Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 19, 2024, 12:03 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188241 6.5 警告 IBM - 複数の IBM 製品で使用される IBM Maximo Asset Management における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-0728 2012-09-12 16:15 2012-09-4 Show GitHub Exploit DB Packet Storm
188242 6.5 警告 IBM - 複数の IBM 製品で使用される IBM Maximo Asset Management における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-0727 2012-09-12 16:13 2012-09-4 Show GitHub Exploit DB Packet Storm
188243 6.8 警告 IBM - 複数の IBM 製品で使用される IBM Maximo Asset Management におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-0714 2012-09-12 16:12 2012-09-4 Show GitHub Exploit DB Packet Storm
188244 6.8 警告 OpenKM - OpenKM におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-2316 2012-09-12 14:20 2012-01-4 Show GitHub Exploit DB Packet Storm
188245 4 警告 OpenKM - OpenKM における任意のユーザに管理者権限を割り当てられる脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-2315 2012-09-12 14:19 2012-01-4 Show GitHub Exploit DB Packet Storm
188246 4.3 警告 chatelao - PHP Address Book の preferences.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1912 2012-09-12 13:54 2012-09-9 Show GitHub Exploit DB Packet Storm
188247 7.5 危険 chatelao - PHP Address Book における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1911 2012-09-12 13:53 2012-09-9 Show GitHub Exploit DB Packet Storm
188248 4.9 警告 danielb - Drupal 用 Cool Aid モジュールにおける任意のページを変更される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-1649 2012-09-12 13:53 2012-02-29 Show GitHub Exploit DB Packet Storm
188249 2.1 注意 danielb - Drupal 用 Cool Aid モジュールにおけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-1648 2012-09-12 13:52 2012-02-29 Show GitHub Exploit DB Packet Storm
188250 5 警告 MediaWiki - MediaWiki の wikitext パーサにおけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2012-4885 2012-09-12 13:50 2012-03-21 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 19, 2024, 1:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
61 - - - The issue was addressed with improved handling of caches. This issue is fixed in visionOS 1.1, iOS 17.4 and iPadOS 17.4. An app may be able to fingerprint the user. Update - CVE-2024-23220 2024-11-19 06:35 2024-03-8 Show GitHub Exploit DB Packet Storm
62 - - - An issue in Online Diagnostic Lab Management System 1.0 allows a remote attacker to gain control of a 'Staff' user account via a crafted POST request using the id, email, password, and cpass paramete… Update - CVE-2024-26492 2024-11-19 06:35 2024-03-8 Show GitHub Exploit DB Packet Storm
63 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bnep: fix wild-memory-access in proto_unregister There's issue as follows: KASAN: maybe wild-memory-access in range … Update NVD-CWE-noinfo
CVE-2024-50148 2024-11-19 06:24 2024-11-7 Show GitHub Exploit DB Packet Storm
64 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix command bitmask initialization Command bitmask have a dedicated bit for MANAGE_PAGES command, this bit isn't Initia… Update CWE-476
 NULL Pointer Dereference 		CVE-2024-50147 2024-11-19 06:19 2024-11-7 Show GitHub Exploit DB Packet Storm
65 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't call cleanup on profile rollback failure When profile rollback fails in mlx5e_netdev_change_profile, the netdev … Update CWE-476
 NULL Pointer Dereference 		CVE-2024-50146 2024-11-19 06:17 2024-11-7 Show GitHub Exploit DB Packet Storm
66 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/xe: fix unbalanced rpm put() with fence_fini() Currently we can call fence_fini() twice if something goes wrong when sending … Update NVD-CWE-noinfo
CVE-2024-50144 2024-11-19 06:16 2024-11-7 Show GitHub Exploit DB Packet Storm
67 - - - Autolab is a course management service that enables auto-graded programming assignments. There is an HTML injection vulnerability in version 3.0.1 that can affect instructors and CAs on the grade sub… New CWE-79
Cross-site Scripting 		CVE-2024-52585 2024-11-19 06:15 2024-11-19 Show GitHub Exploit DB Packet Storm
68 - - - Autolab is a course management service that enables auto-graded programming assignments. There is a vulnerability in version 3.0.1 where CAs can view or edit the grade for any submission ID, even if … New CWE-863
 Incorrect Authorization 		CVE-2024-52584 2024-11-19 06:15 2024-11-19 Show GitHub Exploit DB Packet Storm
69 - - - The WesHacks GitHub repository provides the official Hackathon competition website source code for the Muweilah Wesgreen Hackathon. The page `schedule.html` before 17 November 2024 or commit 93dfb83 … New CWE-494
 Download of Code Without Integrity Check 		CVE-2024-52583 2024-11-19 06:15 2024-11-19 Show GitHub Exploit DB Packet Storm
70 - - - aiohttp is an asynchronous HTTP client/server framework for asyncio and Python. Prior to version 3.10.11, the Python parser parses newlines in chunk extensions incorrectly which can lead to request s… New - CVE-2024-52304 2024-11-19 06:15 2024-11-19 Show GitHub Exploit DB Packet Storm