Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 27, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 252661 | 5.8 | 警告 | One Click Orgs | - | One Click Orgs におけるオープンリダイレクトの複数の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-4553 | 2011-12-7 16:19 | 2011-12-6 | Show | GitHub Exploit DB Packet Storm |
| 252662 | 4.3 | 警告 | One Click Orgs | - | One Click Orgs におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-4552 | 2011-12-7 16:18 | 2011-12-6 | Show | GitHub Exploit DB Packet Storm |
| 252663 | 7.5 | 危険 | osCommerce | - | osCommerce における複数のディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2011-4543 | 2011-12-6 16:33 | 2011-12-5 | Show | GitHub Exploit DB Packet Storm |
| 252664 | 7.5 | 危険 | Zabbix | - | Zabbix の popup.php における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2011-4674 | 2011-12-6 16:27 | 2011-11-24 | Show | GitHub Exploit DB Packet Storm |
| 252665 | 7.5 | 危険 | Automattic Inc. | - | WordPress 用 Jetpack プラグインにおける SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2011-4673 | 2011-12-6 16:26 | 2011-12-2 | Show | GitHub Exploit DB Packet Storm |
| 252666 | 7.5 | 危険 | Valid | - | Valid tiny-erp における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2011-4672 | 2011-12-6 16:25 | 2011-12-2 | Show | GitHub Exploit DB Packet Storm |
| 252667 | 7.5 | 危険 | AdRotate Plugin | - | WordPress 用 AdRotate プラグインにおける SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2011-4671 | 2011-12-6 16:24 | 2011-12-2 | Show | GitHub Exploit DB Packet Storm |
| 252668 | 10 | 危険 | Iron Mountain | - | Iron Mountain Connected Backup の Agent service における任意のコードを実行される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2011-2397 | 2011-12-6 16:22 | 2011-12-5 | Show | GitHub Exploit DB Packet Storm |
| 252669 | 6.4 | 警告 | Widelands | - | Widelands の io/filesystem/filesystem.cc におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2011-1932 | 2011-12-6 16:22 | 2011-12-5 | Show | GitHub Exploit DB Packet Storm |
| 252670 | 4.3 | 警告 | Etomite Project | - | Etomite におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-4264 | 2011-12-6 12:01 | 2011-12-6 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 28, 2026, 4:16 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 215281 | 6.7 |
MEDIUM
Local |
qualcomm |
apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware csra6620_firmware csra6640_firmware mdm9650_firmware pm215_firmware pm3003a_firmware pm6125_firmware … |
Resource leakage issue during dci client registration due to reference count is not decremented if dci client registration fails in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapd… |
CWE-190
Integer Overflow or Wraparound |
CVE-2020-11160 | 2024-11-21 13:56 | 2021-06-9 | Show | GitHub Exploit DB Packet Storm |
| 215282 | 9.8 |
CRITICAL
Network |
qualcomm |
aqt1000_firmware ar8031_firmware ar8035_firmware csr8811_firmware csra6620_firmware csra6640_firmware ipq5010_firmware ipq5018_firmware ipq6000_firmware ipq6005_firmware
Possible stack out of bound write might happen due to time bitmap length and bit duration fields of the attributes like NAN ranging setup attribute inside a NAN management frame are not Properly vali…
|
CWE-787 |
CWE-129 Out-of-bounds Write Improper Validation of Array Index
CVE-2020-11134
|
2024-11-21 13:56 |
2021-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 215283 | 9.1 |
CRITICAL
Network |
qualcomm |
apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware ar9380_firmware csr8811_firmware csra6620_firmware csra6640_firmware ipq4018_firmware ipq4028_firmware
Possible out of bound read while WLAN frame parsing due to lack of check for body and header length in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electronics Co…
|
CWE-125
|
Out-of-bounds Read
CVE-2020-11126
|
2024-11-21 13:56 |
2021-06-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 215284 | 7.1 |
HIGH
Network |
infinispan redhat netapp |
infinispan-server-rest data_grid oncommand_insight |
A flaw was found in Infinispan version 10, where it is possible to perform various actions that could have side effects using GET requests. This flaw allows an attacker to perform a cross-site reques… | - | CVE-2020-10771 | 2024-11-21 13:56 | 2021-06-2 | Show | GitHub Exploit DB Packet Storm |
| 215285 | 5.5 |
MEDIUM
Local |
linux | linux_kernel | A memory disclosure flaw was found in the Linux kernel's versions before 4.18.0-193.el8 in the sysctl subsystem when reading the /proc/sys/kernel/rh_features file. This flaw allows a local user to re… | - | CVE-2020-10774 | 2024-11-21 13:56 | 2021-05-28 | Show | GitHub Exploit DB Packet Storm |
| 215286 | 9.8 |
CRITICAL
Network |
qualcomm |
apq8017_firmware aqt1000_firmware ar8035_firmware csrb31024_firmware msm8917_firmware pm215_firmware pm3003a_firmware pm4125_firmware pm4250_firmware pm439_firmware pm45… |
Possible buffer overflow while updating ikev2 parameters due to lack of check of input validation for certain parameters received from the ePDG server in Snapdragon Auto, Snapdragon Compute, Snapdrag… |
CWE-129
Improper Validation of Array Index |
CVE-2020-11163 | 2024-11-21 13:56 | 2021-02-22 | Show | GitHub Exploit DB Packet Storm |
| 215287 | 6.7 |
MEDIUM
Local |
qualcomm |
aqt1000_firmware pm3003a_firmware pm456_firmware pm6125_firmware pm6150_firmware pm6150a_firmware pm6150l_firmware pm6250_firmware pm6350_firmware pm660_firmware pm660a_… |
Use after free issue in audio modules while removing and freeing objects during list iteration due to incorrect usage of macro in Snapdragon Compute, Snapdragon Industrial IOT, Snapdragon Mobile |
CWE-416
Use After Free |
CVE-2020-11147 | 2024-11-21 13:56 | 2021-02-22 | Show | GitHub Exploit DB Packet Storm |
| 215288 | 5.3 |
MEDIUM
Network |
zulip | zulip_desktop | Zulip Desktop before 5.0.0 allows attackers to perform recording via the webcam and microphone due to a missing permission request handler. |
CWE-862
Missing Authorization |
CVE-2020-10858 | 2024-11-21 13:56 | 2021-02-6 | Show | GitHub Exploit DB Packet Storm |
| 215289 | 9.8 |
CRITICAL
Network |
zulip | zulip_desktop | Zulip Desktop before 5.0.0 improperly uses shell.openExternal and shell.openItem with untrusted content, leading to remote code execution. |
NVD-CWE-noinfo
|
CVE-2020-10857 | 2024-11-21 13:56 | 2021-02-6 | Show | GitHub Exploit DB Packet Storm |
| 215290 | 7.5 |
HIGH
Network |
qualcomm |
apq8009_firmware apq8017_firmware apq8053_firmware apq8076_firmware apq8096au_firmware aqt1000_firmware ar8031_firmware ar8035_firmware ar8151_firmware ar9380_firmware c… |
Buffer over-read can happen when the buffer length received from response handlers is more than the size of the payload in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Con… |
CWE-20 CWE-125 Improper Input Validation Out-of-bounds Read |
CVE-2020-11119 | 2024-11-21 13:56 | 2021-01-21 | Show | GitHub Exploit DB Packet Storm |