Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":Feb. 9, 2026, 12:59 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 222971 | 4.9 | 警告 | QNAP Systems | - | QNAP TS-239 Pro などにおける鍵を特定される脆弱性 |
CWE-310
暗号の問題 |
CVE-2009-3278 | 2012-12-20 19:28 | 2009-09-21 | Show | GitHub Exploit DB Packet Storm |
| 222972 | 5 | 警告 | xenu by | - | datavault の DataVault.Tesla/Impl/TypeSystem/AssociationHelper.cs におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-Other
その他 |
CVE-2009-3277 | 2012-12-20 19:28 | 2009-09-21 | Show | GitHub Exploit DB Packet Storm |
| 222973 | 7.5 | 危険 | thomas cuchta | - | RQMS における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-3259 | 2012-12-20 19:28 | 2009-09-18 | Show | GitHub Exploit DB Packet Storm |
| 222974 | 9 | 危険 | Vtiger | - | vtiger CRM における添付ファイルを削除される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3258 | 2012-12-20 19:28 | 2009-03-6 | Show | GitHub Exploit DB Packet Storm |
| 222975 | 6.8 | 警告 | thomas cuchta | - | RQMS における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-3255 | 2012-12-20 19:28 | 2009-09-18 | Show | GitHub Exploit DB Packet Storm |
| 222976 | 9.3 | 危険 | ultimatevideosite | - | Ultimate Player におけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-3254 | 2012-12-20 19:28 | 2009-09-18 | Show | GitHub Exploit DB Packet Storm |
| 222977 | 9.3 | 危険 | tricerasoft | - | TriceraSoft Swift Ultralite におけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-3253 | 2012-12-20 19:28 | 2009-09-18 | Show | GitHub Exploit DB Packet Storm |
| 222978 | 9 | 危険 | Vtiger | - | vtiger CRM の Compose Mail 機能における任意のコードを実行される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2009-3250 | 2012-12-20 19:28 | 2009-09-18 | Show | GitHub Exploit DB Packet Storm |
| 222979 | 7.5 | 危険 | Vtiger | - | vtiger CRM におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2009-3249 | 2012-12-20 19:28 | 2009-09-18 | Show | GitHub Exploit DB Packet Storm |
| 222980 | 6.8 | 警告 | Vtiger | - | vtiger CRM の RSS モジュールにおけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2009-3248 | 2012-12-20 19:28 | 2009-09-18 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:April 24, 2026, 4 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 1771 | 7.5 |
HIGH
Network |
openssl debian netapp fedoraproject tenable mariadb nodejs |
openssl debian_linux cloud_volumes_ontap_mediator clustered_data_ontap clustered_data_ontap_antivirus_connector santricity_smi-s_provider storagegrid a250_firmware 500f_firmwa… |
The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. Internally this function is used when parsing certificates tha… |
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop') |
CVE-2022-0778 | 2026-04-14 19:16 | 2022-03-16 | Show | GitHub Exploit DB Packet Storm |
| 1772 | 7.5 |
HIGH
Network |
openssl debian netapp fedoraproject tenable mariadb nodejs |
openssl debian_linux cloud_volumes_ontap_mediator clustered_data_ontap clustered_data_ontap_antivirus_connector santricity_smi-s_provider storagegrid a250_firmware 500f_firmwa… |
La función BN_mod_sqrt(), que calcula una raíz cuadrada modular, contiene un error que puede causar un bucle eterno para módulos no primos. Internamente, esta función es usado cuando son analizados c… |
CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop') |
CVE-2022-0778 | 2026-04-14 19:16 | 2022-03-16 | Show | GitHub Exploit DB Packet Storm |
| 1773 | 7.4 |
HIGH
Network |
openssl debian netapp mcafee tenable oracle siemens |
openssl debian_linux clustered_data_ontap clustered_data_ontap_antivirus_connector e-series_santricity_os_controller hci_management_node manageability_software_development_kit sa… |
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C… |
CWE-125
Out-of-bounds Read |
CVE-2021-3712 | 2026-04-14 19:16 | 2021-08-25 | Show | GitHub Exploit DB Packet Storm |
| 1774 | 7.4 |
HIGH
Network |
openssl debian netapp mcafee tenable oracle siemens |
openssl debian_linux clustered_data_ontap clustered_data_ontap_antivirus_connector e-series_santricity_os_controller hci_management_node manageability_software_development_kit sa… |
Las cadenas ASN.1 se representan internamente en OpenSSL como una estructura ASN1_STRING que contiene un búfer que contiene los datos de la cadena y un campo que contiene la longitud del búfer. Esto … |
CWE-125
Out-of-bounds Read |
CVE-2021-3712 | 2026-04-14 19:16 | 2021-08-25 | Show | GitHub Exploit DB Packet Storm |
| 1775 | 5.4 |
MEDIUM
Adjacent |
linux debian arista siemens |
linux_kernel debian_linux c-75_firmware o-90_firmware c-65_firmware w-68_firmware scalance_w700_ieee_802.11n_firmware scalance_w1700_ieee_802.11ac_firmware |
An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused … |
NVD-CWE-Other
|
CVE-2020-26147 | 2026-04-14 19:16 | 2021-05-12 | Show | GitHub Exploit DB Packet Storm |
| 1776 | 5.4 |
MEDIUM
Adjacent |
linux debian arista siemens |
linux_kernel debian_linux c-75_firmware o-90_firmware c-65_firmware w-68_firmware scalance_w700_ieee_802.11n_firmware scalance_w1700_ieee_802.11ac_firmware |
Se detectó un problema en el kernel de Linux versión 5.8.9. Las implementaciones de WEP, WPA, WPA2 y WPA3 reensamblan fragmentos aunque algunos de ellos se enviaron en texto plano. Esta vulnerabilida… |
NVD-CWE-Other
|
CVE-2020-26147 | 2026-04-14 19:16 | 2021-05-12 | Show | GitHub Exploit DB Packet Storm |
| 1777 | 4.3 |
MEDIUM
Network |
- | - | The Eventin – Events Calendar, Event Booking, Ticket & Registration (AI Powered) plugin for WordPress is vulnerable to unauthorized access of data due to a improper capability check on the get_item_p… |
CWE-862
Missing Authorization |
CVE-2026-4109 | 2026-04-14 18:16 | 2026-04-14 | Show | GitHub Exploit DB Packet Storm |
| 1778 | 7.8 |
HIGH
Local |
siemens |
sinec_nms user_management_component |
A vulnerability has been identified in SINEC NMS (All versions < V4.0 SP3), User Management Component (UMC) (All versions < V2.15.2.1). The affected application permits improper modification of a con… |
CWE-427
Uncontrolled Search Path Element |
CVE-2026-25656 | 2026-04-14 18:16 | 2026-02-10 | Show | GitHub Exploit DB Packet Storm |
| 1779 | 7.8 |
HIGH
Local |
siemens |
sinec_nms user_management_component |
Se ha identificado una vulnerabilidad en SINEC NMS (Todas las versiones), Componente de Gestión de Usuarios (UMC) (Todas las versiones < V2.15.2.1). La aplicación afectada permite la modificación … |
CWE-427
Uncontrolled Search Path Element |
CVE-2026-25656 | 2026-04-14 18:16 | 2026-02-10 | Show | GitHub Exploit DB Packet Storm |
| 1780 | 2.2 |
LOW
Network |
- | - | A vulnerability has been identified in Mendix OIDC SSO (Mendix 10.12 compatible) (All versions < V4.0.1), Mendix OIDC SSO (Mendix 9 compatible) (All versions < V3.3.1), Mendix OIDC SSO V4.2 (Mendix 1… |
CWE-266
Incorrect Privilege Assignment |
CVE-2025-40571 | 2026-04-14 18:16 | 2025-05-13 | Show | GitHub Exploit DB Packet Storm |