Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 28, 2024, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189341 6.8 警告 grayscalecms - BandSite CMS におけるクロスサイトリクエストフォージェリの脆弱性 CWE-352
同一生成元ポリシー違反 		CVE-2008-7058 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189342 4.3 警告 grayscalecms - BandSite CMS の merchandise.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-7057 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189343 5 警告 grayscalecms - BandSite CMS におけるデータベースのコピーを取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-7056 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189344 7.5 危険 aj square - AJ Square AJ Article における管理者機能へアクセスされる脆弱性 CWE-287
不適切な認証 		CVE-2008-7051 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189345 6.4 警告 aj square - AJPoll における新たにアンケートを作成される脆弱性 CWE-287
不適切な認証 		CVE-2008-7046 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189346 6.4 警告 aj square - AJPoll Database における得票をリセットされるの脆弱性 CWE-287
不適切な認証 		CVE-2008-7045 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
189347 7.5 危険 DNN - DotNetNuke における特権機能へアクセスされる脆弱性 CWE-20
不適切な入力確認 		CVE-2008-7102 2012-06-26 16:10 2008-09-10 Show GitHub Exploit DB Packet Storm
189348 5 警告 DNN - DotNetNuke における重要な情報 (ポータル番号) を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-7101 2012-06-26 16:10 2008-09-9 Show GitHub Exploit DB Packet Storm
189349 6.5 警告 DNN - DotNetNuke における権限を取得される脆弱性 CWE-noinfo
情報不足 		CVE-2008-7100 2012-06-26 16:10 2008-09-9 Show GitHub Exploit DB Packet Storm
189350 7.5 危険 aj square - AJPoll Database の admin/include/newpoll.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-7044 2012-06-26 16:10 2009-08-24 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 29, 2024, 5:57 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
11 7.8 HIGH
Local 		intel virtual_raid_on_cpu Improper access control in some Intel(R) VROC software before version 8.0.8.1001 may allow an authenticated user to potentially enable escalation of privilege via local access. Update NVD-CWE-noinfo
CVE-2023-31271 2024-10-29 02:55 2024-02-14 Show GitHub Exploit DB Packet Storm
12 - - - TYPO3 before 13.3.1 allows denial of service (interface error) in the Bookmark Toolbar (ext:backend), exploitable by an administrator-level backend user account via manipulated data saved in the book… New - CVE-2024-34537 2024-10-29 02:35 2024-10-28 Show GitHub Exploit DB Packet Storm
13 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid overflow assignment in link_dp_cts sampling_rate is an uint8_t but is assigned an unsigned int, and thus i… Update CWE-190
 Integer Overflow or Wraparound 		CVE-2024-50016 2024-10-29 02:17 2024-10-22 Show GitHub Exploit DB Packet Storm
14 - - - Use of Default Credentials vulnerability in Maruti Suzuki SmartPlay on Linux (Infotainment Hub modules) allows attacker to try common or default usernames and passwords.The issue was detected on a 20… New - CVE-2024-6245 2024-10-29 02:15 2024-10-29 Show GitHub Exploit DB Packet Storm
15 - - - MPXJ is an open source library to read and write project plans from a variety of file formats and databases. The patch for the historical vulnerability CVE-2020-35460 in MPXJ is incomplete as there i… New CWE-22
Path Traversal 		CVE-2024-49771 2024-10-29 02:15 2024-10-29 Show GitHub Exploit DB Packet Storm
16 9.8 CRITICAL
Network 		anyscale ray Anyscale Ray 2.6.3 and 2.8.0 allows a remote attacker to execute arbitrary code via the job submission API. NOTE: the vendor's position is that this report is irrelevant because Ray, as stated in its… Update CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2023-48022 2024-10-29 02:15 2023-11-28 Show GitHub Exploit DB Packet Storm
17 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The dax_iomap_rw() does two things in each iteration:… Update NVD-CWE-noinfo
CVE-2024-50015 2024-10-29 02:13 2024-10-22 Show GitHub Exploit DB Packet Storm
18 5.5 MEDIUM
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: ext4: fix access to uninitialised lock in fc replay path The following kernel trace can be triggered with fstest generic/629 when… Update CWE-908
 Use of Uninitialized Resource 		CVE-2024-50014 2024-10-29 02:12 2024-10-22 Show GitHub Exploit DB Packet Storm
19 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: tipc: guard against string buffer overrun Smatch reports that copying media_name and if_name to name_parts may overwrite the dest… Update NVD-CWE-noinfo
CVE-2024-49995 2024-10-29 02:07 2024-10-22 Show GitHub Exploit DB Packet Storm
20 7.8 HIGH
Local 		linux linux_kernel In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer reference to amdgpu_bo_unref to clear the correct pointer,… Update CWE-416
 Use After Free 		CVE-2024-49991 2024-10-29 01:49 2024-10-22 Show GitHub Exploit DB Packet Storm