Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 4, 2024, 2:01 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191151 6.8 警告 ciberia - Ciberia Content Federator の members/maquetacion_member.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6774 2012-06-26 15:38 2006-12-27 Show GitHub Exploit DB Packet Storm
191152 7.5 危険 fishyshoop - Fishyshoop の pages/register/register.php における任意の管理者ユーザを作成される脆弱性 - CVE-2006-6773 2012-06-26 15:38 2006-12-27 Show GitHub Exploit DB Packet Storm
191153 7.5 危険 cwm-design - cwmExplorer における SQL インジェクションの脆弱性 - CVE-2006-6766 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
191154 7.8 危険 cwm-design - cwmExplorer の index.php におけるディレクトリトラバーサルの脆弱性 - CVE-2006-6757 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
191155 7.5 危険 ftprush - FTPRush におけるバッファオーバーフローの脆弱性 - CVE-2006-6752 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
191156 5 警告 dxmsoft - XM Easy Personal FTP Server におけるフォーマットストリングの脆弱性 CWE-134
書式文字列の問題 		CVE-2006-6751 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
191157 5 警告 dxmsoft - XM Easy Personal FTP Server におけるフォーマットストリングの脆弱性 - CVE-2006-6750 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
191158 7.5 危険 dreaxteam - Xt-News の show_news.php における SQL インジェクションの脆弱性 CWE-89
SQLインジェクション 		CVE-2006-6747 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
191159 4.3 警告 dreaxteam - Xt-News におけるクロスサイトスクリプティングの脆弱性 CWE-79
クロスサイト・スクリプティング(XSS) 		CVE-2006-6746 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
191160 6.8 警告 cwm-design - cwmCounter の statistic.php における PHP リモートファイルインクルージョンの脆弱性 CWE-94
コード・インジェクション 		CVE-2006-6738 2012-06-26 15:38 2006-12-26 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 4, 2024, 12:16 p.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
2161 5.4 MEDIUM
Network 		e107 e107_cms Multiple Cross Site Scripting (XSS) vulnerability in e017 CMS v.2.3.2 allows a local attacker to execute arbitrary code via a crafted script to the Copyright and Author fields in the Meta & Custom Ta… CWE-79
Cross-site Scripting 		CVE-2023-43874 2024-09-24 05:35 2023-09-28 Show GitHub Exploit DB Packet Storm
2162 7.8 HIGH
Local 		binalyze irec An issue in Binalyze IREC.sys v.3.11.0 and before allows a local attacker to execute arbitrary code and escalate privileges via the fun_1400084d0 function in IREC.sys driver. NVD-CWE-noinfo
CVE-2023-41444 2024-09-24 05:35 2023-09-28 Show GitHub Exploit DB Packet Storm
2163 7.2 HIGH
Network 		fileorganizer fileorganizer The FileOrganizer WordPress plugin through 1.0.2 does not restrict functionality on multisite instances, allowing site admins to gain full control over the server. - CVE-2023-3664 2024-09-24 05:35 2023-09-26 Show GitHub Exploit DB Packet Storm
2164 7.5 HIGH
Network 		oracle sales_for_handhelds Vulnerability in the Oracle Sales for Handhelds product of Oracle E-Business Suite (component: Pocket Outlook Sync(PocketPC)). Supported versions that are affected are 12.2.3-12.2.12. Easily exploit… NVD-CWE-noinfo
CVE-2023-21855 2024-09-24 05:35 2023-01-18 Show GitHub Exploit DB Packet Storm
2165 - - - Improper Input Validation vulnerability of Authenticated User in Progress LoadMaster allows OS Command Injection.This issue affects: ?Product Affected Versions LoadMaster From 7.… CWE-20
 Improper Input Validation  		CVE-2024-6658 2024-09-24 05:15 2024-09-13 Show GitHub Exploit DB Packet Storm
2166 - - - A vulnerability was found in Undertow. This issue requires enabling the learning-push handler in the server's config, which is disabled by default, leaving the maxAge config in the handler unconfigur… CWE-401
 Missing Release of Memory after Effective Lifetime 		CVE-2024-3653 2024-09-24 05:15 2024-07-9 Show GitHub Exploit DB Packet Storm
2167 7.8 HIGH
Local 		linux linux_kernel A memory leak flaw was found in the Linux kernel’s io_uring functionality in how a user registers a buffer ring with IORING_REGISTER_PBUF_RING, mmap() it, and then frees it. This flaw allows a local … CWE-416
 Use After Free 		CVE-2024-0582 2024-09-24 05:15 2024-01-17 Show GitHub Exploit DB Packet Storm
2168 7.5 HIGH
Network 		apple macos A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. A camera extension may be able to access the internet. CWE-281
 Improper Preservation of Permissions 		CVE-2024-27795 2024-09-24 05:01 2024-09-17 Show GitHub Exploit DB Packet Storm
2169 5.5 MEDIUM
Local 		apple macos A permissions issue was addressed with additional restrictions. This issue is fixed in macOS Sequoia 15. An app may be able to access protected user data. CWE-281
 Improper Preservation of Permissions 		CVE-2024-27858 2024-09-24 04:56 2024-09-17 Show GitHub Exploit DB Packet Storm
2170 7.1 HIGH
Local 		acronis agent Sensitive information disclosure and manipulation due to missing authorization. The following products are affected: Acronis Cyber Protect Cloud Agent (Linux, macOS, Windows) before build 36343. CWE-862
 Missing Authorization 		CVE-2023-45246 2024-09-24 04:54 2023-10-6 Show GitHub Exploit DB Packet Storm