Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 18, 2024, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
188561	7.5	危険	Thomas Hunter	-	NeoInvoice の signup_check.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2012-3477	2012-08-28 16:40	2012-08-26	Show	GitHub Exploit DB Packet Storm

188562	7.5	危険	DELL EMC (旧 EMC Corporation)	-	EMC ApplicationXtender Desktop および ApplicationXtender Web Access .NET におけるファイルをアップロードされる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2289	2012-08-28 16:40	2012-08-26	Show	GitHub Exploit DB Packet Storm

188563	5.8	警告	アップル	-	Apple iChat Server におけるドメインになりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2012-4672	2012-08-28 16:28	2012-08-25	Show	GitHub Exploit DB Packet Storm

188564	5.8	警告	Psyced	-	psyced におけるドメインになりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2012-4671	2012-08-28 16:25	2012-08-25	Show	GitHub Exploit DB Packet Storm

188565	6.4	警告	Tigase	-	Tigase XMPP Server におけるドメインになりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2012-4670	2012-08-28 16:22	2012-08-21	Show	GitHub Exploit DB Packet Storm

188566	5.8	警告	Isode	-	M-Link におけるドメインになりすまされる脆弱性	CWE-20 不適切な入力確認	CVE-2012-4669	2012-08-28 16:19	2012-08-22	Show	GitHub Exploit DB Packet Storm

188567	4.3	警告	Roundcube.net	-	Roundcube Webmail におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4668	2012-08-28 16:11	2012-08-14	Show	GitHub Exploit DB Packet Storm

188568	4.3	警告	Gilles Darold	-	SquidClamav におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-4667	2012-08-28 16:09	2012-08-25	Show	GitHub Exploit DB Packet Storm

188569	5	警告	Nicolas Cannasse	-	OCaml Xml-Light Library におけるサービス運用妨害 (DoS) の脆弱性	CWE-310 暗号の問題	CVE-2012-3514	2012-08-28 16:06	2012-08-25	Show	GitHub Exploit DB Packet Storm

188570	4.3	警告	Roundcube.net	-	Roundcube Webmail の program/lib/washtml.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-3508	2012-08-28 15:56	2012-08-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 18, 2024, 4:13 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
411	8.6	HIGH Network	-	-	A vulnerability in the local interface of Cisco BroadWorks Network Server could allow an unauthenticated, remote attacker to exhaust system resources, causing a denial of service (DoS) condition. … New	CWE-400 Uncontrolled Resource Consumption	CVE-2023-20125	2024-11-16 00:15	2024-11-16	Show	GitHub Exploit DB Packet Storm

412	7.0	HIGH Local	microsoft	windows_server_2008 windows_server_2012 windows_8.1 windows_7 windows_rt_8.1 windows_10_1909 windows_10_21h1 windows_10_20h2 windows_11_21h2 windows_10_21h2 windows_10_1…	Windows User Profile Service Elevation of Privilege Vulnerability	CWE-59 Link Following	CVE-2022-21919	2024-11-15 23:35	2022-01-12	Show	GitHub Exploit DB Packet Storm

413	7.8	HIGH Local	microsoft	windows_10_1909 windows_10_21h1 windows_10_20h2 windows_11_21h2 windows_10_21h2 windows_server_2022 windows_server_20h2 windows_server_2019 windows_10_1809	Win32k Elevation of Privilege Vulnerability	CWE-787 Out-of-bounds Write	CVE-2022-21882	2024-11-15 23:35	2022-01-12	Show	GitHub Exploit DB Packet Storm

414	8.8	HIGH Network	microsoft	windows_server_2008 windows_server_2012 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019 windows_server_2022 windows_10_1607 windows_10_1809 …	Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCh…	CWE-347 Improper Verification of Cryptographic Signature	CVE-2013-3900	2024-11-15 23:34	2013-12-11	Show	GitHub Exploit DB Packet Storm

415	-		-	-	A vulnerability was found in IBPhoenix ibWebAdmin up to 1.0.2 and classified as problematic. This issue affects some unknown processing of the file /database.php of the component Banco de Dados Tab. …	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-11240	2024-11-15 23:23	2024-11-15	Show	GitHub Exploit DB Packet Storm

416	-		-	-	A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the comp…	CWE-22 Path Traversal	CVE-2024-11239	2024-11-15 23:23	2024-11-15	Show	GitHub Exploit DB Packet Storm

417	-		-	-	Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login.	-	CVE-2024-52553	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

418	-		-	-	Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability…	-	CVE-2024-52552	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

419	-		-	-	Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing att…	-	CVE-2024-52551	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

420	-		-	-	Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attacker…	-	CVE-2024-52550	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm