Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 3, 2026, 6:08 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 243691 | 4.3 | 警告 | deluxebb | - | DeluxeBB の misc.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4468 | 2012-06-26 16:18 | 2009-12-30 | Show | GitHub Exploit DB Packet Storm |
| 243692 | 4 | 警告 | deluxebb | - | DeluxeBB の misc.php におけるアカウント登録される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2009-4467 | 2012-06-26 16:18 | 2009-12-30 | Show | GitHub Exploit DB Packet Storm |
| 243693 | 5 | 警告 | deluxebb | - | DeluxeBB における重要な情報を取得される取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2009-4466 | 2012-06-26 16:18 | 2009-12-30 | Show | GitHub Exploit DB Packet Storm |
| 243694 | 7.5 | 危険 | deluxebb | - | DeluxeBB における管理アクセス権を取得される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-4465 | 2012-06-26 16:18 | 2009-12-30 | Show | GitHub Exploit DB Packet Storm |
| 243695 | 4.3 | 警告 | Activewebsoftwares | - | Active Business Directory の searchadvance.asp におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4464 | 2012-06-26 16:18 | 2009-12-30 | Show | GitHub Exploit DB Packet Storm |
| 243696 | 4.3 | 警告 | FlatPress | - | FlatPress におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4461 | 2012-06-26 16:18 | 2009-12-30 | Show | GitHub Exploit DB Packet Storm |
| 243697 | 4.3 | 警告 | FreePBX | - | FreePBX におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-4458 | 2012-06-26 16:18 | 2009-12-29 | Show | GitHub Exploit DB Packet Storm |
| 243698 | 7.5 | 危険 | greendesktiny | - | Green Desktiny の news_detail.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-4456 | 2012-06-26 16:18 | 2009-12-29 | Show | GitHub Exploit DB Packet Storm |
| 243699 | 7.5 | 危険 | Activewebsoftwares | - | Active Auction House における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-4437 | 2012-06-26 16:18 | 2009-12-28 | Show | GitHub Exploit DB Packet Storm |
| 243700 | 7.5 | 危険 | Activewebsoftwares | - | Active Web Softwares eWebquiz における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-4436 | 2012-06-26 16:18 | 2009-12-28 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 4, 2026, 4:17 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 411 | 7.5 |
HIGH
Network |
osgeo | mapserver | MapServer is a system for developing web-based GIS applications. From 6.4.0 to before 8.6.3, msSLDParseUserStyle always calls _SLDApplyRuleValues(psRule, psLayer, 1); for any <Rule> carrying <ElseFil… Update |
CWE-129 CWE-476 Improper Validation of Array Index NULL Pointer Dereference |
CVE-2026-45104 | 2026-06-3 03:19 | 2026-05-28 | Show | GitHub Exploit DB Packet Storm |
| 412 | 5.5 |
MEDIUM
Local |
android | In verifySignature of ApkChecksums.java, there is a possible way to cause a crash due to resource exhaustion. This could lead to local denial of service with no additional execution privileges needed… New |
CWE-400
Uncontrolled Resource Consumption |
CVE-2026-0069 | 2026-06-3 03:06 | 2026-06-2 | Show | GitHub Exploit DB Packet Storm | |
| 413 | 6.5 |
MEDIUM
Adjacent |
qualcomm |
fastconnect_7800_firmware qca7005_firmware snapdragon_ar1_gen_1_platform_firmware wcd9380_firmware wcd9385_firmware wsa8830_firmware wsa8832_firmware wsa8835_firmware |
Information Disclosure when resetting device to factory default settings through powerline interface allows unauthorized access to device configuration. New |
CWE-1230
Exposure of Sensitive Information Through Metadata |
CVE-2025-59601 | 2026-06-3 03:00 | 2026-06-2 | Show | GitHub Exploit DB Packet Storm |
| 414 | 7.8 |
HIGH
Local |
qualcomm |
snapdragon_480_5g_mobile_platform_firmware snapdragon_480\+_5g_mobile_platform_firmware snapdragon_6_gen_1_mobile_platform_firmware snapdragon_6_gen_3_mobile_platform_firmware snapdragon_… |
Memory Corruption when running a memory copy operation due to invalid writes caused by a null pointer. New |
CWE-476
NULL Pointer Dereference |
CVE-2025-59604 | 2026-06-3 03:00 | 2026-06-2 | Show | GitHub Exploit DB Packet Storm |
| 415 | 7.8 |
HIGH
Local |
qualcomm |
snapdragon_g1_gen_2_gaming_platform_firmware ar8035_firmware csra6620_firmware csra6640_firmware fastconnect_6200_firmware fastconnect_6700_firmware fastconnect_6800_firmware fas… |
Memory Corruption when processing device identifier strings that exceed the expected maximum length. New |
CWE-787
Out-of-bounds Write |
CVE-2025-59605 | 2026-06-3 03:00 | 2026-06-2 | Show | GitHub Exploit DB Packet Storm |
| 416 | 7.8 |
HIGH
Local |
qualcomm |
cologne_firmware cq7790_firmware cq8725s_firmware cq8750m_firmware fastconnect_6200_firmware wsa8840_firmware wsa8845_firmware wsa8845h_firmware wsa8850_firmware wsa8850w_f… |
Memory Corruption when writing to invalid memory locations occurs due to heap memory exhaustion during secure data initialization. New |
CWE-476
NULL Pointer Dereference |
CVE-2025-59606 | 2026-06-3 03:00 | 2026-06-2 | Show | GitHub Exploit DB Packet Storm |
| 417 | 5.5 |
MEDIUM
Network |
qualcomm |
5g_fixed_wireless_access_platform_firmware ar8035_firmware csr8811_firmware fastconnect_6700_firmware fastconnect_6900_firmware sxr2250p_firmware wcd9340_firmware wcd9370_firmwar… |
Information Disclosure when processing advertisement frames with malformed MBSSID elements of insufficient length. New |
CWE-126
Buffer Over-read |
CVE-2025-59609 | 2026-06-3 03:00 | 2026-06-2 | Show | GitHub Exploit DB Packet Storm |
| 418 | 7.5 |
HIGH
Network |
ultrajson_project | ultrajson | UltraJSON is a fast JSON encoder and decoder written in pure C with bindings for Python 3.7+. Prior to 5.12.1, when ujson.dump() writes to a file-like object and the write operation raises an excepti… Update |
CWE-401
Missing Release of Memory after Effective Lifetime |
CVE-2026-44660 | 2026-06-3 03:00 | 2026-05-28 | Show | GitHub Exploit DB Packet Storm |
| 419 | 7.8 |
HIGH
Local |
cnighswonger | claude-code-cache-fix | claude-code-cache-fix is a cache optimization proxy for Claude Code. From 3.5.0 to before 3.5.2, tools/quota-statusline.sh (introduced in v3.5.0) interpolates Claude Code's hook stdin payload directl… Update |
CWE-78 CWE-94 OS Command Code Injection |
CVE-2026-45136 | 2026-06-3 02:57 | 2026-05-28 | Show | GitHub Exploit DB Packet Storm |
| 420 | 7.8 |
HIGH
Local |
- | - | A high security vulnerability affecting Security Center main server installations has been identified. It could allow an attacker with local OS privileges to the main server to access the Server Admi… New |
CWE-532
Inclusion of Sensitive Information in Log Files |
CVE-2026-40619 | 2026-06-3 02:35 | 2026-06-3 | Show | GitHub Exploit DB Packet Storm |