Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 8, 2026, 4 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 254281 | 9.3 | 危険 | Foxit Software Inc | - | Foxit Reader に任意のコード実行が可能な脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-1239 | 2010-04-27 16:10 | 2010-04-6 | Show | GitHub Exploit DB Packet Storm |
| 254282 | 10 | 危険 | ヒューレット・パッカード | - | Broadcom NetXtreme 管理用ファームウェアにバッファオーバーフローの脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0104 | 2010-04-27 16:09 | 2010-03-31 | Show | GitHub Exploit DB Packet Storm |
| 254283 | 6.8 | 警告 | アップル | - | AirPort Utility におけるアクセス制限を回避される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-2822 | 2010-04-27 16:09 | 2010-03-31 | Show | GitHub Exploit DB Packet Storm |
| 254284 | 9.3 | 危険 | アップル | - | Apple Safari の ColorSync における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2010-0040 | 2010-04-27 15:20 | 2010-03-15 | Show | GitHub Exploit DB Packet Storm |
| 254285 | 4 | 警告 | Squid-cache.org サイバートラスト株式会社 ターボリナックス レッドハット |
- | Squid の lib/rfc1035.c におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2010-0308 | 2010-04-27 15:20 | 2010-01-28 | Show | GitHub Exploit DB Packet Storm |
| 254286 | 6.8 | 警告 | アップル | - | Apple Mac OS X の QuickDraw Manager におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-2837 | 2010-04-27 15:20 | 2009-11-9 | Show | GitHub Exploit DB Packet Storm |
| 254287 | 5 | 警告 | Squid-cache.org サイバートラスト株式会社 ターボリナックス レッドハット |
- | Squid の strListGetItem 関数におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2009-2855 | 2010-04-27 15:19 | 2009-08-18 | Show | GitHub Exploit DB Packet Storm |
| 254288 | 4.3 | 警告 | アップル サイバートラスト株式会社 LibTIFF サン・マイクロシステムズ レッドハット |
- | libtiff の LZWDecodeCompat 関数におけるバッファアンダーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-2285 | 2010-04-27 15:19 | 2009-07-1 | Show | GitHub Exploit DB Packet Storm |
| 254289 | 4.3 | 警告 | サイバートラスト株式会社 レッドハット |
- | Red Hat および MIRACLE LINUX の sendmail におけるメール送信元を偽装される脆弱性 | - | CVE-2006-7176 | 2010-04-27 15:18 | 2007-03-27 | Show | GitHub Exploit DB Packet Storm |
| 254290 | 6.9 | 警告 | アップル | - | Windows 上で稼働する Apple iTunes のインストールパッケージにおける権限昇格の脆弱性 |
CWE-362
競合状態 |
CVE-2010-0532 | 2010-04-26 16:59 | 2010-03-31 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 8, 2026, 4:54 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 209691 | 7.8 |
HIGH
Local |
wago pepperl-fuchs emerson weidmueller |
fdtcontainer_component pactware rosemount_transmitter_interface_software dtminspector_3 fdtcontainer_application wi_manager io-link_master_firmware |
M&M Software fdtCONTAINER Component in versions below 3.5.20304.x and between 3.6 and 3.6.20304.x is vulnerable to deserialization of untrusted data in its project storage. |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-12525 | 2024-11-21 13:59 | 2021-01-23 | Show | GitHub Exploit DB Packet Storm |
| 209692 | 4.9 |
MEDIUM
Network |
pepperl-fuchs |
io-link_master_4-eip_firmware io-link_master_8-eip_firmware io-link_master_8-eip-l_firmware io-link_master_dr-8-eip_firmware io-link_master_dr-8-eip-p_firmware io-link_master_dr-8-eip-… |
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a NULL Pointer Dereference that leads to a DoS in discoveryd |
CWE-476
NULL Pointer Dereference |
CVE-2020-12514 | 2024-11-21 13:59 | 2021-01-23 | Show | GitHub Exploit DB Packet Storm |
| 209693 | 8.8 |
HIGH
Network |
pepperl-fuchs |
io-link_master_4-eip_firmware io-link_master_8-eip_firmware io-link_master_8-eip-l_firmware io-link_master_dr-8-eip_firmware io-link_master_dr-8-eip-p_firmware io-link_master_dr-8-eip-… |
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated blind OS Command Injection. |
CWE-78
OS Command |
CVE-2020-12513 | 2024-11-21 13:59 | 2021-01-23 | Show | GitHub Exploit DB Packet Storm |
| 209694 | 5.4 |
MEDIUM
Network |
pepperl-fuchs |
io-link_master_4-eip_firmware io-link_master_8-eip_firmware io-link_master_8-eip-l_firmware io-link_master_dr-8-eip_firmware io-link_master_dr-8-eip-p_firmware io-link_master_dr-8-eip-… |
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated reflected POST Cross-Site Scripting |
CWE-79
Cross-site Scripting |
CVE-2020-12512 | 2024-11-21 13:59 | 2021-01-23 | Show | GitHub Exploit DB Packet Storm |
| 209695 | 8.8 |
HIGH
Network |
pepperl-fuchs |
io-link_master_4-eip_firmware io-link_master_8-eip_firmware io-link_master_8-eip-l_firmware io-link_master_dr-8-eip_firmware io-link_master_dr-8-eip-p_firmware io-link_master_dr-8-eip-… |
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to a Cross-Site Request Forgery (CSRF) in the web interface. |
CWE-352
Origin Validation Error |
CVE-2020-12511 | 2024-11-21 13:59 | 2021-01-23 | Show | GitHub Exploit DB Packet Storm |
| 209696 | 4.3 |
MEDIUM
Network |
apache | guacamole | Apache Guacamole 1.2.0 and earlier do not consistently restrict access to connection history based on user visibility. If multiple users share access to the same connection, those users may be able t… |
CWE-276
Incorrect Default Permissions |
CVE-2020-11997 | 2024-11-21 13:59 | 2021-01-20 | Show | GitHub Exploit DB Packet Storm |
| 209697 | 9.8 |
CRITICAL
Network |
apache | dubbo | A deserialization vulnerability existed in dubbo 2.7.5 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserializati… |
CWE-502
Deserialization of Untrusted Data |
CVE-2020-11995 | 2024-11-21 13:59 | 2021-01-11 | Show | GitHub Exploit DB Packet Storm |
| 209698 | 9.8 |
CRITICAL
Network |
apache | dolphinscheduler | In DolphinScheduler 1.2.0 and 1.2.1, with mysql connectorj a remote code execution vulnerability exists when choosing mysql as database. |
NVD-CWE-noinfo
|
CVE-2020-11974 | 2024-11-21 13:59 | 2020-12-19 | Show | GitHub Exploit DB Packet Storm |
| 209699 | 6.5 |
MEDIUM
Adjacent |
phoenixcontact | plcnext_firmware | On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS a specially crafted LLDP packet may lead to a high system load in the PROFINET stack. An attacker can cause failure of system ser… |
CWE-20
Improper Input Validation |
CVE-2020-12521 | 2024-11-21 13:59 | 2020-12-18 | Show | GitHub Exploit DB Packet Storm |
| 209700 | 9.8 |
CRITICAL
Network |
phoenixcontact | plcnext_firmware | On Phoenix Contact PLCnext Control Devices versions before 2021.0 LTS an attacker can use this vulnerability i.e. to open a reverse shell with root privileges. |
CWE-269
Improper Privilege Management |
CVE-2020-12519 | 2024-11-21 13:59 | 2020-12-18 | Show | GitHub Exploit DB Packet Storm |