Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 9, 2026, noon
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 255341 | 6.8 | 警告 | シスコシステムズ | - | Cisco Video Surveillance 2500 Series IP Camera 上の組込み Web サーバにおける任意のファイルを読まれる脆弱性 |
CWE-200
情報漏えい |
CVE-2009-2046 | 2011-06-13 14:49 | 2009-06-24 | Show | GitHub Exploit DB Packet Storm |
| 255342 | 7.8 | 危険 | シスコシステムズ | - | Cisco Video Surveillance Stream Manager におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-2045 | 2011-06-13 14:47 | 2009-06-24 | Show | GitHub Exploit DB Packet Storm |
| 255343 | 7.5 | 危険 | The GIMP Team レッドハット |
- | GIMP の PSP プラグインにおけるヒープベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2010-4543 | 2011-06-13 14:44 | 2011-01-7 | Show | GitHub Exploit DB Packet Storm |
| 255344 | 6.8 | 警告 | The GIMP Team レッドハット |
- | GIMP の GFIG プラグインにおけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2010-4542 | 2011-06-13 14:43 | 2011-01-7 | Show | GitHub Exploit DB Packet Storm |
| 255345 | 9.3 | 危険 | The GIMP Team レッドハット |
- | GIMP の SPHERE DESIGNER プラグインにおけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2010-4541 | 2011-06-13 14:42 | 2011-01-7 | Show | GitHub Exploit DB Packet Storm |
| 255346 | 6.8 | 警告 | The GIMP Team レッドハット |
- | GIMP の "LIGHTING EFFECTS > LIGHT" プラグインにおけるスタックベースのバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2010-4540 | 2011-06-13 14:41 | 2011-01-7 | Show | GitHub Exploit DB Packet Storm |
| 255347 | 10 | 危険 | ISC, Inc. サイバートラスト株式会社 ターボリナックス インターネットイニシアティブ センチュリー・システムズ レッドハット |
- | ISC DHCP dhclient におけるバッファオーバーフローの脆弱性 |
CWE-119
バッファエラー |
CVE-2009-0692 | 2011-06-10 10:04 | 2009-07-15 | Show | GitHub Exploit DB Packet Storm |
| 255348 | 5 | 警告 | ISC, Inc. ターボリナックス |
- | ISC DHCP にサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2010-3616 | 2011-06-10 10:04 | 2010-12-14 | Show | GitHub Exploit DB Packet Storm |
| 255349 | 7.2 | 危険 | サイバートラスト株式会社 VMware Linux レッドハット |
- | Linux kernel の do_anonymous_page 関数における任意のコードを実行される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2010-2240 | 2011-06-10 10:03 | 2010-08-30 | Show | GitHub Exploit DB Packet Storm |
| 255350 | 7.2 | 危険 | サイバートラスト株式会社 VMware Linux レッドハット |
- | Linux kernel の gdth_read_event 関数における権限昇格の脆弱性 |
CWE-Other
その他 |
CVE-2009-3080 | 2011-06-10 10:03 | 2009-11-20 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 9, 2026, 4:16 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 246221 | 8.8 |
HIGH
Network |
mybb | trash_bin | Trash Bin plugin 1.1.3 for MyBB has cross-site scripting (XSS) via a thread subject and a cross-site request forgery (CSRF) via a post subject. |
CWE-352 CWE-79 Origin Validation Error Cross-site Scripting |
CVE-2018-14575 | 2024-11-21 12:49 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |
| 246222 | 6.1 |
MEDIUM
Network |
dnnsoftware | dotnetnuke | DNN (formerly DotNetNuke) 9.1.1 allows cross-site scripting (XSS) via XML. |
CWE-79
Cross-site Scripting |
CVE-2018-14486 | 2024-11-21 12:49 | 2019-03-22 | Show | GitHub Exploit DB Packet Storm |
| 246223 | 6.1 |
MEDIUM
Network |
hyphp | hybbs | An issue was found in HYBBS through 2016-03-08. There is an XSS vulnerablity via an article title to post.html. |
CWE-79
Cross-site Scripting |
CVE-2018-14499 | 2024-11-21 12:49 | 2019-03-8 | Show | GitHub Exploit DB Packet Storm |
| 246224 | 6.5 |
MEDIUM
Network |
mozilla libjpeg-turbo fedoraproject debian opensuse |
mozjpeg libjpeg-turbo fedora debian_linux leap |
get_8bit_row in rdbmp.c in libjpeg-turbo through 1.5.90 and MozJPEG through 3.3.1 allows attackers to cause a denial of service (heap-based buffer over-read and application crash) via a crafted 8-bit… |
CWE-125
Out-of-bounds Read |
CVE-2018-14498 | 2024-11-21 12:49 | 2019-03-8 | Show | GitHub Exploit DB Packet Storm |
| 246225 | 7.2 |
HIGH
Network |
redhat | satellite | An improper authorization flaw was found in the Smart Class feature of Foreman. An attacker can use it to change configuration of any host registered in Red Hat Satellite, independent of the organiza… |
CWE-863
Incorrect Authorization |
CVE-2018-14666 | 2024-11-21 12:49 | 2019-01-23 | Show | GitHub Exploit DB Packet Storm |
| 246226 | 5.7 |
MEDIUM
Adjacent |
redhat debian opensuse canonical |
ceph debian_linux leap enterprise_linux_server ceph_storage ubuntu_linux |
It was found Ceph versions before 13.2.4 that authenticated ceph users with read only permissions could steal dm-crypt encryption keys used in ceph disk encryption. | - | CVE-2018-14662 | 2024-11-21 12:49 | 2019-01-16 | Show | GitHub Exploit DB Packet Storm |
| 246227 | 6.1 |
MEDIUM
Network |
osclass | osclass | Osclass 3.7.4 has XSS via the query string to index.php, a different vulnerability than CVE-2014-6280. |
CWE-79
Cross-site Scripting |
CVE-2018-14481 | 2024-11-21 12:49 | 2019-01-4 | Show | GitHub Exploit DB Packet Storm |
| 246228 | 10.0 |
CRITICAL
Network |
fasterxml debian oracle redhat |
jackson-databind debian_linux primavera_unifier banking_platform jdeveloper retail_merchandising_system webcenter_portal communications_billing_and_revenue_management financia… |
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to conduct server-side request forgery (SSRF) attacks by leveraging failure to block the axis2-jaxws class from polymorphic de… |
CWE-918
Server-Side Request Forgery (SSRF) |
CVE-2018-14721 | 2024-11-21 12:49 | 2019-01-3 | Show | GitHub Exploit DB Packet Storm |
| 246229 | 9.8 |
CRITICAL
Network |
fasterxml debian oracle redhat |
jackson-databind debian_linux primavera_unifier banking_platform jdeveloper retail_merchandising_system webcenter_portal communications_billing_and_revenue_management financia… |
FasterXML jackson-databind 2.x before 2.9.7 might allow attackers to conduct external XML entity (XXE) attacks by leveraging failure to block unspecified JDK classes from polymorphic deserialization. |
CWE-611 CWE-502 XXE Deserialization of Untrusted Data |
CVE-2018-14720 | 2024-11-21 12:49 | 2019-01-3 | Show | GitHub Exploit DB Packet Storm |
| 246230 | 9.8 |
CRITICAL
Network |
fasterxml debian oracle redhat netapp |
jackson-databind debian_linux primavera_unifier primavera_p6_enterprise_project_portfolio_management database_server banking_platform jdeveloper retail_merchandising_system we… |
FasterXML jackson-databind 2.x before 2.9.7 might allow remote attackers to execute arbitrary code by leveraging failure to block the blaze-ds-opt and blaze-ds-core classes from polymorphic deseriali… |
CWE-502
Deserialization of Untrusted Data |
CVE-2018-14719 | 2024-11-21 12:49 | 2019-01-3 | Show | GitHub Exploit DB Packet Storm |