Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 6, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 252261 | 6.4 | 警告 | ヒューレット・パッカード レッドハット 日立 オラクル |
- | Oracle Sun Products Suite の Oracle Communications Messaging Server コンポーネントにおける脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-3564 | 2010-12-16 15:22 | 2010-10-12 | Show | GitHub Exploit DB Packet Storm |
| 252262 | 9.3 | 危険 | アップル | - | Apple Safari の WebKit における任意のコードを実行される脆弱性 |
CWE-DesignError
|
CVE-2010-3817 | 2010-12-16 14:18 | 2010-11-22 | Show | GitHub Exploit DB Packet Storm |
| 252263 | 9.3 | 危険 | アップル | - | Apple Safari の WebKit における任意のコードを実行される脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2010-3816 | 2010-12-16 14:18 | 2010-11-22 | Show | GitHub Exploit DB Packet Storm |
| 252264 | 9.3 | 危険 | アップル | - | Apple Safari の WebKit における任意のコードを実行される脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2010-3811 | 2010-12-16 14:16 | 2010-11-22 | Show | GitHub Exploit DB Packet Storm |
| 252265 | 5 | 警告 | The PHP Group サイバートラスト株式会社 レッドハット |
- | PHP のセッションシリアライザにおける任意のセッション変数に変更される脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2010-3065 | 2010-12-15 15:28 | 2010-05-31 | Show | GitHub Exploit DB Packet Storm |
| 252266 | 5 | 警告 | 日立 | - | JP1/NETM 製品 におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
- | 2010-12-15 15:27 | 2010-07-30 | Show | GitHub Exploit DB Packet Storm |
| 252267 | 5 | 警告 | The PHP Group サイバートラスト株式会社 ターボリナックス レッドハット |
- | PHP におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2010-1917 | 2010-12-15 15:27 | 2010-05-11 | Show | GitHub Exploit DB Packet Storm |
| 252268 | 5 | 警告 | The PHP Group アップル ターボリナックス サイバートラスト株式会社 レッドハット |
- | PHP の xmlrpc 拡張におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-Other
その他 |
CVE-2010-0397 | 2010-12-15 15:27 | 2010-03-16 | Show | GitHub Exploit DB Packet Storm |
| 252269 | 6.4 | 警告 | The PHP Group サイバートラスト株式会社 レッドハット |
- | PHP の Linear Congruential Generator における値を推測される脆弱性 |
CWE-310
暗号の問題 |
CVE-2010-1128 | 2010-12-15 15:26 | 2010-03-26 | Show | GitHub Exploit DB Packet Storm |
| 252270 | 6.9 | 警告 | GNU Project 日本電気 ターボリナックス サイバートラスト株式会社 レッドハット |
- | GNU Libtool の libltdl における権限昇格の脆弱性 |
CWE-DesignError
|
CVE-2009-3736 | 2010-12-15 15:26 | 2009-11-16 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 7, 2026, 4:22 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 250631 | 7.1 |
HIGH
Local |
qualcomm |
sd_845_firmware sd_850_firmware |
A micro-core of QMP transportation may cause a macro-core to read from or write to arbitrary memory in Snapdragon Mobile in version SD 845, SD 850. |
CWE-129
Improper Validation of Array Index |
CVE-2017-18309 | 2024-11-21 12:19 | 2018-10-26 | Show | GitHub Exploit DB Packet Storm |
| 250632 | 7.8 |
HIGH
Local |
qualcomm |
mdm9607_firmware msm8909w_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_425_firmware sd_430_firmware |
Modem segments are unlocked after authentication, leaving modem segments open to all in Snapdragon Mobile, Snapdragon Wear in version MDM9607, MSM8909W, SD 210/SD 212/SD 205, SD 425, SD 430 |
NVD-CWE-noinfo
|
CVE-2017-18308 | 2024-11-21 12:19 | 2018-10-26 | Show | GitHub Exploit DB Packet Storm |
| 250633 | 7.8 |
HIGH
Local |
qualcomm |
mdm9607_firmware mdm9635m_firmware mdm9640_firmware mdm9645_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware msm8996au_firmware sd_210_firmware sd_212_firmware<… |
XPU Master privilege escalation is possible due to improper access control of unused configuration xPU ports where unused configuration ports are open in Snapdragon Automobile, Snapdragon Mobile, Sna… |
NVD-CWE-noinfo
|
CVE-2017-18311 | 2024-11-21 12:19 | 2018-10-26 | Show | GitHub Exploit DB Packet Storm |
| 250634 | 7.8 |
HIGH
Local |
qualcomm |
msm8909w_firmware msm8996au_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_410_firmware sd_412_firmware sd_425_firmware sd_427_firmware sd_430_firmware sd_4… |
ClientEnv exposes services 0-32 to HLOS in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, S… |
NVD-CWE-noinfo
|
CVE-2017-18310 | 2024-11-21 12:19 | 2018-10-26 | Show | GitHub Exploit DB Packet Storm |
| 250635 | 7.8 |
HIGH
Local |
qualcomm |
fsm9055_firmware ipq4019_firmware mdm9206_firmware mdm9607_firmware mdm9625_firmware mdm9635m_firmware mdm9640_firmware mdm9645_firmware mdm9650_firmware mdm9655_firmware
During secure boot, addition is performed on uint8 ptrs which led to overflow issue in Small Cell SoC, Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in version FSM9055, IPQ4019, MDM9206, …
|
CWE-119
|
Incorrect Access of Indexable Resource ('Range Error')
CVE-2017-18124
|
2024-11-21 12:19 |
2018-10-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 250636 | 9.8 |
CRITICAL
Network |
pippo alibaba |
pippo fastjson |
parseObject in Fastjson before 1.2.25, as used in FastjsonEngine in Pippo 1.11.0 and other products, allows remote attackers to execute arbitrary code via a crafted JSON request, as demonstrated by a… |
CWE-20
Improper Input Validation |
CVE-2017-18349 | 2024-11-21 12:19 | 2018-10-24 | Show | GitHub Exploit DB Packet Storm |
| 250637 | 7.8 |
HIGH
Local |
qualcomm |
msm8996au_firmware sd_410_firmware sd_412_firmware sd_617_firmware sd_650_firmware sd_652_firmware sd_810_firmware sd_820_firmware sd_820a_firmware |
While accessing SafeSwitch services, third party can manipulate a given device and perform unauthorized operation due to lack of checking of same state transitions in Snapdragon Automobile, Snapdrago… |
CWE-862
Missing Authorization |
CVE-2017-18312 | 2024-11-21 12:19 | 2018-10-23 | Show | GitHub Exploit DB Packet Storm |
| 250638 | 5.3 |
MEDIUM
Adjacent |
qualcomm |
msm8909w_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_410_firmware sd_412_firmware sd_615_firmware sd_616_firmware sd_415_firmware sd_617_firmware |
Under certain mode of operations, HLOS may be able get direct or indirect access through DXE channels to tamper with the authenticated WCNSS firmware stored in DDR because DXE-accessible memory is lo… |
NVD-CWE-noinfo
|
CVE-2017-18313 | 2024-11-21 12:19 | 2018-10-23 | Show | GitHub Exploit DB Packet Storm |
| 250639 | 7.0 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_835_firmware |
XBL sec mem dump system call allows complete control of EL3 by unlocking all XPUs if enable fuse is not blown in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM9650, SD 210/SD 212… |
NVD-CWE-noinfo
|
CVE-2017-18305 | 2024-11-21 12:19 | 2018-10-23 | Show | GitHub Exploit DB Packet Storm |
| 250640 | 5.5 |
MEDIUM
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_835_firmware sda660_firmware |
Secure display content could be accessed by third party trusted application after creating a fault in other trusted applications in Snapdragon Mobile, Snapdragon Wear in version MDM9206, MDM9607, MDM… |
CWE-200
Information Exposure |
CVE-2017-18300 | 2024-11-21 12:19 | 2018-10-23 | Show | GitHub Exploit DB Packet Storm |