|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
Update Date":July 1, 2026, 6 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 258031 | 5 | 警告 | NetSaro | - | NetSaro Enterprise Messenger Server におけるアプリケーションのソースコードを読まれる脆弱性 |
CWE-200
情報漏えい |
CVE-2011-3694 | 2011-10-4 10:28 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 258032 | 1.9 | 注意 | NetSaro | - | NetSaro Enterprise Messenger Server における平文のサーバ資格情報を発見される脆弱性 |
CWE-310
暗号の問題 |
CVE-2011-3693 | 2011-10-4 10:25 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 258033 | 1.9 | 注意 | NetSaro | - | NetSaro Enterprise Messenger Server における重要な情報を取得される脆弱性 |
CWE-310
暗号の問題 |
CVE-2011-3692 | 2011-10-4 10:06 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 258034 | 6.9 | 警告 | Foxit Software Inc | - | Foxit Reader における権限を取得される脆弱性 |
CWE-Other
その他 |
CVE-2011-3691 | 2011-10-4 10:01 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 258035 | 6.9 | 警告 | PlotSoft L.L.C. | - | PlotSoft PDFill PDF Editor における権限を取得される脆弱性 |
CWE-Other
その他 |
CVE-2011-3690 | 2011-10-4 10:00 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 258036 | 7.5 | 危険 | Sonexis Technology, Inc. | - | Sonexis ConferenceManager における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2011-3688 | 2011-10-4 09:45 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 258037 | 4.3 | 警告 | Sonexis Technology, Inc. | - | Sonexis ConferenceManager におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-3687 | 2011-10-3 14:56 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 258038 | 4.3 | 警告 | Sonexis Technology, Inc. | - | Sonexis ConferenceManager の myAddressBook.asp におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-3686 | 2011-10-3 14:55 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 258039 | 1.9 | 注意 | Tembria | - | Tembria Server Monitor における重要な情報を取得される脆弱性 |
CWE-310
暗号の問題 |
CVE-2011-3685 | 2011-10-3 14:54 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
| 258040 | 4.3 | 警告 | Tembria | - | Tembria Server Monitor におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2011-3684 | 2011-10-3 14:52 | 2011-09-27 | Show | GitHub Exploit DB Packet Storm |
Update Date:July 1, 2026, 4:27 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 249741 | 5.3 |
MEDIUM
Network |
versa-networks | versa_director | In Versa Director, the un-authentication request found. |
CWE-287
Improper Authentication |
CVE-2018-16496 | 2024-11-21 12:52 | 2021-05-27 | Show | GitHub Exploit DB Packet Storm |
| 249742 | 8.8 |
HIGH
Network |
versa-networks | versa_operating_system | In VOS user session identifier (authentication token) is issued to the browser prior to authentication but is not changed after the user successfully logs into the application. Failing to issue a new… |
CWE-384
Session Fixation |
CVE-2018-16495 | 2024-11-21 12:52 | 2021-05-27 | Show | GitHub Exploit DB Packet Storm |
| 249743 | 8.8 |
HIGH
Network |
versa-networks | versa_operating_system | In VOS and overly permissive "umask" may allow for authorized users of the server to gain unauthorized access through insecure file permissions that can result in an arbitrary read, write, or executi… |
CWE-668
Exposure of Resource to Wrong Sphere |
CVE-2018-16494 | 2024-11-21 12:52 | 2021-05-27 | Show | GitHub Exploit DB Packet Storm |
| 249744 | 5.4 |
MEDIUM
Network |
solarwinds | database_performance_analyzer | SolarWinds Database Performance Analyzer (DPA) 11.1.468 and 12.0.3074 have several persistent XSS vulnerabilities, related to logViewer.iwc, centralManage.cen, userAdministration.iwc, database.iwc, a… |
CWE-79
Cross-site Scripting |
CVE-2018-16243 | 2024-11-21 12:52 | 2020-12-16 | Show | GitHub Exploit DB Packet Storm |
| 249745 | 9.8 |
CRITICAL
Network |
pbootcms | pbootcms | An issue was discovered in PbootCMS. There is a SQL injection via the api.php/Cms/search order parameter. |
CWE-89
SQL Injection |
CVE-2018-16357 | 2024-11-21 12:52 | 2020-03-3 | Show | GitHub Exploit DB Packet Storm |
| 249746 | 9.8 |
CRITICAL
Network |
pbootcms | pbootcms | An issue was discovered in PbootCMS. There is a SQL injection via the api.php/List/index order parameter. |
CWE-89
SQL Injection |
CVE-2018-16356 | 2024-11-21 12:52 | 2020-03-3 | Show | GitHub Exploit DB Packet Storm |
| 249747 | 9.8 |
CRITICAL
Network |
samsung |
galaxy_gear_firmware gear_2_firmware gear_live_firmware gear_s_firmware gear_s2_firmware gear_s3_firmware gear_sport_firmware gear_fit_firmware gear_fit_2_firmware gear_fit… |
The wpa_supplicant system service in Samsung Galaxy Gear series allows an unprivileged process to fully control the Wi-Fi interface, due to the lack of its D-Bus security policy configurations. This … |
CWE-269
Improper Privilege Management |
CVE-2018-16272 | 2024-11-21 12:52 | 2020-01-22 | Show | GitHub Exploit DB Packet Storm |
| 249748 | 6.5 |
MEDIUM
Adjacent |
samsung |
galaxy_gear_firmware gear_2_firmware gear_live_firmware gear_s_firmware gear_s2_firmware gear_s3_firmware gear_sport_firmware gear_fit_firmware gear_fit_2_firmware gear_fit… |
The wemail_consumer_service (from the built-in application wemail) in Samsung Galaxy Gear series allows an unprivileged process to manipulate a user's mailbox, due to improper D-Bus security policy c… |
CWE-269
Improper Privilege Management |
CVE-2018-16271 | 2024-11-21 12:52 | 2020-01-22 | Show | GitHub Exploit DB Packet Storm |
| 249749 | 7.5 |
HIGH
Network |
samsung |
galaxy_gear_firmware gear_2_firmware gear_live_firmware gear_s_firmware gear_s2_firmware gear_s3_firmware gear_sport_firmware gear_fit_firmware gear_fit_2_firmware gear_fit… |
Samsung Galaxy Gear series before build RE2 includes the hcidump utility with no privilege or permission restriction. This allows an unprivileged process to dump Bluetooth HCI packets to an arbitrary… |
CWE-269
Improper Privilege Management |
CVE-2018-16270 | 2024-11-21 12:52 | 2020-01-22 | Show | GitHub Exploit DB Packet Storm |
| 249750 | 7.5 |
HIGH
Network |
samsung |
galaxy_gear_firmware gear_2_firmware gear_live_firmware gear_s_firmware gear_s2_firmware gear_s3_firmware gear_sport_firmware gear_fit_firmware gear_fit_2_firmware gear_fit… |
The wnoti system service in Samsung Galaxy Gear series allows an unprivileged process to take over the internal notification message data, due to improper D-Bus security policy configurations. This a… |
CWE-200
Information Exposure |
CVE-2018-16269 | 2024-11-21 12:52 | 2020-01-22 | Show | GitHub Exploit DB Packet Storm |