Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 2, 2024, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190141 7.5 危険 Geeklog - Geeklog の ImageImageMagick.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2793 2012-06-26 15:46 2007-05-21 Show GitHub Exploit DB Packet Storm
190142 7.5 危険 com yanc - Mambo の yanc コンポーネントにおける SQL インジェクションの脆弱性 - CVE-2007-2792 2012-06-26 15:46 2007-05-21 Show GitHub Exploit DB Packet Storm
190143 6.8 警告 eSyndiCat - eSyndiCat Pro の manage-admins.php における追加の管理者アカウントを作成される脆弱性 - CVE-2007-2785 2012-06-26 15:46 2007-05-21 Show GitHub Exploit DB Packet Storm
190144 7.8 危険 Globus - Globus Toolkit の globus-job-manager におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2784 2012-06-26 15:46 2007-05-21 Show GitHub Exploit DB Packet Storm
190145 7.5 危険 AlstraSoft - AlstraSoft Template Seller Pro の admin/addsptemplate.php における無制限にファイルをアップロードされる脆弱性 - CVE-2007-2777 2012-06-26 15:46 2007-05-21 Show GitHub Exploit DB Packet Storm
190146 10 危険 AlstraSoft - AlstraSoft Template Seller Pro における管理アクセス権を取得される脆弱性 - CVE-2007-2776 2012-06-26 15:46 2007-05-21 Show GitHub Exploit DB Packet Storm
190147 10 危険 AlstraSoft - AlstraSoft Live Support における管理アクセス権を取得される脆弱性 - CVE-2007-2775 2012-06-26 15:46 2007-05-21 Show GitHub Exploit DB Packet Storm
190148 7.8 危険 CA Technologies - CA BrightStor Backup の caloggerd.exe におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2772 2012-06-26 15:46 2007-05-16 Show GitHub Exploit DB Packet Storm
190149 7.2 危険 backup manager - Backup Manager の lib/backup-methods.sh におけるパスワードを取得される脆弱性 CWE-255
証明書・パスワード管理 		CVE-2007-2766 2012-06-26 15:46 2007-05-18 Show GitHub Exploit DB Packet Storm
190150 6.8 警告 ac zoom - BlockHosts の blockhosts.py におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2007-2765 2012-06-26 15:46 2007-05-18 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 2, 2024, 8:12 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
91 - - - The WebDAV service in Infinera TNMS (Transcend Network Management System) 19.10.3 allows a low-privileged remote attacker to conduct unauthorized file operations, because of execution with unnecessar… New - CVE-2024-25660 2024-10-2 03:35 2024-10-2 Show GitHub Exploit DB Packet Storm
92 - - - In Infinera TNMS (Transcend Network Management System) 19.10.3, an insecure default configuration of the internal SFTP server on Linux servers allows remote attacker to access files and directories o… New - CVE-2024-25659 2024-10-2 03:35 2024-10-2 Show GitHub Exploit DB Packet Storm
93 6.5 MEDIUM
Local 		linuxfoundation
mediatek
google
linux 		yocto
iot_yocto
android
linux_kernel 		In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interacti… Update CWE-787
 Out-of-bounds Write 		CVE-2023-20850 2024-10-2 03:35 2023-09-4 Show GitHub Exploit DB Packet Storm
94 9.8 CRITICAL
Network 		meshtastic meshtastic_firmware Meshtastic is an open source, off-grid, decentralized, mesh network. Meshtastic uses MQTT to communicate over an internet connection to a shared or private MQTT Server. Nodes can communicate directly… Update CWE-863
 Incorrect Authorization 		CVE-2024-47078 2024-10-2 03:29 2024-09-26 Show GitHub Exploit DB Packet Storm
95 9.8 CRITICAL
Network 		ptzoptics pt30x-sdi_firmware
pt30x-ndi-xx-g2_firmware 		PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue. The camera does not sufficiently validate the ntp_addr configuration value which may lead to arbitrar… Update CWE-78
OS Command  		CVE-2024-8957 2024-10-2 02:49 2024-09-18 Show GitHub Exploit DB Packet Storm
96 9.8 CRITICAL
Network 		macwk icecms An issue was discovered in IceCMS version 2.0.1, allows attackers to escalate privileges and gain sensitive information via UserID parameter in api/User/ChangeUser. Update NVD-CWE-noinfo
CVE-2023-36100 2024-10-2 02:35 2023-09-2 Show GitHub Exploit DB Packet Storm
97 9.8 CRITICAL
Network 		mybb mybb Installer RCE on settings file write in MyBB before 1.8.22. Update NVD-CWE-noinfo
CVE-2020-22612 2024-10-2 02:35 2023-09-2 Show GitHub Exploit DB Packet Storm
98 8.8 HIGH
Network 		atlassian bamboo_data_center
bamboo_server 		This High severity Injection and RCE (Remote Code Execution) vulnerability known as CVE-2023-22506 was introduced in version 8.0.0 of Bamboo Data Center.   This Injection and RCE (Remote Code Execut… Update CWE-94
Code Injection 		CVE-2023-22506 2024-10-2 02:35 2023-07-19 Show GitHub Exploit DB Packet Storm
99 8.6 HIGH
Network 		circutor q-smt_firmware CIRCUTOR Q-SMT in its firmware version 1.0.4, could be affected by a denial of service (DoS) attack if an attacker with access to the web service bypasses the authentication mechanisms on the login p… Update CWE-1284
 Improper Validation of Specified Quantity in Input 		CVE-2024-8887 2024-10-2 02:30 2024-09-18 Show GitHub Exploit DB Packet Storm
100 9.8 CRITICAL
Network 		scriptcase scriptcase Vulnerability in the Scriptcase application version 9.4.019, which involves the arbitrary upload of a file via /scriptcase/devel/lib/third/jquery_plugin/jQuery-File-Upload/server/php/ via a POST requ… Update CWE-434
 Unrestricted Upload of File with Dangerous Type  		CVE-2024-8940 2024-10-2 02:21 2024-09-25 Show GitHub Exploit DB Packet Storm