Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Dec. 7, 2024, 4 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
1 7.5 重要
Network
マイクロソフト Microsoft Windows 11
Microsoft Windows Server 2022
Microsoft Windows 10
Microsoft Windows Server 2019
Microsoft Virtual Machine Bus (VMBus) サービス拒否の脆弱性 New CWE-822
CWE-noinfo
CVE-2024-26254 2024-12-6 18:12 2024-04-9 Show GitHub Exploit DB Packet Storm
2 7.2 重要
Network
マイクロソフト Microsoft Defender for IoT Microsoft Defender for IoT の特権の昇格の脆弱性 New CWE-269
CWE-noinfo
CVE-2024-21324 2024-12-6 17:38 2024-04-9 Show GitHub Exploit DB Packet Storm
3 3.3
Local
アップル iPadOS
iOS
アップルの iPadOS および iOS における脆弱性 New CWE-noinfo
情報不足
CVE-2024-23256 2024-12-6 17:19 2024-03-5 Show GitHub Exploit DB Packet Storm
4 5.5 警告
Local
アップル iPadOS
iOS
watchOS
複数のアップル製品における脆弱性 New CWE-noinfo
情報不足
CVE-2024-23231 2024-12-6 17:13 2024-03-5 Show GitHub Exploit DB Packet Storm
5 3.3
Local
- アップルの macOS における脆弱性 New CWE-noinfo
情報不足
CVE-2024-23227 2024-12-6 17:07 2024-03-7 Show GitHub Exploit DB Packet Storm
6 7.8 重要
Local
- アップルの macOS における脆弱性 New CWE-noinfo
情報不足
CVE-2024-23233 2024-12-6 17:05 2024-03-7 Show GitHub Exploit DB Packet Storm
7 5.5 警告
Local
- アップルの macOS における脆弱性 New CWE-862
CWE-noinfo
CVE-2024-23230 2024-12-6 16:59 2024-03-7 Show GitHub Exploit DB Packet Storm
8 7.5 重要
Network
- アップルの macOS における脆弱性 New CWE-noinfo
情報不足
CVE-2023-42835 2024-12-6 16:57 2023-10-25 Show GitHub Exploit DB Packet Storm
9 7.2 重要
Network
オラクル Oracle BI Publisher Oracle Analytics の Oracle BI Publisher における Script Engine に関する脆弱性 New CWE-noinfo
情報不足
CVE-2024-21083 2024-12-6 16:57 2024-04-16 Show GitHub Exploit DB Packet Storm
10 6.5 警告
Local
オラクル Oracle VM VirtualBox Oracle Virtualization の Oracle VM VirtualBox における Core に関する脆弱性 New CWE-noinfo
情報不足
CVE-2024-21121 2024-12-6 16:57 2024-04-16 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Dec. 7, 2024, 4:06 a.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
1 - - - Ubiquiti U6-LR 6.6.65 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. New - CVE-2024-54750 2024-12-7 01:15 2024-12-7 Show GitHub Exploit DB Packet Storm
2 - - - WAVLINK WN531P3 202383 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. New - CVE-2024-54747 2024-12-7 01:15 2024-12-7 Show GitHub Exploit DB Packet Storm
3 - - - WAVLINK WN701AE M01AE_V240305 was discovered to contain a hardcoded password vulnerability in /etc/shadow, which allows attackers to log in as root. New - CVE-2024-54745 2024-12-7 01:15 2024-12-7 Show GitHub Exploit DB Packet Storm
4 - - - liboqs is a C-language cryptographic library that provides implementations of post-quantum cryptography algorithms. A correctness error has been identified in the reference implementation of the HQC … New CWE-200
Information Exposure
CVE-2024-54137 2024-12-7 01:15 2024-12-7 Show GitHub Exploit DB Packet Storm
5 - - - ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 5.5.1 Revision 199 and below is vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upload/up… New CWE-502
 Deserialization of Untrusted Data
CVE-2024-54136 2024-12-7 01:15 2024-12-7 Show GitHub Exploit DB Packet Storm
6 - - - ClipBucket V5 provides open source video hosting with PHP. ClipBucket-v5 Version 2.0 to Version 5.5.1 Revision 199 are vulnerable to PHP Deserialization vulnerability. The vulnerability exists in upl… New CWE-502
 Deserialization of Untrusted Data
CVE-2024-54135 2024-12-7 01:15 2024-12-7 Show GitHub Exploit DB Packet Storm
7 - - - A cross-site scripting (XSS) vulnerability in OroPlatform CMS v5.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Search parameter. New - CVE-2024-50677 2024-12-7 01:15 2024-12-7 Show GitHub Exploit DB Packet Storm
8 - - - The HTTP host header can be manipulated and cause the application to behave in unexpected ways. Any changes made to the header would cause the request to be sent to a completely different domain/IP a… New - CVE-2024-30129 2024-12-7 01:15 2024-12-7 Show GitHub Exploit DB Packet Storm
9 - - - Starting in Python 3.12.0, the asyncio._SelectorSocketTransport.writelines() method would not "pause" writing and signal to the Protocol to drain the buffer to the wire once the write buffer reache… New - CVE-2024-12254 2024-12-7 01:15 2024-12-7 Show GitHub Exploit DB Packet Storm
10 - - - The Sticky Social Icons WordPress plugin through 1.2.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting a… New - CVE-2024-10551 2024-12-7 01:15 2024-12-6 Show GitHub Exploit DB Packet Storm