Vulnerability Search Top
Show Search Menu
|
You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database). |
JVN Vulnerability Information
Update Date":June 17, 2026, 2:01 p.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Impact Show |
Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 258421 | 9.3 | 危険 | ImageMagick GraphicsMagick レッドハット |
- | ImageMagick および GraphicsMagick の XMakeImage 関数における整数オーバーフローの脆弱性 |
CWE-189
数値処理の問題 |
CVE-2009-1882 | 2010-09-15 17:17 | 2009-06-2 | Show | GitHub Exploit DB Packet Storm |
| 258422 | 3.3 | 注意 | レッドハット | - | Firefox の SPICE プラグインにおける任意のファイルを上書きされる脆弱性 |
CWE-59
リンク解釈の問題 |
CVE-2010-2794 | 2010-09-15 17:17 | 2010-08-25 | Show | GitHub Exploit DB Packet Storm |
| 258423 | 3.3 | 注意 | レッドハット | - | Firefox の SPICE プラグインにおける重要な情報を取得される脆弱性 |
CWE-362
競合状態 |
CVE-2010-2792 | 2010-09-15 17:13 | 2010-08-25 | Show | GitHub Exploit DB Packet Storm |
| 258424 | 1.9 | 注意 | シトリックス・システムズ | - | Citrix XenServer におけるサービス運用妨害 (DoS) の脆弱性 |
CWE-DesignError
|
CVE-2010-2619 | 2010-09-14 15:55 | 2010-06-17 | Show | GitHub Exploit DB Packet Storm |
| 258425 | 4.6 | 警告 | シトリックス・システムズ | - | Citrix XenServer における認証を回避され Xen API (XAPI) を実行される脆弱性 |
CWE-noinfo
情報不足 |
CVE-2010-0633 | 2010-09-14 15:54 | 2010-02-12 | Show | GitHub Exploit DB Packet Storm |
| 258426 | 4.3 | 警告 | シトリックス・システムズ | - | 複数の Citrix XenServer 製品の XenAPI HTTP インターフェイスにおけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2008-3253 | 2010-09-14 15:54 | 2008-07-16 | Show | GitHub Exploit DB Packet Storm |
| 258427 | 7.5 | 危険 | シトリックス・システムズ | - | Citrix XenCenterWeb の XenServer Resource Kit における PHP コードを挿入される脆弱性 |
CWE-94
コード・インジェクション |
CVE-2009-3760 | 2010-09-14 15:54 | 2009-10-22 | Show | GitHub Exploit DB Packet Storm |
| 258428 | 6 | 警告 | シトリックス・システムズ | - | Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトリクエストフォージェリの脆弱性 |
CWE-352
同一生成元ポリシー違反 |
CVE-2009-3759 | 2010-09-14 15:54 | 2009-10-22 | Show | GitHub Exploit DB Packet Storm |
| 258429 | 7.5 | 危険 | シトリックス・システムズ | - | Citrix XenCenterWeb の XenServer Resource Kit における SQL インジェクションの脆弱性 |
CWE-89
SQLインジェクション |
CVE-2009-3758 | 2010-09-14 15:53 | 2009-10-22 | Show | GitHub Exploit DB Packet Storm |
| 258430 | 4.3 | 警告 | シトリックス・システムズ | - | Citrix XenCenterWeb の XenServer Resource Kit におけるクロスサイトスクリプティングの脆弱性 |
CWE-79
クロスサイト・スクリプティング(XSS) |
CVE-2009-3757 | 2010-09-14 15:53 | 2009-10-22 | Show | GitHub Exploit DB Packet Storm |
NVD Vulnerability Information
Update Date:June 17, 2026, 4:19 a.m.
| No | CVSS | Level Attach Vector |
Vendor Name | Project Name | Title | CWE | CVE | Update Date | Publication Date | Show Affected | Exploit PoC Search |
|---|---|---|---|---|---|---|---|---|---|---|---|
| 248661 | 5.3 |
MEDIUM
Network |
qualcomm |
pq4019_firmware ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware
While deserializing any key blob during key operations, buffer overflow could occur, exposing partial key information if any key operations are invoked in Snapdragon Auto, Snapdragon Compute, Snapdra…
|
CWE-119
|
Incorrect Access of Indexable Resource ('Range Error')
CVE-2018-13907
|
2024-11-21 12:48 |
2019-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 248662 | 9.1 |
CRITICAL
Network |
qualcomm |
ipq4019_firmware ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware<… |
The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connec… |
CWE-20 CWE-417 Improper Input Validation Channel and Path Errors |
CVE-2018-13906 | 2024-11-21 12:48 | 2019-06-15 | Show | GitHub Exploit DB Packet Storm |
| 248663 | 7.5 |
HIGH
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware msm8996au_firmwar… |
Out of bounds memory read and access due to improper array index validation may lead to unexpected behavior while decoding XTRA file in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, S… |
CWE-129
Improper Validation of Array Index |
CVE-2018-13902 | 2024-11-21 12:48 | 2019-06-15 | Show | GitHub Exploit DB Packet Storm |
| 248664 | 5.5 |
MEDIUM
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qca6574au_firmware qcs605_firmware sd_210_firmware sd_212_firmware sd_205_firmware
Due to missing permissions in Android Manifest file, Sensitive information disclosure issue can happen in PCI RCS app in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon …
|
NVD-CWE-noinfo
|
CVE-2018-13901
|
2024-11-21 12:48 |
2019-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 248665 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware qcs405_firmware qcs605_firmware qualcomm_215_firmware sd_210_firmware sd_212_firmware
Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT…
|
CWE-787
|
Out-of-bounds Write
CVE-2018-13898
|
2024-11-21 12:48 |
2019-06-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
| 248666 | 6.1 |
MEDIUM
Network |
synacor | zimbra_collaboration_suite | Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients. |
CWE-79
Cross-site Scripting |
CVE-2018-14013 | 2024-11-21 12:48 | 2019-05-30 | Show | GitHub Exploit DB Packet Storm |
| 248667 | 9.8 |
CRITICAL
Network |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs605_firmware qm215_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd… |
Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap use after free issue in Snapdragon Auto, Snapdragon Compute… |
CWE-416
Use After Free |
CVE-2018-13925 | 2024-11-21 12:48 | 2019-05-25 | Show | GitHub Exploit DB Packet Storm |
| 248668 | 7.8 |
HIGH
Local |
qualcomm |
mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware qcs605_firmware qm215_firmware sd_425_firmware sd_439_firmware sd_429_firmware sd_450_firmware sd_62… |
Use-after-free condition due to Improper handling of hrtimers when the PMU driver tries to access its events in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,… |
CWE-416
Use After Free |
CVE-2018-13920 | 2024-11-21 12:48 | 2019-05-25 | Show | GitHub Exploit DB Packet Storm |
| 248669 | 7.8 |
HIGH
Local |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware qcs605_firmware qm215_firmware sd_425_firmware sd_439_firmware sd_429_firmware sd_4… |
Processing messages after error may result in user after free memory fault in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdra… |
CWE-416
Use After Free |
CVE-2018-13899 | 2024-11-21 12:48 | 2019-05-25 | Show | GitHub Exploit DB Packet Storm |
| 248670 | 7.8 |
HIGH
Local |
qualcomm |
mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs605_firmware qm215_firmware sd_210_firmware sd_212_firmware s… |
Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon… |
CWE-284
Improper Access Control |
CVE-2018-13895 | 2024-11-21 12:48 | 2019-05-25 | Show | GitHub Exploit DB Packet Storm |