Vulnerability Search Top
Show Search Menu
Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

  • Urgent
  • Important
  • Warning
  • Low
JVN Vulnerability Information

Update Date":Oct. 4, 2024, 10 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Impact
Show		 Exploit
PoC
Search
191171 6.8 警告 Apache Software Foundation - Apache OFBiz の ecommerce コンポーネントにおけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6587 2012-06-26 15:38 2006-12-15 Show GitHub Exploit DB Packet Storm
191172 7.5 危険 brian drawert - Brian Drawert yaplap の ldap.php における PHP リモートファイルインクルージョンの脆弱性 - CVE-2006-6575 2012-06-26 15:38 2006-12-15 Show GitHub Exploit DB Packet Storm
191173 6 警告 シトリックス・システムズ - Citrix Access Gateway Advanced Edition および Citrix Access Gateway Advanced Edition with AAC におけるデータへのアクセス権を取得される脆弱性 - CVE-2006-6573 2012-06-26 15:38 2006-11-4 Show GitHub Exploit DB Packet Storm
191174 6.5 警告 シトリックス・システムズ - Citrix AAC Option および Access Gateway with Advanced Access Control におけるアクセスポリシーを回避される脆弱性 - CVE-2006-6572 2012-06-26 15:38 2006-11-4 Show GitHub Exploit DB Packet Storm
191175 6.8 警告 genesistrader - GenesisTrader の form.php におけるクロスサイトスクリプティングの脆弱性 - CVE-2006-6571 2012-06-26 15:38 2006-12-15 Show GitHub Exploit DB Packet Storm
191176 7.5 危険 genesistrader - GenesisTrader の upload.php における任意のファイルをアップロードされる脆弱性 - CVE-2006-6570 2012-06-26 15:38 2006-12-15 Show GitHub Exploit DB Packet Storm
191177 7.8 危険 genesistrader - GenesisTrader の form.php における重要な情報を取得される脆弱性 - CVE-2006-6569 2012-06-26 15:38 2006-12-15 Show GitHub Exploit DB Packet Storm
191178 4 警告 FileZilla - FileZilla Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-DesignError
CVE-2006-6565 2012-06-26 15:38 2006-12-15 Show GitHub Exploit DB Packet Storm
191179 4 警告 FileZilla - FileZilla Server におけるサービス運用妨害 (DoS) の脆弱性 CWE-noinfo
情報不足 		CVE-2006-6564 2012-06-26 15:38 2006-12-15 Show GitHub Exploit DB Packet Storm
191180 5 警告 crob - Crob FTP Server におけるサービス運用妨害 (DoS) の脆弱性 - CVE-2006-6558 2012-06-26 15:38 2006-12-14 Show GitHub Exploit DB Packet Storm
NVD Vulnerability Information

Update Date:Oct. 4, 2024, 5:52 a.m.

No CVSS Level
Attach Vector		 Vendor Name Project Name Title CWE CVE Update Date Publication Date Show Affected Exploit
PoC
Search
741 - - - An issue was discovered in Infinera hiT 7300 5.60.50. Hidden functionality in the web interface allows a remote authenticated attacker to access reserved information by accessing undocumented web app… - CVE-2024-28808 2024-10-1 06:15 2024-10-1 Show GitHub Exploit DB Packet Storm
742 7.8 HIGH
Local 		bmc patrol_agent BMC PATROL Agent through 20.08.00 allows local privilege escalation via vectors involving pconfig +RESTART -host. NVD-CWE-noinfo
CVE-2020-35593 2024-10-1 05:35 2023-09-6 Show GitHub Exploit DB Packet Storm
743 9.8 CRITICAL
Network 		perforce akana_api In versions of Akana API Platform prior to 2024.1.0 a flaw resulting in XML External Entity (XXE) was discovered. CWE-611
XXE 		CVE-2024-3930 2024-10-1 05:14 2024-07-31 Show GitHub Exploit DB Packet Storm
744 8.8 HIGH
Network 		tianchoy blog A vulnerability was found in Tianchoy Blog up to 1.8.8. It has been classified as critical. This affects an unknown part of the file /so.php. The manipulation of the argument search leads to sql inje… CWE-89
SQL Injection 		CVE-2024-7114 2024-10-1 05:10 2024-07-26 Show GitHub Exploit DB Packet Storm
745 7.5 HIGH
Network 		txtdot txtdot txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Prior to version 1.7.0, a Server-Side Request Forgery (SSRF) vulnerability in the `/get`… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-41812 2024-10-1 05:05 2024-07-27 Show GitHub Exploit DB Packet Storm
746 7.5 HIGH
Network 		txtdot txtdot txtdot is an HTTP proxy that parses only text, links, and pictures from pages, removing ads and heavy scripts. Starting in version 1.4.0 and prior to version 1.6.1, a Server-Side Request Forgery (SSR… CWE-918
Server-Side Request Forgery (SSRF)  		CVE-2024-41813 2024-10-1 05:02 2024-07-27 Show GitHub Exploit DB Packet Storm
747 6.1 MEDIUM
Network 		doverfuelingsolutions progauge_maglink_lx_console_firmware
progauge_maglink_lx4_console_firmware 		ProGauge MAGLINK LX CONSOLE does not have sufficient filtering on input fields that are used to render pages which may allow cross site scripting. CWE-79
Cross-site Scripting 		CVE-2024-41725 2024-10-1 04:55 2024-09-25 Show GitHub Exploit DB Packet Storm
748 5.5 MEDIUM
Local 		apple macos
iphone_os
ipados
watchos 		A privacy issue was addressed by moving sensitive data to a more secure location. This issue is fixed in iOS 18 and iPadOS 18, watchOS 11, macOS Sequoia 15. An app may be able to access user-sensitiv… NVD-CWE-noinfo
CVE-2024-44170 2024-10-1 04:48 2024-09-17 Show GitHub Exploit DB Packet Storm
749 5.3 MEDIUM
Network 		scriptcase scriptcase Path traversal vulnerability in Scriptcase version 9.4.019, in /scriptcase/devel/compat/nm_edit_php_edit.php (in the “subpage” parameter), which allows unauthenticated remote users to bypass Security… CWE-22
Path Traversal 		CVE-2024-8941 2024-10-1 04:45 2024-09-25 Show GitHub Exploit DB Packet Storm
750 - - - An issue was discovered in Infinera hiT 7300 5.60.50. Undocumented privileged functions in the @CT management application allow an attacker to activate remote SSH access to the appliance via an unexp… - CVE-2024-28813 2024-10-1 04:35 2024-10-1 Show GitHub Exploit DB Packet Storm