Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 2, 2024, 6:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
190201 7.5 危険 agner fog - aForum の common/func.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2596 2012-06-26 15:46 2007-05-11 Show GitHub Exploit DB Packet Storm
190202 9.3 危険 BarCodeWiz, Inc. - BarCodeWiz ActiveX コントロールおよび BarcodeWiz.dll の Verify 関数におけるスタックベースのバッファオーバーフローの脆弱性 - CVE-2007-2585 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
190203 1.9 注意 アップル - Apple Safari における重要な情報を取得される脆弱性 - CVE-2007-2580 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
190204 5.8 警告 acp3 - ACP3 におけるクロスサイトスクリプティングの脆弱性 - CVE-2007-2579 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
190205 7.5 危険 acp3 - ACP3 の search/list/action_search/index.php における詳細不明な脆弱性 - CVE-2007-2578 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
190206 7.5 危険 acp3 - ACP3 における SQL インジェクションの脆弱性 - CVE-2007-2577 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
190207 6.8 警告 east wind software - East Wind Software advdaudio.ocx ActiveX コントロール におけるバッファオーバーフローの脆弱性 - CVE-2007-2576 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
190208 7.5 危険 fipsasp - fipsCMS の index.asp における SQL インジェクションの脆弱性 - CVE-2007-2561 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
190209 7.5 危険 american cart - american cart における PHP リモートファイルインクルージョンの脆弱性 - CVE-2007-2559 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
190210 7.8 危険 associated press - AP Newspowerにおける新規の記事を挿入される脆弱性 - CVE-2007-2554 2012-06-26 15:46 2007-05-9 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 3, 2024, 5:55 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
191 4.6 MEDIUM
Physics 		ibm infosphere_information_server IBM InfoSphere Information Server 11.7 could disclose sensitive user information to another user with physical access to the machine. IBM X-Force ID: 294727. Update CWE-359
 Exposure of Private Personal Information to an Unauthorized Actor 		CVE-2024-37533 2024-10-2 05:35 2024-07-25 Show GitHub Exploit DB Packet Storm
192 7.8 HIGH
Local 		google android In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges Update CWE-862
 Missing Authorization 		CVE-2023-38460 2024-10-2 05:35 2023-09-4 Show GitHub Exploit DB Packet Storm
193 7.5 HIGH
Network 		apache apache-airflow-providers-apache-spark Apache Airflow Spark Provider, versions before 4.1.3, is affected by a vulnerability that allows an attacker to pass in malicious parameters when establishing a connection giving an opportunity to re… Update NVD-CWE-noinfo
CVE-2023-40272 2024-10-2 05:35 2023-08-17 Show GitHub Exploit DB Packet Storm
194 8.8 HIGH
Network 		google
debian
fedoraproject 		chrome
debian_linux
fedora 		Insufficient validation of untrusted input in XML in Google Chrome prior to 116.0.5845.96 allowed a remote attacker to bypass file access restrictions via a crafted HTML page. (Chromium security seve… Update NVD-CWE-noinfo
CVE-2023-4357 2024-10-2 05:35 2023-08-16 Show GitHub Exploit DB Packet Storm
195 7.5 HIGH
Network 		duckdb duckdb DuckDB is a SQL database management system. In versions 1.0.0 and prior, content in filesystem is accessible for reading using `sniff_csv`, even with `enable_external_access=false`. This vulnerabilit… Update NVD-CWE-noinfo
CVE-2024-41672 2024-10-2 05:33 2024-07-25 Show GitHub Exploit DB Packet Storm
196 9.8 CRITICAL
Network 		tenda o3_firmware A vulnerability was found in Tenda O3 1.0.0.10(2478). It has been declared as critical. This vulnerability affects the function fromMacFilterSet of the file /goform/setMacFilter. The manipulation of … Update CWE-787
 Out-of-bounds Write 		CVE-2024-7151 2024-10-2 05:28 2024-07-28 Show GitHub Exploit DB Packet Storm
197 - - - A SQL Injection vulnerability was discovered in Cloudlog 2.6.15, specifically within the get_station_info()function located in the file /application/models/Oqrs_model.php. The vulnerability is exploi… New - CVE-2024-45999 2024-10-2 05:15 2024-10-2 Show GitHub Exploit DB Packet Storm
198 6.5 MEDIUM
Adjacent 		- - An Improper Handling of Exceptional Conditions vulnerability in the routing protocol daemon (rpd) of Juniper Networks Junos OS and Junos OS Evolved allows a logically adjacent downstream RSVP neighbo… Update - CVE-2024-39560 2024-10-2 05:15 2024-07-11 Show GitHub Exploit DB Packet Storm
199 7.8 HIGH
Local 		restsharp restsharp RestSharp is a Simple REST and HTTP API Client for .NET. The second argument to `RestRequest.AddHeader` (the header value) is vulnerable to CRLF injection. The same applies to `RestRequest.AddOrUpdat… Update CWE-74
Injection 		CVE-2024-45302 2024-10-2 05:05 2024-08-30 Show GitHub Exploit DB Packet Storm
200 8.0 HIGH
Network 		strawberryrocks strawberry Strawberry GraphQL is a library for creating GraphQL APIs. Prior to version 0.243.0, multipart file upload support as defined in the GraphQL multipart request specification was enabled by default in … Update CWE-352
 Origin Validation Error 		CVE-2024-47082 2024-10-2 05:01 2024-09-26 Show GitHub Exploit DB Packet Storm