Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 7, 2024, 10:02 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
141	5.5	警告 Local	Linux	Linux Kernel	Linux の Linux Kernel における NULL ポインタデリファレンスに関する脆弱性	CWE-476 NULL ポインタデリファレンス	CVE-2024-46822	2024-10-3 10:46	2024-06-28	Show	GitHub Exploit DB Packet Storm

142	7.8	重要 Local	Linux	Linux Kernel	Linux の Linux Kernel における解放済みメモリの使用に関する脆弱性	CWE-416 解放済みメモリの使用	CVE-2024-46849	2024-10-3 10:46	2024-09-11	Show	GitHub Exploit DB Packet Storm

143	9.8	緊急 Network	VMware	VMware vCenter Server	VMware の VMware vCenter Server における境界外書き込みに関する脆弱性	CWE-122 CWE-787	CVE-2024-38812	2024-10-3 10:46	2024-09-17	Show	GitHub Exploit DB Packet Storm

144	7.5	重要 Network	NetIQ	identity manager rest driver	NetIQ の identity manager rest driver におけるログファイルからの情報漏えいに関する脆弱性	CWE-532 CWE-532	CVE-2022-26322	2024-10-3 10:43	2022-02-28	Show	GitHub Exploit DB Packet Storm

145	5.4	警告 Network	ZKTECO CO., LTD.	wdms	ZKTECO CO., LTD. の wdms におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-79	CVE-2023-51157	2024-10-3 10:43	2023-12-18	Show	GitHub Exploit DB Packet Storm

146	6.1	警告 Network	tebilisim	v5	tebilisim の v5 におけるクロスサイトスクリプティングの脆弱性	CWE-79 CWE-80	CVE-2024-2010	2024-10-3 10:43	2024-09-12	Show	GitHub Exploit DB Packet Storm

147	6.1	警告 Network	dotsquares	contact form 7 math captcha	dotsquares の WordPress 用 contact form 7 math captcha におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2024-6517	2024-10-3 10:43	2024-09-26	Show	GitHub Exploit DB Packet Storm

148	9.8	緊急 Network	Modern Tribe, Inc.	The Events Calendar	stellarwp の WordPress 用 the events calendar における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2024-8275	2024-10-3 10:43	2024-09-25	Show	GitHub Exploit DB Packet Storm

149	7.2	重要 Network	Uncanny Owl	Uncanny Groups for LearnDash	Uncanny Owl の WordPress 用 Uncanny Groups for LearnDash における認証の欠如に関する脆弱性	CWE-862 認証の欠如	CVE-2024-8349	2024-10-3 10:43	2024-09-25	Show	GitHub Exploit DB Packet Storm

150	6.5	警告 Network	madrasthemes	mas static content	madrasthemes の WordPress 用 mas static content における脆弱性	CWE-200 CWE-noinfo	CVE-2024-8483	2024-10-3 10:43	2024-09-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 7, 2024, 5:11 a.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
258871	-	mojolicious	mojolicious	Mojolicious before 0.999927 does not properly implement HMAC-MD5 checksums, which has unspecified impact and remote attack vectors.	CWE-20 Improper Input Validation	CVE-2010-4803	2011-08-27 12:46	2011-05-3	Show	GitHub Exploit DB Packet Storm

258872	-	alexej_kryukov	fontforge	Stack-based buffer overflow in FontForge 20100501 allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a long CHARSET_REGISTRY header in a B…	CWE-119 Incorrect Access of Indexable Resource ('Range Error')	CVE-2010-4259	2011-08-27 12:45	2010-12-7	Show	GitHub Exploit DB Packet Storm

258873	-	dovecot	dovecot	plugins/acl/acl-backend-vfile.c in Dovecot 1.2.x before 1.2.15 and 2.0.x before 2.0.5 interprets an ACL entry as a directive to add to the permissions granted by another ACL entry, instead of a direc…	CWE-264 Permissions, Privileges, and Access Controls	CVE-2010-3707	2011-08-27 12:44	2010-10-7	Show	GitHub Exploit DB Packet Storm

258874	-	dovecot	dovecot	Dovecot 1.2.x before 1.2.15 allows remote authenticated users to cause a denial of service (master process outage) by simultaneously disconnecting many (1) IMAP or (2) POP3 sessions.	NVD-CWE-Other	CVE-2010-3780	2011-08-27 12:44	2010-10-7	Show	GitHub Exploit DB Packet Storm

258875	-	libguestfs	libguestfs	libguestfs before 1.5.23, as used in virt-v2v, virt-inspector 1.5.3 and earlier, and possibly other products, when a raw-format disk image is used, allows local guest OS administrators to read files …	CWE-200 Information Exposure	CVE-2010-3851	2011-08-27 12:44	2010-11-5	Show	GitHub Exploit DB Packet Storm

258876	-	otrs	otrs	webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier allows remote attackers to execute arbitrary commands via unspecified vectors, related to a "command injection vulnerability."	CWE-78 OS Command	CVE-2011-0456	2011-08-26 13:00	2011-03-12	Show	GitHub Exploit DB Packet Storm

258877	-	aimluck	aipo aipo-asp	SQL injection vulnerability in Aimluck Aipo before 5.1.1, and Aipo for ASP before 5.1.1, allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.	CWE-89 SQL Injection	CVE-2011-1342	2011-08-26 13:00	2011-08-20	Show	GitHub Exploit DB Packet Storm

258878	-	t-dreams	cars_ads_package	SQL injection vulnerability in processview.asp in Techno Dreams (T-Dreams) Cars Ads Package 2.0 allows remote attackers to execute arbitrary SQL commands via the key parameter.	CWE-89 SQL Injection	CVE-2010-4829	2011-08-25 13:00	2011-08-24	Show	GitHub Exploit DB Packet Storm

258879	-	ozeki	http-sms_gateway	Ozeki HTTP-SMS Gateway 1.0, and possibly earlier, stores usernames and passwords in plaintext in the HKLM\Software\Ozeki\SMSServer\CurrentVersion\Plugins\httpsmsgate registry key, which allows local …	CWE-310 Cryptographic Issues	CVE-2006-6674	2011-08-25 13:00	2006-12-21	Show	GitHub Exploit DB Packet Storm

258880	-	citrix	xen	Multiple integer overflows in tools/libxc/xc_dom_bzimageloader.c in Xen 3.2, 3.3, 4.0, and 4.1 allow local users to cause a denial of service and possibly execute arbitrary code via a crafted paravir…	CWE-189 Numeric Errors	CVE-2011-1583	2011-08-24 12:17	2011-08-13	Show	GitHub Exploit DB Packet Storm