NVD Vulnerability Information Top

Show Search Menu

Vendor Name
プロダクト・サービス名
Title
CVE
CRITICAL
HIGH
MEDIUM
LOW
CWE
In descending order of publication date
In descending order of update date
Number of items displayed

NVD Vulnerability Information Top

You can search the list of vulnerabilities managed by the NVD (National Vulnerability Database).
Since vulnerability information is often updated before JVN (Japan Vulnerability Note), vulnerabilities that are not listed in JVN may be updated.

If there is a vulnerability related to JVN (Japan Vulnerability Note), the information will be displayed on the detail page.

To search by CWE, please refer to the CWE Overview and check the CWE number.

CRITICAL
HIGH
MEDIUM
LOW

Update Date:June 13, 2026, 4:20 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
319051	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sSrvAddr parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted in…	CWE-120 Classic Buffer Overflow	CVE-2024-46582	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319052	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted i…	CWE-120 Classic Buffer Overflow	CVE-2024-46581	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319053	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sAppName parameter at sslapp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted i…	CWE-120 Classic Buffer Overflow	CVE-2024-46566	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319054	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sSrvName parameter at service.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted …	CWE-120 Classic Buffer Overflow	CVE-2024-46565	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319055	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at fextobj.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craf…	CWE-120 Classic Buffer Overflow	CVE-2024-46564	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319056	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the queryret parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted in…	CWE-120 Classic Buffer Overflow	CVE-2024-46561	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319057	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pub_key parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted inp…	CWE-120 Classic Buffer Overflow	CVE-2024-46560	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319058	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_UsrNme parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafte…	CWE-120 Classic Buffer Overflow	CVE-2024-46559	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319059	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the newProname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted …	CWE-120 Classic Buffer Overflow	CVE-2024-46558	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319060	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafte…	CWE-120 Classic Buffer Overflow	CVE-2024-46557	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319061	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sInRCSecret0 parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafte…	CWE-120 Classic Buffer Overflow	CVE-2024-46556	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319062	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the pb parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input.	CWE-120 Classic Buffer Overflow	CVE-2024-46555	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319063	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the profname parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted in…	CWE-120 Classic Buffer Overflow	CVE-2024-46554	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319064	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the ipaddrmsk%d parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted…	CWE-120 Classic Buffer Overflow	CVE-2024-46553	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319065	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sStRtMskShow parameter at ipstrt.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craft…	CWE-120 Classic Buffer Overflow	CVE-2024-46552	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319066	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sBPA_Pwd parameter at inet15.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted i…	CWE-120 Classic Buffer Overflow	CVE-2024-46551	2024-09-25 01:41	2024-09-19	Show	GitHub Exploit DB Packet Storm

319067	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sDnsPro parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted inp…	CWE-120 Classic Buffer Overflow	CVE-2024-46591	2024-09-25 01:40	2024-09-19	Show	GitHub Exploit DB Packet Storm

319068	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sIpv6AiccuUser parameter at inetipv6.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a c…	CWE-120 Classic Buffer Overflow	CVE-2024-46589	2024-09-25 01:40	2024-09-19	Show	GitHub Exploit DB Packet Storm

319069	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at wizfw.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafte…	CWE-120 Classic Buffer Overflow	CVE-2024-46588	2024-09-25 01:40	2024-09-19	Show	GitHub Exploit DB Packet Storm

319070	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sCloudPass parameter at v2x00.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted …	CWE-120 Classic Buffer Overflow	CVE-2024-46586	2024-09-25 01:40	2024-09-19	Show	GitHub Exploit DB Packet Storm

319071	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the sProfileName parameter at usergrp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craf…	CWE-120 Classic Buffer Overflow	CVE-2024-46585	2024-09-25 01:40	2024-09-19	Show	GitHub Exploit DB Packet Storm

319072	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the AControlIp1 parameter at acontrol.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a craf…	CWE-120 Classic Buffer Overflow	CVE-2024-46584	2024-09-25 01:40	2024-09-19	Show	GitHub Exploit DB Packet Storm

319073	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the extRadSrv2 parameter at cgiapp.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted…	CWE-120 Classic Buffer Overflow	CVE-2024-46583	2024-09-25 01:40	2024-09-19	Show	GitHub Exploit DB Packet Storm

319074	7.5	HIGH Network	draytek	vigor3910_firmware	Draytek Vigor 3910 v4.3.2.6 was discovered to contain a buffer overflow in the iprofileidx parameter at dialin.cgi. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafte…	CWE-120 Classic Buffer Overflow	CVE-2024-46598	2024-09-25 01:37	2024-09-19	Show	GitHub Exploit DB Packet Storm

319075	5.5	MEDIUM Local	apple	ipados iphone_os macos visionos tvos watchos	An out-of-bounds read issue was addressed with improved input validation. This issue is fixed in iOS 17.7 and iPadOS 17.7, visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, macOS Sonoma…	CWE-125 Out-of-bounds Read	CVE-2024-27880	2024-09-25 01:34	2024-09-17	Show	GitHub Exploit DB Packet Storm

319076	9.9	CRITICAL Network	tuzitio	camaleon_cms	Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. An arbitrary file write vulnerability accessible via the upload method of the MediaController allows authentic…	CWE-22 Path Traversal	CVE-2024-46986	2024-09-25 01:30	2024-09-19	Show	GitHub Exploit DB Packet Storm

319077	5.5	MEDIUM Local	apple	macos	This issue was addressed with improved validation of symlinks. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the file…	CWE-59 Link Following	CVE-2024-44178	2024-09-25 01:28	2024-09-17	Show	GitHub Exploit DB Packet Storm

319078	5.5	MEDIUM Local	apple	macos	A privacy issue was addressed by removing sensitive data. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data.	NVD-CWE-noinfo	CVE-2024-44177	2024-09-25 01:28	2024-09-17	Show	GitHub Exploit DB Packet Storm

319079	7.7	HIGH Network	tuzitio	camaleon_cms	Camaleon CMS is a dynamic and advanced content management system based on Ruby on Rails. A path traversal vulnerability accessible via MediaController's download_private_file method allows authentica…	CWE-22 Path Traversal	CVE-2024-46987	2024-09-25 01:27	2024-09-19	Show	GitHub Exploit DB Packet Storm

319080	4.6	MEDIUM Physics	apple	ipados iphone_os watchos	This issue was addressed through improved state management. This issue is fixed in iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, watchOS 11. An attacker with physical access to a locked device may …	NVD-CWE-noinfo	CVE-2024-44171	2024-09-25 01:22	2024-09-17	Show	GitHub Exploit DB Packet Storm

319081	5.5	MEDIUM Local	apple	macos	A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to modify protected parts of the fil…	NVD-CWE-noinfo	CVE-2024-44151	2024-09-25 01:21	2024-09-17	Show	GitHub Exploit DB Packet Storm

319082	5.5	MEDIUM Local	apple	macos	The issue was addressed with improved permissions logic. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access user-sensitive data.	NVD-CWE-noinfo	CVE-2024-44153	2024-09-25 01:19	2024-09-17	Show	GitHub Exploit DB Packet Storm

319083	5.5	MEDIUM Local	apple	macos	A memory initialization issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted file may lead to unexpected app…	NVD-CWE-noinfo	CVE-2024-44154	2024-09-25 01:16	2024-09-17	Show	GitHub Exploit DB Packet Storm

319084	8.8	HIGH Network	totolink	t10_firmware	A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. This vulnerability affects the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi. The manipulation o…	CWE-78 OS Command	CVE-2024-9001	2024-09-25 01:14	2024-09-20	Show	GitHub Exploit DB Packet Storm

319085	10.0	CRITICAL Network	apple	macos	A logic issue was addressed with improved file handling. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.	NVD-CWE-noinfo	CVE-2024-44146	2024-09-25 01:14	2024-09-17	Show	GitHub Exploit DB Packet Storm

319086	10.0	CRITICAL Network	apple	macos	This issue was addressed with improved validation of file attributes. This issue is fixed in macOS Sequoia 15. An app may be able to break out of its sandbox.	NVD-CWE-noinfo	CVE-2024-44148	2024-09-25 01:09	2024-09-17	Show	GitHub Exploit DB Packet Storm

319087	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: Boards: Fix NULL pointer deref in BYT/CHT boards harder Since commit 13f58267cda3 ("ASoC: soc.h: don't create dummy …	CWE-476 NULL Pointer Dereference	CVE-2024-46793	2024-09-25 01:00	2024-09-18	Show	GitHub Exploit DB Packet Storm

319088	7.5	HIGH Network	apple	macos	A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data.	CWE-281 Improper Preservation of Permissions	CVE-2024-44149	2024-09-25 00:58	2024-09-17	Show	GitHub Exploit DB Packet Storm

319089	6.1	MEDIUM Network	apple	macos	This issue was addressed through improved state management. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. Visiting a malicious website may lead to user interface spo…	NVD-CWE-noinfo	CVE-2024-40797	2024-09-25 00:58	2024-09-17	Show	GitHub Exploit DB Packet Storm

319090	7.5	HIGH Network	apple	macos	A downgrade issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An attacker may be able to read sensitive in…	NVD-CWE-noinfo	CVE-2024-40848	2024-09-25 00:57	2024-09-17	Show	GitHub Exploit DB Packet Storm

319091	5.5	MEDIUM Local	apple	macos	The issue was addressed with additional code-signing restrictions. This issue is fixed in macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access sensitive user data.	NVD-CWE-noinfo	CVE-2024-40847	2024-09-25 00:56	2024-09-17	Show	GitHub Exploit DB Packet Storm

319092	5.5	MEDIUM Local	apple	macos	The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted video file may lead to unexpected app termination.	NVD-CWE-noinfo	CVE-2024-40846	2024-09-25 00:56	2024-09-17	Show	GitHub Exploit DB Packet Storm

319093	7.5	HIGH Network	apple	macos	A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Sequoia 15. An app may be able to access user-sensitive data.	NVD-CWE-noinfo	CVE-2024-44152	2024-09-25 00:55	2024-09-17	Show	GitHub Exploit DB Packet Storm

319094	5.5	MEDIUM Local	apple	macos	The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. Processing a maliciously crafted video file may lead to unexpected app termination.	NVD-CWE-noinfo	CVE-2024-40845	2024-09-25 00:55	2024-09-17	Show	GitHub Exploit DB Packet Storm

319095	5.5	MEDIUM Local	apple	macos ipados iphone_os	A privacy issue was addressed with improved handling of temporary files. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. An app may be able t…	NVD-CWE-noinfo	CVE-2024-40844	2024-09-25 00:55	2024-09-17	Show	GitHub Exploit DB Packet Storm

319096	7.5	HIGH Adjacent	canonical	anbox_cloud	Anbox Management Service, in versions 1.17.0 through 1.23.0, does not validate the TLS certificate provided to it by the Anbox Stream Agent. An attacker must be able to machine-in-the-middle the Anbo…	CWE-295 Improper Certificate Validation	CVE-2024-8287	2024-09-25 00:52	2024-09-19	Show	GitHub Exploit DB Packet Storm

319097	5.5	MEDIUM Local	apple	macos ipados iphone_os	This issue was addressed with improved redaction of sensitive information. This issue is fixed in iOS 17.7 and iPadOS 17.7, macOS Ventura 13.7, macOS Sonoma 14.7, macOS Sequoia 15. A shortcut may out…	NVD-CWE-noinfo	CVE-2024-44158	2024-09-25 00:50	2024-09-17	Show	GitHub Exploit DB Packet Storm

319098	5.5	MEDIUM Local	apple	macos iphone_os ipados visionos watchos tvos	An integer overflow was addressed through improved input validation. This issue is fixed in visionOS 2, watchOS 11, macOS Sequoia 15, iOS 18 and iPadOS 18, tvOS 18. Processing maliciously crafted web…	CWE-190 Integer Overflow or Wraparound	CVE-2024-44198	2024-09-25 00:45	2024-09-17	Show	GitHub Exploit DB Packet Storm

319099	3.3	LOW Local	apple	macos ipados iphone_os	A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in macOS Ventura 13.7, iOS 17.7 and iPadOS 17.7, iOS 18 and iPadOS 18, macOS Sonoma 14.7, macOS…	CWE-532 Inclusion of Sensitive Information in Log Files	CVE-2024-40791	2024-09-25 00:44	2024-09-17	Show	GitHub Exploit DB Packet Storm

319100	5.5	MEDIUM Local	apple	macos	A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sonoma 14.7, macOS Sequoia 15. An app may be able to access protected user data.	NVD-CWE-noinfo	CVE-2024-40801	2024-09-25 00:43	2024-09-17	Show	GitHub Exploit DB Packet Storm