Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 8, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 257161 | 9.3 | 危険 | ImageMagick GraphicsMagick レッドハット |
- | ImageMagick および GraphicsMagick の XMakeImage 関数における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-1882 | 2010-09-15 17:17 | 2009-06-2 | Show | GitHub Exploit DB Packet Storm |
| 257162 | 3.3 | 注意 | レッドハット | - | Firefox の SPICE プラグインにおける任意のファイルを上書きされる脆弱性 |
CWE-59
リンク解釈の問題 |
CVE-2010-2794 | 2010-09-15 17:17 | 2010-08-25 | Show | GitHub Exploit DB Packet Storm |
| 257163 | 3.3 | 注意 | レッドハット | - | Firefox の SPICE プラグインにおける重要な情報を取得される脆弱性 |
CWE-362
競合状態 |
CVE-2010-2792 | 2010-09-15 17:13 | 2010-08-25 | Show | GitHub Exploit DB Packet Storm |
| 257164 | 1.9 | 注意 | シトリックス・システムズ | - | Citrix XenServer におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-DesignError
|
CVE-2010-2619 | 2010-09-14 15:55 | 2010-06-17 | Show | GitHub Exploit DB Packet Storm |
| 257165 | 4.6 | 警告 | シトリックス・システムズ | - | Citrix XenServer における認証を回避され Xen API (XAPI) を実行される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0633 | 2010-09-14 15:54 | 2010-02-12 | Show | GitHub Exploit DB Packet Storm |
| 257166 | 4.3 | 警告 | シトリックス・システムズ | - | 複数の Citrix XenServer 製品の XenAPI HTTP インターフェイスにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2008-3253 | 2010-09-14 15:54 | 2008-07-16 | Show | GitHub Exploit DB Packet Storm |
| 257167 | 7.5 | 危険 | シトリックス・システムズ | - | Citrix XenCenterWeb の XenServer Resource Kit における PHP コードを挿入される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-3760 | 2010-09-14 15:54 | 2009-10-22 | Show | GitHub Exploit DB Packet Storm |
| 257168 | 6 | 警告 | シトリックス・システムズ | - | Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2009-3759 | 2010-09-14 15:54 | 2009-10-22 | Show | GitHub Exploit DB Packet Storm |
| 257169 | 7.5 | 危険 | シトリックス・システムズ | - | Citrix XenCenterWeb の XenServer Resource Kit における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-3758 | 2010-09-14 15:53 | 2009-10-22 | Show | GitHub Exploit DB Packet Storm |
| 257170 | 4.3 | 警告 | シトリックス・システムズ | - | Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3757 | 2010-09-14 15:53 | 2009-10-22 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 8, 2026, 4:09 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 246331 | 7.5 |
HIGH
Network |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs605_firmware sd_210_firmware sd_212_firmware sd_205_firmware … |
Clients hostname gets added to DNS record on device which is running dnsmasq resulting in an information exposure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indu… |
CWE-200
Information Exposure |
CVE-2018-13897 | 2024-11-21 12:48 | 2019-07-26 | Show | GitHub Exploit DB Packet Storm |
| 246332 | 7.8 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware msm8996au_firmware qcs404_firmware qcs605_firmware sd_410_firmware sd_412_firmware sd_636_firmware sd… |
Debug policy with invalid signature can be loaded when the debug policy functionality is disabled by using the parallel image loading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, … |
CWE-287
Improper Authentication |
CVE-2018-13927 | 2024-11-21 12:48 | 2019-07-22 | Show | GitHub Exploit DB Packet Storm |
| 246333 | 9.8 |
CRITICAL
Network |
qualcomm |
ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9625_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware
Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer…
|
CWE-787
|
Out-of-bounds Write
CVE-2018-13924
|
2024-11-21 12:48 |
2019-07-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 246334 | 7.8 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware msm8996au_firmware qcs404_firmware qcs605_firmware qualcomm_215_firmware sd_410_firmware sd_412_firmware… |
XBL_SEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBL_SEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdra… |
CWE-284
Improper Access Control |
CVE-2018-13896 | 2024-11-21 12:48 | 2019-07-22 | Show | GitHub Exploit DB Packet Storm |
| 246335 | 6.1 |
MEDIUM
Network |
digisol | dg-hr-3300_firmware | Digisol Wireless Wifi Home Router HR-3300 allows XSS via the userid or password parameter to the admin login page. |
CWE-79
Cross-site Scripting |
CVE-2018-14027 | 2024-11-21 12:48 | 2019-07-6 | Show | GitHub Exploit DB Packet Storm |
| 246336 | 7.8 |
HIGH
Local |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware qcs405_firmware qcs605_firmware sd_625_firmware sd_636_firmware sd_675_firmware sd_… |
Use-after-free vulnerability will occur if reset of the routing table encounters an invalid rule id while processing command to reset in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,… |
CWE-416
Use After Free |
CVE-2018-13919 | 2024-11-21 12:48 | 2019-06-15 | Show | GitHub Exploit DB Packet Storm |
| 246337 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware msm8996au_firmwar… |
Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Sn… |
CWE-125
Out-of-bounds Read |
CVE-2018-13911 | 2024-11-21 12:48 | 2019-06-15 | Show | GitHub Exploit DB Packet Storm |
| 246338 | 7.8 |
HIGH
Local |
qualcomm |
ipq8074_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware msm8996au_firmware qca8081_firmware qm215_firmware sd_410_firmware sd_412_firmware s… |
Out-of-Bounds access in TZ due to invalid index calculated to check against DDR in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Sna… |
CWE-125
Out-of-bounds Read |
CVE-2018-13910 | 2024-11-21 12:48 | 2019-06-15 | Show | GitHub Exploit DB Packet Storm |
| 246339 | 7.0 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware qcs605_firmware qm215_firmware sd_410_firmware sd_412_firmware sd_425_firmware sd_427_firmware sd_430… |
Metadata verification and partial hash system calls by bootloader may corrupt parallel hashing state in progress resulting in unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Co… |
CWE-362
Race Condition |
CVE-2018-13909 | 2024-11-21 12:48 | 2019-06-15 | Show | GitHub Exploit DB Packet Storm |
| 246340 | 7.8 |
HIGH
Local |
qualcomm |
ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware msm8996au_firmware qca8081_firmware qcs405_firmware<… |
Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electron… |
CWE-285
Improper Authorization |
CVE-2018-13908 | 2024-11-21 12:48 | 2019-06-15 | Show | GitHub Exploit DB Packet Storm |