Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 23, 2026, 4 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 249251 | 7.5 | 危険 | Ruby on Rails project | - | Ruby on Rails の quote_table_name メソッドにおける SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2011-2930 | 2012-03-27 18:43 | 2011-08-16 | Show | GitHub Exploit DB Packet Storm |
| 249252 | 5 | 警告 | Ruby on Rails project | - | Ruby on Rails のテンプレート選択機能における任意のビューを表示される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-2929 | 2012-03-27 18:43 | 2011-08-17 | Show | GitHub Exploit DB Packet Storm |
| 249253 | 4.9 | 警告 | Linux | - | Linux kernel の befs_follow_link 関数におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-2928 | 2012-03-27 18:43 | 2011-08-29 | Show | GitHub Exploit DB Packet Storm |
| 249254 | 7.5 | 危険 | Adaptive Computing | - | Terascale Open-Source Resource におけるホストベースの認証を回避される脆弱性 |
CWE-287
不適切な認証 |
CVE-2011-2907 | 2012-03-27 18:43 | 2011-08-15 | Show | GitHub Exploit DB Packet Storm |
| 249255 | 6.8 | 警告 | rhythm | - | tcptrack におけるヒープベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2011-2903 | 2012-03-27 18:43 | 2011-09-2 | Show | GitHub Exploit DB Packet Storm |
| 249256 | 7.5 | 危険 | shttpd yaSSL valenok |
- | Mongoose などの put_dir 関数におけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2011-2900 | 2012-03-27 18:43 | 2011-08-5 | Show | GitHub Exploit DB Packet Storm |
| 249257 | 5.1 | 警告 | アップル SWI-Prolog The GIMP Team |
- | CUPS などの製品で使用される LZW デコンプレッサにおける無限ループの脆弱性 |
CWE-119
バッファエラー |
CVE-2011-2896 | 2012-03-27 18:43 | 2011-08-19 | Show | GitHub Exploit DB Packet Storm |
| 249258 | 4.3 | 警告 | IBM | - | IBM Lotus Symphony 3 の DataPilot 機能におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2011-2893 | 2012-03-27 18:43 | 2011-07-27 | Show | GitHub Exploit DB Packet Storm |
| 249259 | 4.3 | 警告 | Joomla! | - | Joomla! におけるクリックジャッキング攻撃を誘発する脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-2892 | 2012-03-27 18:43 | 2011-04-14 | Show | GitHub Exploit DB Packet Storm |
| 249260 | 5 | 警告 | Joomla! | - | Joomla! における重要な情報を取得される脆弱性 |
CWE-200
情報漏えい |
CVE-2011-2891 | 2012-03-27 18:43 | 2011-04-11 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 23, 2026, 4:08 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 212981 | 8.8 |
HIGH
Network |
intel | collaboration_suite | Insufficient control flow management in the API for the Intel(R) Collaboration Suite for WebRTC before version 4.3.1 may allow an authenticated user to potentially enable escalation of privilege via … |
NVD-CWE-Other
|
CVE-2020-12339 | 2024-11-21 13:59 | 2021-02-17 | Show | GitHub Exploit DB Packet Storm |
| 212982 | 7.8 |
HIGH
Local |
maxpcsecure | max_spyware_detector | In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validatin… |
CWE-20
Improper Input Validation |
CVE-2020-12122 | 2024-11-21 13:59 | 2021-02-6 | Show | GitHub Exploit DB Packet Storm |
| 212983 | 7.8 |
HIGH
Local |
wago pepperl-fuchs emerson weidmueller |
fdtcontainer_component pactware rosemount_transmitter_interface_software dtminspector_3 fdtcontainer_application wi_manager io-link_master_firmware |
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-12525 | 2024-11-21 13:59 | 2021-01-23 | Show | GitHub Exploit DB Packet Storm |
| 212984 | 4.9 |
MEDIUM
Network |
pepperl-fuchs |
io-link_master_4-eip_firmware io-link_master_8-eip_firmware io-link_master_8-eip-l_firmware io-link_master_dr-8-eip_firmware io-link_master_dr-8-eip-p_firmware io-link_master_dr-8-eip-… |
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd |
CWE-476
NULL Pointer Dereference |
CVE-2020-12514 | 2024-11-21 13:59 | 2021-01-23 | Show | GitHub Exploit DB Packet Storm |
| 212985 | 8.8 |
HIGH
Network |
pepperl-fuchs |
io-link_master_4-eip_firmware io-link_master_8-eip_firmware io-link_master_8-eip-l_firmware io-link_master_dr-8-eip_firmware io-link_master_dr-8-eip-p_firmware io-link_master_dr-8-eip-… |
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection. |
CWE-78
OS Command |
CVE-2020-12513 | 2024-11-21 13:59 | 2021-01-23 | Show | GitHub Exploit DB Packet Storm |
| 212986 | 5.4 |
MEDIUM
Network |
pepperl-fuchs |
io-link_master_4-eip_firmware io-link_master_8-eip_firmware io-link_master_8-eip-l_firmware io-link_master_dr-8-eip_firmware io-link_master_dr-8-eip-p_firmware io-link_master_dr-8-eip-… |
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting |
CWE-79
Cross-site Scripting |
CVE-2020-12512 | 2024-11-21 13:59 | 2021-01-23 | Show | GitHub Exploit DB Packet Storm |
| 212987 | 8.8 |
HIGH
Network |
pepperl-fuchs |
io-link_master_4-eip_firmware io-link_master_8-eip_firmware io-link_master_8-eip-l_firmware io-link_master_dr-8-eip_firmware io-link_master_dr-8-eip-p_firmware io-link_master_dr-8-eip-… |
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface. |
CWE-352
Origin Validation Error |
CVE-2020-12511 | 2024-11-21 13:59 | 2021-01-23 | Show | GitHub Exploit DB Packet Storm |
| 212988 | 4.3 |
MEDIUM
Network |
apache | guacamole | Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able t… |
CWE-276
Incorrect Default Permissions |
CVE-2020-11997 | 2024-11-21 13:59 | 2021-01-20 | Show | GitHub Exploit DB Packet Storm |
| 212989 | 9.8 |
CRITICAL
Network |
apache | dubbo | A deserialization vulnerability existed in dubbo 2.7.5 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserializati… |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-11995 | 2024-11-21 13:59 | 2021-01-11 | Show | GitHub Exploit DB Packet Storm |
| 212990 | 9.8 |
CRITICAL
Network |
apache | dolphinscheduler | In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database. |
NVD-CWE-noinfo
|
CVE-2020-11974 | 2024-11-21 13:59 | 2020-12-19 | Show | GitHub Exploit DB Packet Storm |