Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 16, 2024, 6 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188621 10 危険 マイクロソフト - Microsoft Windows XP の LanmanWorkstation サービスにおけるヒープベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-1852 2012-08-21 17:27 2012-08-14 Show GitHub Exploit DB Packet Storm
188622 10 危険 マイクロソフト - Microsoft Windows XP の LanmanWorkstation サービスにおけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-1853 2012-08-21 17:26 2012-08-14 Show GitHub Exploit DB Packet Storm
188623 7.2 危険 マイクロソフト - Microsoft Windows のカーネルモードドライバ内の win32k.sys における権限昇格の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-2527 2012-08-21 17:26 2012-08-14 Show GitHub Exploit DB Packet Storm
188624 9.3 危険 マイクロソフト - Microsoft Office 2007 および 2010 における任意のコードを実行される脆弱性 CWE-119
バッファエラー 		CVE-2012-2524 2012-08-21 17:24 2012-08-14 Show GitHub Exploit DB Packet Storm
188625 9.3 危険 マイクロソフト - Microsoft Visio 2010 および Visio Viewer 2010 におけるバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2012-1888 2012-08-21 17:23 2012-08-14 Show GitHub Exploit DB Packet Storm
188626 2.1 注意 Ubercart - Drupal 用 Ubercart モジュールにおける重要な情報を取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2012-2299 2012-08-21 15:38 2012-04-25 Show GitHub Exploit DB Packet Storm
188627 5.1 警告 MySQLDumper-Team - MySQLDumper におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2012-4252 2012-08-21 15:38 2012-08-13 Show GitHub Exploit DB Packet Storm
188628 9.3 危険 Sielco Sistemi - Sielco Sistemi Winlog Pro SCADA および Winlog Lite SCADA におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4359 2012-08-21 15:32 2012-07-31 Show GitHub Exploit DB Packet Storm
188629 9.3 危険 Sielco Sistemi - Sielco Sistemi Winlog Pro SCADA および Winlog Lite SCADA におけるサービス運用妨害 (DoS) の脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4358 2012-08-21 15:31 2012-07-17 Show GitHub Exploit DB Packet Storm
188630 9.3 危険 Sielco Sistemi - Sielco Sistemi Winlog Pro SCADA および Winlog Lite SCADA における任意のコードを実行される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-4357 2012-08-21 15:30 2012-07-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 16, 2024, 4:17 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191 - - - Budget Control Gateway acts as an entry point for incoming requests and routes them to the appropriate microservices for Budget Control. Budget Control Gateway does not properly validate auth tokens,… New CWE-285
Improper Authorization 		CVE-2024-52528 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
192 - - - Nextcloud Server is a self hosted personal cloud system. Under certain conditions the password of a user was stored unencrypted in the session data. The session data is encrypted before being saved i… New CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2024-52525 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
193 - - - Nextcloud Server is a self hosted personal cloud system. MD5 hashes were used to check background jobs for their uniqueness. This increased the chances of a background job with arguments falsely bein… New CWE-328
 Use of Weak Hash 		CVE-2024-52521 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
194 - - - Nextcloud Server is a self hosted personal cloud system. The OAuth2 client secrets were stored in a recoverable way, so that an attacker that got access to a backup of the database and the Nextcloud … New CWE-922
 Insecure Storage of Sensitive Information 		CVE-2024-52519 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
195 - - - Nextcloud Server is a self hosted personal cloud system. After an attacker got access to the session of a user or administrator, the attacker would be able to create, change or delete external storag… New CWE-287
Improper Authentication 		CVE-2024-52518 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
196 - - - Nextcloud Server is a self hosted personal cloud system. After storing "Global credentials" on the server, the API returns them and adds them into the frontend again, allowing to read them in plain t… New CWE-200
Information Exposure 		CVE-2024-52517 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
197 - - - Nextcloud Server is a self hosted personal cloud system. When a server is configured to only allow sharing with users that are in ones own groups, after a user was removed from a group, previously sh… New CWE-269
 Improper Privilege Management 		CVE-2024-52516 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
198 - - - Nextcloud Server is a self hosted personal cloud system. After an admin enables the default-disabled SVG preview provider, a malicious user could upload a manipulated SVG file referencing paths. If t… New CWE-706
 Use of Incorrectly-Resolved Name or Reference 		CVE-2024-52515 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
199 - - - emlog pro <=2.3.18 is vulnerable to Cross Site Scripting (XSS), which allows attackers to write malicious JavaScript code in published articles. New - CVE-2024-50655 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm
200 - - - lilishop <=4.2.4 is vulnerable to Incorrect Access Control, which can allow attackers to obtain coupons beyond the quantity limit by capturing and sending the data packets for coupon collection in hi… New - CVE-2024-50654 2024-11-16 02:15 2024-11-16 Show GitHub Exploit DB Packet Storm