Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 19, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 255951 | 9.3 | 危険 | Mozilla Foundation | - | Mozilla Firefox の Web Open Fonts Format デコーダ における整数オーバーフローの脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-1028 | 2010-04-2 14:05 | 2010-03-19 | Show | GitHub Exploit DB Packet Storm |
| 255952 | 5 | 警告 | 富士通 アクセラテクノロジ |
- | Accela BizSearch のローカル収集におけるアクセス権限に関する脆弱性 |
CWE-200
情報漏えい |
- | 2010-04-2 14:05 | 2010-03-10 | Show | GitHub Exploit DB Packet Storm |
| 255953 | 1.9 | 注意 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel における SCSI ホストの属性に任意の変更を加えられる脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3556 | 2010-04-2 14:02 | 2010-01-19 | Show | GitHub Exploit DB Packet Storm |
| 255954 | 10 | 危険 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の e1000e ドライバにおけるイーサネットフレームの処理に関する脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-4538 | 2010-04-2 14:02 | 2010-01-12 | Show | GitHub Exploit DB Packet Storm |
| 255955 | 6.6 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の poll_mode_io ファイルにおけるドライバの I/O モードを変更される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3939 | 2010-04-2 14:00 | 2009-11-16 | Show | GitHub Exploit DB Packet Storm |
| 255956 | 6.6 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel におけるドライバの動作およびログレベルを変更される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3889 | 2010-04-2 14:00 | 2009-11-16 | Show | GitHub Exploit DB Packet Storm |
| 255957 | 7.8 | 危険 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の hfs サブシステムにおけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-4020 | 2010-04-2 13:59 | 2009-12-4 | Show | GitHub Exploit DB Packet Storm |
| 255958 | 4.7 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の drivers/firewire/ohci.c におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-4138 | 2010-04-2 13:58 | 2009-12-16 | Show | GitHub Exploit DB Packet Storm |
| 255959 | 4.9 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の fuse_direct_io 関数におけるサービス運用妨害 (DoS)の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-4021 | 2010-04-2 13:58 | 2009-11-25 | Show | GitHub Exploit DB Packet Storm |
| 255960 | 4.9 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の arch/x86/ia32/ia32entry.S におけるレジスタ値を読み取られる脆弱性 |
CWE-200
情報漏えい |
CVE-2009-2910 | 2010-04-2 13:56 | 2009-10-20 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 19, 2026, 4:16 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 212441 | 8.2 |
HIGH
Local |
intel |
s2600stqr_firmware s2600stbr_firmware s2600bpsr_firmware s2600bpbr_firmware s2600bpqr_firmware s2600wftr_firmware s2600wf0r_firmware s2600wfqr_firmware |
Improper input validation in BIOS firmware for Intel(R) Server Board Families S2600ST, S2600BP and S2600WF may allow a privileged user to potentially enable escalation of privilege via local access. |
CWE-20
Improper Input Validation |
CVE-2020-12299 | 2024-11-21 13:59 | 2020-08-13 | Show | GitHub Exploit DB Packet Storm |
| 212442 | 8.2 |
HIGH
Local |
intel |
s2600cw2_firmware s2600cw2s_firmware s2600cwt_firmware s2600cwts_firmware s2600cw2r_firmware s2600cw2sr_firmware s2600cwtr_firmware s2600cwtsr_firmware s2600kp_firmware s26… |
Uninitialized pointer in BIOS firmware for Intel(R) Server Board Families S2600CW, S2600KP, S2600TP, and S2600WT may allow a privileged user to potentially enable escalation of privilege via local ac… |
CWE-824
Access of Uninitialized Pointer |
CVE-2020-12300 | 2024-11-21 13:59 | 2020-08-13 | Show | GitHub Exploit DB Packet Storm |
| 212443 | 7.8 |
HIGH
Local |
intel | distribution_of_openvino_toolkit | Incorrect permissions in the Intel(R) Distribution of OpenVINO(TM) Toolkit before version 2020.2 may allow an authenticated user to potentially enable escalation of privilege via local access. |
CWE-276
Incorrect Default Permissions |
CVE-2020-12287 | 2024-11-21 13:59 | 2020-08-13 | Show | GitHub Exploit DB Packet Storm |
| 212444 | 9.8 |
CRITICAL
Network |
stengg | vpncrypt_m10_firmware | The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows command injection via a text field, which allow full control over this module's Operating System. |
CWE-78
OS Command |
CVE-2020-12107 | 2024-11-21 13:59 | 2020-08-13 | Show | GitHub Exploit DB Packet Storm |
| 212445 | 9.8 |
CRITICAL
Network |
stengg | vpncrypt_m10_firmware | The Web portal of the WiFi module of VPNCrypt M10 2.6.5 allows unauthenticated users to send HTTP POST request to several critical Administrative functions such as, changing credentials of the Admini… |
CWE-306
Missing Authentication for Critical Function |
CVE-2020-12106 | 2024-11-21 13:59 | 2020-08-13 | Show | GitHub Exploit DB Packet Storm |
| 212446 | 7.5 |
HIGH
Network |
dovecot debian fedoraproject canonical |
dovecot debian_linux fedora ubuntu_linux |
In Dovecot before 2.3.11.3, uncontrolled recursion in submission, lmtp, and lda allows remote attackers to cause a denial of service (resource consumption) via a crafted e-mail message with deeply ne… |
CWE-674
Uncontrolled Recursion |
CVE-2020-12100 | 2024-11-21 13:59 | 2020-08-13 | Show | GitHub Exploit DB Packet Storm |
| 212447 | 7.5 |
HIGH
Network |
apache |
wicket fortress |
By crafting a special URL it is possible to make Wicket deliver unprocessed HTML templates. This would allow an attacker to see possibly sensitive information inside a HTML template that is usually r… |
CWE-552
Files or Directories Accessible to External Parties |
CVE-2020-11976 | 2024-11-21 13:59 | 2020-08-12 | Show | GitHub Exploit DB Packet Storm |
| 212448 | 7.5 |
HIGH
Network |
apache netapp canonical opensuse debian fedoraproject oracle |
http_server clustered_data_ontap ubuntu_linux leap debian_linux fedora instantis_enterprisetrack hyperion_infrastructure_technology enterprise_manager_ops_center communicat… |
Apache HTTP Server versions 2.4.20 to 2.4.43 When trace/debug was enabled for the HTTP/2 module and on certain traffic edge patterns, logging statements were made on the wrong connection, causing con… |
CWE-444
HTTP Request Smuggling |
CVE-2020-11993 | 2024-11-21 13:59 | 2020-08-8 | Show | GitHub Exploit DB Packet Storm |
| 212449 | 5.3 |
MEDIUM
Network |
apache | http_server | IP address spoofing when proxying using mod_remoteip and mod_rewrite For configurations using proxying with mod_remoteip and certain mod_rewrite rules, an attacker could spoof their IP address for lo… |
CWE-345
Insufficient Verification of Data Authenticity |
CVE-2020-11985 | 2024-11-21 13:59 | 2020-08-8 | Show | GitHub Exploit DB Packet Storm |
| 212450 | 9.8 |
CRITICAL
Network |
apache netapp canonical debian fedoraproject opensuse oracle |
http_server clustered_data_ontap ubuntu_linux debian_linux fedora leap instantis_enterprisetrack hyperion_infrastructure_technology enterprise_manager_ops_center communicat… |
Apache HTTP server 2.4.32 to 2.4.44 mod_proxy_uwsgi info disclosure and possible RCE |
CWE-120
Classic Buffer Overflow |
CVE-2020-11984 | 2024-11-21 13:59 | 2020-08-8 | Show | GitHub Exploit DB Packet Storm |