NVD脆弱性情報トップ

検索メニュー表示

ベンダー名
プロダクト・サービス名
タイトル
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
公表日降順
更新日降順
表示数

NVD（National Vulnerability Database）で管理されている脆弱性の一覧を検索することが出来ます。
JVN（Japan Vulnerability Note）より先に脆弱性情報が更新される事が多いため、JVNに未記載の脆弱性が更新されている場合があります。

JVN（Japan Vulnerability Note）に関連した脆弱性がある場合は詳細画面で情報を表示します。

CWEで検索する場合は、CWE概要を参照して、CWE番号を確認してください。

CRITICAL
HIGH
MEDIUM
LOW

更新日:2026年6月19日4:01

No	CVSS	レベル攻撃区分	ベンダー名	プロダクト名	タイトル	CWE	CVE	更新日	公表日	影響表示	Exploit PoC 検索
248651	7.5	HIGH ネットワーク	qualcomm	mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs605_firmware sd_210_firmware sd_212_firmware sd_205_firmware …	Clients hostname gets added to DNS record on device which is running dnsmasq resulting in an information exposure in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Indu…	CWE-200 情報漏えい	CVE-2018-13897	2024-11-21 12:48	2019-07-26	表示	GitHub Exploit DB Packet Storm

248652	7.8	HIGH ローカル	qualcomm	mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware msm8996au_firmware qcs404_firmware qcs605_firmware sd_410_firmware sd_412_firmware sd_636_firmware sd…	Debug policy with invalid signature can be loaded when the debug policy functionality is disabled by using the parallel image loading in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, …	CWE-287 不適切な認証	CVE-2018-13927	2024-11-21 12:48	2019-07-22	表示	GitHub Exploit DB Packet Storm

248653	9.8	CRITICAL ネットワーク	qualcomm	ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9625_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware	Lack of check to prevent the buffer length taking negative values can lead to stack overflow. in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer…	CWE-787 境界外書き込み	CVE-2018-13924	2024-11-21 12:48	2019-07-22	表示	GitHub Exploit DB Packet Storm

248654	7.8	HIGH ローカル	qualcomm	mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware msm8996au_firmware qcs404_firmware qcs605_firmware qualcomm_215_firmware sd_410_firmware sd_412_firmware…	XBL_SEC image authentication and other crypto related validations are accessible to a compromised OEM XBL Loader due to missing lock at XBL_SEC stage.. in Snapdragon Auto, Snapdragon Compute, Snapdra…	CWE-284 不適切なアクセス制御	CVE-2018-13896	2024-11-21 12:48	2019-07-22	表示	GitHub Exploit DB Packet Storm

248655	6.1	MEDIUM ネットワーク	digisol	dg-hr-3300_firmware	Digisol Wireless Wifi Home Router HR-3300 allows XSS via the userid or password parameter to the admin login page.	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2018-14027	2024-11-21 12:48	2019-07-6	表示	GitHub Exploit DB Packet Storm

248656	7.8	HIGH ローカル	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware qcs405_firmware qcs605_firmware sd_625_firmware sd_636_firmware sd_675_firmware sd_…	Use-after-free vulnerability will occur if reset of the routing table encounters an invalid rule id while processing command to reset in Snapdragon Auto, Snapdragon Consumer Electronics Connectivity,…	CWE-416 解放済みメモリの使用	CVE-2018-13919	2024-11-21 12:48	2019-06-15	表示	GitHub Exploit DB Packet Storm

248657	9.8	CRITICAL ネットワーク	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware msm8996au_firmwar…	Out of bounds memory read and access may lead to unexpected behavior in GNSS XTRA Parser in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Sn…	CWE-125 境界外読み取り	CVE-2018-13911	2024-11-21 12:48	2019-06-15	表示	GitHub Exploit DB Packet Storm

248658	7.8	HIGH ローカル	qualcomm	ipq8074_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware msm8996au_firmware qca8081_firmware qm215_firmware sd_410_firmware sd_412_firmware s…	Out-of-Bounds access in TZ due to invalid index calculated to check against DDR in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Sna…	CWE-125 境界外読み取り	CVE-2018-13910	2024-11-21 12:48	2019-06-15	表示	GitHub Exploit DB Packet Storm

248659	7.0	HIGH ローカル	qualcomm	mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware qcs605_firmware qm215_firmware sd_410_firmware sd_412_firmware sd_425_firmware sd_427_firmware sd_430…	Metadata verification and partial hash system calls by bootloader may corrupt parallel hashing state in progress resulting in unexpected behavior in Snapdragon Auto, Snapdragon Compute, Snapdragon Co…	CWE-362 競合状態	CVE-2018-13909	2024-11-21 12:48	2019-06-15	表示	GitHub Exploit DB Packet Storm

248660	7.8	HIGH ローカル	qualcomm	ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware msm8996au_firmware qca8081_firmware qcs405_firmware<…	Truncated access authentication token leads to weakened access control for stored secure application data in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer Electron…	CWE-285 不適切な認可	CVE-2018-13908	2024-11-21 12:48	2019-06-15	表示	GitHub Exploit DB Packet Storm

248661	5.3	MEDIUM ネットワーク	qualcomm	pq4019_firmware ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware	While deserializing any key blob during key operations, buffer overflow could occur, exposing partial key information if any key operations are invoked in Snapdragon Auto, Snapdragon Compute, Snapdra…	CWE-119 バッファエラー	CVE-2018-13907	2024-11-21 12:48	2019-06-15	表示	GitHub Exploit DB Packet Storm

248662	9.1	CRITICAL ネットワーク	qualcomm	ipq4019_firmware ipq8074_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware<…	The HMAC authenticating the message from QSEE is vulnerable to timing side channel analysis leading to potentially forged application message in Snapdragon Auto, Snapdragon Compute, Snapdragon Connec…	CWE-20 CWE-417 不適切な入力確認チャネルおよびパスのエラー	CVE-2018-13906	2024-11-21 12:48	2019-06-15	表示	GitHub Exploit DB Packet Storm

248663	7.5	HIGH ネットワーク	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware msm8996au_firmwar…	Out of bounds memory read and access due to improper array index validation may lead to unexpected behavior while decoding XTRA file in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, S…	CWE-129 配列インデックスの不適切な検証	CVE-2018-13902	2024-11-21 12:48	2019-06-15	表示	GitHub Exploit DB Packet Storm

248664	5.5	MEDIUM ローカル	qualcomm	mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qca6574au_firmware qcs605_firmware sd_210_firmware sd_212_firmware sd_205_firmware	Due to missing permissions in Android Manifest file, Sensitive information disclosure issue can happen in PCI RCS app in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon …	NVD-CWE-noinfo	CVE-2018-13901	2024-11-21 12:48	2019-06-15	表示	GitHub Exploit DB Packet Storm

248665	9.8	CRITICAL ネットワーク	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware qcs405_firmware qcs605_firmware qualcomm_215_firmware sd_210_firmware sd_212_firmware	Out-of-Bounds write due to incorrect array index check in PMIC in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT…	CWE-787 境界外書き込み	CVE-2018-13898	2024-11-21 12:48	2019-06-15	表示	GitHub Exploit DB Packet Storm

248666	6.1	MEDIUM ネットワーク	synacor	zimbra_collaboration_suite	Synacor Zimbra Collaboration Suite Collaboration before 8.8.11 has XSS in the AJAX and html web clients.	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2018-14013	2024-11-21 12:48	2019-05-30	表示	GitHub Exploit DB Packet Storm

248667	9.8	CRITICAL ネットワーク	qualcomm	mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs605_firmware qm215_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd…	Error in parsing PMT table frees the memory allocated for the map section but does not reset the context map section reference causing heap use after free issue in Snapdragon Auto, Snapdragon Compute…	CWE-416 解放済みメモリの使用	CVE-2018-13925	2024-11-21 12:48	2019-05-25	表示	GitHub Exploit DB Packet Storm

248668	7.8	HIGH ローカル	qualcomm	mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware qcs605_firmware qm215_firmware sd_425_firmware sd_439_firmware sd_429_firmware sd_450_firmware sd_62…	Use-after-free condition due to Improper handling of hrtimers when the PMU driver tries to access its events in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile,…	CWE-416 解放済みメモリの使用	CVE-2018-13920	2024-11-21 12:48	2019-05-25	表示	GitHub Exploit DB Packet Storm

248669	7.8	HIGH ローカル	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware qcs605_firmware qm215_firmware sd_425_firmware sd_439_firmware sd_429_firmware sd_4…	Processing messages after error may result in user after free memory fault in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdra…	CWE-416 解放済みメモリの使用	CVE-2018-13899	2024-11-21 12:48	2019-05-25	表示	GitHub Exploit DB Packet Storm

248670	7.8	HIGH ローカル	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs605_firmware qm215_firmware sd_210_firmware sd_212_firmware s…	Due to the missing permissions on several content providers of the RCS app in its android manifest file will lead to an unprivileged access to phone in Snapdragon Auto, Snapdragon Compute, Snapdragon…	CWE-284 不適切なアクセス制御	CVE-2018-13895	2024-11-21 12:48	2019-05-25	表示	GitHub Exploit DB Packet Storm

248671	9.8	CRITICAL ネットワーク	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9635m_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware qcs605_firmware qm215_firmware sd_210_firmware s…	Untrusted header fields in GNSS XTRA3 function can lead to integer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon W…	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2018-13887	2024-11-21 12:48	2019-05-25	表示	GitHub Exploit DB Packet Storm

248672	9.8	CRITICAL ネットワーク	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9635m_firmware mdm9640_firmware mdm9650_firmware mdm9655_firmware msm8909w_firmware msm8996au_firmwar…	Unchecked OTA field in GNSS XTRA3 lead to integer overflow and then buffer overflow in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consumer IOT, Snap…	CWE-190 整数オーバーフローまたはラップアラウンド	CVE-2018-13886	2024-11-21 12:48	2019-05-25	表示	GitHub Exploit DB Packet Storm

248673	5.5	MEDIUM ローカル	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9615_firmware mdm9625_firmware mdm9635m_firmware mdm9650_firmware mdm9655_firmware qcs605_firmware qm215_firmware s…	Possible memory overread may be lead to access of sensitive data in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Wearables in…	CWE-200 情報漏えい	CVE-2018-13885	2024-11-21 12:48	2019-05-25	表示	GitHub Exploit DB Packet Storm

248674	7.5	HIGH ネットワーク	phoenixcontact	fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firm…	The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is vulnerable to a denial-of-service attack by making more than 120 connections.	CWE-400 リソースの枯渇	CVE-2018-13994	2024-11-21 12:48	2019-05-8	表示	GitHub Exploit DB Packet Storm

248675	8.8	HIGH ネットワーク	phoenixcontact	fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firm…	The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 is prone to CSRF.	CWE-352 同一生成元ポリシー違反	CVE-2018-13993	2024-11-21 12:48	2019-05-8	表示	GitHub Exploit DB Packet Storm

248676	9.8	CRITICAL ネットワーク	phoenixcontact	fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firm…	The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 allows for plaintext transmission (HTTP) of user credentials by default.	CWE-311 重要なデータの暗号化の欠如	CVE-2018-13992	2024-11-21 12:48	2019-05-8	表示	GitHub Exploit DB Packet Storm

248677	5.3	MEDIUM ネットワーク	phoenixcontact	fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firm…	The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions 1.0 to 1.34 leaks private information in firmware images.	CWE-200 情報漏えい	CVE-2018-13991	2024-11-21 12:48	2019-05-8	表示	GitHub Exploit DB Packet Storm

248678	6.1	MEDIUM ネットワーク	impresscms	impresscms	ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.php, htdocs/install/page_langselect.php, or htdocs/install/page_modcheck.php.	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2018-13983	2024-11-21 12:48	2019-05-7	表示	GitHub Exploit DB Packet Storm

248679	9.8	CRITICAL ネットワーク	phoenixcontact	fl_switch_3005_firmware fl_switch_3005t_firmware fl_switch_3004t-fx_firmware fl_switch_3004t-fx_st_firmware fl_switch_3008_firmware fl_switch_3008t_firmware fl_switch_3006t-2fx_firm…	The WebUI of PHOENIX CONTACT FL SWITCH 3xxx, 4xxx, 48xx versions prior to 1.35 is vulnerable to brute-force attacks, because of Improper Restriction of Excessive Authentication Attempts.	CWE-287 不適切な認証	CVE-2018-13990	2024-11-21 12:48	2019-05-7	表示	GitHub Exploit DB Packet Storm

248680	6.5	MEDIUM ネットワーク	siemens	cp_1604_firmware cp_1616_firmware	A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated configuration web server of the affected CP devices could allow a Cross-Site Request Forgery (CSR…	CWE-352 同一生成元ポリシー違反	CVE-2018-13810	2024-11-21 12:48	2019-04-17	表示	GitHub Exploit DB Packet Storm

248681	6.1	MEDIUM ネットワーク	siemens	cp_1604_firmware cp_1616_firmware	A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). The integrated web server of the affected CP devices could allow Cross-Site Scripting (XSS) attacks if unsuspect…	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2018-13809	2024-11-21 12:48	2019-04-17	表示	GitHub Exploit DB Packet Storm

248682	9.1	CRITICAL ネットワーク	siemens	cp_1604_firmware cp_1616_firmware	A vulnerability has been identified in CP 1604 (All versions), CP 1616 (All versions). An attacker with network access to port 23/tcp could extract internal communication data or cause a Denial-of-Se…	CWE-200 情報漏えい	CVE-2018-13808	2024-11-21 12:48	2019-04-17	表示	GitHub Exploit DB Packet Storm

248683	7.8	HIGH ローカル	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware qcs605_firmware qm215_firmware sd_425_firmware sd_439_firmware sd_429_firmware sd_4…	kernel could return a received message length higher than expected, which leads to buffer overflow in a subsequent operation and stops normal operation in Snapdragon Auto, Snapdragon Consumer IOT, Sn…	CWE-119 バッファエラー	CVE-2018-13918	2024-11-21 12:48	2019-04-5	表示	GitHub Exploit DB Packet Storm

248684	7.5	HIGH ネットワーク	siemens	sicam_a8000_cp-8000_firmware sicam_a8000_cp-802x_firmware sicam_a8000_cp-8050_firmware	A vulnerability has been identified in SICAM A8000 CP-8000 (All versions < V14), SICAM A8000 CP-802X (All versions < V14), SICAM A8000 CP-8050 (All versions < V2.00). Specially crafted network packet…	CWE-20 不適切な入力確認	CVE-2018-13798	2024-11-21 12:48	2019-03-22	表示	GitHub Exploit DB Packet Storm

248685	7.8	HIGH ローカル	qualcomm	snapdragon_auto_firmware snapdragon_consumer_internet_of_things_firmware snapdragon_industrial_internet_of_things_firmware mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9650…	Lack of input validation for data received from user space can lead to an out of bound array issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdrago…	CWE-119 バッファエラー	CVE-2018-13914	2024-11-21 12:48	2019-02-26	表示	GitHub Exploit DB Packet Storm

248686	7.8	HIGH ローカル	qualcomm	snapdragon_auto_firmware snapdragon_consumer_internet_of_things_firmware snapdragon_industrial_internet_of_things_firmware snapdragon_internet_of_things_firmware snapdragon_mobile_firmwar…	Improper validation of array index can lead to unauthorized access while processing debugFS in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, …	CWE-129 配列インデックスの不適切な検証	CVE-2018-13913	2024-11-21 12:48	2019-02-26	表示	GitHub Exploit DB Packet Storm

248687	5.5	MEDIUM ローカル	qualcomm	snapdragon_auto_firmware snapdragon_connectivity_firmware snapdragon_consumer_internet_of_things_firmware snapdragon_industrial_internet_of_things_firmware snapdragon_mobile_firmware s…	Arbitrary write issue can occur when user provides kernel address in compat mode in Snapdragon Auto, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Sn…	CWE-119 バッファエラー	CVE-2018-13912	2024-11-21 12:48	2019-02-26	表示	GitHub Exploit DB Packet Storm

248688	7.8	HIGH ローカル	qualcomm	mdm9206_firmware mdm9607_firmware mdm9650_firmware msm8909w_firmware qcs605_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_439_firmware sd_429_firmware sd_7…	KGSL syncsource lock not handled properly during syncsource cleanup can lead to use after free issue in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdra…	CWE-416 解放済みメモリの使用	CVE-2018-13905	2024-11-21 12:48	2019-02-26	表示	GitHub Exploit DB Packet Storm

248689	9.8	CRITICAL ネットワーク	qualcomm	mdm9206_firmware mdm9607_firmware mdm9650_firmware mdm9655_firmware qcs605_firmware sd_410_firmware sd_12_firmware sd_675_firmware sd_712_firmware sd_710_firmware sd_670…	Improper input validation in SCM handler to access storage in TZ can lead to unauthorized access in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer Electronics Connectivity, Snapdragon Consu…	CWE-20 不適切な入力確認	CVE-2018-13904	2024-11-21 12:48	2019-02-26	表示	GitHub Exploit DB Packet Storm

248690	7.8	HIGH ローカル	qualcomm	mdm9150_firmware mdm9206_firmware mdm9607_firmware mdm9640_firmware mdm9650_firmware msm8909w_firmware msm8996au_firmware qcs605_firmware sd_210_firmware sd_212_firmware	Use-after-free vulnerability will occur as there is no protection for the route table`s rule in IPA driver in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, S…	CWE-416 解放済みメモリの使用	CVE-2018-13900	2024-11-21 12:48	2019-02-26	表示	GitHub Exploit DB Packet Storm

248691	7.8	HIGH ローカル	google	android	In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Out of bound mask range access caused by using possible old value of msg mask table count wh…	CWE-119 バッファエラー	CVE-2018-13893	2024-11-21 12:48	2019-02-12	表示	GitHub Exploit DB Packet Storm

248692	7.8	HIGH ローカル	google	android	In all android releases(Android for MSM, Firefox OS for MSM, QRD Android) from CAF using the linux kernel, Heap memory was accessed after it was freed	CWE-416 解放済みメモリの使用	CVE-2018-13889	2024-11-21 12:48	2019-02-12	表示	GitHub Exploit DB Packet Storm

248693	7.8	HIGH ローカル	qualcomm	mdm9206_firmware mdm9607_firmware mdm9635m_firmware mdm9650_firmware msm8909w_firmware sd_210_firmware sd_212_firmware sd_205_firmware sd_425_firmware sd_427_firmware sd…	There is potential for memory corruption in the RIL daemon due to de reference of memory outside the allocated array length in RIL in Snapdragon Auto, Snapdragon Consumer IOT, Snapdragon Industrial I…	CWE-119 バッファエラー	CVE-2018-13888	2024-11-21 12:48	2019-02-12	表示	GitHub Exploit DB Packet Storm

248694	9.8	CRITICAL ネットワーク	abbyy	flexicapture	Multiple SQL injection vulnerabilities in the monitoring feature in the HTTP API in ABBYY FlexiCapture before 12 Release 2 allow an attacker to execute arbitrary SQL commands via the mask, sortOrder,…	CWE-89 SQLインジェクション	CVE-2018-13792	2024-11-21 12:48	2019-02-10	表示	GitHub Exploit DB Packet Storm

248695	7.5	HIGH ネットワーク	siemens	simatic_s7-1200_firmware simatic_s7-1500_firmware	A vulnerability has been identified in SIMATIC S7-1200 (All versions), SIMATIC S7-1500 (All Versions < V2.6). An attacker could exhaust the available connection pool of an affected device by opening …	CWE-400 リソースの枯渇	CVE-2018-13815	2024-11-21 12:48	2018-12-14	表示	GitHub Exploit DB Packet Storm

248696	8.8	HIGH ネットワーク	siemens	simatic_hmi_comfort_panels_firmware simatic_hmi_comfort_outdoor_panels_firmware simatic_hmi_ktp_mobile_panels_ktp400f_firmware simatic_hmi_ktp_mobile_panels_ktp700_firmware simatic_hmi_kt…	A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V14), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V14), SIMATIC HMI KTP Mobile Panels KTP400…	CWE-20 不適切な入力確認	CVE-2018-13814	2024-11-21 12:48	2018-12-14	表示	GitHub Exploit DB Packet Storm

248697	8.1	HIGH ネットワーク	siemens	simatic_hmi_comfort_panels_firmware simatic_hmi_comfort_outdoor_panels_firmware simatic_hmi_ktp_mobile_panels_ktp400f_firmware simatic_hmi_ktp_mobile_panels_ktp700_firmware simatic_hmi_kt…	A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mo…	CWE-601 オープンリダイレクト	CVE-2018-13813	2024-11-21 12:48	2018-12-14	表示	GitHub Exploit DB Packet Storm

248698	7.5	HIGH ネットワーク	siemens	simatic_hmi_comfort_panels_firmware simatic_hmi_comfort_outdoor_panels_firmware simatic_hmi_ktp_mobile_panels_ktp400f_firmware simatic_hmi_ktp_mobile_panels_ktp700_firmware simatic_hmi_kt…	A vulnerability has been identified in SIMATIC HMI Comfort Panels 4" - 22" (All versions < V15 Update 4), SIMATIC HMI Comfort Outdoor Panels 7" & 15" (All versions < V15 Update 4), SIMATIC HMI KTP Mo…	CWE-22 パス・トラバーサル	CVE-2018-13812	2024-11-21 12:48	2018-12-14	表示	GitHub Exploit DB Packet Storm

248699	5.5	MEDIUM ローカル	siemens	simatic_step_7_\(tia_portal\)	A vulnerability has been identified in SIMATIC STEP 7 (TIA Portal) (All Versions < V15.1). Password hashes with insufficient computational effort could allow an attacker to access to a project file a…	CWE-200 情報漏えい	CVE-2018-13811	2024-11-21 12:48	2018-12-14	表示	GitHub Exploit DB Packet Storm

248700	8.1	HIGH ネットワーク	siemens	simatic_it_ua_discrete_manufacturing simatic_it_production_suite simatic_it_line_monitoring_system	A vulnerability has been identified in SIMATIC IT LMS (All versions), SIMATIC IT Production Suite (Versions V7.1 < V7.1 Upd3), SIMATIC IT UA Discrete Manufacturing (Versions < V1.2), SIMATIC IT UA Di…	NVD-CWE-noinfo	CVE-2018-13804	2024-11-21 12:48	2018-12-14	表示	GitHub Exploit DB Packet Storm