Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 9, 2026, 4 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 254731 | 9.3 | 危険 | アドビシステムズ | - | Adobe Illustrator における Encapsulated PostScript ファイルの処理に関する任意のコードを実行される脆弱性 |
CWE-119
バッファエラー |
CVE-2009-4195 | 2010-01-21 11:43 | 2009-12-4 | Show | GitHub Exploit DB Packet Storm |
| 254732 | 4.4 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux Kernel の exit_notify 関数における任意のシグナルをプロセスに送信可能な脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-1337 | 2010-01-21 11:23 | 2009-04-22 | Show | GitHub Exploit DB Packet Storm |
| 254733 | 4.9 | 警告 | サイバートラスト株式会社 Linux レッドハット |
- | Linux Kernel における sendmsg 関数の呼び出しに関するサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2008-5300 | 2010-01-21 11:22 | 2008-12-1 | Show | GitHub Exploit DB Packet Storm |
| 254734 | 6.8 | 警告 | シスコシステムズ | - | 複数の SSL VPN (Web VPN) 製品においてウェブブラウザのセキュリティが迂回される問題 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-2631 | 2010-01-20 14:15 | 2009-12-1 | Show | GitHub Exploit DB Packet Storm |
| 254735 | 4.4 | 警告 | DAG レッドハット |
- | dstat における Python module の検索パスに関する権限昇格の脆弱性 |
CWE-Other
その他 |
CVE-2009-3894 | 2010-01-20 14:15 | 2009-11-29 | Show | GitHub Exploit DB Packet Storm |
| 254736 | 6.4 | 警告 | OSIsoft | - | PI Server の OSIsoft PI System におけるデータベースの情報を変更される脆弱性 |
CWE-310
暗号の問題 |
CVE-2009-0209 | 2010-01-20 14:14 | 2009-10-1 | Show | GitHub Exploit DB Packet Storm |
| 254737 | 9.3 | 危険 | サン・マイクロシステムズ freedesktop.org レッドハット サイバートラスト株式会社 Glyph & Cog, LLC |
- | Xpdf および Poppler の PSOutputDev::doImageL1Sep 関数における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-3606 | 2010-01-20 11:57 | 2009-10-15 | Show | GitHub Exploit DB Packet Storm |
| 254738 | 6.5 | 警告 | PostgreSQL.org サイバートラスト株式会社 ターボリナックス サン・マイクロシステムズ レッドハット |
- | PostgreSQL の core server コンポーネントにおける権限昇格の脆弱性 |
CWE-264
認可・権限・アクセス制御 |
CVE-2009-3230 | 2010-01-19 15:49 | 2009-09-17 | Show | GitHub Exploit DB Packet Storm |
| 254739 | 7.5 | 危険 | アップル サイバートラスト株式会社 Python Software Foundation サン・マイクロシステムズ レッドハット |
- | Python における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2008-2315 | 2010-01-19 15:48 | 2008-08-1 | Show | GitHub Exploit DB Packet Storm |
| 254740 | 7.5 | 危険 | アップル サイバートラスト株式会社 Python Software Foundation サン・マイクロシステムズ レッドハット |
- | Python の zlib 拡張モジュールにおける任意のコードを実行される脆弱性 |
CWE-189
数値処理の問題 |
CVE-2008-1721 | 2010-01-19 15:48 | 2008-04-10 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 9, 2026, 5:07 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 306521 | 7.5 |
HIGH
Network |
toshibatec sharp |
e-studio1058_firmware e-studio1208_firmware e-studio908_firmware bp-90c70_firmware bp-90c80_firmware bp-70c65_firmware bp-70c55_firmware bp-70c45_firmware bp-70c36_firmware
Sharp and Toshiba Tec MFPs provide the web page to download data, where query parameters in HTTP requests are improperly processed and resulting in an Out-of-bounds Read vulnerability.
Crafted HTTP …
|
CWE-125
|
Out-of-bounds Read
CVE-2024-45829
|
2024-11-6 04:38 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 306522 | 5.3 |
MEDIUM
Network |
toshibatec sharp |
e-studio1058_firmware e-studio1208_firmware e-studio908_firmware bp-90c70_firmware bp-90c80_firmware bp-70c65_firmware bp-70c55_firmware bp-70c45_firmware bp-70c36_firmware
Sharp and Toshiba Tec MFPs improperly process URI data in HTTP PUT requests resulting in a path Traversal vulnerability.
Unintended internal files may be retrieved when processing crafted HTTP reque…
|
CWE-22
|
Path Traversal
CVE-2024-45842
|
2024-11-6 04:37 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 306523 | - | - | - | The Elliptic package 6.5.7 for Node.js, in its for ECDSA implementation, does not correctly verify valid signatures if the hash contains at least four leading 0 bytes and when the order of the ellipt… | - | CVE-2024-48948 | 2024-11-6 04:36 | 2024-10-15 | Show | GitHub Exploit DB Packet Storm | |
| 306524 | - | - | - | The Photo Gallery by 10Web WordPress plugin before 1.8.28 does not properly sanitise and escape some of its Gallery settings, which could allow high privilege users such as admin to perform Stored C… | - | CVE-2024-5968 | 2024-11-6 04:36 | 2024-10-9 | Show | GitHub Exploit DB Packet Storm | |
| 306525 | 9.8 |
CRITICAL
Network |
toshibatec sharp |
e-studio1058_firmware e-studio1208_firmware e-studio908_firmware bp-90c70_firmware bp-90c80_firmware bp-70c65_firmware bp-70c55_firmware bp-70c45_firmware bp-70c36_firmware
Sharp and Toshiba Tec MFPs improperly process HTTP authentication requests, resulting in an authentication bypass vulnerability.
|
CWE-306
|
Missing Authentication for Critical Function
CVE-2024-47406
|
2024-11-6 04:36 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 306526 | 8.1 |
HIGH
Network |
toshibatec sharp |
e-studio1058_firmware e-studio1208_firmware e-studio908_firmware bp-90c70_firmware bp-90c80_firmware bp-70c65_firmware bp-70c55_firmware bp-70c45_firmware bp-70c36_firmware
Sharp and Toshiba Tec MFPs provide configuration related APIs. They are expected to be called by administrative users only, but insufficiently restricted.
A non-administrative user may execute some …
|
NVD-CWE-Other
|
CVE-2024-47005
|
2024-11-6 04:36 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 306527 | 4.8 |
MEDIUM
Network |
toshibatec sharp |
e-studio1058_firmware e-studio1208_firmware e-studio908_firmware bp-90c70_firmware bp-90c80_firmware bp-70c65_firmware bp-70c55_firmware bp-70c45_firmware bp-70c36_firmware
Sharp and Toshiba Tec MFPs improperly validate input data in URI data registration, resulting in a stored cross-site scripting vulnerability.
If crafted input is stored by an administrative user, ma…
|
CWE-79
|
Cross-site Scripting
CVE-2024-48870
|
2024-11-6 04:34 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 306528 | 6.1 |
MEDIUM
Network |
toshibatec sharp |
e-studio1058_firmware e-studio1208_firmware e-studio908_firmware bp-90c70_firmware bp-90c80_firmware bp-70c65_firmware bp-70c55_firmware bp-70c45_firmware bp-70c36_firmware
Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability.
Accessing a crafted URL which points to an affected prod…
|
CWE-79
|
Cross-site Scripting
CVE-2024-47801
|
2024-11-6 04:34 |
2024-10-25 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 306529 | 8.8 |
HIGH
Network |
draytek | vigor3900_firmware | In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the modifyrow function. |
CWE-78
OS Command |
CVE-2024-51248 | 2024-11-6 04:28 | 2024-11-2 | Show | GitHub Exploit DB Packet Storm |
| 306530 | 8.8 |
HIGH
Network |
draytek | vigor3900_firmware | In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the doPPPo function. |
CWE-78
OS Command |
CVE-2024-51247 | 2024-11-6 04:28 | 2024-11-2 | Show | GitHub Exploit DB Packet Storm |