Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 9, 2024, 10 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189261	5	警告	シスコシステムズ	-	CCS における JHTML ファイルのソースコードを読まれる脆弱性	CWE-200 情報漏えい	CVE-2010-0642	2012-06-26 16:19	2010-02-17	Show	GitHub Exploit DB Packet Storm

189262	4.3	警告	シスコシステムズ	-	CCS の webline/html/admin/wcs/LoginPage.jhtml におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2010-0641	2012-06-26 16:19	2010-02-17	Show	GitHub Exploit DB Packet Storm

189263	7.5	危険	eicrasoft	-	Eicra Car Rental-Script の index.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0631	2012-06-26 16:19	2010-02-12	Show	GitHub Exploit DB Packet Storm

189264	7.5	危険	evernewscripts	-	Evernew Free Joke Script の viewjokes.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2010-0630	2012-06-26 16:19	2010-02-12	Show	GitHub Exploit DB Packet Storm

189265	9.3	危険	DELL EMC (旧 EMC Corporation)	-	EMC HomeBase Server の SSL Service におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0620	2012-06-26 16:19	2010-02-24	Show	GitHub Exploit DB Packet Storm

189266	5	警告	arwscripts	-	ARWScripts Fonts Script の viewfile.php におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2010-0613	2012-06-26 16:19	2010-02-11	Show	GitHub Exploit DB Packet Storm

189267	6.8	警告	アップル Google	-	Google Chrome で使用される WebKit の WebCore/bindings/v8/custom/V8DOMWindowCustom.cpp における同一生成元ポリシを回避される脆弱性	CWE-264 認可・権限・アクセス制御	CVE-2010-0661	2012-06-26 16:19	2009-12-16	Show	GitHub Exploit DB Packet Storm

189268	4.3	警告	アップル Google	-	Google Chrome で使用される WebKit における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-0656	2012-06-26 16:19	2009-08-27	Show	GitHub Exploit DB Packet Storm

189269	4.3	警告	アップル Google	-	Google Chrome および Apple Safari における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2010-0651	2012-06-26 16:19	2009-04-8	Show	GitHub Exploit DB Packet Storm

189270	7.5	危険	dmanager	-	DocumentManager における詳細不明な脆弱性	CWE-noinfo 情報不足	CVE-2010-0612	2012-06-26 16:19	2010-02-11	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 9, 2024, 6:05 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291	6.5	MEDIUM Network	axis	axis_os axis_os_2022	Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API dynamicoverlay.cgi was vulnerable to a Denial-of-Service attack allowing for an attacker to block access to the ov… Update	NVD-CWE-noinfo	CVE-2023-21416	2024-11-8 18:15	2023-11-21	Show	GitHub Exploit DB Packet Storm

292	8.1	HIGH Network	axis	axis_os_2022 axis_os_2018 axis_os_2020 axis_os axis_os_2016	Sandro Poppi, member of the AXIS OS Bug Bounty Program, has found that the VAPIX API overlay_del.cgi is vulnerable to path traversal attacks that allows for file deletion. This flaw can only be explo… Update	CWE-22 Path Traversal	CVE-2023-21415	2024-11-8 18:15	2023-10-16	Show	GitHub Exploit DB Packet Storm

293	6.8	MEDIUM Physics	axis	axis_os	NCC Group has found a flaw during the annual internal penetration test ordered by Axis Communications. The protection for device tampering (commonly known as Secure Boot) contains a flaw which provid… Update	NVD-CWE-noinfo	CVE-2023-21414	2024-11-8 18:15	2023-10-16	Show	GitHub Exploit DB Packet Storm

294	7.2	HIGH Network	axis	axis_os	GoSecure on behalf of Genetec Inc. has found a flaw that allows for a remote code execution during the installation of ACAP applications on the Axis device. The application handling service in AXIS O… Update	CWE-77 Command Injection	CVE-2023-21413	2024-11-8 18:15	2023-10-16	Show	GitHub Exploit DB Packet Storm

295	8.8	HIGH Network	axis	license_plate_verifier	User provided input is not sanitized on the AXIS License Plate Verifier specific “search.cgi” allowing for SQL injections. Update	CWE-89 SQL Injection	CVE-2023-21412	2024-11-8 18:15	2023-08-3	Show	GitHub Exploit DB Packet Storm

296	8.8	HIGH Network	axis	license_plate_verifier	User provided input is not sanitized in the “Settings > Access Control” configuration interface allowing for arbitrary code execution. Update	NVD-CWE-noinfo	CVE-2023-21411	2024-11-8 18:15	2023-08-3	Show	GitHub Exploit DB Packet Storm

297	8.8	HIGH Network	axis	license_plate_verifier	User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi” allowing for arbitrary code execution. Update	NVD-CWE-noinfo	CVE-2023-21410	2024-11-8 18:15	2023-08-3	Show	GitHub Exploit DB Packet Storm

298	8.8	HIGH Adjacent	axis	a1001_firmware	Ariel Harush and Roy Hodir from OTORIO have found a flaw in the AXIS A1001 when communicating over OSDP. A heap-based buffer overflow was found in the pacsiod process which is handling the OSDP commu… Update	CWE-787 Out-of-bounds Write	CVE-2023-21406	2024-11-8 18:15	2023-07-25	Show	GitHub Exploit DB Packet Storm

299	5.3	MEDIUM Network	axis	axis_os	AXIS OS 11.0.X - 11.3.x use a static RSA key in legacy LUA-components to protect Axis-specific source code. The static RSA key is not used in any other secure communication nor can it be used to comp… Update	CWE-311 Missing Encryption of Sensitive Data	CVE-2023-21404	2024-11-8 18:15	2023-05-9	Show	GitHub Exploit DB Packet Storm

300	7.8	HIGH Local	axis	ip_utility	AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working director… Update	CWE-427 Uncontrolled Search Path Element	CVE-2022-23410	2024-11-8 18:15	2022-02-15	Show	GitHub Exploit DB Packet Storm