Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 28, 2024, 6:04 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
189421 7.5 危険 easysitenetwork - EasySiteNetwork Free Jokes Website の joke.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6880 2012-06-26 16:10 2009-07-30 Show GitHub Exploit DB Packet Storm
189422 4.3 警告 Apache Software Foundation - Apache Roller におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6879 2012-06-26 16:10 2009-07-30 Show GitHub Exploit DB Packet Storm
189423 4.3 警告 editeurscripts - EsPartenaires の login.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6876 2012-06-26 16:10 2009-07-24 Show GitHub Exploit DB Packet Storm
189424 7.5 危険 aspsiteware - ASP SiteWare autoDealer における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6874 2012-06-26 16:10 2009-07-24 Show GitHub Exploit DB Packet Storm
189425 7.5 危険 Activewebsoftwares - Active Web Mail における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2008-6873 2012-06-26 16:10 2009-07-23 Show GitHub Exploit DB Packet Storm
189426 5 警告 aspthai.net - ASPThai.NET ASPThai Forums におけるデータベースをダウンロードされる脆弱性 CWE-200
情報漏えい 		CVE-2008-6872 2012-06-26 16:10 2009-07-23 Show GitHub Exploit DB Packet Storm
189427 4.3 警告 editeurscripts - EditeurScripts EsBaseAdmin の default/login.php におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2008-6868 2012-06-26 16:10 2009-07-23 Show GitHub Exploit DB Packet Storm
189428 6.8 警告 AVAST Software s.r.o. - avast! Linux Home Edition におけるスタックベースのバッファオーバーフローの脆弱性 CWE-119
バッファエラー 		CVE-2008-6846 2012-06-26 16:10 2009-07-2 Show GitHub Exploit DB Packet Storm
189429 5 警告 ClamAV - ClamAV のアンパック機能におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2008-6845 2012-06-26 16:10 2009-07-2 Show GitHub Exploit DB Packet Storm
189430 7.5 危険 eZ - eZ Publish の登録ビューにおける他のユーザとして権限を取得される脆弱性 CWE-264
認可・権限・アクセス制御 		CVE-2008-6844 2012-06-26 16:10 2009-07-2 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 28, 2024, 8:13 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
21 6.1 MEDIUM
Network 		hcltech sametime_chat_and_meetings Sametime is impacted by lack of clickjacking protection in Outlook add-in. The application is not implementing appropriate protections in order to protect users from clickjacking attacks. Update CWE-1021
 Improper Restriction of Rendered UI Layers or Frames 		CVE-2023-45698 2024-10-28 11:35 2024-02-10 Show GitHub Exploit DB Packet Storm
22 9.8 CRITICAL
Network 		hardy-barth cph2_echarge_firmware An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier, may allow an unauthenticated remote attacker to execute arbitrary commands on the system via a speci… Update CWE-78
OS Command  		CVE-2023-46359 2024-10-28 11:35 2024-02-6 Show GitHub Exploit DB Packet Storm
23 4.4 MEDIUM
Local 		google android In keyinstall, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is n… Update CWE-862
 Missing Authorization 		CVE-2023-20833 2024-10-28 11:35 2023-09-4 Show GitHub Exploit DB Packet Storm
24 5.5 MEDIUM
Local 		google android In cta, there is a possible information disclosure due to a missing permission check. This could lead to local information disclosure with no additional execution privilege needed. User interaction i… Update CWE-862
 Missing Authorization 		CVE-2023-20826 2024-10-28 11:35 2023-09-4 Show GitHub Exploit DB Packet Storm
25 4.4 MEDIUM
Local 		google android In wlan service, there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is … Update CWE-125
Out-of-bounds Read 		CVE-2023-20813 2024-10-28 11:35 2023-08-7 Show GitHub Exploit DB Packet Storm
26 4.4 MEDIUM
Local 		mediatek
google 		iot_yocto
android 		In wlan driver, there is a possible out of bounds write due to improper input validation. This could lead to local information disclosure with System execution privileges needed. User interaction is … Update CWE-787
 Out-of-bounds Write 		CVE-2023-20812 2024-10-28 11:35 2023-08-7 Show GitHub Exploit DB Packet Storm
27 5.4 MEDIUM
Network 		asus rt-n10lx_firmware A stored cross-site scripting (XSS) vulnerability in the urlFilterList function of Asus RT-N10LX Router v2.0.0.39 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injec… Update CWE-79
Cross-site Scripting 		CVE-2023-34941 2024-10-28 11:35 2023-06-13 Show GitHub Exploit DB Packet Storm
28 - - - Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Genians Genian NAC V5.0, Genians Genian NAC LTS V5.0.This issue affects Genian NAC V5.0: from V5.… New - CVE-2024-23843 2024-10-28 11:15 2024-10-28 Show GitHub Exploit DB Packet Storm
29 2.7 LOW
Network 		zohocorp manageengine_adaudit_plus Zoho ManageEngine ADAudit Plus before 7270 allows admin users to view names of arbitrary directories via path traversal. Update CWE-22
Path Traversal 		CVE-2023-50785 2024-10-28 10:35 2024-01-25 Show GitHub Exploit DB Packet Storm
30 - - - In the Linux kernel, the following vulnerability has been resolved: uprobe: avoid out-of-bounds memory access of fetching args Uprobe needs to fetch args into a percpu buffer, and then copy to ring… New - CVE-2024-50067 2024-10-28 10:15 2024-10-28 Show GitHub Exploit DB Packet Storm