Vulnerability Search Top

Vendor Name
プロダクト・サービス名
Title
Urgent
Important
Warning
Warning
CVE
CWE
公開-検索開始年
公開-検索開始月
公開-検索開始日
公開-検索終了年
公開-検索終了月
公開-検索終了日
脅威度ソート
In descending order of publication date
In descending order of update date
Number of items displayed

Vulnerability Information Search Top

You can search for vulnerabilities managed by JVN (Japan Vulnerability Note) and NVD (National Vulnerability Database).
Search keywords must be entered in English otherwise will not be searched in both JVN and NVD.

To search by CWE, please refer to the CWE Overview and check the CWE number.

Urgent
Important
Warning
Low

JVN Vulnerability Information

Update Date":Oct. 5, 2024, 6 p.m.

No	CVSS	Level Attach Vector	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Impact Show	Exploit PoC Search
191281	7.5	危険	Drupal	-	Drupal 用の Help Tip モジュールにおける SQL インジェクションの脆弱性	-	CVE-2006-6530	2012-06-26 15:38	2006-12-11	Show	GitHub Exploit DB Packet Storm

191282	7.5	危険	Drupal	-	Drupal 用の Chatroom Module における重要な情報を取得される脆弱性	-	CVE-2006-6529	2012-06-26 15:38	2006-12-11	Show	GitHub Exploit DB Packet Storm

191283	7.5	危険	Drupal	-	Drupal 用の Chatroom Module におけるセッションをハイジャックされる脆弱性	-	CVE-2006-6528	2012-06-26 15:38	2006-12-11	Show	GitHub Exploit DB Packet Storm

191284	7.5	危険	gizzar	-	Gizzar の guest.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6527	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

191285	5.1	警告	dt guestbook	-	DT Guestbook の index.php におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6487	2012-06-26 15:38	2007-01-16	Show	GitHub Exploit DB Packet Storm

191286	7.5	危険	gizzar	-	Gizzar の index.php における PHP リモートファイルインクルージョンの脆弱性	-	CVE-2006-6526	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

191287	7.5	危険	ezhrs	-	EzHRS HR Assist の vdateUsr.asp における SQL インジェクションの脆弱性	-	CVE-2006-6525	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

191288	7.5	危険	ezhrs	-	EzHRS HR Assist の vdateUsr.asp における SQL インジェクションの脆弱性	-	CVE-2006-6524	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

191289	6.8	警告	cPanel	-	cPanel の BoxTrapper の mail/manage.html におけるクロスサイトスクリプティングの脆弱性	-	CVE-2006-6523	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

191290	3.5	注意	flippet.org	-	Wawi における特定のディレクトリにアクセスされる脆弱性	-	CVE-2006-6514	2012-06-26 15:38	2006-12-13	Show	GitHub Exploit DB Packet Storm

NVD Vulnerability Information

Update Date:Oct. 5, 2024, 8:11 p.m.

No	CVSS	Vendor Name	Project Name	Title	CWE	CVE	Update Date	Publication Date	Show Affected	Exploit PoC Search
431	-	-	-	A vulnerability in the REST API endpoints of Cisco NDFC could allow an authenticated, low-privileged, remote attacker to read or write files on an affected device. This vulnerability exists becaus… New	-	CVE-2024-20438	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

432	-	-	-	A vulnerability in the web-based management interface of Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an authenticated, remote attacker to elevate pr… New	-	CVE-2024-20393	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

433	-	-	-	A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco UCS X-Series Servers could allow an authenticated, remote attacker with administrative privileges to pe… New	-	CVE-2024-20365	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

434	-	-	-	Certain HP LaserJet printers may potentially experience a denial of service when a user sends a raw JPEG file to the printer. The printer displays a “JPEG Unsupported” message which may not clear, po… New	-	CVE-2024-9423	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

435	-	-	-	Incorrect Permission Assignment for Critical Resource vulnerability in OpenText™ Vertica could allow Privilege Abuse and result in unauthorized access or privileges to Vertica agent apikey. This issu… New	-	CVE-2024-6360	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

436	-	-	-	A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC) could allow an authenticated, low-privileged, remote attacker to perform a command injection attack agains… New	-	CVE-2024-20432	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

437	-	-	-	A vulnerability in the SSL/TLS implementation of Cisco Nexus Dashboard Orchestrator (NDO) could allow an unauthenticated, remote attacker to intercept sensitive information from an affected device.&n… New	-	CVE-2024-20385	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

438	-	-	-	Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an ID Token, allowing attackers to subvert the authentication flow, potentiall… New	-	CVE-2024-47807	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

439	-	-	-	Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentia… New	-	CVE-2024-47806	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm

440	-	-	-	Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentials using the `SecretBytes` type when accessing item `confi… New	-	CVE-2024-47805	2024-10-4 22:50	2024-10-3	Show	GitHub Exploit DB Packet Storm