Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 15, 2024, 6:02 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
188691	7.8	危険	サムスン	-	Samsung D6000 TV およびその他の製品におけるサービス運用妨害 (連続的な再起動) の脆弱性	CWE-119 バッファエラー	CVE-2012-4329	2012-08-17 14:45	2012-08-14	Show	GitHub Exploit DB Packet Storm

188692	10	危険	vBulletin Solutions, Inc.	-	複数の vBulletin 製品における脆弱性	CWE-noinfo 情報不足	CVE-2012-4328	2012-08-17 14:38	2012-08-14	Show	GitHub Exploit DB Packet Storm

188693	4.3	警告	Piwigo	-	Piwigo の admin.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-2209	2012-08-17 14:36	2012-04-4	Show	GitHub Exploit DB Packet Storm

188694	7.5	危険	Piwigo	-	Piwigo の upgrade.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2012-2208	2012-08-17 14:35	2012-04-4	Show	GitHub Exploit DB Packet Storm

188695	7.5	危険	Chill Creations	-	Joomla! 用 ccNewsletter コンポーネントにおける SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2011-5099	2012-08-17 14:29	2012-08-14	Show	GitHub Exploit DB Packet Storm

188696	4.3	警告	Timely	-	WordPress 用 All-in-One Event Calendar プラグインにおけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2012-1835	2012-08-17 14:03	2012-08-14	Show	GitHub Exploit DB Packet Storm

188697	7.5	危険	Powerplay Gallery project	-	WordPress 用 Image News slider プラグインにおける脆弱性	CWE-noinfo 情報不足	CVE-2012-4327	2012-08-17 14:00	2012-08-14	Show	GitHub Exploit DB Packet Storm

188698	6.8	警告	AlstraSoft	-	AlstraSoft Site Uptime Enterprise の commonsettings.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4326	2012-08-17 13:58	2012-08-14	Show	GitHub Exploit DB Packet Storm

188699	6.8	警告	Utopia Software	-	Utopia News Pro の upload/users.php におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4325	2012-08-17 13:53	2012-08-14	Show	GitHub Exploit DB Packet Storm

188700	6.8	警告	PHPJabbers	-	PHPJabbers Vacation Rental Script におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4324	2012-08-17 13:49	2012-08-14	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 16, 2024, 5:18 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
211	8.8	HIGH Network	microsoft	windows_server_2008 windows_server_2012 windows_8.1 windows_server_2016 windows_7 windows_rt_8.1 windows_server_2019 windows_server_2022 windows_10_1607 windows_10_1809 …	Why is Microsoft republishing a CVE from 2013? We are republishing CVE-2013-3900 in the Security Update Guide to update the Security Updates table and to inform customers that the EnableCertPaddingCh… Update	CWE-347 Improper Verification of Cryptographic Signature	CVE-2013-3900	2024-11-15 23:34	2013-12-11	Show	GitHub Exploit DB Packet Storm

212	-		-	-	A vulnerability was found in IBPhoenix ibWebAdmin up to 1.0.2 and classified as problematic. This issue affects some unknown processing of the file /database.php of the component Banco de Dados Tab. … New	CWE-79 CWE-94 Cross-site Scripting Code Injection	CVE-2024-11240	2024-11-15 23:23	2024-11-15	Show	GitHub Exploit DB Packet Storm

213	-		-	-	A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the comp… New	CWE-22 Path Traversal	CVE-2024-11239	2024-11-15 23:23	2024-11-15	Show	GitHub Exploit DB Packet Storm

214	-		-	-	Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login. New	-	CVE-2024-52553	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

215	-		-	-	Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability… New	-	CVE-2024-52552	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

216	-		-	-	Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing att… New	-	CVE-2024-52551	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

217	-		-	-	Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attacker… New	-	CVE-2024-52550	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

218	-		-	-	Jenkins Script Security Plugin 1367.vdf2fc45f229c and earlier, except 1365.1367.va_3b_b_89f8a_95b_ and 1362.1364.v4cf2dc5d8776, does not perform a permission check in a method implementing form valid… New	-	CVE-2024-52549	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

219	-		-	-	The file upload function in the "QWKalkulation" tool of baltic-it TOPqw Webportal v1.35.287.1 (fixed in version 1.35.291), in /Apps/TOPqw/QWKalkulation/QWKalkulation.aspx, is vulnerable to Cross-Site… New	-	CVE-2024-45879	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm

220	-		-	-	The "Stammdaten" menu of baltic-it TOPqw Webportal v1.35.283.2 (fixed in version 1.35.291), in /Apps/TOPqw/qwStammdaten.aspx, is vulnerable to persistent Cross-Site Scripting (XSS). New	-	CVE-2024-45878	2024-11-15 23:00	2024-11-14	Show	GitHub Exploit DB Packet Storm