Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Nov. 1, 2024, 6:03 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
189641	5	警告	emuleplus	-	eMule Plus のログイン機能におけるサービス運用妨害 (DoS) の脆弱性	CWE-noinfo 情報不足	CVE-2009-1485	2012-06-26 16:10	2009-04-29	Show	GitHub Exploit DB Packet Storm

189642	4.3	警告	Gecad Technologies	-	AXIGEN Mail Server の Web メールインターフェース機能におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1484	2012-06-26 16:10	2009-04-29	Show	GitHub Exploit DB Packet Storm

189643	7.5	危険	boxalino	-	Boxalino の client/desktop/default.htm におけるディレクトリトラバーサルの脆弱性	CWE-22 パス・トラバーサル	CVE-2009-1479	2012-06-26 16:10	2009-10-22	Show	GitHub Exploit DB Packet Storm

189644	10	危険	aten	-	ATEN KH1516i IP KVM スイッチ上の https Web インターフェースにおける https セッションを解読される脆弱性	CWE-310 暗号の問題	CVE-2009-1477	2012-06-26 16:10	2009-05-27	Show	GitHub Exploit DB Packet Storm

189645	7.2	危険	darren reed	-	Darren Reed IPFilter の lib/load_http.c におけるバッファオーバーフローの脆弱性	CWE-119 バッファエラー	CVE-2009-1476	2012-06-26 16:10	2009-05-26	Show	GitHub Exploit DB Packet Storm

189646	7.6	危険	aten	-	ATEN KH1516i IP KVM スイッチにおけるクッキーを取得される脆弱性	CWE-310 暗号の問題	CVE-2009-1474	2012-06-26 16:10	2009-05-27	Show	GitHub Exploit DB Packet Storm

189647	10	危険	aten	-	ATEN KH1516i IP KVM スイッチの Windows クライアントプログラムにおける中間者攻撃を実行される脆弱性	CWE-310 暗号の問題	CVE-2009-1473	2012-06-26 16:10	2009-05-27	Show	GitHub Exploit DB Packet Storm

189648	10	危険	aten	-	ATEN KH1516i IP KVM スイッチの Java クライアントプログラムにおけるスイッチへ接続されているマシンへのアクセス権を取得される脆弱性	CWE-310 暗号の問題	CVE-2009-1472	2012-06-26 16:10	2009-05-27	Show	GitHub Exploit DB Packet Storm

189649	4.3	警告	evolution-extreme	-	Nuke Evolution Xtreme の player.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2009-1457	2012-06-26 16:10	2009-04-28	Show	GitHub Exploit DB Packet Storm

189650	6.8	警告	Andrew Simpson	-	WebCollab におけるクロスサイトリクエストフォージェリの脆弱性	CWE-352 同一生成元ポリシー違反	CVE-2009-1455	2012-06-26 16:10	2009-04-28	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Nov. 1, 2024, 4:15 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
251	7.5	HIGH Network	crestron	cp3n_6505417_firmware cp3_6504877_firmware cp3-gv_6506034_firmware	On Crestron 3-Series Control Systems before 1.8001.0187, crafting and sending a specific BACnet packet can cause a crash. Update	NVD-CWE-noinfo	CVE-2023-38405	2024-11-1 00:35	2023-07-18	Show	GitHub Exploit DB Packet Storm

252	4.9	MEDIUM Network	funadmin	funadmin	Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile. Update	CWE-22 Path Traversal	CVE-2024-48224	2024-11-1 00:32	2024-10-26	Show	GitHub Exploit DB Packet Storm

253	6.1	MEDIUM Network	manzurulhaque	banner_slider	Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Manzurul Haque Banner Slider allows Reflected XSS.This issue affects Banner Slider: from n… New	CWE-79 Cross-site Scripting	CVE-2024-49635	2024-11-1 00:27	2024-10-29	Show	GitHub Exploit DB Packet Storm

254	5.3	MEDIUM Network	hcltech	sametime	HCL Sametime is impacted by the error messages containing sensitive information. An attacker can use this information to launch another, more focused attack. Update	CWE-209 Information Exposure Through an Error Message	CVE-2023-50355	2024-11-1 00:18	2024-10-24	Show	GitHub Exploit DB Packet Storm

255	7.5	HIGH Network	mozilla	thunderbird firefox	An attacker could have caused a use-after-free when accessibility was enabled, leading to a potentially exploitable crash. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR <… New	CWE-416 Use After Free	CVE-2024-10459	2024-11-1 00:16	2024-10-29	Show	GitHub Exploit DB Packet Storm

256	-		-	-	DOMPurify is a DOM-only, super-fast, uber-tolerant XSS sanitizer for HTML, MathML and SVG. DOMPurify was vulnerable to prototype pollution. This vulnerability is fixed in 2.4.2. New	CWE-1321 Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')	CVE-2024-48910	2024-11-1 00:15	2024-11-1	Show	GitHub Exploit DB Packet Storm

257	6.5	MEDIUM Network	lunary	lunary	An IDOR vulnerability exists in the 'Evaluations' function of the 'umgws datasets' section in lunary-ai/lunary versions 1.3.2. This vulnerability allows an authenticated user to update other users' p… New	CWE-639 Authorization Bypass Through User-Controlled Key	CVE-2024-7473	2024-11-1 00:11	2024-10-29	Show	GitHub Exploit DB Packet Storm

258	4.3	MEDIUM Network	rockoa	xinhu	RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php. Update	CWE-22 Path Traversal	CVE-2024-48213	2024-11-1 00:09	2024-10-24	Show	GitHub Exploit DB Packet Storm

259	7.5	HIGH Network	mozilla	thunderbird firefox	A permission leak could have occurred from a trusted site to an untrusted site via `embed` or `object` elements. This vulnerability affects Firefox < 132, Firefox ESR < 128.4, Firefox ESR < 115.17, T… New	NVD-CWE-noinfo	CVE-2024-10458	2024-11-1 00:03	2024-10-29	Show	GitHub Exploit DB Packet Storm

260	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: vrf: revert "vrf: Remove unnecessary RCU-bh critical section" This reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853. dev_… Update	CWE-667 Improper Locking	CVE-2024-49980	2024-10-31 23:58	2024-10-22	Show	GitHub Exploit DB Packet Storm