Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":May 26, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 257001 | 9.3 | 危険 | Mozilla Foundation | - | 複数の Mozilla 製品の libtheora における任意のコードを実行される脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-3389 | 2010-01-28 12:16 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
| 257002 | 9.3 | 危険 | Mozilla Foundation | - | 複数の Mozilla 製品の liboggplay における任意のコードを実行される脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-3388 | 2010-01-28 12:16 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
| 257003 | 9.3 | 危険 | Mozilla Foundation | - | 複数の Mozilla 製品の JavaScript エンジンにおける任意のコードを実行される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-3982 | 2010-01-28 12:16 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
| 257004 | 9.3 | 危険 | サイバートラスト株式会社 Mozilla Foundation レッドハット |
- | 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-3981 | 2010-01-28 12:16 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
| 257005 | 9.3 | 危険 | Mozilla Foundation | - | 複数の Mozilla 製品のブラウザエンジンにおける任意のコードを実行される脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-3980 | 2010-01-28 12:15 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
| 257006 | 10 | 危険 | アドビシステムズ | - | Adobe Flash Media Server におけるディレクトリトラバーサルの脆弱性 |
CWE-22
パス・トラバーサル |
CVE-2009-3792 | 2010-01-27 10:02 | 2009-12-18 | Show | GitHub Exploit DB Packet Storm |
| 257007 | 5 | 警告 | アドビシステムズ | - | Adobe Flash Media Server におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-noinfo
情報不足 |
CVE-2009-3791 | 2010-01-27 10:02 | 2009-12-18 | Show | GitHub Exploit DB Packet Storm |
| 257008 | 5.8 | 警告 | PostgreSQL.org ターボリナックス サン・マイクロシステムズ |
- | PostgreSQL における X.509 証明書の処理に関する任意の SSL-based PostgreSQL サーバになりすまされる脆弱性 |
CWE-310
暗号の問題 |
CVE-2009-4034 | 2010-01-26 11:48 | 2009-12-15 | Show | GitHub Exploit DB Packet Storm |
| 257009 | 7.8 | 危険 | サイバートラスト株式会社 Linux レッドハット |
- | Linux kernel の do_insn_fetch 関数におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-20
不適切な入力確認 |
CVE-2009-4031 | 2010-01-26 11:47 | 2009-11-29 | Show | GitHub Exploit DB Packet Storm |
| 257010 | 7.8 | 危険 | サイバートラスト株式会社 Linux レッドハット |
- | Linux Kernel の r8169 ドライバにおけるサービス運用妨害 (DoS) の脆弱性 |
CWE-399
リソース管理の問題 |
CVE-2009-3613 | 2010-01-26 11:38 | 2009-10-19 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:May 26, 2026, 4:05 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 247071 | 7.5 |
HIGH
Network |
siemens | simatic_logon | A vulnerability was discovered in Siemens SIMATIC Logon (All versions before V1.6) that could allow specially crafted packets sent to the SIMATIC Logon Remote Access service on port 16389/tcp to caus… |
CWE-20
Improper Input Validation |
CVE-2017-9938 | 2024-11-21 12:37 | 2017-08-8 | Show | GitHub Exploit DB Packet Storm |
| 247072 | 7.5 |
HIGH
Network |
sma |
sunny_boy_3600_firmware sunny_boy_5000_firmware sunny_tripower_core1_firmware sunny_tripower_15000tl_firmware sunny_tripower_20000tl_firmware sunny_tripower_25000tl_firmware sunny_t… |
An issue was discovered in SMA Solar Technology products. An attacker can change the plant time even when not authenticated in any way. This changes the system time, possibly affecting lockout polici… |
NVD-CWE-noinfo
|
CVE-2017-9864 | 2024-11-21 12:37 | 2017-08-6 | Show | GitHub Exploit DB Packet Storm |
| 247073 | 8.8 |
HIGH
Network |
sma |
sunny_boy_3600_firmware sunny_boy_5000_firmware sunny_tripower_core1_firmware sunny_tripower_15000tl_firmware sunny_tripower_20000tl_firmware sunny_tripower_25000tl_firmware sunny_t… |
An issue was discovered in SMA Solar Technology products. If a user simultaneously has Sunny Explorer running and visits a malicious host, cross-site request forgery can be used to change settings in… |
CWE-352
Origin Validation Error |
CVE-2017-9863 | 2024-11-21 12:37 | 2017-08-6 | Show | GitHub Exploit DB Packet Storm |
| 247074 | 7.5 |
HIGH
Network |
sma | sunny_explorer | An issue was discovered in SMA Solar Technology products. When signed into Sunny Explorer with a wrong password, it is possible to create a debug report, disclosing information regarding the applicat… |
CWE-200
Information Exposure |
CVE-2017-9862 | 2024-11-21 12:37 | 2017-08-6 | Show | GitHub Exploit DB Packet Storm |
| 247075 | 9.8 |
CRITICAL
Network |
sma |
sunny_boy_3600_firmware sunny_boy_5000_firmware sunny_tripower_core1_firmware sunny_tripower_15000tl_firmware sunny_tripower_20000tl_firmware sunny_tripower_25000tl_firmware sunny_t… |
An issue was discovered in SMA Solar Technology products. The SIP implementation does not properly use authentication with encryption: it is vulnerable to replay attacks, packet injection attacks, an… |
CWE-74
Injection |
CVE-2017-9861 | 2024-11-21 12:37 | 2017-08-6 | Show | GitHub Exploit DB Packet Storm |
| 247076 | 9.8 |
CRITICAL
Network |
sma |
sunny_boy_3600_firmware sunny_boy_5000_firmware sunny_tripower_core1_firmware sunny_tripower_15000tl_firmware sunny_tripower_20000tl_firmware sunny_tripower_25000tl_firmware sunny_t… |
An issue was discovered in SMA Solar Technology products. An attacker can use Sunny Explorer or the SMAdata2+ network protocol to update the device firmware without ever having to authenticate. If an… |
CWE-287
Improper Authentication |
CVE-2017-9860 | 2024-11-21 12:37 | 2017-08-6 | Show | GitHub Exploit DB Packet Storm |
| 247077 | 9.8 |
CRITICAL
Network |
sma |
sunny_boy_3600_firmware sunny_boy_5000_firmware sunny_tripower_core1_firmware sunny_tripower_15000tl_firmware sunny_tripower_20000tl_firmware sunny_tripower_25000tl_firmware sunny_t… |
An issue was discovered in SMA Solar Technology products. The inverters make use of a weak hashing algorithm to encrypt the password for REGISTER requests. This hashing algorithm can be cracked relat… |
CWE-327
Use of a Broken or Risky Cryptographic Algorithm |
CVE-2017-9859 | 2024-11-21 12:37 | 2017-08-6 | Show | GitHub Exploit DB Packet Storm |
| 247078 | 7.5 |
HIGH
Network |
sma |
sunny_boy_3600_firmware sunny_boy_5000_firmware sunny_tripower_core1_firmware sunny_tripower_15000tl_firmware sunny_tripower_20000tl_firmware sunny_tripower_25000tl_firmware sunny_t… |
An issue was discovered in SMA Solar Technology products. By sending crafted packets to an inverter and observing the response, active and inactive user accounts can be determined. This aids in furth… |
CWE-200
Information Exposure |
CVE-2017-9858 | 2024-11-21 12:37 | 2017-08-6 | Show | GitHub Exploit DB Packet Storm |
| 247079 | 8.1 |
HIGH
Network |
sma |
sunny_boy_3600_firmware sunny_boy_5000_firmware sunny_tripower_core1_firmware sunny_tripower_15000tl_firmware sunny_tripower_20000tl_firmware sunny_tripower_25000tl_firmware sunny_t… |
An issue was discovered in SMA Solar Technology products. The SMAdata2+ communication protocol does not properly use authentication with encryption: it is vulnerable to man in the middle, packet inje… |
CWE-287
Improper Authentication |
CVE-2017-9857 | 2024-11-21 12:37 | 2017-08-6 | Show | GitHub Exploit DB Packet Storm |
| 247080 | 9.8 |
CRITICAL
Network |
sma |
sunny_boy_3600_firmware sunny_boy_5000_firmware sunny_tripower_core1_firmware sunny_tripower_15000tl_firmware sunny_tripower_20000tl_firmware sunny_tripower_25000tl_firmware sunny_t… |
An issue was discovered in SMA Solar Technology products. Sniffed passwords from SMAdata2+ communication can be decrypted very easily. The passwords are "encrypted" using a very simple encryption alg… |
NVD-CWE-noinfo
|
CVE-2017-9856 | 2024-11-21 12:37 | 2017-08-6 | Show | GitHub Exploit DB Packet Storm |