Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 4, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
190061	4.3	警告	シトリックス・システムズ	-	Citrix EPA ActiveX コントロールにおける任意のプログラムをクライアントシステム上にダウンロードされる脆弱性	-	CVE-2007-3679	2012-06-26 15:46	2007-07-25	Show	GitHub Exploit DB Packet Storm

190062	4.3	警告	Dotclear	-	DotClear の ecrire/tools.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-3672	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

190063	5	警告	activereportsexcelreport	-	ActiveReportsExcelReport の EXCLEXPT.DLL におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3667	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

190064	5	警告	eltima software	-	Eltima Software RunService ActiveX コントロールにおけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3664	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

190065	5	警告	eltima software	-	VSPort.DLL におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-3661	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

190066	4.3	警告	fascript	-	Farsi Script FaName におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-3653	2012-06-26 15:46	2008-07-8	Show	GitHub Exploit DB Packet Storm

190067	6.8	警告	fascript	-	Farsi Script FaName の class/page.php における SQL インジェクションの脆弱性	CWE-89 SQLインジェクション	CVE-2007-3652	2012-06-26 15:46	2008-07-8	Show	GitHub Exploit DB Packet Storm

190068	4.3	警告	fascript	-	Farsi Script FaName の class/page.php における重要な情報を取得される脆弱性	CWE-200 情報漏えい	CVE-2007-3651	2012-06-26 15:46	2008-07-8	Show	GitHub Exploit DB Packet Storm

190069	4.6	警告	freewrl	-	FreeWRL の doBrowserAction 関数におけるバッファオーバーフローの脆弱性	-	CVE-2007-3659	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

190070	7.5	危険	flashgamescript	-	FlashGameScript の index.php における SQL インジェクションの脆弱性	-	CVE-2007-3646	2012-06-26 15:46	2007-07-10	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 5, 2024, 5:52 a.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
291	7.5	HIGH Network	-	-	A directory traversal vulnerability exists in the archive download functionality of Veertu Anka Build 1.42.0. A specially crafted HTTP request can lead to a disclosure of arbitrary files. An attacker… New	CWE-22 Path Traversal	CVE-2024-41163	2024-10-4 22:50	2024-10-4	Show	GitHub Exploit DB Packet Storm

292	7.8	HIGH Local	-	-	A privilege escalation vulnerability exists in the Veertu Anka Build 1.42.0. The vulnerability occurs during Anka node agent update. A low privilege user can trigger the update action which can resul… New	CWE-282 Improper Ownership Management	CVE-2024-39755	2024-10-4 22:50	2024-10-4	Show	GitHub Exploit DB Packet Storm

293	8.4	HIGH Local	-	-	An integer overflow vulnerability exists in the Compound Document Binary File format parser of the GNOME Project G Structured File Library (libgsf) version v1.14.52. A specially crafted file can resu… New	-	CVE-2024-36474	2024-10-4 22:50	2024-10-4	Show	GitHub Exploit DB Packet Storm

294	-		-	-	An attacker can publish a zone containing specific Resource Record Sets. Repeatedly processing and caching results for these sets can lead to a denial of service. New	-	CVE-2024-25590	2024-10-4 22:50	2024-10-4	Show	GitHub Exploit DB Packet Storm

295	-		-	-	A vulnerability was found in Codezips Online Shopping Portal 1.0. It has been classified as critical. Affected is an unknown function of the file index.php. The manipulation of the argument username … New	CWE-89 SQL Injection	CVE-2024-9460	2024-10-4 22:50	2024-10-4	Show	GitHub Exploit DB Packet Storm

296	-		-	-	Zohocorp ManageEngine Analytics Plus versions before 5410 and Zoho Analytics On-Premise versions before 5410 are vulnerable to Path traversal. New	-	CVE-2024-9100	2024-10-4 22:50	2024-10-4	Show	GitHub Exploit DB Packet Storm

297	-		-	-	The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use (TOCTOU) when self protection is… New	-	CVE-2024-5803	2024-10-4 22:50	2024-10-4	Show	GitHub Exploit DB Packet Storm

298	-		-	-	Sulu is a PHP content management system. Sulu is vulnerable against XSS whereas a low privileged user with access to the “Media” section can upload an SVG file with a malicious payload. Once uploaded… New	CWE-79 Cross-site Scripting	CVE-2024-47618	2024-10-4 22:50	2024-10-4	Show	GitHub Exploit DB Packet Storm

299	-		-	-	Sulu is a PHP content management system. This vulnerability allows an attacker to inject arbitrary HTML/JavaScript code through the media download URL in Sulu CMS. It affects the SuluMediaBundle comp… New	CWE-79 Cross-site Scripting	CVE-2024-47617	2024-10-4 22:50	2024-10-4	Show	GitHub Exploit DB Packet Storm

300	-		-	-	async-graphql is a GraphQL server library implemented in Rust. async-graphql before 7.0.10 does not limit the number of directives for a field. This can lead to Service Disruption, Resource Exhaustio… New	CWE-770 Allocation of Resources Without Limits or Throttling	CVE-2024-47614	2024-10-4 22:50	2024-10-4	Show	GitHub Exploit DB Packet Storm