Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 14, 2024, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
188771	5	警告	Nancy Wichmann	-	Drupal 用の Site Documentation モジュールにおける重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2012-2302	2012-07-30 10:47	2012-04-25	Show	GitHub Exploit DB Packet Storm

188772	2.1	注意	FindingScience	-	Apache 用 mod_auth_openid におけるセッション ID を取得される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-2760	2012-07-30 10:43	2012-07-25	Show	GitHub Exploit DB Packet Storm

188773	4.3	警告	Emery Berger	-	Hoard の malloc および calloc 関数における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-2676	2012-07-30 10:39	2012-06-10	Show	GitHub Exploit DB Packet Storm

188774	4.3	警告	ned Productions	-	nedmalloc における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-2675	2012-07-30 10:33	2012-07-25	Show	GitHub Exploit DB Packet Storm

188775	4.3	警告	Google	-	Android 用 Bionic の libc/bionic/malloc_debug_leak.c における整数オーバーフローの脆弱性	CWE-189 数値処理の問題	CVE-2012-2674	2012-07-30 10:32	2012-07-25	Show	GitHub Exploit DB Packet Storm

188776	6.8	警告	eZ	-	eZ Publish の eZOE flash player におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2012-4053	2012-07-30 10:00	2012-07-8	Show	GitHub Exploit DB Packet Storm

188777	4.3	警告	ノキア	-	Nokia PC Suite の Video Manager におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2012-2442	2012-07-30 09:58	2012-07-25	Show	GitHub Exploit DB Packet Storm

188778	7.1	危険	アップル	-	Apple Safari 6.0 未満で使用される WebKit におけるサンドボックスの制限を回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3697	2012-07-27 14:28	2012-07-25	Show	GitHub Exploit DB Packet Storm

188779	4.3	警告	アップル	-	Apple Safari 6.0 未満で使用される WebKit における任意のファイルを読まれる脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2012-3690	2012-07-27 12:18	2012-07-25	Show	GitHub Exploit DB Packet Storm

188780	5.8	警告	アップル	-	Apple Safari 6.0 未満で使用される WebKit における同一生成元ポリシーを回避される脆弱性	CWE-20 不適切な入力確認	CVE-2012-3689	2012-07-27 12:16	2012-07-25	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 15, 2024, 6:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
181	5.3	MEDIUM Network	neomutt mutt redhat	neomutt mutt enterprise_linux	In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original … New	CWE-347 Improper Verification of Cryptographic Signature	CVE-2024-49394	2024-11-14 22:38	2024-11-12	Show	GitHub Exploit DB Packet Storm

182	5.3	MEDIUM Network	neomutt mutt redhat	neomutt mutt enterprise_linux	In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info. New	NVD-CWE-noinfo	CVE-2024-49395	2024-11-14 22:33	2024-11-12	Show	GitHub Exploit DB Packet Storm

183	5.4	MEDIUM Network	leevio	happy_addons_for_elementor	The Happy Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the before_label parameter in the Image Comparison widget in all versions up to, and including, 3.… New	CWE-79 Cross-site Scripting	CVE-2024-10538	2024-11-14 22:27	2024-11-12	Show	GitHub Exploit DB Packet Storm

184	-		-	-	An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an attacker to inject malicious Ja… New	CWE-79 Cross-site Scripting	CVE-2024-8648	2024-11-14 22:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

185	-		-	-	An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed … New	CWE-1021 Improper Restriction of Rendered UI Layers or Frames	CVE-2024-7404	2024-11-14 22:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

186	-		-	-	A vulnerability has been found in Apereo CAS 6.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login. The manipulation of the argument redirec… New	CWE-601 Open Redirect	CVE-2024-11207	2024-11-14 22:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

187	-		-	-	Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arb… New	-	CVE-2024-10979	2024-11-14 22:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

188	-		-	-	Incorrect privilege assignment in PostgreSQL allows a less-privileged application user to view or change different rows from those intended. An attack requires the application to use SET ROLE, SET S… New	-	CVE-2024-10978	2024-11-14 22:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

189	-		-	-	Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-… New	-	CVE-2024-10977	2024-11-14 22:15	2024-11-14	Show	GitHub Exploit DB Packet Storm

190	-		-	-	Incomplete tracking in PostgreSQL of tables with row security allows a reused query to view or change different rows from those intended. CVE-2023-2455 and CVE-2016-2193 fixed most interaction betwe… New	-	CVE-2024-10976	2024-11-14 22:15	2024-11-14	Show	GitHub Exploit DB Packet Storm