Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 18, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 205811 | 4.3 | 警告 | ヒューレット・パッカード 日本電気 Apache Software Foundation |
- | Apache Tomcat の HTTP Digest Access Authentication 実装におけるアクセス制限を回避される脆弱性 |
CWE-287
不適切な認証 |
CVE-2011-5063 | 2016-08-2 17:34 | 2012-01-14 | Show | GitHub Exploit DB Packet Storm |
| 205812 | 5 | 警告 | ヒューレット・パッカード 日本電気 Apache Software Foundation |
- | Apache Tomcat の DigestAuthenticator.java における暗号保護機構を回避される脆弱性 |
CWE-310
暗号の問題 |
CVE-2011-5064 | 2016-08-2 17:34 | 2012-01-14 | Show | GitHub Exploit DB Packet Storm |
| 205813 | 6.9 | 警告 | アップル 日本電気 Apache Software Foundation |
- | Apache HTTP Server の envvars における権限を取得される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2012-0883 | 2016-08-2 17:34 | 2012-03-2 | Show | GitHub Exploit DB Packet Storm |
| 205814 | 2.6 | 注意 | 日本電気 Apache Software Foundation アップル 富士通 オラクル 日立 |
- | Apache HTTP Server の mod_negotiation モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-2687 | 2016-08-2 17:34 | 2012-06-13 | Show | GitHub Exploit DB Packet Storm |
| 205815 | 5 | 警告 | 日本電気 日立 Apache Software Foundation オラクル |
- | Apache Tomcat におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2012-3544 | 2016-08-2 17:34 | 2012-09-6 | Show | GitHub Exploit DB Packet Storm |
| 205816 | 5.1 | 警告 | アップル 日本電気 富士通 Apache Software Foundation オラクル |
- | Apache HTTP Server の mod_rewrite モジュールにおける任意のコマンドを実行される脆弱性 |
CWE-310
暗号の問題 |
CVE-2013-1862 | 2016-08-2 17:34 | 2013-04-18 | Show | GitHub Exploit DB Packet Storm |
| 205817 | 7.5 | 危険 | 富士通 日本電気 IBM Apache Software Foundation オラクル |
- | Apache Struts の CookieInterceptor における ClassLoader を操作される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2014-0113 | 2016-08-2 17:34 | 2014-04-28 | Show | GitHub Exploit DB Packet Storm |
| 205818 | 5.8 | 警告 | 富士通 日本電気 IBM Apache Software Foundation オラクル |
- | Apache Struts の CookieInterceptor における ClassLoader を操作される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2014-0116 | 2016-08-2 17:34 | 2014-05-5 | Show | GitHub Exploit DB Packet Storm |
| 205819 | 4.3 | 警告 | アップル 日本電気 Apache Software Foundation |
- | Apache HTTP Server の mod_proxy_balancer モジュールにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-4558 | 2016-08-2 16:45 | 2013-02-18 | Show | GitHub Exploit DB Packet Storm |
| 205820 | 4.3 | 警告 | 日本電気 Apache Software Foundation アップル 富士通 オラクル 日立 |
- | Apache HTTP Server におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2012-3499 | 2016-08-2 16:45 | 2013-02-18 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 19, 2026, 4:01 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 349061 | - | secure_elements | class_5_enterprise_vulnerability_management | Secure Elements Class 5 AVR client (aka C5 EVM) before 2.8.1 allows remote attackers to read portions of process memory via a modified size for (1) EM_GET_CE_PARAMETER and (2) EM_SET_CE_PARAMETER mes… |
NVD-CWE-Other
|
CVE-2006-2708 | 2017-07-20 10:31 | 2006-06-1 | Show | GitHub Exploit DB Packet Storm | |
| 349062 | - | secure_elements | class_5_enterprise_vulnerability_management | Upgrade to version 2.8.1 |
NVD-CWE-Other
|
CVE-2006-2708 | 2017-07-20 10:31 | 2006-06-1 | Show | GitHub Exploit DB Packet Storm | |
| 349063 | - | secure_elements | class_5_enterprise_vulnerability_management | Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 do not validate the source address of a message, which allows remote attackers to (1) execute arbitrary code on a client or (2) forge messages to… |
NVD-CWE-Other
|
CVE-2006-2709 | 2017-07-20 10:31 | 2006-06-1 | Show | GitHub Exploit DB Packet Storm | |
| 349064 | - | secure_elements | class_5_enterprise_vulnerability_management | Upgrade to version 2.8.1 |
NVD-CWE-Other
|
CVE-2006-2709 | 2017-07-20 10:31 | 2006-06-1 | Show | GitHub Exploit DB Packet Storm | |
| 349065 | - | secure_elements | class_5_enterprise_vulnerability_management | Secure Elements Class 5 AVR (aka C5 EVM) before 2.8.1 uses the same invariant RSA key for all installations, which allows remote attackers with the key to decrypt communications. |
NVD-CWE-Other
|
CVE-2006-2710 | 2017-07-20 10:31 | 2006-06-1 | Show | GitHub Exploit DB Packet Storm | |
| 349066 | - | secure_elements | class_5_enterprise_vulnerability_management | Upgrade to 2.8.1 |
NVD-CWE-Other
|
CVE-2006-2710 | 2017-07-20 10:31 | 2006-06-1 | Show | GitHub Exploit DB Packet Storm | |
| 349067 | - | secure_elements | class_5_enterprise_vulnerability_management | Secure Elements Class 5 AVR (aka C5 EVM) 2.8.1 and earlier, and possibly later 2.8.x releases, uses the same initialization vector and key for each message session, which allows remote attackers to o… |
NVD-CWE-Other
|
CVE-2006-2711 | 2017-07-20 10:31 | 2006-06-1 | Show | GitHub Exploit DB Packet Storm | |
| 349068 | - | secure_elements | class_5_enterprise_vulnerability_management | Upgrade to 2.8.1 |
NVD-CWE-Other
|
CVE-2006-2711 | 2017-07-20 10:31 | 2006-06-1 | Show | GitHub Exploit DB Packet Storm | |
| 349069 | - | secure_elements | class_5_enterprise_vulnerability_management | Secure Elements Class 5 AVR (aka C5 EVM) client and server before 2.8.1 do not verify the integrity of a message digest, which allows remote attackers to modify and replay messages. |
NVD-CWE-Other
|
CVE-2006-2712 | 2017-07-20 10:31 | 2006-06-1 | Show | GitHub Exploit DB Packet Storm | |
| 349070 | - | secure_elements | class_5_enterprise_vulnerability_management | Upgrade to version 2.8.1 |
NVD-CWE-Other
|
CVE-2006-2712 | 2017-07-20 10:31 | 2006-06-1 | Show | GitHub Exploit DB Packet Storm |