Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 4, 2026, 4 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 249811 | 5.8 | 警告 | ヒューレット・パッカード | - | HP Onboard Administrator におけるユーザを任意の Web サイトにリダイレクトされる脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2012-0128 | 2012-04-9 09:51 | 2012-04-2 | Show | GitHub Exploit DB Packet Storm |
| 249812 | 5 | 警告 | GitHub | - | GitHub Enterprise における public_key[user_id] の値を設定される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2012-2055 | 2012-04-6 16:21 | 2012-04-4 | Show | GitHub Exploit DB Packet Storm |
| 249813 | 5 | 警告 | Redmine | - | Redmine における属性を設定される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2012-2054 | 2012-04-6 16:21 | 2012-03-6 | Show | GitHub Exploit DB Packet Storm |
| 249814 | 5 | 警告 | Spree Commerce | - | Spree のセッション Cookie ストアの実装における暗号保護メカニズムを容易に回避される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2008-7311 | 2012-04-6 16:19 | 2008-08-12 | Show | GitHub Exploit DB Packet Storm |
| 249815 | 5 | 警告 | Spree Commerce | - | Spree における Order ステートの値を設定される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2008-7310 | 2012-04-6 16:16 | 2008-09-16 | Show | GitHub Exploit DB Packet Storm |
| 249816 | 5 | 警告 | Insoshi | - | Insoshi における ForumPost user_id の値を設定される脆弱性 |
CWE-255
証明書・パスワード管理 |
CVE-2008-7309 | 2012-04-6 16:15 | 2008-09-21 | Show | GitHub Exploit DB Packet Storm |
| 249817 | 3.5 | 注意 | OpenBSD | - | OpenSSH の gss-serv.c 内の ssh_gssapi_parse_ename 関数におけるサービス運用妨害 (メモリ消費) の脆弱性 |
CWE-189
数値処理の問題 |
CVE-2011-5000 | 2012-04-6 16:00 | 2012-04-5 | Show | GitHub Exploit DB Packet Storm |
| 249818 | 7.2 | 危険 | F5 Networks | - | F5 FirePass の sudoers ファイルにおける権限を取得される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2012-2053 | 2012-04-6 15:53 | 2012-04-5 | Show | GitHub Exploit DB Packet Storm |
| 249819 | 7.5 | 危険 | F5 Networks | - | F5 FirePass の my.activation.php3 における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2012-1777 | 2012-04-6 15:43 | 2012-03-14 | Show | GitHub Exploit DB Packet Storm |
| 249820 | 9.3 | 危険 | シスコシステムズ | - | Cisco WebEx Recording Format (WRF) Player におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2012-1337 | 2012-04-6 15:41 | 2012-04-4 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 4, 2026, 4:17 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 209571 | 6.1 |
MEDIUM
Network |
bbraun |
datamodule_compactplus spacecom |
An open redirect vulnerability in the administrative interface of the B. Braun Melsungen AG SpaceCom device Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows at… | - | CVE-2020-25154 | 2024-11-21 14:17 | 2022-04-15 | Show | GitHub Exploit DB Packet Storm |
| 209572 | 8.1 |
HIGH
Network |
bbraun |
datamodule_compactplus spacecom |
A session fixation vulnerability in the B. Braun Melsungen AG SpaceCom administrative interface Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows remote attacke… | - | CVE-2020-25152 | 2024-11-21 14:17 | 2022-04-15 | Show | GitHub Exploit DB Packet Storm |
| 209573 | 8.8 |
HIGH
Network |
bbraun |
datamodule_compactplus spacecom |
A relative path traversal attack in the B. Braun Melsungen AG SpaceCom Version L81/U61 and earlier, and the Data module compactplus Versions A10 and A11 allows attackers with service user privileges … |
CWE-22
Path Traversal |
CVE-2020-25150 | 2024-11-21 14:17 | 2022-04-15 | Show | GitHub Exploit DB Packet Storm |
| 209574 | 8.8 |
HIGH
Network |
ge |
rt430_firmware rt431_firmware rt434_firmware |
A code injection vulnerability exists in one of the webpages in GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06 that could allow an authenticated remote attacke… |
CWE-94
Code Injection |
CVE-2020-25197 | 2024-11-21 14:17 | 2022-03-19 | Show | GitHub Exploit DB Packet Storm |
| 209575 | 5.3 |
MEDIUM
Network |
ge |
rt430_firmware rt431_firmware rt434_firmware |
By having access to the hard-coded cryptographic key for GE Reason RT430, RT431 & RT434 GNSS clocks in firmware versions prior to version 08A06, attackers would be able to intercept and decrypt encry… |
CWE-798
Use of Hard-coded Credentials |
CVE-2020-25193 | 2024-11-21 14:17 | 2022-03-19 | Show | GitHub Exploit DB Packet Storm |
| 209576 | 5.5 |
MEDIUM
Local |
schneider-electric rockwellautomation xylem |
easergy_t300_firmware easergy_c5_firmware micom_c264_firmware pacis_gtw_firmware saitel_dp_firmware epas_gtw_firmware saitel_dr_firmware scd2200_firmware isagraf_free_runtime<… |
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x stores the password in plaintext in a file that is in the same directory as the executable file. ISaGRAF Runtime reads the file and saves the … |
CWE-522
Insufficiently Protected Credentials |
CVE-2020-25184 | 2024-11-21 14:17 | 2022-03-19 | Show | GitHub Exploit DB Packet Storm |
| 209577 | 6.7 |
MEDIUM
Local |
schneider-electric rockwellautomation xylem |
easergy_t300_firmware easergy_c5_firmware micom_c264_firmware pacis_gtw_firmware saitel_dp_firmware epas_gtw_firmware saitel_dr_firmware scd2200_firmware isagraf_free_runtime<… |
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x searches for and loads DLLs as dynamic libraries. Uncontrolled loading of dynamic libraries could allow a local, unauthenticated attacker to e… |
CWE-427
Uncontrolled Search Path Element |
CVE-2020-25182 | 2024-11-21 14:17 | 2022-03-19 | Show | GitHub Exploit DB Packet Storm |
| 209578 | 6.5 |
MEDIUM
Network |
schneider-electric rockwellautomation xylem |
easergy_t300_firmware easergy_c5_firmware micom_c264_firmware pacis_gtw_firmware saitel_dp_firmware epas_gtw_firmware saitel_dr_firmware scd2200_firmware isagraf_free_runtime<… |
Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x includes the functionality of setting a password that is required to execute privileged commands. The password value passed to ISaGRAF Runtime… |
CWE-798
Use of Hard-coded Credentials |
CVE-2020-25180 | 2024-11-21 14:17 | 2022-03-19 | Show | GitHub Exploit DB Packet Storm |
| 209579 | 8.8 |
HIGH
Network |
schneider-electric rockwellautomation xylem |
easergy_t300_firmware easergy_c5_firmware micom_c264_firmware pacis_gtw_firmware saitel_dp_firmware epas_gtw_firmware saitel_dr_firmware scd2200_firmware isagraf_free_runtime<… |
ISaGRAF Workbench communicates with Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x using TCP/IP. This communication protocol provides various file system operations, as well as the uploadin… |
CWE-319
Cleartext Transmission of Sensitive Information |
CVE-2020-25178 | 2024-11-21 14:17 | 2022-03-19 | Show | GitHub Exploit DB Packet Storm |
| 209580 | 9.8 |
CRITICAL
Network |
schneider-electric rockwellautomation xylem |
easergy_t300_firmware easergy_c5_firmware micom_c264_firmware pacis_gtw_firmware saitel_dp_firmware epas_gtw_firmware saitel_dr_firmware scd2200_firmware isagraf_free_runtime<… |
Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system. Since the parameter pointing to th… |
CWE-22
Path Traversal |
CVE-2020-25176 | 2024-11-21 14:17 | 2022-03-19 | Show | GitHub Exploit DB Packet Storm |