Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 1, 2026, noon
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 252491 | 7.5 | 危険 | Raphael Zschorsch | - | TYPO3 用の Commenting system Backend Module における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2010-4887 | 2012-01-19 11:17 | 2010-09-2 | Show | GitHub Exploit DB Packet Storm |
| 252492 | 4.3 | 警告 | Peter Proell | - | TYPO3 用の official twitter tweet button for your page におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4886 | 2012-01-19 11:10 | 2010-09-2 | Show | GitHub Exploit DB Packet Storm |
| 252493 | 4.3 | 警告 | Peter Proell | - | TYPO3 用の XING Button におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4885 | 2012-01-19 11:09 | 2010-09-2 | Show | GitHub Exploit DB Packet Storm |
| 252494 | 7.5 | 危険 | Hinnendahl | - | Gaestebuch の guestbook/gbook.php におけるリモートファイルインクルージョンの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-4884 | 2012-01-19 11:08 | 2011-10-7 | Show | GitHub Exploit DB Packet Storm |
| 252495 | 2.6 | 注意 | MODX | - | MODx Revolution の manager/index.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4883 | 2012-01-19 11:06 | 2011-10-7 | Show | GitHub Exploit DB Packet Storm |
| 252496 | 4.3 | 警告 | Ventics | - | Auto CMS の autocms.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4882 | 2012-01-19 11:06 | 2011-10-7 | Show | GitHub Exploit DB Packet Storm |
| 252497 | 6.8 | 警告 | ApPHP | - | ApPHP Calendar の calendar.class.php におけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2010-4881 | 2012-01-19 10:33 | 2011-10-7 | Show | GitHub Exploit DB Packet Storm |
| 252498 | 4.3 | 警告 | ApPHP | - | ApPHP Calendar の calendar.class.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4880 | 2012-01-19 10:33 | 2011-10-7 | Show | GitHub Exploit DB Packet Storm |
| 252499 | 7.5 | 危険 | Hinnendahl | - | Kontakt Formular の formmailer.php における任意の PHP コードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-4878 | 2012-01-19 10:32 | 2011-10-7 | Show | GitHub Exploit DB Packet Storm |
| 252500 | 4.3 | 警告 | InsaneVisions | - | OneCMS の index.php におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2010-4877 | 2012-01-19 10:31 | 2011-10-7 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 1, 2026, 4:12 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 246661 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware sd210_firmware sd212_firmware sd205_firmware sd425_firmware sd427_firmware sd430_… |
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 625, SD 650/52, SD 820, SD 820A, S… |
CWE-20
Improper Input Validation |
CVE-2018-11287 | 2024-11-21 12:43 | 2018-09-20 | Show | GitHub Exploit DB Packet Storm |
| 246662 | 7.8 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware sd210_firmware sd212_firmware sd205_firmware sd425_firmware sd427_firmware sd430_… |
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9650, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, SD 615/16/SD 415, SD 625, SD 650/52, … |
CWE-125
Out-of-bounds Read |
CVE-2018-11285 | 2024-11-21 12:43 | 2018-09-20 | Show | GitHub Exploit DB Packet Storm |
| 246663 | 7.8 |
HIGH
Local |
qualcomm |
msm8909w_firmware msm8996au_firmware sd210_firmware sd212_firmware sd205_firmware sd430_firmware sd450_firmware sd615_firmware sd616_firmware sd415_firmware sd617_firmwa… |
In Snapdragon (Automobile, Mobile, Wear) in version MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 430, SD 450, SD 615/16/SD 415, SD 617, SD 625, SD 650/52, SD 810, SD 820, SD 820A, SD 835, SD 845, SD… |
CWE-732
Incorrect Permission Assignment for Critical Resource |
CVE-2018-11277 | 2024-11-21 12:43 | 2018-09-20 | Show | GitHub Exploit DB Packet Storm |
| 246664 | 7.8 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9635m_firmware mdm9640_firmware mdm9645_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware msm8996au_firmware sd210_firmware<… |
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, … |
CWE-129
Improper Validation of Array Index |
CVE-2018-11269 | 2024-11-21 12:43 | 2018-09-20 | Show | GitHub Exploit DB Packet Storm |
| 246665 | 7.8 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9635m_firmware mdm9640_firmware mdm9645_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware msm8996au_firmware sd210_firmware<… |
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9635M, MDM9640, MDM9645, MDM9650, MDM9655, MSM8909W, MSM8996AU, SD 210/SD 212/SD 205, SD 425, SD 427, SD 430, SD 435, SD 450, … |
CWE-129
Improper Validation of Array Index |
CVE-2018-11268 | 2024-11-21 12:43 | 2018-09-20 | Show | GitHub Exploit DB Packet Storm |
| 246666 | 7.8 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware msm8996au_firmware sd210_firmware sd212_firmware sd205_firmware sd4… |
In Snapdragon (Automobile, Mobile, Wear) in version MDM9206, MDM9607, MDM9615, MDM9640, MDM9650, MDM9655, MSM8996AU, SD 210/SD 212/SD 205, SD 410/12, SD 425, SD 427, SD 430, SD 435, SD 450, SD 600, S… |
CWE-129
Improper Validation of Array Index |
CVE-2018-11267 | 2024-11-21 12:43 | 2018-09-20 | Show | GitHub Exploit DB Packet Storm |
| 246667 | 5.9 |
MEDIUM
Network |
apache | tika | In Apache Tika 0.9 to 1.18, in a rare edge case where a user does not specify an extract directory on the commandline (--extract-dir=) and the input file has an embedded file with an absolute path, s… |
CWE-22
Path Traversal |
CVE-2018-11762 | 2024-11-21 12:43 | 2018-09-19 | Show | GitHub Exploit DB Packet Storm |
| 246668 | 7.5 |
HIGH
Network |
apache oracle |
tika business_process_management_suite |
In Apache Tika 0.1 to 1.18, the XML parsers were not configured to limit entity expansion. They were therefore vulnerable to an entity expansion vulnerability which can lead to a denial of service at… |
CWE-611
XXE |
CVE-2018-11761 | 2024-11-21 12:43 | 2018-09-19 | Show | GitHub Exploit DB Packet Storm |
| 246669 | 7.8 |
HIGH
Local |
android | In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check of input received from userspace before copying into buffer can lead to poten… |
CWE-20
Improper Input Validation |
CVE-2018-11302 | 2024-11-21 12:43 | 2018-09-19 | Show | GitHub Exploit DB Packet Storm | |
| 246670 | 7.8 |
HIGH
Local |
android | In all android releases (Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, lack of check on buffer length while processing debug log event from firmware can lead to a… |
CWE-191
Integer Underflow (Wrap or Wraparound) |
CVE-2018-11301 | 2024-11-21 12:43 | 2018-09-19 | Show | GitHub Exploit DB Packet Storm |