud_ex4100_firmware my_cloud_dl2100_firmware my_cloud_dl4100_firmware my… |
Western Digital My Cloud, My Cloud Mirror Gen2, My Cloud EX2 Ultra, My Cloud EX2100, My Cloud EX4100, My Cloud DL2100, My Cloud DL4100, My Cloud PR2100 and My Cloud PR4100 firmware before 2.31.174 is… |
CWE-521
Weak Password Requirements |
CVE-2019-9950 | 2024-11-21 13:52 | 2019-04-25 | Show | GitHub Exploit DB Packet Storm |
| 212016 | 8.8 |
HIGH
Network |
gstreamer_project debian canonical |
gstreamer debian_linux ubuntu_linux |
GStreamer before 1.16.0 has a heap-based buffer overflow in the RTSP connection parser via a crafted response from a server, potentially allowing remote code execution. |
CWE-787
Out-of-bounds Write |
CVE-2019-9928 | 2024-11-21 13:52 | 2019-04-25 | Show | GitHub Exploit DB Packet Storm |
| 212017 | 7.5 |
HIGH
Network |
aquaverde | aquarius_cms | Aquarius CMS through 4.3.5 writes POST and GET parameters (including passwords) to a log file due to an overwriting of configuration parameters under certain circumstances. |
CWE-532
Inclusion of Sensitive Information in Log Files |
CVE-2019-9734 | 2024-11-21 13:52 | 2019-04-25 | Show | GitHub Exploit DB Packet Storm |
| 212018 | 7.5 |
HIGH
Network |
aquaverde | aquarius_cms | aquaverde Aquarius CMS through 4.3.5 allows Information Exposure through Log Files because of an error in the Log-File writer component. |
CWE-532
Inclusion of Sensitive Information in Log Files |
CVE-2019-9724 | 2024-11-21 13:52 | 2019-04-24 | Show | GitHub Exploit DB Packet Storm |
| 212019 | 6.1 |
MEDIUM
Network |
vestacp | control_panel | Vesta Control Panel 0.9.8-23 allows XSS via a crafted URL. |
CWE-79
Cross-site Scripting |
CVE-2019-9841 | 2024-11-21 13:52 | 2019-04-20 | Show | GitHub Exploit DB Packet Storm |
| 212020 | 6.1 |
MEDIUM
Network |
zyxel |
atp200_firmware atp500_firmware atp800_firmware usg20-vpn_firmware usg20w-vpn_firmware usg40_firmware usg40w_firmware usg60_firmware usg60w_firmware usg110_firmware usg2… |
On Zyxel ATP200, ATP500, ATP800, USG20-VPN, USG20W-VPN, USG40, USG40W, USG60, USG60W, USG110, USG210, USG310, USG1100, USG1900, USG2200-VPN, ZyWALL 110, ZyWALL 310, ZyWALL 1100 devices, the security … |
CWE-79
Cross-site Scripting |
CVE-2019-9955 | 2024-11-21 13:52 | 2019-04-23 | Show | GitHub Exploit DB Packet Storm |