Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 18, 2026, 4:01 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 249251 | 4.3 | 警告 | PivotX | - | PivotX におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-0772 | 2012-03-27 18:43 | 2011-01-11 | Show | GitHub Exploit DB Packet Storm |
| 249252 | 6.8 | 警告 | JanRain | - | Janrain Engage モジュール におけるクロスサイトスクリプティングの脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-0771 | 2012-03-27 18:43 | 2011-01-19 | Show | GitHub Exploit DB Packet Storm |
| 249253 | 6.8 | 警告 | foolabs T1lib |
- | Xpdf などの製品で使用される t1lib における任意のコードを実行される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-0764 | 2012-03-27 18:43 | 2011-03-31 | Show | GitHub Exploit DB Packet Storm |
| 249254 | 5 | 警告 | The Perl Foundation | - | Perl におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-Other
その他 |
CVE-2011-0761 | 2012-03-27 18:43 | 2011-05-13 | Show | GitHub Exploit DB Packet Storm |
| 249255 | 4.3 | 警告 | adminofsystem | - | WordPress の WP Related Posts プラグインの設定スクリーンにおけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2011-0760 | 2012-03-27 18:43 | 2011-03-28 | Show | GitHub Exploit DB Packet Storm |
| 249256 | 6.8 | 警告 | blaenkdenum | - | WordPress の Recaptcha プラグインにおけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2011-0759 | 2012-03-27 18:43 | 2011-03-22 | Show | GitHub Exploit DB Packet Storm |
| 249257 | 10 | 危険 | CA Technologies | - | CA ETrust Secure Content Manager および CA Gateway Securit の eCS コンポーネントにおける サービス運用妨害 (DoS) の脆弱性 |
CWE-189
数値処理の問題 |
CVE-2011-0758 | 2012-03-27 18:43 | 2011-02-8 | Show | GitHub Exploit DB Packet Storm |
| 249258 | 5 | 警告 | Trustwave | - | Trustwave WebDefend Enterprise のアプリケーションサーバにおけるセキュリティイベントデータを読まれる脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2011-0756 | 2012-03-27 18:43 | 2011-05-4 | Show | GitHub Exploit DB Packet Storm |
| 249259 | 7.5 | 危険 | nazgul | - | nhttpd におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2011-0751 | 2012-03-27 18:43 | 2011-03-16 | Show | GitHub Exploit DB Packet Storm |
| 249260 | 6.8 | 警告 | Tincan | - | phpList におけるクロスサイトリクエストフォージェリ脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2011-0748 | 2012-03-27 18:43 | 2011-04-13 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 18, 2026, 4:12 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 197781 | 7.5 |
HIGH
Network |
rack_project debian canonical |
rack debian_linux ubuntu_linux |
A reliance on cookies without validation/integrity check security vulnerability exists in rack < 2.2.3, rack < 2.1.4 that makes it is possible for an attacker to forge a secure or host-only cookie pr… |
CWE-20
Improper Input Validation |
CVE-2020-8184 | 2024-11-21 14:38 | 2020-06-20 | Show | GitHub Exploit DB Packet Storm |
| 197782 | 7.5 |
HIGH
Network |
rubyonrails debian opensuse |
rails debian_linux leap backports_sle |
A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-8164 | 2024-11-21 14:38 | 2020-06-20 | Show | GitHub Exploit DB Packet Storm |
| 197783 | 7.5 |
HIGH
Network |
rubyonrails debian |
rails debian_linux |
A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorage's S3 adapter that allows the Content-Length of a direct file upload to be m… |
CWE-434
Unrestricted Upload of File with Dangerous Type |
CVE-2020-8162 | 2024-11-21 14:38 | 2020-06-20 | Show | GitHub Exploit DB Packet Storm |
| 197784 | 5.7 |
MEDIUM
Network |
openmicroscopy | omero.web | OMERO.web before 5.6.3 optionally allows sensitive data elements (e.g., a session key) to be passed as URL query parameters. If an attacker tricks a user into clicking a malicious link in OMERO.web, … |
CWE-200
Information Exposure |
CVE-2020-7932 | 2024-11-21 14:38 | 2020-06-18 | Show | GitHub Exploit DB Packet Storm |
| 197785 | 6.5 |
MEDIUM
Network |
open-xchange | open-xchange_appsuite | OX App Suite through 7.10.3 allows XXE attacks. |
CWE-611
XXE |
CVE-2020-8541 | 2024-11-21 14:38 | 2020-06-16 | Show | GitHub Exploit DB Packet Storm |
| 197786 | 6.7 |
MEDIUM
Local |
synaptics | smart_audio_uwp | An unquoted search path vulnerability was reported in versions prior to 1.0.83.0 of the Synaptics Smart Audio UWP app associated with the DCHU audio drivers on Lenovo platforms that could allow an ad… |
CWE-428
Unquoted Search Path or Element |
CVE-2020-8337 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 197787 | 6.8 |
MEDIUM
Physics |
lenovo |
thinkpad_e14_firmware thinkpad_e15_firmware thinkpad_r14_firmware thinkpad_s3_gen_2_firmware thinkpad_e490s_firmware thinkpad_s3_firmware thinkpad_e490_firmware thinkpad_e590_fir… |
Lenovo implemented Intel CSME Anti-rollback ARB protections on some ThinkPad models to prevent roll back of CSME Firmware in flash. |
NVD-CWE-noinfo
|
CVE-2020-8336 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 197788 | 6.8 |
MEDIUM
Physics |
lenovo |
thinkpad_t495s_firmware thinkpad_x395_firmware thinkpad_t495_firmware thinkpad_a485_firmware thinkpad_a285_firmware thinkpad_a475_firmware thinkpad_a275_firmware |
The BIOS tamper detection mechanism was not triggered in Lenovo ThinkPad T495s, X395, T495, A485, A285, A475, A275 which may allow for unauthorized access. |
CWE-754
Improper Check for Unusual or Exceptional Conditions |
CVE-2020-8334 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 197789 | 6.7 |
MEDIUM
Local |
lenovo |
330-14ast_firmware 330-15ast_firmware 330-17ast_firmware 340c-15api_firmware 340c-15ast_firmware 720s_touch-15ikb_firmware 720s-15ikb_firmware 730s-13iwl_firmware c640-iml_fir… |
A potential vulnerability in the SMI callback function used in the Legacy SD driver in some Lenovo ThinkPad, ThinkStation, and Lenovo Notebook models may allow arbitrary code execution. |
NVD-CWE-noinfo
|
CVE-2020-8323 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |
| 197790 | 6.7 |
MEDIUM
Local |
lenovo |
330-14ast_firmware 330-15ast_firmware 330-17ast_firmware 340c-15api_firmware 340c-15ast_firmware 720s_touch-15ikb_firmware 720s-15ikb_firmware 730s-13iwl_firmware c640-iml_fir… |
A potential vulnerability in the SMI callback function used in the Legacy USB driver in some Lenovo Notebook and ThinkStation models may allow arbitrary code execution. |
NVD-CWE-noinfo
|
CVE-2020-8322 | 2024-11-21 14:38 | 2020-06-10 | Show | GitHub Exploit DB Packet Storm |