Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 1, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 255591 | 4.3 | 警告 | CA Technologies | - | CA SiteMinder における J2EE アプリケーションのクロスサイトスクリプティングに対する保護を回避される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-2705 | 2010-12-27 11:19 | 2009-08-11 | Show | GitHub Exploit DB Packet Storm |
| 255592 | 4.3 | 警告 | CA Technologies | - | CA SiteMinder における J2EE アプリケーションのクロスサイトスクリプティングに対する保護を回避される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-2704 | 2010-12-27 10:47 | 2009-08-11 | Show | GitHub Exploit DB Packet Storm |
| 255593 | 10 | 危険 | CA Technologies | - | 複数の CA 製品の Data Transport Services におけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-2026 | 2010-12-27 10:45 | 2009-08-6 | Show | GitHub Exploit DB Packet Storm |
| 255594 | 5 | 警告 | CA Technologies | - | CA ARCserve Backup のメッセージエンジンにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2009-1761 | 2010-12-27 10:41 | 2009-06-15 | Show | GitHub Exploit DB Packet Storm |
| 255595 | 2.1 | 注意 | CA Technologies | - | CA Internet Security Suite の vetmonnt.sys におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2009-0682 | 2010-12-27 10:36 | 2009-08-18 | Show | GitHub Exploit DB Packet Storm |
| 255596 | 10 | 危険 | CA Technologies | - | CA Service Metric Analysis および Service Level Management の smmsnmpd サービスにおける任意のコマンドを実行される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-0043 | 2010-12-27 10:34 | 2009-01-7 | Show | GitHub Exploit DB Packet Storm |
| 255597 | 10 | 危険 | CA Technologies | - | 複数の CA 製品の Arclib library におけるウィルス検知を回避される脆弱性 |
CWE-DesignError CWE-noinfo |
CVE-2009-0042 | 2010-12-27 10:30 | 2009-01-26 | Show | GitHub Exploit DB Packet Storm |
| 255598 | 9.3 | 危険 | アドビシステムズ | - | Adobe Illustrator における任意のコードを実行される脆弱性 |
CWE-Other
その他 |
CVE-2010-3152 | 2010-12-24 16:16 | 2010-12-3 | Show | GitHub Exploit DB Packet Storm |
| 255599 | - | - | Laurent Destailleur | - | AWStats に脆弱性 | - | - | 2010-12-24 16:06 | 2010-12-1 | Show | GitHub Exploit DB Packet Storm |
| 255600 | 5 | 警告 | ISC, Inc. | - | ISC BIND named の allow-query の処理における脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2010-3615 | 2010-12-24 16:01 | 2010-12-2 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 1, 2026, 4:12 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 195081 | 7.5 |
HIGH
Network |
f5 |
big-ip_application_acceleration_manager big-ip_local_traffic_manager big-ip_advanced_web_application_firewall big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_secur… |
On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4, 13.1.x before 13.1.4, and 12.1.x before 12.1.6, when an HTTP profile is configured on a virtual server, undisclos… |
CWE-400
Uncontrolled Resource Consumption |
CVE-2021-23042 | 2024-11-21 14:51 | 2021-09-15 | Show | GitHub Exploit DB Packet Storm |
| 195082 | 6.1 |
MEDIUM
Network |
f5 |
big-ip_access_policy_manager big-ip_application_security_manager big-ip_advanced_firewall_manager big-ip_advanced_web_application_firewall big-ip_analytics big-ip_domain_name_system
On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3, 14.1.x before 14.1.4.2, 13.1.x before 13.1.4.1, and all versions of 12.1.x, a DOM based cross-site scripting (XSS) vulnerability exists…
|
CWE-79
|
Cross-site Scripting
CVE-2021-23041
|
2024-11-21 14:51 |
2021-09-14 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 195083 | 6.1 |
MEDIUM
Network |
f5 | big-ip_access_policy_manager | On version 14.1.x before 14.1.4.4 and all versions of 13.1.x, an open redirect vulnerability exists on virtual servers enabled with a BIG-IP APM access policy. This vulnerability allows an unauthenti… |
CWE-601
Open Redirect |
CVE-2021-23052 | 2024-11-21 14:51 | 2021-09-14 | Show | GitHub Exploit DB Packet Storm |
| 195084 | 5.3 |
MEDIUM
Network |
f5 |
big-ip_advanced_web_application_firewall big-ip_application_security_manager |
On version 15.1.x before 15.1.3, 14.1.x before 14.1.3.1, and 13.1.x before 13.1.3.6, when the brute force protection feature of BIG-IP Advanced WAF or BIG-IP ASM is enabled on a virtual server and th… |
CWE-770
Allocation of Resources Without Limits or Throttling |
CVE-2021-23053 | 2024-11-21 14:51 | 2021-09-14 | Show | GitHub Exploit DB Packet Storm |
| 195085 | 7.5 |
HIGH
Network |
f5 |
big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_advanced_web_application_firewall big-ip_analytics big-ip_application_acceleration_manager big-ip_application_secur… |
On BIG-IP versions 15.1.0.4 through 15.1.3, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed reque… |
NVD-CWE-noinfo
|
CVE-2021-23051 | 2024-11-21 14:51 | 2021-09-14 | Show | GitHub Exploit DB Packet Storm |
| 195086 | 7.5 |
HIGH
Network |
f5 |
big-ip_application_security_manager big-ip_advanced_web_application_firewall nginx_app_protect |
On BIG-IP Advanced WAF and BIG-IP ASM version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3 and NGINX App Protect on all versions before 3.5.0, when a cross-site request forgery (CSRF)-enabled poli… |
NVD-CWE-noinfo
|
CVE-2021-23050 | 2024-11-21 14:51 | 2021-09-14 | Show | GitHub Exploit DB Packet Storm |
| 195087 | 7.5 |
HIGH
Network |
f5 |
big-ip_access_policy_manager big-ip_application_security_manager big-ip_advanced_firewall_manager big-ip_advanced_web_application_firewall big-ip_analytics big-ip_application_accelerat… |
On BIG-IP version 16.0.x before 16.0.1.2 and 15.1.x before 15.1.3, when the iRules RESOLVER::summarize command is used on a virtual server, undisclosed requests can cause an increase in Traffic Manag… |
CWE-400
Uncontrolled Resource Consumption |
CVE-2021-23049 | 2024-11-21 14:51 | 2021-09-14 | Show | GitHub Exploit DB Packet Storm |
| 195088 | 7.5 |
HIGH
Network |
f5 |
big-ip_access_policy_manager big-ip_advanced_firewall_manager big-ip_analytics big-ip_application_acceleration_manager big-ip_application_security_manager big-ip_domain_name_system … |
On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of 12.1.x and 11.6.x, when GPRS Tunneling Protocol (GTP) iRules comm… |
NVD-CWE-noinfo
|
CVE-2021-23048 | 2024-11-21 14:51 | 2021-09-14 | Show | GitHub Exploit DB Packet Storm |
| 195089 | 6.1 |
MEDIUM
Network |
thoughtbot | clearance | This affects the package clearance before 2.5.0. The vulnerability can be possible when users are able to set the value of session[:return_to]. If the value used for return_to contains multiple leadi… |
CWE-601
Open Redirect |
CVE-2021-23435 | 2024-11-21 14:51 | 2021-09-13 | Show | GitHub Exploit DB Packet Storm |
| 195090 | 9.8 |
CRITICAL
Network |
set-value_project oracle |
set-value communications_cloud_native_core_policy |
This affects the package set-value before <2.0.1, >=3.0.0 <4.0.1. A type confusion vulnerability can lead to a bypass of CVE-2019-10747 when the user-provided keys used in the path parameter are arra… |
CWE-843
Type Confusion |
CVE-2021-23440 | 2024-11-21 14:51 | 2021-09-12 | Show | GitHub Exploit DB Packet Storm |