Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 17, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188501 5 警告 Mozilla Foundation - 複数の Mozilla 製品の SVG Filters 実装における重要な情報を取得される脆弱性 CWE-200
情報漏えい 		CVE-2012-0456 2012-08-24 17:39 2012-03-13 Show GitHub Exploit DB Packet Storm
188502 4.3 警告 Mozilla Foundation - 複数の Mozilla 製品におけるクロスサイトスクリプティング (XSS) 攻撃を誘発される脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2012-0455 2012-08-24 17:30 2012-03-13 Show GitHub Exploit DB Packet Storm
188503 4.3 警告 Mozilla Foundation - 複数の Mozilla 製品における CRLF インジェクションの脆弱性 CWE-94
コード・インジェクション 		CVE-2012-0451 2012-08-24 17:26 2012-03-13 Show GitHub Exploit DB Packet Storm
188504 4.3 警告 ウェブセンス - Websense Web Security の TRITON 管理コンソールにおける認証を回避される脆弱性 CWE-287
不適切な認証 		CVE-2012-4604 2012-08-24 15:42 2012-08-23 Show GitHub Exploit DB Packet Storm
188505 7.5 危険 ウェブセンス - 複数の Websense 製品の TRITON 管理コンソールにおけるコマンドを実行される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2011-5102 2012-08-24 15:41 2012-08-23 Show GitHub Exploit DB Packet Storm
188506 5 警告 ウェブセンス - Websense Web Security および Web Filter におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2010-5149 2012-08-24 15:39 2012-08-23 Show GitHub Exploit DB Packet Storm
188507 5 警告 ウェブセンス - Websense Web Security および Web Filter におけるクッキーをキャプチャされる脆弱性 CWE-DesignError
CVE-2010-5148 2012-08-24 15:38 2012-08-23 Show GitHub Exploit DB Packet Storm
188508 5 警告 ウェブセンス - Websense Web Security および Web Filter の Remote Filtering におけるサービス運用妨害 (DoS) の脆弱性 CWE-Other
その他 		CVE-2010-5147 2012-08-24 15:26 2012-08-23 Show GitHub Exploit DB Packet Storm
188509 2.1 注意 ウェブセンス - Websense Web Security および Web Filter におけるフィルタリングを回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2010-5146 2012-08-24 15:25 2012-08-23 Show GitHub Exploit DB Packet Storm
188510 4.3 警告 ウェブセンス - Windows 上で稼働する Websense Web Security および Web Filter におけるサービス運用妨害 (DoS) の脆弱性 CWE-119
バッファエラー 		CVE-2010-5145 2012-08-24 15:23 2012-08-23 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 5:14 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
241 5.4 MEDIUM
Network 		modernaweb black_widgets_for_elementor Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Modernaweb Studio Black Widgets For Elementor allows Stored XSS.This issue affects Black W… Update CWE-79
Cross-site Scripting 		CVE-2024-51662 2024-11-16 02:16 2024-11-9 Show GitHub Exploit DB Packet Storm
242 - - - Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens,… New CWE-285
Improper Authorization 		CVE-2024-52528 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
243 - - - Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is encrypted before being saved i… New CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-52525 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
244 - - - Nextcloud Server is a self hosted personal cloud system. MD5 hashes were used to check background jobs for their uniqueness. This increased the chances of a background job with arguments falsely bein… New CWE-328
 Use of Weak Hash 		CVE-2024-52521 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
245 - - - Nextcloud Server is a self hosted personal cloud system. The OAuth2 client secrets were stored in a recoverable way, so that an attacker that got access to a backup of the database and the Nextcloud … New CWE-922
 Insecure Storage of Sensitive Information 		CVE-2024-52519 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
246 - - - Nextcloud Server is a self hosted personal cloud system. After an attacker got access to the session of a user or administrator, the attacker would be able to create, change or delete external storag… New CWE-287
Improper Authentication 		CVE-2024-52518 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
247 - - - Nextcloud Server is a self hosted personal cloud system. After storing "Global credentials" on the server, the API returns them and adds them into the frontend again, allowing to read them in plain t… New CWE-200
Information Exposure 		CVE-2024-52517 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
248 - - - Nextcloud Server is a self hosted personal cloud system. When a server is configured to only allow sharing with users that are in ones own groups, after a user was removed from a group, previously sh… New CWE-269
 Improper Privilege Management 		CVE-2024-52516 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
249 - - - Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If t… New CWE-706
 Use of Incorrectly-Resolved Name or Reference 		CVE-2024-52515 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
250 - - - emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles. New - CVE-2024-50655 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm