Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 6, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 254231 | 9.3 | 危険 | VMware | - | 複数の VMware 製品におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2011-3868 | 2011-10-14 09:09 | 2011-10-4 | Show | GitHub Exploit DB Packet Storm |
| 254232 | 6.8 | 警告 | Cherokee Project | - | Cherokee の Cherokee-admin におけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2011-2191 | 2011-10-14 09:03 | 2011-10-7 | Show | GitHub Exploit DB Packet Storm |
| 254233 | 2.1 | 注意 | Cherokee Project | - | Cherokee の generate_admin_password 関数における admin パスワードを推測される脆弱性 |
CWE-310
暗号の問題 |
CVE-2011-2190 | 2011-10-14 09:00 | 2011-10-7 | Show | GitHub Exploit DB Packet Storm |
| 254234 | 7.8 | 危険 | Linux | - | Linux kernel の net/core/net_namespace.c におけるサービス運用妨害 (メモリ破損) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2011-2189 | 2011-10-14 08:56 | 2011-10-10 | Show | GitHub Exploit DB Packet Storm |
| 254235 | 9.3 | 危険 | Plone Foundation Zope Foundation |
- | Plone で使用される Zope における任意のコマンドを実行される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2011-3587 | 2011-10-13 14:45 | 2011-10-4 | Show | GitHub Exploit DB Packet Storm |
| 254236 | 9.3 | 危険 | Plone Foundation | - | Plone の CMFEditions コンポーネントにおけるサブオブジェクトにアクセスされる脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2011-4030 | 2011-10-13 14:44 | 2011-10-4 | Show | GitHub Exploit DB Packet Storm |
| 254237 | 6.8 | 警告 | Sitaram Chamarty | - | gitolite の Admin Defined Commands (ADC) 機能におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2011-1572 | 2011-10-13 14:44 | 2011-10-4 | Show | GitHub Exploit DB Packet Storm |
| 254238 | 5 | 警告 | Juan Toledo | - | EtherApe の add_conversation 関数におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-Other
その他 |
CVE-2011-3369 | 2011-10-13 14:43 | 2011-09-30 | Show | GitHub Exploit DB Packet Storm |
| 254239 | 4.9 | 警告 | DAEMON Tools | - | DAEMON Tools におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-Other
その他 |
CVE-2011-3987 | 2011-10-13 12:06 | 2011-10-13 | Show | GitHub Exploit DB Packet Storm |
| 254240 | 4.3 | 警告 | Pligg | - | Pligg におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-3986 | 2011-10-13 12:05 | 2011-10-13 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 7, 2026, 4:13 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 246341 | 9.8 |
CRITICAL
Network |
phoenixcontact |
fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firm… |
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default. |
CWE-311
Missing Encryption of Sensitive Data |
CVE-2018-13992 | 2024-11-21 12:48 | 2019-05-8 | Show | GitHub Exploit DB Packet Storm |
| 246342 | 5.3 |
MEDIUM
Network |
phoenixcontact |
fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firm… |
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images. |
CWE-200
Information Exposure |
CVE-2018-13991 | 2024-11-21 12:48 | 2019-05-8 | Show | GitHub Exploit DB Packet Storm |
| 246343 | 6.1 |
MEDIUM
Network |
impresscms | impresscms | ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.php, htdocs/install/page_langselect.php, or htdocs/install/page_modcheck.php. |
CWE-79
Cross-site Scripting |
CVE-2018-13983 | 2024-11-21 12:48 | 2019-05-7 | Show | GitHub Exploit DB Packet Storm |
| 246344 | 9.8 |
CRITICAL
Network |
phoenixcontact |
fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firm… |
The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts. |
CWE-287
Improper Authentication |
CVE-2018-13990 | 2024-11-21 12:48 | 2019-05-7 | Show | GitHub Exploit DB Packet Storm |
| 246345 | 6.5 |
MEDIUM
Network |
siemens |
cp_1604_firmware cp_1616_firmware |
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated configuration web server of the affected CP devices could allow a Cross-Site Request Forgery (CSR… |
CWE-352
Origin Validation Error |
CVE-2018-13810 | 2024-11-21 12:48 | 2019-04-17 | Show | GitHub Exploit DB Packet Storm |
| 246346 | 6.1 |
MEDIUM
Network |
siemens |
cp_1604_firmware cp_1616_firmware |
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated web server of the affected CP devices could allow Cross-Site Scripting (XSS) attacks if unsuspect… |
CWE-79
Cross-site Scripting |
CVE-2018-13809 | 2024-11-21 12:48 | 2019-04-17 | Show | GitHub Exploit DB Packet Storm |
| 246347 | 9.1 |
CRITICAL
Network |
siemens |
cp_1604_firmware cp_1616_firmware |
A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Se… |
CWE-200
Information Exposure |
CVE-2018-13808 | 2024-11-21 12:48 | 2019-04-17 | Show | GitHub Exploit DB Packet Storm |
| 246348 | 7.8 |
HIGH
Local |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware qcs605_firmware qm215_firmware sd_425_firmware sd_439_firmware sd_429_firmware sd_4… |
kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Sn… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2018-13918 | 2024-11-21 12:48 | 2019-04-5 | Show | GitHub Exploit DB Packet Storm |
| 246349 | 7.5 |
HIGH
Network |
siemens |
sicam_a8000_cp-8000_firmware sicam_a8000_cp-802x_firmware sicam_a8000_cp-8050_firmware |
A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V14), SICAM A8000 CP-802X (All versions < V14), SICAM A8000 CP-8050 (All versions < V2.00). Specially crafted network packet… |
CWE-20
Improper Input Validation |
CVE-2018-13798 | 2024-11-21 12:48 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |
| 246350 | 7.8 |
HIGH
Local |
qualcomm |
snapdragon_auto_firmware snapdragon_consumer_internet_of_things_firmware snapdragon_industrial_internet_of_things_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650… |
Lack of input validation for data received from user space can lead to an out of bound array issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrago… |
CWE-119
Incorrect Access of Indexable Resource ('Range Error') |
CVE-2018-13914 | 2024-11-21 12:48 | 2019-02-26 | Show | GitHub Exploit DB Packet Storm |