Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 9, 2024, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
188921 4.3 警告 grafik-power - Grafik CMS の admin/admin.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2615 2012-06-26 16:19 2010-07-2 Show GitHub Exploit DB Packet Storm
188922 7.5 危険 grafik-power - Grafik CMS の admin/admin.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2614 2012-06-26 16:19 2010-07-2 Show GitHub Exploit DB Packet Storm
188923 7.5 危険 2daybiz - 2daybiz Job Site Script における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2610 2012-06-26 16:19 2010-07-2 Show GitHub Exploit DB Packet Storm
188924 7.5 危険 2daybiz - 2daybiz Job Search Engine Script の show_search_result.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2609 2012-06-26 16:19 2010-07-2 Show GitHub Exploit DB Packet Storm
188925 4.3 警告 The Cacti Group - Red Hat HPC Solution などの製品で使用される Cacti におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2545 2012-06-26 16:19 2010-08-23 Show GitHub Exploit DB Packet Storm
188926 4.3 警告 The Cacti Group - Red Hat HPC Solution などの製品で使用される Cacti の utilities.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2544 2012-06-26 16:19 2010-08-23 Show GitHub Exploit DB Packet Storm
188927 4.3 警告 The Cacti Group - Cacti の include/top_graph_header.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2543 2012-06-26 16:19 2010-08-23 Show GitHub Exploit DB Packet Storm
188928 4.3 警告 adjam - rekonq におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2010-2536 2012-06-26 16:19 2010-08-2 Show GitHub Exploit DB Packet Storm
188929 7.5 危険 2daybiz - 2daybiz MLM における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2516 2012-06-26 16:19 2010-06-29 Show GitHub Exploit DB Packet Storm
188930 6.8 警告 dacian strain
Joomla!		 - Joomla! 用の JFaq コンポーネントの index.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2010-2515 2012-06-26 16:19 2010-06-28 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 9, 2024, 6:05 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
301 8.8 HIGH
Network 		axis axis_os_2020
axis_os_2018
axis_os_2016
axis_os 		A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to add the Carriage Return and Line Feed (CRLF) control characters and include arbitrary S… Update CWE-74
Injection 		CVE-2021-31988 2024-11-8 18:15 2021-10-6 Show GitHub Exploit DB Packet Storm
302 7.5 HIGH
Network 		axis axis_os_2020
axis_os_2018
axis_os_2016
axis_os 		A user controlled parameter related to SMTP test functionality is not correctly validated making it possible to bypass blocked network recipients. Update NVD-CWE-Other
CVE-2021-31987 2024-11-8 18:15 2021-10-6 Show GitHub Exploit DB Packet Storm
303 6.8 MEDIUM
Network 		axis axis_os_2020
axis_os_2018
axis_os_2016
axis_os 		User controlled parameters related to SMTP notifications are not correctly validated. This can lead to a buffer overflow resulting in crashes and data leakage. Update CWE-787
 Out-of-bounds Write 		CVE-2021-31986 2024-11-8 18:15 2021-10-6 Show GitHub Exploit DB Packet Storm
304 5.3 MEDIUM
Network 		axis device_manager A user with permission to log on to the machine hosting the AXIS Device Manager client could under certain conditions extract a memory dump from the built-in Windows Task Manager application. The mem… Update CWE-312
 Cleartext Storage of Sensitive Information 		CVE-2021-31989 2024-11-8 18:15 2021-08-26 Show GitHub Exploit DB Packet Storm
305 8.8 HIGH
Network 		axis m3024-lve_firmware
m3025-ve_firmware
m7014_firmware
m7016_firmware
p1214-e_firmware
p7214_firmware
p7216_firmware
q7401_firmware
q7404_firmware
q7414_firmware
q7424-r_mk… 		Brandon Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi did not have a sufficient input validation allowing for a possible remote code execution. This flaw can only be explo… Update CWE-94
Code Injection 		CVE-2023-5677 2024-11-8 18:15 2024-02-5 Show GitHub Exploit DB Packet Storm
306 7.1 HIGH
Network 		axis axis_os_2018
axis_os
axis_os_2022
axis_os_2020 		Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API irissetup.cgi was vulnerable to path traversal attacks that allows for file deletion. This flaw can only be exploi… Update CWE-22
Path Traversal 		CVE-2023-21418 2024-11-8 18:15 2023-11-21 Show GitHub Exploit DB Packet Storm
307 7.1 HIGH
Network 		axis axis_os
axis_os_2022
axis_os_2020 		Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API manageoverlayimage.cgi was vulnerable to path traversal attacks that allows for file/folder deletion. This flaw c… Update CWE-22
Path Traversal 		CVE-2023-21417 2024-11-8 18:15 2023-11-21 Show GitHub Exploit DB Packet Storm
308 6.5 MEDIUM
Adjacent 		axis a1001_firmware
a1210_\(-b\)_firmware
a1601_firmware
a1610_\(-b\)_firmware
axis_os 		Knud from Fraktal.fi has found a flaw in some Axis Network Door Controllers and Axis Network Intercoms when communicating over OSDP, highlighting that the OSDP message parser crashes the pacsiod proc… Update NVD-CWE-noinfo
CVE-2023-21405 2024-11-8 18:15 2023-07-25 Show GitHub Exploit DB Packet Storm
309 - - - Zohocorp ManageEngine ADManager Plus versions 7203 and prior are vulnerable to Privilege Escalation in the Modify Computers option. New - CVE-2024-24409 2024-11-8 17:15 2024-11-8 Show GitHub Exploit DB Packet Storm
310 - - - A vulnerability classified as problematic was found in CodeAstro Real Estate Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /aboutedit.php of the compon… New CWE-284
CWE-434
Improper Access Control
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-11000 2024-11-8 17:15 2024-11-8 Show GitHub Exploit DB Packet Storm