Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":April 30, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 253701 | 9.3 | 危険 | マイクロソフト | - | Microsoft Windows の Indeo コーデックにおける任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-4312 | 2010-01-25 11:52 | 2009-12-8 | Show | GitHub Exploit DB Packet Storm |
| 253702 | 9.3 | 危険 | マイクロソフト | - | Microsoft Windows の Indeo コーデックにおける任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-4311 | 2010-01-25 11:52 | 2009-12-8 | Show | GitHub Exploit DB Packet Storm |
| 253703 | 9.3 | 危険 | マイクロソフト | - | Indeo コーデックに複数の脆弱性 |
CWE-119
バッファエラー |
CVE-2009-4310 | 2010-01-25 11:52 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
| 253704 | 9.3 | 危険 | マイクロソフト | - | Microsoft Windows の Windows Media Player 用の Intel Indeo41 コーデックにおけるヒープベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-4309 | 2010-01-25 11:51 | 2009-12-8 | Show | GitHub Exploit DB Packet Storm |
| 253705 | 9.3 | 危険 | マイクロソフト | - | Microsoft Windows の Indeo コーデックにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-4210 | 2010-01-25 11:51 | 2009-12-8 | Show | GitHub Exploit DB Packet Storm |
| 253706 | 5 | 警告 | アップル サイバートラスト株式会社 IPsec-Tools レッドハット |
- | Ipsec-tools の証明書検証および NAT-Traversal におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-1632 | 2010-01-25 11:48 | 2009-05-14 | Show | GitHub Exploit DB Packet Storm |
| 253707 | 4 | 警告 | PostgreSQL.org サイバートラスト株式会社 ターボリナックス サン・マイクロシステムズ レッドハット |
- | PostgreSQL のエラーメッセージの変換処理に関するサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-0922 | 2010-01-25 11:48 | 2009-03-17 | Show | GitHub Exploit DB Packet Storm |
| 253708 | 5.7 | 警告 | 日本電気 インターネットイニシアティブ ヤマハ 古河電気工業 |
- | IPv6 を実装した複数の製品にサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
- | 2010-01-25 11:47 | 2009-10-26 | Show | GitHub Exploit DB Packet Storm |
| 253709 | 9.3 | 危険 | マイクロソフト | - | 複数の Microsoft 製品のテキストコンバーターにおける整数オーバーフローの脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-2506 | 2010-01-22 10:27 | 2009-12-8 | Show | GitHub Exploit DB Packet Storm |
| 253710 | 9 | 危険 | マイクロソフト | - | Microsoft Windows の Active Directory フェデレーションサービスにおける任意のコードを実行される脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2009-2509 | 2010-01-22 10:27 | 2009-12-8 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 1, 2026, 4:54 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 249441 | 9.1 |
CRITICAL
Network |
asus |
vivobaby hivivo |
The ASUS Vivobaby application before 1.1.09 for Android has Missing SSL Certificate Validation. |
CWE-295
Improper Certificate Validation |
CVE-2017-17944 | 2024-11-21 12:19 | 2019-06-21 | Show | GitHub Exploit DB Packet Storm |
| 249442 | 9.8 |
CRITICAL
Network |
netgear | readynas_surveillance_firmware | In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $_GET['uploaddir'] is not escaped and is passed to system() through $tmp_upload_dir, leading to upgrade_handle.php?cmd=wri… |
CWE-77
Command Injection |
CVE-2017-18378 | 2024-11-21 12:19 | 2019-06-12 | Show | GitHub Exploit DB Packet Storm |
| 249443 | 9.8 |
CRITICAL
Network |
goahead | wireless_ip_camera_wificam_firmware | An issue was discovered on Wireless IP Camera (P2P) WIFICAM cameras. There is Command Injection in the set_ftp.cgi script via shell metacharacters in the pwd variable, as demonstrated by a set_ftp.cg… |
CWE-77
Command Injection |
CVE-2017-18377 | 2024-11-21 12:19 | 2019-06-12 | Show | GitHub Exploit DB Packet Storm |
| 249444 | 8.8 |
HIGH
Network |
strangebee | thehive | An improper authorization check in the User API in TheHive before 2.13.4 and 3.x before 3.3.1 allows users with read-only or read/write access to escalate their privileges to the administrator's priv… |
CWE-264
Permissions, Privileges, and Access Controls |
CVE-2017-18376 | 2024-11-21 12:19 | 2019-06-3 | Show | GitHub Exploit DB Packet Storm |
| 249445 | 8.8 |
HIGH
Network |
ampache | ampache | Ampache 3.8.3 allows PHP Object Instantiation via democratic.ajax.php and democratic.class.php. |
CWE-502
Deserialization of Untrusted Data |
CVE-2017-18375 | 2024-11-21 12:19 | 2019-05-25 | Show | GitHub Exploit DB Packet Storm |
| 249446 | 7.8 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware sd_210_firmware sd_835_firmware sd_845_firmware sd_850_firmware sd_212_firmware sd_205_firmware |
Secure camera logic allows display/secure camera controllers to access HLOS memory during secure display or camera session in Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, SD 210/S… |
NVD-CWE-noinfo
|
CVE-2017-18276 | 2024-11-21 12:19 | 2019-05-7 | Show | GitHub Exploit DB Packet Storm |
| 249447 | 7.8 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8996au_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_625_firmware sd_820_firmware sd_820a_firmware sd… |
While processing camera buffers in camera driver, a use after free condition can occur in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8996AU, SD 210/SD … |
CWE-416
Use After Free |
CVE-2017-18156 | 2024-11-21 12:19 | 2019-05-7 | Show | GitHub Exploit DB Packet Storm |
| 249448 | 7.8 |
HIGH
Local |
qualcomm |
fsm9055_firmware fsm9955_firmware ipq4019_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qca9531_firmware… |
Lack of check of buffer length before copying can lead to buffer overflow in camera module in Small Cell SoC, Snapdragon Mobile, Snapdragon Wear in FSM9055, FSM9955, IPQ4019, IPQ8064, MDM9206, MDM960… |
CWE-190
Integer Overflow or Wraparound |
CVE-2017-18279 | 2024-11-21 12:19 | 2019-05-7 | Show | GitHub Exploit DB Packet Storm |
| 249449 | 7.8 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_425_firmware sd_430_firmware sd_450_firmware sd_625_firmware sd_650… |
An integer underflow may occur due to lack of check when received data length from font_mgr_qsee_request_service is bigger than the minimal value of the segment header, which may result in a buffer o… |
CWE-191
Integer Underflow (Wrap or Wraparound) |
CVE-2017-18278 | 2024-11-21 12:19 | 2019-05-7 | Show | GitHub Exploit DB Packet Storm |
| 249450 | 5.5 |
MEDIUM
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_425_firmware sd_430_firmware sd_450_firmware sd_6… |
A new account can be inserted into simContacts service using Android command line tool in Snapdragon Automobile, Snapdragon Mobile, Snapdragon Wear in MDM9206, MDM9607, MDM9650, MSM8909W, SD 210/SD 2… |
NVD-CWE-noinfo
|
CVE-2017-18275 | 2024-11-21 12:19 | 2019-05-7 | Show | GitHub Exploit DB Packet Storm |