Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 19, 2024, 2:02 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188631 7.5 危険 Sourcefabric - Newscoop の admin/country/edit.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2012-1934 2012-08-29 15:53 2012-04-5 Show GitHub Exploit DB Packet Storm
188632 6.8 警告 Sourcefabric - Newscoop における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2012-1933 2012-08-29 15:52 2012-04-5 Show GitHub Exploit DB Packet Storm
188633 4.4 警告 Google - Tunnelblick における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-4677 2012-08-29 11:53 2012-08-26 Show GitHub Exploit DB Packet Storm
188634 1.2 注意 Google - Tunnelblick の errorExitIfAttackViaString 関数における任意のファイルを削除される脆弱性 CWE-59
リンク解釈の問題 		CVE-2012-4676 2012-08-29 11:51 2012-08-26 Show GitHub Exploit DB Packet Storm
188635 1.2 注意 Google - Tunnelblick における予期せぬプロセスを停止される脆弱性 CWE-362
競合状態 		CVE-2012-3487 2012-08-29 11:50 2012-08-26 Show GitHub Exploit DB Packet Storm
188636 6.9 警告 Google - Tunnelblick における権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3486 2012-08-29 11:49 2012-08-26 Show GitHub Exploit DB Packet Storm
188637 7.2 危険 Google - Tunnelblick における権限を取得される脆弱性 CWE-20
不適切な入力確認 		CVE-2012-3485 2012-08-29 11:48 2012-08-26 Show GitHub Exploit DB Packet Storm
188638 7.2 危険 Google - Tunnelblick におけるアクセス制限を回避される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2012-3484 2012-08-29 11:47 2012-08-26 Show GitHub Exploit DB Packet Storm
188639 6.2 警告 Google - Tunnelblick の runScript 関数における権限を取得される脆弱性 CWE-362
競合状態 		CVE-2012-3483 2012-08-29 11:35 2012-08-26 Show GitHub Exploit DB Packet Storm
188640 5 警告 Munin - Munin の munin-cgi-graph におけるサービス運用妨害 (ディスク消費) の脆弱性 CWE-399
リソース管理の問題 		CVE-2012-4678 2012-08-29 11:25 2012-04-27 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 19, 2024, 1:08 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
541 - - - An improper restriction of external entities (XXE) vulnerability in dompdf/dompdf's SVG parser allows for Server-Side Request Forgery (SSRF) and deserialization attacks. This issue affects all versio… Update CWE-611
XXE 		CVE-2021-3902 2024-11-19 00:35 2024-11-15 Show GitHub Exploit DB Packet Storm
542 - - - DomPDF before version 2.0.0 is vulnerable to PHAR deserialization due to a lack of checking on the protocol before passing it into the file_get_contents() function. An attacker who can upload files o… Update CWE-502
 Deserialization of Untrusted Data 		CVE-2021-3838 2024-11-19 00:35 2024-11-15 Show GitHub Exploit DB Packet Storm
543 - - - A Server-Side Request Forgery (SSRF) vulnerability was discovered in chatwoot/chatwoot, affecting all versions prior to 2.5.0. The vulnerability allows an attacker to upload an SVG file containing a … Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2021-3742 2024-11-19 00:35 2024-11-15 Show GitHub Exploit DB Packet Storm
544 - - - sunniwell HT3300 before 1.0.0.B022.2 is vulnerable to Insecure Permissions. The /usr/local/bin/update program, which is responsible for updating the software in the HT3300 device, is given the execut… Update - CVE-2024-48073 2024-11-19 00:35 2024-11-9 Show GitHub Exploit DB Packet Storm
545 - - - wac commit 385e1 was discovered to contain a heap overflow. Update - CVE-2024-35420 2024-11-19 00:35 2024-11-9 Show GitHub Exploit DB Packet Storm
546 - - - wac commit 385e1 was discovered to contain a heap overflow via the setup_call function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm fil… Update - CVE-2024-35418 2024-11-19 00:35 2024-11-9 Show GitHub Exploit DB Packet Storm
547 - - - wac commit 385e1 was discovered to contain a heap overflow via the interpret function at /wac-asan/wa.c. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted wasm file. Update - CVE-2024-35410 2024-11-19 00:35 2024-11-9 Show GitHub Exploit DB Packet Storm
548 - - - wasm3 139076a contains a Use-After-Free in ForEachModule. Update - CVE-2024-27530 2024-11-19 00:35 2024-11-9 Show GitHub Exploit DB Packet Storm
549 - - - wasm3 139076a contains memory leaks in Read_utf8. Update - CVE-2024-27529 2024-11-19 00:35 2024-11-9 Show GitHub Exploit DB Packet Storm
550 - - - wasm3 139076a suffers from Invalid Memory Read, leading to DoS and potential Code Execution. Update - CVE-2024-27528 2024-11-19 00:35 2024-11-9 Show GitHub Exploit DB Packet Storm