Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 31, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 252111 | 10 | 危険 | アドビシステムズ | - | Adobe Shockwave Player における任意のコードを実行される脆弱性 |
CWE-119
バッファエラー |
CVE-2012-0759 | 2012-02-16 11:05 | 2012-02-14 | Show | GitHub Exploit DB Packet Storm |
| 252112 | 10 | 危険 | アドビシステムズ | - | Adobe Shockwave Player におけるヒープベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2012-0758 | 2012-02-16 11:02 | 2012-02-14 | Show | GitHub Exploit DB Packet Storm |
| 252113 | 10 | 危険 | アドビシステムズ | - | Adobe Shockwave Player の Shockwave 3D Asset コンポーネントにおける任意のコードを実行される脆弱性 |
CWE-119
バッファエラー |
CVE-2012-0757 | 2012-02-16 11:00 | 2012-02-14 | Show | GitHub Exploit DB Packet Storm |
| 252114 | 6.4 | 警告 | 富士通 | - | Fujitsu Interstage Application Server の Interstage 管理コンソールにおける任意のファイル読込/削除の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2008-2674 | 2012-02-15 18:12 | 2008-06-10 | Show | GitHub Exploit DB Packet Storm |
| 252115 | - | - | 日本電気 PNG Development Group フェンリル株式会社 |
- | libpng における sCAL チャンクの処理に脆弱性 | - | - | 2012-02-15 16:45 | 2011-07-8 | Show | GitHub Exploit DB Packet Storm |
| 252116 | 5.8 | 警告 | Netcreators | - | TYPO3 用 Modern FAQ エクステンションにおけるオープンリダイレクトの脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-5079 | 2012-02-15 16:04 | 2012-02-14 | Show | GitHub Exploit DB Packet Storm |
| 252117 | 5 | 警告 | The PHP Group | - | PHP のタイムゾーン機能におけるサービス運用妨害 (メモリ破損) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2012-0789 | 2012-02-15 16:03 | 2012-01-10 | Show | GitHub Exploit DB Packet Storm |
| 252118 | 5 | 警告 | The PHP Group | - | PHP の PDORow 実装におけるサービス運用妨害 (アプリケーションクラッシュ) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2012-0788 | 2012-02-15 16:02 | 2012-01-10 | Show | GitHub Exploit DB Packet Storm |
| 252119 | 7.5 | 危険 | Zoho Corporation | - | ManageEngine Applications Manager における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2012-1063 | 2012-02-15 15:55 | 2012-02-14 | Show | GitHub Exploit DB Packet Storm |
| 252120 | 4.3 | 警告 | Zoho Corporation | - | ManageEngine Applications Manager におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-1062 | 2012-02-15 15:55 | 2012-02-14 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 1, 2026, 4:12 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 221571 | 5.9 |
MEDIUM
Network |
openbsd winscp canonical debian redhat fedoraproject apache freebsd fujitsu siemens |
openssh winscp ubuntu_linux debian_linux enterprise_linux enterprise_linux_eus enterprise_linux_server_tus enterprise_linux_server_aus fedora mina_sshd freebsd m10-1_… |
An issue was discovered in OpenSSH 7.9. Due to the scp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the scp client only perf… |
CWE-22
Path Traversal |
CVE-2019-6111 | 2024-11-21 13:45 | 2019-02-1 | Show | GitHub Exploit DB Packet Storm |
| 221572 | 6.8 |
MEDIUM
Network |
openbsd winscp netapp siemens |
openssh winscp element_software storage_automation_store ontap_select_deploy scalance_x204rna_firmware scalance_x204rna_eec_firmware |
In OpenSSH 7.9, due to accepting and displaying arbitrary stderr output from the server, a malicious server (or Man-in-The-Middle attacker) can manipulate the client output, for example to use ANSI c… |
CWE-838
Inappropriate Encoding for Output Context |
CVE-2019-6110 | 2024-11-21 13:45 | 2019-02-1 | Show | GitHub Exploit DB Packet Storm |
| 221573 | 6.8 |
MEDIUM
Network |
openbsd winscp canonical debian netapp fedoraproject redhat siemens fujitsu |
openssh winscp ubuntu_linux debian_linux element_software storage_automation_store ontap_select_deploy fedora enterprise_linux enterprise_linux_eus enterprise_linux_serv… |
An issue was discovered in OpenSSH 7.9. Due to missing character encoding in the progress display, a malicious server (or Man-in-The-Middle attacker) can employ crafted object names to manipulate the… |
CWE-116
Improper Encoding or Escaping of Output |
CVE-2019-6109 | 2024-11-21 13:45 | 2019-02-1 | Show | GitHub Exploit DB Packet Storm |
| 221574 | 5.5 |
MEDIUM
Local |
artifex | mupdf | Artifex MuPDF 1.14.0 has a SEGV in the function fz_load_page of the fitz/document.c file, as demonstrated by mutool. This is related to page-number mishandling in cbz/mucbz.c, cbz/muimg.c, and svg/sv… |
CWE-118
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2019-6130 | 2024-11-21 13:45 | 2019-01-11 | Show | GitHub Exploit DB Packet Storm |
| 221575 | 6.5 |
MEDIUM
Network |
libpng | libpng | png_create_info_struct in png.c in libpng 1.6.36 has a memory leak, as demonstrated by pngcp. NOTE: a third party has stated "I don't think it is libpng's job to free this buffer. |
CWE-401
Missing Release of Memory after Effective Lifetime |
CVE-2019-6129 | 2024-11-21 13:45 | 2019-01-11 | Show | GitHub Exploit DB Packet Storm |
| 221576 | 8.8 |
HIGH
Network |
libtiff canonical opensuse debian |
libtiff ubuntu_linux leap debian_linux |
The TIFFFdOpen function in tif_unix.c in LibTIFF 4.0.10 has a memory leak, as demonstrated by pal2rgb. |
CWE-401
Missing Release of Memory after Effective Lifetime |
CVE-2019-6128 | 2024-11-21 13:45 | 2019-01-11 | Show | GitHub Exploit DB Packet Storm |
| 221577 | 7.2 |
HIGH
Network |
xiaocms | xiaocms | An issue was discovered in XiaoCms 20141229. It allows admin/index.php?c=database table[] SQL injection. This can be used for PHP code execution via "INTO OUTFILE" with a .php filename. |
CWE-89
SQL Injection |
CVE-2019-6127 | 2024-11-21 13:45 | 2019-01-11 | Show | GitHub Exploit DB Packet Storm |
| 221578 | 7.5 |
HIGH
Network |
advance_peer_to_peer_mlm_script_project | advance_peer_to_peer_mlm_script | The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote attackers to bypass intended access restrictions by directly navigating to admin/dashboard.php or admin/user.p… |
CWE-425
Direct Request ('Forced Browsing') |
CVE-2019-6126 | 2024-11-21 13:45 | 2019-01-11 | Show | GitHub Exploit DB Packet Storm |
| 221579 | 9.8 |
CRITICAL
Network |
nelson-it | open_source_erp | Nelson Open Source ERP v6.3.1 allows SQL Injection via the db/utils/query/data.xml query parameter. |
CWE-89
SQL Injection |
CVE-2019-5893 | 2024-11-21 13:45 | 2019-01-11 | Show | GitHub Exploit DB Packet Storm |
| 221580 | 6.5 |
MEDIUM
Network |
frrouting | frrouting | bgpd in FRRouting FRR (aka Free Range Routing) 2.x and 3.x before 3.0.4, 4.x before 4.0.1, 5.x before 5.0.2, and 6.x before 6.0.2 (not affecting Cumulus Linux or VyOS), when ENABLE_BGP_VNC is used fo… |
CWE-436
Interpretation Conflict |
CVE-2019-5892 | 2024-11-21 13:45 | 2019-01-11 | Show | GitHub Exploit DB Packet Storm |