Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 7, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 244541 | 7.5 | 危険 | gravityboardx | - | GBX の forms/ajax/configure.php における任意の PHP コードを挿入される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-1278 | 2012-06-26 16:10 | 2009-04-9 | Show | GitHub Exploit DB Packet Storm |
| 244542 | 7.5 | 危険 | gravityboardx | - | GBX の index.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-1277 | 2012-06-26 16:10 | 2009-04-9 | Show | GitHub Exploit DB Packet Storm |
| 244543 | 6.8 | 警告 | Apache Software Foundation | - | Apache Struts などで使用される Apache Tiles における重要情報を取得される脆弱性 |
CWE-Other
その他 |
CVE-2009-1275 | 2012-06-26 16:10 | 2009-04-9 | Show | GitHub Exploit DB Packet Storm |
| 244544 | 5 | 警告 | andrew j.korty | - | USE=ssh でコンパイルされた PAM で使用される pam_ssh におけるユーザ名が列挙される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2009-1273 | 2012-06-26 16:10 | 2009-04-8 | Show | GitHub Exploit DB Packet Storm |
| 244545 | 7.5 | 危険 | alikonweb Joomla! |
- | Joomla! の bookjoomlas コンポーネントの sub_commententry.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-1263 | 2012-06-26 16:10 | 2009-04-7 | Show | GitHub Exploit DB Packet Storm |
| 244546 | 7.2 | 危険 | フォーティネット | - | Fortinet FortiClient におけるフォーマットストリングの脆弱性 |
CWE-134
書式文字列の問題 |
CVE-2009-1262 | 2012-06-26 16:10 | 2009-04-7 | Show | GitHub Exploit DB Packet Storm |
| 244547 | 9.3 | 危険 | EZB Systems | - | UltraISO におけるスタックベースのバッファーオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-1260 | 2012-06-26 16:10 | 2009-04-7 | Show | GitHub Exploit DB Packet Storm |
| 244548 | 7.5 | 危険 | FlexCMS | - | FlexCMS における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-1256 | 2012-06-26 16:10 | 2009-04-7 | Show | GitHub Exploit DB Packet Storm |
| 244549 | 4.3 | 警告 | Drupal | - | Drupal 用の Feed 要素マッパーモジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-1249 | 2012-06-26 16:10 | 2009-03-26 | Show | GitHub Exploit DB Packet Storm |
| 244550 | 7.5 | 危険 | acutecp | - | Acute Control Panel における任意の PHP コードが実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-1248 | 2012-06-26 16:10 | 2009-04-6 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 7, 2026, 4:13 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 218311 | 9.8 |
CRITICAL
Network |
aliasrobotics mobile-industrial-robotics enabled-robotics uvd-robots |
mir100_firmware mir200_firmware mir250_firmware mir500_firmware mir1000_firmware er200_firmware er-lite_firmware er-flex_firmware er-one_firmware uvd_robots_firmware |
MiR robot controllers (central computation unit) makes use of Ubuntu 16.04.2 an operating system, Thought for desktop uses, this operating system presents insecure defaults for robots. These insecuri… |
CWE-362 CWE-1188 Race Condition Insecure Default Initialization of Resource |
CVE-2020-10279 | 2024-11-21 13:55 | 2020-06-24 | Show | GitHub Exploit DB Packet Storm |
| 218312 | 4.6 |
MEDIUM
Physics |
aliasrobotics mobile-industrial-robotics enabled-robotics uvd-robots |
mir100_firmware mir200_firmware mir250_firmware mir500_firmware mir1000_firmware er200_firmware er-lite_firmware er-flex_firmware er-one_firmware uvd_robots_firmware |
The BIOS onboard MiR's Computer is not protected by password, therefore, it allows a Bad Operator to modify settings such as boot order. This can be leveraged by a Malicious operator to boot from a L… |
CWE-287
Improper Authentication |
CVE-2020-10278 | 2024-11-21 13:55 | 2020-06-24 | Show | GitHub Exploit DB Packet Storm |
| 218313 | 6.4 |
MEDIUM
Physics |
mobile-industrial-robots easyrobotics uvd-robots |
mir100_firmware mir200_firmware mir250_firmware mir500_firmware mir1000_firmware er200_firmware er-lite_firmware er-flex_firmware er-one_firmware uvd_firmware |
There is no mechanism in place to prevent a bad operator to boot from a live OS image, this can lead to extraction of sensible files (such as the shadow file) or privilege escalation by manually addi… |
NVD-CWE-Other
|
CVE-2020-10277 | 2024-11-21 13:55 | 2020-06-24 | Show | GitHub Exploit DB Packet Storm |
| 218314 | 9.8 |
CRITICAL
Network |
mobile-industrial-robots easyrobotics uvd-robots |
mir100_firmware mir200_firmware mir250_firmware mir500_firmware mir1000_firmware er200_firmware er-lite_firmware er-flex_firmware er-one_firmware uvd_firmware |
The password for the safety PLC is the default and thus easy to find (in manuals, etc.). This allows a manipulated program to be uploaded to the safety PLC, effectively disabling the emergency stop i… |
CWE-798
Use of Hard-coded Credentials |
CVE-2020-10276 | 2024-11-21 13:55 | 2020-06-24 | Show | GitHub Exploit DB Packet Storm |
| 218315 | 9.8 |
CRITICAL
Network |
mobile-industrial-robots easyrobotics uvd-robots |
mir100_firmware mir200_firmware mir250_firmware mir500_firmware mir1000_firmware er200_firmware er-lite_firmware er-flex_firmware er-one_firmware uvd_firmware |
The access tokens for the REST API are directly derived from the publicly available default credentials for the web interface. Given a USERNAME and a PASSWORD, the token string is generated directly … |
CWE-326
Inadequate Encryption Strength |
CVE-2020-10275 | 2024-11-21 13:55 | 2020-06-24 | Show | GitHub Exploit DB Packet Storm |
| 218316 | 7.1 |
HIGH
Network |
mobile-industrial-robots easyrobotics uvd-robots |
mir100_firmware mir200_firmware mir250_firmware mir500_firmware mir1000_firmware er200_firmware er-lite_firmware er-flex_firmware er-one_firmware uvd_firmware |
The access tokens for the REST API are directly derived (sha256 and base64 encoding) from the publicly available default credentials from the Control Dashboard (refer to CVE-2020-10270 for related fl… |
CWE-330
Use of Insufficiently Random Values |
CVE-2020-10274 | 2024-11-21 13:55 | 2020-06-24 | Show | GitHub Exploit DB Packet Storm |
| 218317 | 7.5 |
HIGH
Network |
aliasrobotics mobile-industrial-robotics enabled-robotics uvd-robots |
mir100_firmware mir200_firmware mir250_firmware mir500_firmware mir1000_firmware er200_firmware er-lite_firmware er-flex_firmware er-one_firmware uvd_robots_firmware |
MiR controllers across firmware versions 2.8.1.1 and before do not encrypt or protect in any way the intellectual property artifacts installed in the robots. This flaw allows attackers with access to… |
CWE-312
Cleartext Storage of Sensitive Information |
CVE-2020-10273 | 2024-11-21 13:55 | 2020-06-24 | Show | GitHub Exploit DB Packet Storm |
| 218318 | 9.8 |
CRITICAL
Network |
aliasrobotics mobile-industrial-robotics enabled-robotics uvd-robots |
mir100_firmware mir200_firmware mir250_firmware mir500_firmware mir1000_firmware er200_firmware er-lite_firmware er-flex_firmware er-one_firmware uvd_robots_firmware |
MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph without any sort of authentication. This allows attackers with access to the… |
CWE-306
Missing Authentication for Critical Function |
CVE-2020-10272 | 2024-11-21 13:55 | 2020-06-24 | Show | GitHub Exploit DB Packet Storm |
| 218319 | 9.8 |
CRITICAL
Network |
aliasrobotics mobile-industrial-robotics enabled-robotics uvd-robots |
mir100_firmware mir200_firmware mir250_firmware mir500_firmware mir1000_firmware er200_firmware er-lite_firmware er-flex_firmware er-one_firmware uvd_robots_firmware |
MiR100, MiR200 and other MiR robots use the Robot Operating System (ROS) default packages exposing the computational graph to all network interfaces, wireless and wired. This is the result of a bad s… |
CWE-668
Exposure of Resource to Wrong Sphere |
CVE-2020-10271 | 2024-11-21 13:55 | 2020-06-24 | Show | GitHub Exploit DB Packet Storm |
| 218320 | 9.8 |
CRITICAL
Network |
aliasrobotics mobile-industrial-robotics enabled-robotics uvd-robots |
mir100_firmware mir200_firmware mir250_firmware mir500_firmware mir1000_firmware er200_firmware er-lite_firmware er-flex_firmware er-one_firmware uvd_robots_firmware |
Out of the wired and wireless interfaces within MiR100, MiR200 and other vehicles from the MiR fleet, it's possible to access the Control Dashboard on a hardcoded IP address. Credentials to such wire… |
CWE-798
Use of Hard-coded Credentials |
CVE-2020-10270 | 2024-11-21 13:55 | 2020-06-24 | Show | GitHub Exploit DB Packet Storm |