Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 2, 2024, 6:01 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
190131	4.3	警告	Cactusoft International FZ-LLC & Cactusoft Ltd.	-	CactuSoft Parodia の cand_login.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2818	2012-06-26 15:46	2007-05-22	Show	GitHub Exploit DB Packet Storm

190132	10	危険	gazi download portal	-	Gazi Download Portal の down_indir.asp における SQL インジェクションの脆弱性	-	CVE-2007-2810	2012-06-26 15:46	2007-05-22	Show	GitHub Exploit DB Packet Storm

190133	4.3	警告	GNU Project yngve svendsen	-	Gnatsweb および Gnats の Gnatsweb におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2808	2012-06-26 15:46	2007-05-22	Show	GitHub Exploit DB Packet Storm

190134	6.8	警告	eggheads	-	Eggdrop の mod/server.mod/servrmsg.c におけるスタックベースのバッファオーバーフローの脆弱性	-	CVE-2007-2807	2012-06-26 15:46	2007-04-19	Show	GitHub Exploit DB Packet Storm

190135	5.8	警告	galix	-	GaliX の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2806	2012-06-26 15:46	2007-05-22	Show	GitHub Exploit DB Packet Storm

190136	4.3	警告	clientexec	-	CE の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2805	2012-06-26 15:46	2007-05-22	Show	GitHub Exploit DB Packet Storm

190137	4.3	警告	candypress	-	CandyPress Store の scripts/prodList.asp におけるクロスサイトスクリプティングの脆弱性	-	CVE-2007-2804	2012-06-26 15:46	2007-05-22	Show	GitHub Exploit DB Packet Storm

190138	4.3	警告	eticket	-	eTicket の open.php におけるクロスサイトスクリプティングの脆弱性	CWE-79 クロスサイト・スクリプティング（XSS）	CVE-2007-2801	2012-06-26 15:46	2007-06-29	Show	GitHub Exploit DB Packet Storm

190139	5	警告	eticket	-	eTicket の index.php における重要な情報が取得される脆弱性	-	CVE-2007-2800	2012-06-26 15:46	2007-06-28	Show	GitHub Exploit DB Packet Storm

190140	7.8	危険	ARRIS Group	-	Arris Cadant C3 CMTS におけるサービス運用妨害 (DoS) の脆弱性	-	CVE-2007-2796	2012-06-26 15:46	2007-06-12	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 2, 2024, 8:12 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
101	9.8	CRITICAL Network	doverfuelingsolutions	progauge_maglink_lx_console_firmware progauge_maglink_lx4_console_firmware	A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a remote attacker to inject arbitrary commands. Update	CWE-77 Command Injection	CVE-2024-43693	2024-10-2 02:17	2024-09-25	Show	GitHub Exploit DB Packet Storm

102	7.8	HIGH Local	telerik	ui_for_wpf	In Progress Telerik UI for WinForms versions prior to 2024 Q3 (2024.3.924), a command injection attack is possible through improper neutralization of hyperlink elements. Update	CWE-77 Command Injection	CVE-2024-7679	2024-10-2 02:16	2024-09-25	Show	GitHub Exploit DB Packet Storm

103	-		-	-	Logicytics is designed to harvest and collect data for forensic analysis. Logicytics has a basic vuln affecting compromised devices from shell injections. This vulnerability is fixed in 2.3.2. New	CWE-78 OS Command	CVE-2024-47608	2024-10-2 02:15	2024-10-2	Show	GitHub Exploit DB Packet Storm

104	7.0	HIGH Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: Fix uaf in __timer_delete_sync There are two paths to access mptcp_pm_del_add_timer, result in a race condition: … Update	CWE-416 Use After Free	CVE-2024-46858	2024-10-2 02:10	2024-09-27	Show	GitHub Exploit DB Packet Storm

105	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix bridge mode operations when there are no VFs Currently, trying to set the bridge mode attribute when numvfs=0 leads… Update	CWE-476 NULL Pointer Dereference	CVE-2024-46857	2024-10-2 02:10	2024-09-27	Show	GitHub Exploit DB Packet Storm

106	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: uefisecapp: Fix deadlock in qcuefi_acquire() If the __qcuefi pointer is not set, then in the original code, we wo… Update	CWE-667 Improper Locking	CVE-2024-46868	2024-10-2 02:09	2024-09-27	Show	GitHub Exploit DB Packet Storm

107	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: add missing bo locking in show_meminfo() bo_meminfo() wants to inspect bo state like tt and the ttm resource, howe… Update	CWE-667 Improper Locking	CVE-2024-46866	2024-10-2 02:09	2024-09-27	Show	GitHub Exploit DB Packet Storm

108	5.5	MEDIUM Local	linux	linux_kernel	In the Linux kernel, the following vulnerability has been resolved: drm/xe/client: fix deadlock in show_meminfo() There is a real deadlock as well as sleeping in atomic() bug in here, if the bo put… Update	CWE-667 Improper Locking	CVE-2024-46867	2024-10-2 02:09	2024-09-27	Show	GitHub Exploit DB Packet Storm

109	2.7	LOW Network	formtools	form_tools	A vulnerability, which was classified as problematic, was found in formtools.org Form Tools 3.1.1. Affected is the function curl_exec of the file /admin/forms/option_lists/edit.php of the component I… Update	NVD-CWE-Other	CVE-2024-6937	2024-10-2 01:51	2024-07-21	Show	GitHub Exploit DB Packet Storm

110	6.5	MEDIUM Network	devolutions	devolutions_server	Authorization bypass in the PAM access request approval mechanism in Devolutions Server 2024.2.10 and earlier allows authenticated users with permissions to approve their own requests, bypassing inte… Update	CWE-863 Incorrect Authorization	CVE-2024-6512	2024-10-2 01:36	2024-09-25	Show	GitHub Exploit DB Packet Storm