Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Nov. 18, 2024, 2:02 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show
Exploit
PoC
Search
189111 4.3 警告 オラクル - Oracle Fusion Middleware の Portal における脆弱性 CWE-noinfo
情報不足
CVE-2011-3562 2012-07-20 17:37 2012-07-17 Show GitHub Exploit DB Packet Storm
189112 5 警告 The PHP Group
サイボウズ
オラクル
- PHP におけるサービス運用妨害 (CPU 資源の消費) の脆弱性 CWE-20
不適切な入力確認
CVE-2011-4885 2012-07-20 17:18 2011-12-28 Show GitHub Exploit DB Packet Storm
189113 4.3 警告 オラクル - Oracle Solaris における Network/NFS の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2012-3131 2012-07-20 16:17 2012-07-17 Show GitHub Exploit DB Packet Storm
189114 4.3 警告 オラクル - Oracle Solaris における pkg.depotd に関する脆弱性 CWE-noinfo
情報不足
CVE-2012-3130 2012-07-20 16:16 2012-07-17 Show GitHub Exploit DB Packet Storm
189115 5.1 警告 オラクル - Oracle Solaris における Gnome PDF viewer の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2012-3129 2012-07-20 16:14 2012-07-17 Show GitHub Exploit DB Packet Storm
189116 3.7 注意 オラクル - Oracle SPARC T シリーズサーバのファームウェアにおける Integrated Lights Out Manager の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2012-3128 2012-07-20 16:13 2012-07-17 Show GitHub Exploit DB Packet Storm
189117 5.4 警告 オラクル - Oracle Solaris における SCTP の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2012-3127 2012-07-20 16:11 2012-07-17 Show GitHub Exploit DB Packet Storm
189118 6.2 警告 オラクル - Oracle Solaris Cluster における Apache Tomcat Agent の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2012-3126 2012-07-20 16:10 2012-07-17 Show GitHub Exploit DB Packet Storm
189119 7.1 危険 オラクル - Oracle Solaris における TCP/IP の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2012-3125 2012-07-20 16:09 2012-07-17 Show GitHub Exploit DB Packet Storm
189120 5 警告 オラクル - Oracle Solaris における Kernel/KSSL の処理に関する脆弱性 CWE-noinfo
情報不足
CVE-2012-3124 2012-07-20 16:07 2012-07-17 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Nov. 18, 2024, 12:12 p.m.

No CVSS Level
Attach Vector
Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
651 - - - A Stored Cross-Site Scripting (XSS) vulnerability was found in /admin/add_subject.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbi… - CVE-2024-50839 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
652 - - - Absolute path traversal (incorrect restriction of a path to a restricted directory) vulnerability in the EasyPHP web server, affecting version 14.1. This vulnerability could allow remote users to byp… CWE-22
Path Traversal
CVE-2024-11215 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
653 - - - A vulnerability was found in Apereo CAS 6.6. It has been classified as critical. This affects an unknown part of the file /login?service of the component 2FA. The manipulation leads to improper authe… CWE-287
Improper Authentication
CVE-2024-11209 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
654 - - - A vulnerability was found in Apereo CAS 6.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /login?service. The manipulation leads to session expiratio… CWE-613
 Insufficient Session Expiration
CVE-2024-11208 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
655 8.8 HIGH
Network
- - The Migration, Backup, Staging – WPvivid plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 0.9.107 via deserialization of untrusted input in the 'replac… CWE-502
 Deserialization of Untrusted Data
CVE-2024-10962 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
656 - - - An issue has been discovered in GitLab CE/EE affecting all versions from 16 before 17.3.7, 17.4 before 17.4.4, and 17.5 before 17.5.2. The vulnerability could allow an attacker to inject malicious Ja… CWE-79
Cross-site Scripting
CVE-2024-8648 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
657 - - - An issue was discovered in GitLab CE/EE affecting all versions starting from 17.2 prior to 17.3.7, starting from 17.4 prior to 17.4.4 and starting from 17.5 prior to 17.5.2, which could have allowed … CWE-1021
 Improper Restriction of Rendered UI Layers or Frames
CVE-2024-7404 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
658 - - - A vulnerability has been found in Apereo CAS 6.6 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /login. The manipulation of the argument redirec… CWE-601
Open Redirect
CVE-2024-11207 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
659 - - - Incorrect control of environment variables in PostgreSQL PL/Perl allows an unprivileged database user to change sensitive process environment variables (e.g. PATH). That often suffices to enable arb… - CVE-2024-10979 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm
660 - - - Client use of server error message in PostgreSQL allows a server not trusted under current SSL or GSS settings to furnish arbitrary non-NUL bytes to the libpq application. For example, a man-in-the-… - CVE-2024-10977 2024-11-15 22:58 2024-11-14 Show GitHub Exploit DB Packet Storm